Welcome, Guest. Please login or register.

ShoutBox!

Scrubmeister

2022 Dec 30 07:11:16
Feel better soon Ken
 

Skhilled

2022 Dec 26 22:55:32
No problemo! I've been busy working on a theme. Real life comes first. :) I wish I could stay in bed a few days. LOL
 

Ken

2022 Dec 26 14:04:15
Sorry that I've not been keeping up, these past few days have been rough, been spending most of my days in bed.  :o
 

Ken

2022 Dec 26 14:02:25
Happy Holidays and Merry Christmas and Happy New Years to everyone!!!
 

Skhilled

2022 Dec 24 16:51:25
Happy Holidays and Happy New Year!  :)

I've always been on the naughty list! LOL He won't be stopping here either but I've got plenty of food, beer and rum. LOL

Scrubmeister

2022 Dec 24 12:02:13
Wish everyone Happy Holidays and a great New Year :) Not sure Santa is stopping here this year? I could be border line on the Naughty list.  :-\
 

Ken

2022 Nov 19 13:42:47
 :banana: :banana:
Sounds wonderful! Good luck!
 

Skhilled

2022 Nov 18 22:24:23
The new job is working out great! Everyone is so nice and helpful! I hear they don't like haters, etc. and will fire them.  :laugh:
 

Ken

2022 Nov 07 21:06:02
 :thumbup:
 

Skhilled

2022 Nov 07 20:09:42
And I start a new job tomorrow working in a warehouse close to home. Can walk to it. :)

Recent Topics

TP Articles


Search in titles
Search in article texts

Author Topic: Attempted Hack???  (Read 2693 times)

0 Members and 1 Guest are viewing this topic.

Offline Ken (OP)

  • Vietnam Era Veteran
  • Administrator
  • *
  • Posts: 10816
  • Gender: Male
  • View Gallery
Attempted Hack???
« on: January 08, 2020, 07:27:18 PM »
At about 2:42PM today the error log shows 100+ Critical Errors spaced at about 1-2 seconds apart. To me it looks like someone tried to hack into the site through the TinyPortal Article system.

Opinions?  :cool:

Code: [Select]
Guest
Apply Filter: Only show the error messages of this IP address 198.54.114.54 
  Reverse chronological order of list Today at 02:43:26 PM
Apply Filter: Only show the error messages of this session 2424e612978426892df64ca8113d5aab
Apply Filter: Only show the errors of this type Type of error: Critical
Apply Filter: Only show the error messages of this URL
https://www.ourfamilyforum.org/FamilyForum/index.php?amp;action=tpadmin;sa=editarticle242+%27-6863+union+all+select+1,1,1,1,1,1,1,1,1,CONCAT(0x3a6f79753a,0x4244764877697569706b,0x3a70687a3a)%23
Apply Filter: Only show the errors with the same message
Wrong value type sent to the database. Integer expected. (subtype)
Function: do_articles
Apply Filter: Only show the errors from this file
File: /home/ourfamil/public_html/FamilyForum/Sources/TPortalAdmin.php
Line: 1624
"Not all who wander are lost."-Tolkien
Yesterday When I was Young.

Offline Ken (OP)

  • Vietnam Era Veteran
  • Administrator
  • *
  • Posts: 10816
  • Gender: Male
  • View Gallery
Re: Attempted Hack???
« Reply #1 on: January 08, 2020, 07:46:21 PM »
It has just started again as I am doing this topic, the count is now 234 and counting.  shocked003
Whois-RWS and IP Lookup showing as in the attached screenshots.
"Not all who wander are lost."-Tolkien
Yesterday When I was Young.

Offline Skhilled

  • Administrator
  • *
  • Posts: 7503
  • Gender: Male
  • Once you stop trying to learn, you stop living!
  • View Gallery
    • Buildz Hosting
Re: Attempted Hack???
« Reply #2 on: January 09, 2020, 11:08:52 AM »
Actually, I see this now for several mods including the arcade and Gallery which are updated...I didn't go through the entire log due to there being 109 pages! I can only assume it has to do with an outdated mod conflicting with other mods which is what most hackers go after. That's not to say that newly updated ones can't be hacked, tho.

Best to block outdated mods from guests until you can update them or uninstall them. You cannot keep very old/outdated mods! It's a hacker's dream!

Offline Ken (OP)

  • Vietnam Era Veteran
  • Administrator
  • *
  • Posts: 10816
  • Gender: Male
  • View Gallery
Re: Attempted Hack???
« Reply #3 on: January 09, 2020, 12:28:36 PM »
I just slogged through all 1053 Critical entries in the error log and they were divided between two files:
/Sources/ArcadeList.php (arcade;sa=stats).
/Sources/TPortalAdmin.php (tpadmin;sa=editarticle242).

Permissions are now set to 'Disallow' for the Arcade, but I'm still working on the TP Articles permissions.

"Not all who wander are lost."-Tolkien
Yesterday When I was Young.

Offline Ken (OP)

  • Vietnam Era Veteran
  • Administrator
  • *
  • Posts: 10816
  • Gender: Male
  • View Gallery
Re: Attempted Hack???
« Reply #4 on: January 09, 2020, 07:20:58 PM »
Actually, the TP permissions are available for members but not guests.
"Not all who wander are lost."-Tolkien
Yesterday When I was Young.

Offline Skhilled

  • Administrator
  • *
  • Posts: 7503
  • Gender: Male
  • Once you stop trying to learn, you stop living!
  • View Gallery
    • Buildz Hosting
Re: Attempted Hack???
« Reply #5 on: January 10, 2020, 10:36:06 AM »
I was pretty sure I saw one for the gallery, too...

Offline Ken (OP)

  • Vietnam Era Veteran
  • Administrator
  • *
  • Posts: 10816
  • Gender: Male
  • View Gallery
Re: Attempted Hack???
« Reply #6 on: January 10, 2020, 02:40:58 PM »
Gallery and Media access turned off now.
"Not all who wander are lost."-Tolkien
Yesterday When I was Young.