Titre du sujet : Attaque persistante sur mon site
par nico46 sur 24/12/2009 14:08:14
Depuis hier un blairo excusez moi du terme, s'amuse à envoyer des poste sur mon forum à des intervalles de quelques secondes, j'ai beau supprimer ma base de donnée pour la remonter propre rien n'y fais.
Protector ne voit rien passer ni dans les logs, ni dans les parties attaque.
Je suis avec Xoops 2.4.2 et Protector 3.41 tout à jours mais rien y fais, ce gros malin passe et à apparemment abimé des trucs.
Que faire la je suis complètement perdu.
Images:
injections dans le forum
Bug du module newbbx:
Voilà ce que donne le mode débug sur l'admin:
Message: Undefined index: closesite dans le fichier /include/common.php - ligne 252 Avertissement: XoopsEditorHandler::getList() should not be called statically. dans le fichier /class/xoopseditor/xoopseditor.php - ligne 171 Avertissement: XoopsEditorHandler::getList() should not be called statically. dans le fichier /class/xoopseditor/xoopseditor.php - ligne 171 Avertissement: XoopsEditorHandler::getList() should not be called statically. dans le fichier /class/xoopseditor/xoopseditor.php - ligne 171 Requêtes 0.000091 - SET NAMES 'utf8' 0.000053 - SET SQL_BIG_SELECTS = 1 0.000671 - SELECT * FROM config WHERE (conf_modid = '0' AND conf_catid = '1') ORDER BY conf_order ASC 0.000240 - SELECT sess_data, sess_ip FROM session WHERE sess_id = '02760363c96c27a331286dcd45338340' 0.000283 - SELECT * FROM users WHERE uid = '1' 0.000278 - SELECT * FROM modules WHERE dirname = 'system' 0.000142 - SELECT * FROM modules WHERE dirname = 'protector' 0.000337 - DELETE FROM protector_access WHERE expire < UNIX_TIMESTAMP() 0.000210 - SELECT COUNT(*) FROM protector_access WHERE ip='92.134.208.54' AND request_uri='/modules/system/admin.php?fct=preferences' 0.000131 - SELECT COUNT(*) FROM protector_access WHERE ip='92.134.208.54' 0.000144 - INSERT INTO protector_access SET ip='92.134.208.54',request_uri='/modules/system/admin.php?fct=preferences',expire=UNIX_TIMESTAMP()+'20' 0.000202 - SELECT * FROM configcategory 0.000251 - SELECT * FROM config WHERE (conf_modid = '0' AND conf_catid = '3') ORDER BY conf_order ASC 0.000312 - SELECT * FROM modules WHERE (hasadmin = '1' AND isactive = '1') ORDER BY weight ASC, mid ASC 0.000191 - SELECT * FROM groups 0.000188 - SELECT * FROM `users` ORDER BY uid DESC LIMIT 0, 1 0.000416 - SELECT gperm_itemid FROM group_permission LEFT JOIN modules m ON gperm_modid=m.mid WHERE m.dirname='myalbum' AND gperm_name='myalbum_global' AND (gperm_groupid IN (1,2)) 0.000295 - SELECT * FROM modules WHERE (isactive = '1' AND mid > '1') ORDER BY weight ASC, mid ASC 0.000125 - SELECT * FROM modules WHERE mid = 1 0.000722 - SELECT * FROM group_permission WHERE (gperm_name = 'module_admin' AND gperm_modid = '1' AND (gperm_groupid = '1' OR gperm_groupid = '2')) 0.000338 - SELECT * FROM modules WHERE (hasadmin = '1' AND isactive = '1' AND mid IN (15, 96, 76, 52, 51, 48, 18, 54, 19, 9, 23, 6, 4, 107, 50, 25, 20, 3)) ORDER BY weight ASC, mid ASC 0.000115 - SELECT * FROM groups 0.000182 - SELECT * FROM `users` ORDER BY uid DESC LIMIT 0, 1 Total: 23
Et sur la partie intouchable du forum:
Message: Undefined index: closesite dans le fichier /include/common.php - ligne 252 Avertissement: XoopsEditorHandler::getList() should not be called statically. dans le fichier /class/xoopseditor/xoopseditor.php - ligne 171 Avertissement: XoopsEditorHandler::getList() should not be called statically. dans le fichier /class/xoopseditor/xoopseditor.php - ligne 171 Requêtes 0.000173 - SET NAMES 'utf8' 0.000057 - SET SQL_BIG_SELECTS = 1 0.000806 - SELECT * FROM config WHERE (conf_modid = '0' AND conf_catid = '1') ORDER BY conf_order ASC 0.000312 - SELECT sess_data, sess_ip FROM session WHERE sess_id = '02760363c96c27a331286dcd45338340' 0.000334 - SELECT * FROM users WHERE uid = '1' 0.000338 - SELECT * FROM modules WHERE dirname = 'protector' 0.000452 - DELETE FROM protector_access WHERE expire < UNIX_TIMESTAMP() 0.000168 - SELECT COUNT(*) FROM protector_access WHERE ip='92.134.208.54' AND request_uri='/modules/blocksadmin/admin/myblocksadmin.php?dirname=newbbex' 0.000135 - SELECT COUNT(*) FROM protector_access WHERE ip='92.134.208.54' 0.000460 - INSERT INTO protector_access SET ip='92.134.208.54',request_uri='/modules/blocksadmin/admin/myblocksadmin.php?dirname=newbbex',expire=UNIX_TIMESTAMP()+'20' 0.000267 - SELECT * FROM modules WHERE dirname = 'blocksadmin' 0.000506 - SELECT * FROM modules WHERE dirname = 'newbbex' 0.000635 - SELECT * FROM newblocks WHERE mid='19' ORDER BY visible DESC,side,weight 0.000691 - SELECT * FROM config WHERE (conf_modid = '0' AND conf_catid = '3') ORDER BY conf_order ASC 0.000516 - SELECT * FROM modules WHERE (isactive = '1' AND mid > '1') ORDER BY weight ASC, mid ASC 0.000435 - SELECT * FROM modules WHERE mid = 1 0.000351 - SELECT * FROM modules WHERE (hasadmin = '1' AND isactive = '1') ORDER BY weight ASC, mid ASC 0.000386 - SELECT * FROM groups 0.000253 - SELECT * FROM `users` ORDER BY uid DESC LIMIT 0, 1 0.000628 - SELECT gperm_itemid FROM group_permission LEFT JOIN modules m ON gperm_modid=m.mid WHERE m.dirname='myalbum' AND gperm_name='myalbum_global' AND (gperm_groupid IN (1,2)) 0.000701 - SELECT * FROM modules WHERE (isactive = '1' AND mid > '1') ORDER BY weight ASC, mid ASC 0.000509 - SELECT * FROM modules WHERE (isactive = '1' AND mid > '1') ORDER BY weight ASC, mid ASC 0.000836 - SELECT * FROM modules WHERE (isactive = '1' AND mid > '1') ORDER BY weight ASC, mid ASC Total: 23
|
![Open in new window](javascript:CaricaFoto("http://img690.imageshack.us/img690/3149/virusy.jpg");)
![Open in new window](javascript:CaricaFoto("http://img696.imageshack.us/img696/417/virus2t.jpg");)
