1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Odd attack on my forum...

Discussion in 'Off Topic' started by Jaxel, Aug 8, 2013.

  1. Jaxel

    Jaxel Well-Known Member

    So today I'm looking at the error logs on my forums and I find a lot of this:

    Zend_Db_Adapter_Mysqli_Exception: LIMIT argument offset=-40 is not valid - library/Zend/Db/Adapter/Mysqli.php:507
    Generated By: Unknown Account, Today at 5:05 AM

    #0 /public_html/library/XenForo/Model.php(243): Zend_Db_Adapter_Mysqli->limit('?????SELECT pro...', 20, 42949672920)
    #1 /public_html/library/XenForo/Model/ProfilePost.php(70): XenForo_Model->limitQueryResults('?????SELECT pro...', 20, 42949672920)
    #2 /public_html/library/XenForo/ControllerPublic/Member.php(228): XenForo_Model_ProfilePost->getProfilePostsForUserId(12439, Array, Array)
    #3 /public_html/library/XenForo/FrontController.php(337): XenForo_ControllerPublic_Member->actionMember()
    #4 /public_html/library/XenForo/FrontController.php(134): XenForo_FrontController->dispatch(Object(XenForo_RouteMatch))
    #5 /public_html/index.php(13): XenForo_FrontController->run()
    #6 {main}
    array(3) {
      ["url"] => string(332) "http://8wayrun.com/members/robin.12439/?page=21111111111111+UNION+SELECT+CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81,45),CHAR(45,120,52,45,81,45),CHAR(45,120,53,45,81,45),CHAR(45,120,54,45,81,45),CHAR(45,120,55,45,81,45),CHAR(45,120,56,45,81,45),CHAR(45,120,57,45,81,45),CHAR(45,120,49,48,45,81,45)+--++/*"
      ["_GET"] => array(1) {
        ["page"] => string(287) "21111111111111 UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81,45),CHAR(45,120,52,45,81,45),CHAR(45,120,53,45,81,45),CHAR(45,120,54,45,81,45),CHAR(45,120,55,45,81,45),CHAR(45,120,56,45,81,45),CHAR(45,120,57,45,81,45),CHAR(45,120,49,48,45,81,45) --  /*"
      ["_POST"] => array(0) {
    This has me worried. I know XF uses prepared statements to prevent attacks like this; but the error confuses me. It's not an error I would expect to get with a prepared statement. Should I be worried?
  2. sonnb

    sonnb Well-Known Member

    What is your XF version? I could not reproduce this as Page params always be filtered as UINT, all of sql injection part would never be passed into your SQL query.
  3. Jaxel

    Jaxel Well-Known Member

  4. sonnb

    sonnb Well-Known Member

    Yep. Confirm on 1.2. But this is not because of injection string, it is because of out of range for offset value. It does not affect or harm to our DB. Just a error when user request invalid page. But yes, it is good if XF could handle this situation.
    Carlos and psTubble27 like this.

Share This Page