Go to main content

Textpattern CMS support forum

You are not logged in. Register | Login | Help

#1 2008-04-05 14:17:20

sunmaker
Member
From: Washington DC
Registered: 2005-01-04
Posts: 40

Is this a hack attempt on my TXP site?

Examining the visitor log on one of my TXP sites, I found several entries like this, all from one IP address:

mywebsite/​index.​php?​id=1+and+1=2+union+se​lect+0×2D4578372D31,​0×2D4578372D32,​0×2D4578372D33,​0×2D4578372D34/​*

What is to be made of this? I don’t recognize the entry, but the words union and select suggest some type of MySQL command.


All boundaries are for practical purposes only.

Offline

#2 2008-04-05 14:26:48

ruud
Developer Emeritus
From: a galaxy far far away
Registered: 2006-06-04
Posts: 5,068
Website

Re: Is this a hack attempt on my TXP site?

Strange, especially those hex numbers. It won’t affect TXP though because we sanitize the id before using it.

Offline

#3 2008-04-05 15:40:53

johnnie
Member
Registered: 2007-03-10
Posts: 58

Re: Is this a hack attempt on my TXP site?

Hm… This looks like some kind of buffer overflow attempt

Offline

Board footer

Powered by FluxBB