CONTENIDO Forum

Das Diskussionsforum zum Open Source Content Management System
https://forum.contenido.org/

Spam- oder Hackerangriff???

https://forum.contenido.org/viewtopic.php?f=98&t=20191

Seite 1 von 1

Spam- oder Hackerangriff???

Verfasst: Di 5. Feb 2008, 12:44
von shadows
Hallo zusammen,

im Errorlog steht folgendes:

Code: Alles auswählen

t by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[04-Feb-2008 09:29:03] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fwww.spoddyland.co.uk%2Fscans%2Fyouneedtoselectaplanettoclaimbeforegettinginhere%2Fscanlogs%2Fiwazex%2Fatepec%2F&error=1 MySQL error 1064: You have an error in your SQL syntax near '://www.spoddyland.co.uk/scans/youneedtoselectaplanettoclaimbeforegettinginhere/s' at line 6
SELECT idright 
					FROM con_rights AS A,
						 con_actions AS B,
						 con_area AS C
					 WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = 'nobody' AND A.idcat = '0'
							AND A.idarea = C.idarea AND B.idaction = A.idaction AND A.idlang = http://www.spoddyland.co.uk/scans/youneedtoselectaplanettoclaimbeforegettinginhere/scanlogs/iwazex/atepec/
[04-Feb-2008 09:29:03] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fwww.spoddyland.co.uk%2Fscans%2Fyouneedtoselectaplanettoclaimbeforegettinginhere%2Fscanlogs%2Fiwazex%2Fatepec%2F&error=1 next_record called with no query pending.
[04-Feb-2008 10:51:45] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[04-Feb-2008 10:51:45] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[04-Feb-2008 10:51:45] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[04-Feb-2008 10:51:46] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[04-Feb-2008 10:51:46] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fsinzinuri.com%2Fimsi%2Fdb%2Fpic%2Fbezefi%2Fugoye%2F&error=1 MySQL error 1064: You have an error in your SQL syntax near '://sinzinuri.com/imsi/db/pic/bezefi/ugoye/' at line 6
SELECT idright 
					FROM con_rights AS A,
						 con_actions AS B,
						 con_area AS C
					 WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = 'nobody' AND A.idcat = '0'
							AND A.idarea = C.idarea AND B.idaction = A.idaction AND A.idlang = http://sinzinuri.com/imsi/db/pic/bezefi/ugoye/
[04-Feb-2008 10:51:46] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fsinzinuri.com%2Fimsi%2Fdb%2Fpic%2Fbezefi%2Fugoye%2F&error=1 next_record called with no query pending.
[04-Feb-2008 10:51:46] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[04-Feb-2008 10:51:46] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fwww.northfans.ch%2Fforum%2Fadmin%2Fsettings%2Fgucor%2Fujusu%2F&error=1 MySQL error 1064: You have an error in your SQL syntax near '://www.northfans.ch/forum/admin/settings/gucor/ujusu/' at line 6
SELECT idright 
					FROM con_rights AS A,
						 con_actions AS B,
						 con_area AS C
					 WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = 'nobody' AND A.idcat = '0'
							AND A.idarea = C.idarea AND B.idaction = A.idaction AND A.idlang = http://www.northfans.ch/forum/admin/settings/gucor/ujusu/
[04-Feb-2008 10:51:46] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fwww.northfans.ch%2Fforum%2Fadmin%2Fsettings%2Fgucor%2Fujusu%2F&error=1 next_record called with no query pending.
[04-Feb-2008 10:51:46] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[04-Feb-2008 10:51:46] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fhonamfishing.co.kr%2Fphpmysqladmin%2Flibraries%2Foduzov%2Fneloze%2F&error=1 MySQL error 1064: You have an error in your SQL syntax near '://honamfishing.co.kr/phpmysqladmin/libraries/oduzov/neloze/' at line 6
SELECT idright 
					FROM con_rights AS A,
						 con_actions AS B,
						 con_area AS C
					 WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = 'nobody' AND A.idcat = '0'
							AND A.idarea = C.idarea AND B.idaction = A.idaction AND A.idlang = http://honamfishing.co.kr/phpmysqladmin/libraries/oduzov/neloze/
[04-Feb-2008 10:51:46] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fhonamfishing.co.kr%2Fphpmysqladmin%2Flibraries%2Foduzov%2Fneloze%2F&error=1 next_record called with no query pending.
[04-Feb-2008 18:58:52] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[04-Feb-2008 18:58:52] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[04-Feb-2008 18:58:52] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[04-Feb-2008 18:58:53] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[04-Feb-2008 18:58:53] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fwww.heaven-house.kz%2Ftemplates_c%2Fsexes%2Fafacub%2F&error=1 MySQL error 1064: You have an error in your SQL syntax near '://www.heaven-house.kz/templates_c/sexes/afacub/' at line 6
SELECT idright 
					FROM con_rights AS A,
						 con_actions AS B,
						 con_area AS C
					 WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = 'nobody' AND A.idcat = '0'
							AND A.idarea = C.idarea AND B.idaction = A.idaction AND A.idlang = http://www.heaven-house.kz/templates_c/sexes/afacub/
[04-Feb-2008 18:58:53] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fwww.heaven-house.kz%2Ftemplates_c%2Fsexes%2Fafacub%2F&error=1 next_record called with no query pending.
[04-Feb-2008 18:58:53] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[04-Feb-2008 18:58:53] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fwww.heaven-house.kz%2Ftemplates_c%2Fsexes%2Fafacub%2F&error=1 MySQL error 1064: You have an error in your SQL syntax near '://www.heaven-house.kz/templates_c/sexes/afacub/' at line 6
SELECT idright 
					FROM con_rights AS A,
						 con_actions AS B,
						 con_area AS C
					 WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = 'nobody' AND A.idcat = '0'
							AND A.idarea = C.idarea AND B.idaction = A.idaction AND A.idlang = http://www.heaven-house.kz/templates_c/sexes/afacub/
[04-Feb-2008 18:58:53] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fwww.heaven-house.kz%2Ftemplates_c%2Fsexes%2Fafacub%2F&error=1 next_record called with no query pending.
[04-Feb-2008 18:58:53] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[04-Feb-2008 18:58:53] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fwww.marsbook.co.kr%2Fmain%2Fcreated%2Fproduct%2F2%2Fupu%2Fohoqoh%2F&error=1 MySQL error 1064: You have an error in your SQL syntax near '://www.marsbook.co.kr/main/created/product/2/upu/ohoqoh/' at line 6
SELECT idright 
					FROM con_rights AS A,
						 con_actions AS B,
						 con_area AS C
					 WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = 'nobody' AND A.idcat = '0'
							AND A.idarea = C.idarea AND B.idaction = A.idaction AND A.idlang = http://www.marsbook.co.kr/main/created/product/2/upu/ohoqoh/
[04-Feb-2008 18:58:53] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fwww.marsbook.co.kr%2Fmain%2Fcreated%2Fproduct%2F2%2Fupu%2Fohoqoh%2F&error=1 next_record called with no query pending.
[05-Feb-2008 00:29:20] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[05-Feb-2008 00:29:21] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[05-Feb-2008 00:29:22] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[05-Feb-2008 00:29:22] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[05-Feb-2008 00:29:22] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fsahel55.com%2Farticles%2Fomaduro%2Fkimumid%2F&error=1 MySQL error 1064: You have an error in your SQL syntax near '://sahel55.com/articles/omaduro/kimumid/' at line 6
SELECT idright 
					FROM con_rights AS A,
						 con_actions AS B,
						 con_area AS C
					 WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = 'nobody' AND A.idcat = '0'
							AND A.idarea = C.idarea AND B.idaction = A.idaction AND A.idlang = http://sahel55.com/articles/omaduro/kimumid/
[05-Feb-2008 00:29:22] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fsahel55.com%2Farticles%2Fomaduro%2Fkimumid%2F&error=1 next_record called with no query pending.
[05-Feb-2008 00:29:23] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[05-Feb-2008 00:29:23] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fwww.soeasywebsite.com%2Fsoeasycasino%2Fixu%2Fxotem%2F&error=1 MySQL error 1064: You have an error in your SQL syntax near '://www.soeasywebsite.com/soeasycasino/ixu/xotem/' at line 6
SELECT idright 
					FROM con_rights AS A,
						 con_actions AS B,
						 con_area AS C
					 WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = 'nobody' AND A.idcat = '0'
							AND A.idarea = C.idarea AND B.idaction = A.idaction AND A.idlang = http://www.soeasywebsite.com/soeasycasino/ixu/xotem/
[05-Feb-2008 00:29:23] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fwww.soeasywebsite.com%2Fsoeasycasino%2Fixu%2Fxotem%2F&error=1 next_record called with no query pending.
[05-Feb-2008 00:29:24] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[05-Feb-2008 00:29:24] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fsans-packing.ru%2Fimg%2Fjipeqap%2Fehudute%2F&error=1 MySQL error 1064: You have an error in your SQL syntax near '://sans-packing.ru/img/jipeqap/ehudute/' at line 6
SELECT idright 
					FROM con_rights AS A,
						 con_actions AS B,
						 con_area AS C
					 WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = 'nobody' AND A.idcat = '0'
							AND A.idarea = C.idarea AND B.idaction = A.idaction AND A.idlang = http://sans-packing.ru/img/jipeqap/ehudute/
[05-Feb-2008 00:29:24] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fsans-packing.ru%2Fimg%2Fjipeqap%2Fehudute%2F&error=1 next_record called with no query pending.
[05-Feb-2008 09:43:12] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[05-Feb-2008 09:43:12] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[05-Feb-2008 09:43:12] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[05-Feb-2008 09:43:13] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[05-Feb-2008 09:43:13] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fwww.felixtorresycia.com%2Fadmin%2Fcorreo%2Fenaq%2Fecib%2F&error=1 MySQL error 1064: You have an error in your SQL syntax near '://www.felixtorresycia.com/admin/correo/enaq/ecib/' at line 6
SELECT idright 
					FROM con_rights AS A,
						 con_actions AS B,
						 con_area AS C
					 WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = 'nobody' AND A.idcat = '0'
							AND A.idarea = C.idarea AND B.idaction = A.idaction AND A.idlang = http://www.felixtorresycia.com/admin/correo/enaq/ecib/
[05-Feb-2008 09:43:13] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fwww.felixtorresycia.com%2Fadmin%2Fcorreo%2Fenaq%2Fecib%2F&error=1 next_record called with no query pending.
[05-Feb-2008 09:43:13] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[05-Feb-2008 09:43:13] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fwww.northfans.ch%2Fforum%2Fadmin%2Fsettings%2Fgucor%2Fujusu%2F&error=1 MySQL error 1064: You have an error in your SQL syntax near '://www.northfans.ch/forum/admin/settings/gucor/ujusu/' at line 6
SELECT idright 
					FROM con_rights AS A,
						 con_actions AS B,
						 con_area AS C
					 WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = 'nobody' AND A.idcat = '0'
							AND A.idarea = C.idarea AND B.idaction = A.idaction AND A.idlang = http://www.northfans.ch/forum/admin/settings/gucor/ujusu/
[05-Feb-2008 09:43:13] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fwww.northfans.ch%2Fforum%2Fadmin%2Fsettings%2Fgucor%2Fujusu%2F&error=1 next_record called with no query pending.
[05-Feb-2008 09:43:13] PHP Warning:  Cannot modify header information - headers already sent by (output started at /kunden/99023_30171/webseiten/cms/front_content.php:253) in /kunden/99023_30171/webseiten/cms/front_content.php on line 350
[05-Feb-2008 09:43:13] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fwww.thoseguysfilms.com%2Fforums%2Ftemplates%2FsubSilver%2Fimages%2Fuza%2Flaqipu%2F&error=1 MySQL error 1064: You have an error in your SQL syntax near '://www.thoseguysfilms.com/forums/templates/subSilver/images/uza/laqipu/' at line 6
SELECT idright 
					FROM con_rights AS A,
						 con_actions AS B,
						 con_area AS C
					 WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = 'nobody' AND A.idcat = '0'
							AND A.idarea = C.idarea AND B.idaction = A.idaction AND A.idlang = http://www.thoseguysfilms.com/forums/templates/subSilver/images/uza/laqipu/
[05-Feb-2008 09:43:13] /cms/front_content.php?client=1&idcat=0&idart=0&lang=http%3A%2F%2Fwww.thoseguysfilms.com%2Fforums%2Ftemplates%2FsubSilver%2Fimages%2Fuza%2Flaqipu%2F&error=1 next_record called with no query pending.
Was ist hier los und vor allen Dingen, wie werden wir das wieder los?

Vielen Dank für Eure Mühe
-shadows-

Verfasst: Di 5. Feb 2008, 12:56
von Dodger77
Welche Contenido-Version setzt du ein?

Verfasst: Di 5. Feb 2008, 13:04
von shadows
Hallo,

wir benutzen Contenido 4.6.2.

Verfasst: Di 5. Feb 2008, 13:30
von holger.librenz_4fb
Hallo shadows.

Die Version muss unbedingt aktualisiert werden. Diese beinhaltet noch diverse Sicherheitslöcher! Bis dahin bitte die Seite offline stellen, um weitere Probleme zu vermeiden.

So long
Holger

Verfasst: Di 5. Feb 2008, 14:20
von shadows
Hallo holger.librenz_4fb,

ok, werden wir auf die neuste Contenido-Version updaten.

Aber was bedeutet denn nun eigentlich der Text im Errorlog und welche Auswirkungen hat es auf die Seite ?

Verfasst: Di 5. Feb 2008, 14:22
von holger.librenz_4fb
Hallo shadows.

Das bedeutet, das systematisch versucht wurde mittels manipulierter URL-Parameter auf die SQL Queries Einfluss zu nehmen. Im schlimmsten Fall wurde ein Versuch erfolgreich durchgeführt und Dein Server wird für so "lustige" Sachen wie Spamming und Filesharing genutzt. Von daher die Präsenz im eigenen Interesse offline nehmen, Installation prüfen und System Upgraden.

So long.
Holger
Alle Zeiten sind UTC+01:00
Seite 1 von 1

Powered by phpBB® Forum Software © phpBB Limited

Deutsche Übersetzung durch phpBB.de