Claudia M Posted February 15, 2018 Share Posted February 15, 2018 Look what I found in my error log!!!!!! How did it get there and how do I get rid of it!!!!!! <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> </head> [14-Feb-2018 17:40:12 UTC] PHP Warning: Invalid Security Token in /home/claudias/public_html/classes/sanitize.class.php on line 152 [14-Feb-2018 18:00:58 UTC] PHP Warning: Security Warning: Illegal array key "cart_lookup}" was detected and was removed. in /home/claudias/public_html/classes/sanitize.class.php on line 113 [14-Feb-2018 18:38:27 UTC] PHP Warning: Stored session data did not match DB record. Session aborted as possible session hijack. Old IP Address: '98.211.49.133' New IP Address: '98.211.49.133' Old User Agent: 'Microsoft Office Protocol Discovery' New User Agent: 'IEX' in /home/claudias/public_html/classes/session.class.php on line 702 [15-Feb-2018 02:16:19 UTC] PHP Warning: Security Warning: Illegal array key "Comcast_on_a_silver_platter_ On_December_14,_2017,_the_FCC_killed_net_neutrality_rules__But_do_you_truly_understand_the_global_implications_of_such_a_disastrous_decision? These_laws_guaranteed_equal_access_to_the_web_without_paid_prioritization_fees,_unregulated_bandwidth_throttling,_and_rampant_censorship_from_ISPs__Now_these_laws_are_GONE_ The_cable_companies_are_a_few_short_months_away_from_doing_whatever_they_damn_well_please_with_the_Internet__That_includes_shutting_down_" was detected and was removed. in /home/claudias/public_html/classes/sanitize.class.php on line 113 [15-Feb-2018 02:16:19 UTC] PHP Warning: Security Warning: Illegal array key "blocking_businesses_and_websites_like_yours_if_they_dislike_your_content_ If_you_cannot_afford_to_pay_cable_companies_more_money_for_customers_to_reach_your_business,_prepare_to_close_your_doors_for_good_ We_can_still_defeat_the_evil_FCC,_but_we_NEED_your_help_ Please_review_our_petition,_and_join_MILLIONS_of_net_neutrality_supporters_by_LINKING_to_our_page_from_your_website:_https://www_longlivethenet_com/_ Creating_a_LINK_is_casting_a_vote_for_freedom_of_speech_and_the_free_exchange_of_ideas_on_the_open_internet__Please_vote! Long_Live_The_Internet! Note:_We_are_a_non-profit_organization__We_will_never_place_an_advertisement_on_our_webpage__This_page_was_created_for_one_reason_and_one_reason_only,_to_save_the_Internet_as_we_know_it__Join_the_fight!" was detected and was removed. in /home/claudias/public_html/classes/sanitize.class.php on line 113 [15-Feb-2018 02:16:19 UTC] PHP Warning: Security Warning: Illegal array key "Comcast_on_a_silver_platter_ On_December_14,_2017,_the_FCC_killed_net_neutrality_rules__But_do_you_truly_understand_the_global_implications_of_such_a_disastrous_decision? These_laws_guaranteed_equal_access_to_the_web_without_paid_prioritization_fees,_unregulated_bandwidth_throttling,_and_rampant_censorship_from_ISPs__Now_these_laws_are_GONE_ The_cable_companies_are_a_few_short_months_away_from_doing_whatever_they_damn_well_please_with_the_Internet__That_includes_shutting_down_" was detected and was removed. in /home/claudias/public_html/classes/sanitize.class.php on line 113 [15-Feb-2018 02:16:19 UTC] PHP Warning: Security Warning: Illegal array key "blocking_businesses_and_websites_like_yours_if_they_dislike_your_content_ If_you_cannot_afford_to_pay_cable_companies_more_money_for_customers_to_reach_your_business,_prepare_to_close_your_doors_for_good_ We_can_still_defeat_the_evil_FCC,_but_we_NEED_your_help_ Please_review_our_petition,_and_join_MILLIONS_of_net_neutrality_supporters_by_LINKING_to_our_page_from_your_website:_https://www_longlivethenet_com/_ Creating_a_LINK_is_casting_a_vote_for_freedom_of_speech_and_the_free_exchange_of_ideas_on_the_open_internet__Please_vote! Long_Live_The_Internet! Note:_We_are_a_non-profit_organization__We_will_never_place_an_advertisement_on_our_webpage__This_page_was_created_for_one_reason_and_one_reason_only,_to_save_the_Internet_as_we_know_it__Join_the_fight!" was detected and was removed. in /home/claudias/public_html/classes/sanitize.class.php on line 113 [15-Feb-2018 02:16:19 UTC] PHP Warning: Stored session data did not match DB record. Session aborted as possible session hijack. Old IP Address: '68.231.26.137' New IP Address: '68.231.26.137' Old User Agent: '' New User Agent: 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; .NET CLR 2.0.50727)' in /home/claudias/public_html/classes/session.class.php on line 702 [15-Feb-2018 02:16:19 UTC] PHP Warning: Invalid Security Token in /home/claudias/public_html/classes/sanitize.class.php on line 152 [15-Feb-2018 03:02:24 UTC] PHP Warning: Security Warning: Illegal array key "cart_lookup}" was detected and was removed. in /home/claudias/public_html/classes/sanitize.class.php on line 113 Quote Link to comment Share on other sites More sharing options...
Noodleman Posted February 15, 2018 Share Posted February 15, 2018 so many !!!!!!!!!! is your store hacked? Check for code snippits that you don't know about Quote Link to comment Share on other sites More sharing options...
Claudia M Posted February 15, 2018 Author Share Posted February 15, 2018 In admin/manage hooks/ code snippets there are no snippets that are not suppose to be there. Quote Link to comment Share on other sites More sharing options...
Noodleman Posted February 15, 2018 Share Posted February 15, 2018 I mean, the log shows CC did it's job. an array was illegal... and it removed it. seems like a bot looking for a way in to post crap on a forum Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted February 15, 2018 Share Posted February 15, 2018 You'll be suprised the amount of junk data that gets thrown at servers. Maybe a bot is trying to send spam through the store. If the version is up to date there should be nothing to be worried about. Quote Link to comment Share on other sites More sharing options...
Claudia M Posted February 15, 2018 Author Share Posted February 15, 2018 That is so rude!! Bad bot!!! I have the latest version of CC installed - 6.1.13. Is 6.1.14 going to be released soon? " seems like a bot looking for a way in to post crap on a forum " Well it worked. I posted it. Is it ok to clear my log and I don't need to check anything? Quote Link to comment Share on other sites More sharing options...
Noodleman Posted February 15, 2018 Share Posted February 15, 2018 id didn't post it.. it captured it in an error log. if it was posted it would be all over your store front for all to see Quote Link to comment Share on other sites More sharing options...
Claudia M Posted February 15, 2018 Author Share Posted February 15, 2018 " id didn't post it.. it captured it in an error log. if it was posted it would be all over your store front for all to see " I meant I posted it here in the forum, so it got some notice like they wanted. Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted February 15, 2018 Share Posted February 15, 2018 I wouldn't worry about it. It will stop soon no doubt. If the error logs are getting a bit big they can always be deleted. Quote Link to comment Share on other sites More sharing options...
bsmither Posted February 15, 2018 Share Posted February 15, 2018 Well, no, not on a CubeCart storefront. This was a key in a querystring. Unless there is some code looking for arbitrary keys in querystrings, there will be nothing to process it. That said, is there code in CubeCart that is looking for arbitrary keys in querystrings? No, there isn't. (There is code looking for arbitrary values, such as the CubeCart->loadPage() function.) There are several vectors for crud like this: querystrings, user-agent strings (access logs), obvious 404 page requests (web server error log). Maybe we need to make sure we have sanitized any edits that result in: "No products were found for <script injection>." Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.