Jump to content

LOOK WHAT I FOUND IN MY ERROR LOG!!!!!


Claudia M

Recommended Posts

Look what I found in my error log!!!!!!  How did it get there and how do I get rid of it!!!!!!

<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
</head>

[14-Feb-2018 17:40:12 UTC] PHP Warning:  Invalid Security Token in /home/claudias/public_html/classes/sanitize.class.php on line 152
[14-Feb-2018 18:00:58 UTC] PHP Warning:  Security Warning: Illegal array key &quot;cart_lookup}&quot; was detected and was removed. in /home/claudias/public_html/classes/sanitize.class.php on line 113
[14-Feb-2018 18:38:27 UTC] PHP Warning:  Stored session data did not match DB record. Session aborted as possible session hijack. Old IP Address: '98.211.49.133' New IP Address: '98.211.49.133' Old User Agent: 'Microsoft Office Protocol Discovery' New User Agent: 'IEX' in /home/claudias/public_html/classes/session.class.php on line 702
[15-Feb-2018 02:16:19 UTC] PHP Warning:  Security Warning: Illegal array key &quot;Comcast_on_a_silver_platter_

On_December_14,_2017,_the_FCC_killed_net_neutrality_rules__But_do_you_truly_understand_the_global_implications_of_such_a_disastrous_decision?

These_laws_guaranteed_equal_access_to_the_web_without_paid_prioritization_fees,_unregulated_bandwidth_throttling,_and_rampant_censorship_from_ISPs__Now_these_laws_are_GONE_

The_cable_companies_are_a_few_short_months_away_from_doing_whatever_they_damn_well_please_with_the_Internet__That_includes_shutting_down_&quot; was detected and was removed. in /home/claudias/public_html/classes/sanitize.class.php on line 113
[15-Feb-2018 02:16:19 UTC] PHP Warning:  Security Warning: Illegal array key &quot;blocking_businesses_and_websites_like_yours_if_they_dislike_your_content_

If_you_cannot_afford_to_pay_cable_companies_more_money_for_customers_to_reach_your_business,_prepare_to_close_your_doors_for_good_

We_can_still_defeat_the_evil_FCC,_but_we_NEED_your_help_

Please_review_our_petition,_and_join_MILLIONS_of_net_neutrality_supporters_by_LINKING_to_our_page_from_your_website:_https://www_longlivethenet_com/_

Creating_a_LINK_is_casting_a_vote_for_freedom_of_speech_and_the_free_exchange_of_ideas_on_the_open_internet__Please_vote!

Long_Live_The_Internet!
Note:_We_are_a_non-profit_organization__We_will_never_place_an_advertisement_on_our_webpage__This_page_was_created_for_one_reason_and_one_reason_only,_to_save_the_Internet_as_we_know_it__Join_the_fight!&quot; was detected and was removed. in /home/claudias/public_html/classes/sanitize.class.php on line 113
[15-Feb-2018 02:16:19 UTC] PHP Warning:  Security Warning: Illegal array key &quot;Comcast_on_a_silver_platter_

On_December_14,_2017,_the_FCC_killed_net_neutrality_rules__But_do_you_truly_understand_the_global_implications_of_such_a_disastrous_decision?

These_laws_guaranteed_equal_access_to_the_web_without_paid_prioritization_fees,_unregulated_bandwidth_throttling,_and_rampant_censorship_from_ISPs__Now_these_laws_are_GONE_

The_cable_companies_are_a_few_short_months_away_from_doing_whatever_they_damn_well_please_with_the_Internet__That_includes_shutting_down_&quot; was detected and was removed. in /home/claudias/public_html/classes/sanitize.class.php on line 113
[15-Feb-2018 02:16:19 UTC] PHP Warning:  Security Warning: Illegal array key &quot;blocking_businesses_and_websites_like_yours_if_they_dislike_your_content_

If_you_cannot_afford_to_pay_cable_companies_more_money_for_customers_to_reach_your_business,_prepare_to_close_your_doors_for_good_

We_can_still_defeat_the_evil_FCC,_but_we_NEED_your_help_

Please_review_our_petition,_and_join_MILLIONS_of_net_neutrality_supporters_by_LINKING_to_our_page_from_your_website:_https://www_longlivethenet_com/_

Creating_a_LINK_is_casting_a_vote_for_freedom_of_speech_and_the_free_exchange_of_ideas_on_the_open_internet__Please_vote!

Long_Live_The_Internet!
Note:_We_are_a_non-profit_organization__We_will_never_place_an_advertisement_on_our_webpage__This_page_was_created_for_one_reason_and_one_reason_only,_to_save_the_Internet_as_we_know_it__Join_the_fight!&quot; was detected and was removed. in /home/claudias/public_html/classes/sanitize.class.php on line 113
[15-Feb-2018 02:16:19 UTC] PHP Warning:  Stored session data did not match DB record. Session aborted as possible session hijack. Old IP Address: '68.231.26.137' New IP Address: '68.231.26.137' Old User Agent: '' New User Agent: 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; .NET CLR 2.0.50727)' in /home/claudias/public_html/classes/session.class.php on line 702
[15-Feb-2018 02:16:19 UTC] PHP Warning:  Invalid Security Token in /home/claudias/public_html/classes/sanitize.class.php on line 152
[15-Feb-2018 03:02:24 UTC] PHP Warning:  Security Warning: Illegal array key &quot;cart_lookup}&quot; was detected and was removed. in /home/claudias/public_html/classes/sanitize.class.php on line 113

 

Link to comment
Share on other sites

Well, no, not on a CubeCart storefront. This was a key in a querystring. Unless there is some code looking for arbitrary keys in querystrings, there will be nothing to process it.

That said, is there code in CubeCart that is looking for arbitrary keys in querystrings? No, there isn't. (There is code looking for arbitrary values, such as the CubeCart->loadPage() function.)

There are several vectors for crud like this: querystrings, user-agent strings (access logs), obvious 404 page requests (web server error log).

Maybe we need to make sure we have sanitized any edits that result in:

"No products were found for <script injection>."

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...