Jump to content

Can anyone tell me what this means?

beddows

By beddows
in MySQL Help

 Share

Recommended Posts

beddows Newbie

beddows

Posted
Posted

I administer an Invision board & the mysql error log is showing the below: I don't understand it, but it looks suspicious. the IP address shown is my own.

 

Now, we had flashchat on this board and we were hacked. I believe this log ,might be from the day I changed the password to the database & removed flashchat.

 

Date: Mon, 17 Nov 2008 02:31:06 -0600

Error Number: 2013

Error: Lost connection to MySQL server during query

IP Address: 154.5.5.90

Page: /index.php?s=a9ba67c082dd0c6301aaffb36d121651&act=Search&CODE=<META+HTTP-EQUIV=\"refresh\"+CONTENT=\"0%3Burl=JaVaS%26%2399%3BRiPt:alert(471610030187)%3B\">&k=880ea6a14ea49e853634fbdc5015a024

mySQL query error: INSERT INTO ibf_sessions (id,member_name,member_id,member_group,login_type,running_time,ip_address,browser,location,in_error,location_1_type,location_1_id,location_2_type,location_2_id,location_3_type,location_3_id) VALUES('51efda67789f456917730928ba10fa5a','',0,2,0,1226909275,'154.5.5.90','Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)','Search,0,<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(471610030187);">',0,'',0,'',0,'',0)

===================================================

Date: Mon, 17 Nov 2008 02:31:06 -0600

Error Number: 2013

Error: Lost connection to MySQL server during query

IP Address: 154.5.5.90

Page: /index.php?s=a9ba67c082dd0c6301aaffb36d121651&act=<META+HTTP-EQUIV=\"refresh\"+CONTENT=\"0%3Burl=JaVaS%26%2399%3BRiPt:alert(471540029722)%3B\">&CODE=04&k=880ea6a14ea49e853634fbdc5015a024

mySQL query error: INSERT INTO ibf_sessions (id,member_name,member_id,member_group,login_type,running_time,ip_address,browser,location,in_error,location_1_type,location_1_id,location_2_type,location_2_id,location_3_type,location_3_id) VALUES('a07287440ce34dc15a1f542edf9ad555','',0,2,0,1226909274,'154.5.5.90','Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)','idx,0,04',0,'',0,'',0,'',0)

 

 

Link to comment
Share on other sites
beddows Newbie

beddows

Posted
  • Author
Posted

oops, That one I think was caused by my activity. It is this one I am wondering about. I banned the ip ranges here to be on the safe side. They are in Taiwan & Brazil & would not be interested in this forum. Thst is why I suspect these are hacking attempts.

 

 

===================================================

Date: Thu, 20 Nov 2008 07:18:40 -0600

Error Number: 2013

Error: Lost connection to MySQL server during query

IP Address: 140.130.101.5

Page: /index.php

mySQL query error: INSERT INTO ibf_sessions (id,member_name,member_id,member_group,login_type,running_time,ip_address,browser,location,in_error,location_1_type,location_1_id,location_2_type,location_2_id,location_3_type,location_3_id) VALUES('d2857212ba202465d9cde2e8221acb66','',0,2,0,1227186017,'140.130.101.5','libwww-perl/5.79','idx,0,',0,'',0,'',0,'',0)

===================================================

Date: Thu, 20 Nov 2008 07:20:05 -0600

Error Number: 2013

Error: Lost connection to MySQL server during query

IP Address: 140.130.101.5

Page: /index.php

mySQL query error: INSERT INTO ibf_sessions (id,member_name,member_id,member_group,login_type,running_time,ip_address,browser,location,in_error,location_1_type,location_1_id,location_2_type,location_2_id,location_3_type,location_3_id) VALUES('f0dabf87b04c37e89e9ba3ecf6f66806','',0,2,0,1227186100,'140.130.101.5','Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-GB; rv:1.7.10) Gecko/20050717 Firefox/1.0.6','idx,0,',0,'',0,'',0,'',0)

===================================================

Date: Thu, 20 Nov 2008 11:38:19 -0600

Error Number: 2013

Error: Lost connection to MySQL server during query

IP Address: 189.34.127.8

Page: /index.php

mySQL query error: INSERT INTO ibf_sessions (id,member_name,member_id,member_group,login_type,running_time,ip_address,browser,location,in_error,location_1_type,location_1_id,location_2_type,location_2_id,location_3_type,location_3_id) VALUES('96cd45ee4c28cf027a07adc3cfee12e7','',0,2,0,1227200813,'189.34.127.8','Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; FunWebProducts; MRA 4.6 (build 01425); .NET CLR 1.1.4322; .NET CLR 2.0.50727)','idx,0,',0,'',0,'',0,'',0)

===================================================

Date: Thu, 20 Nov 2008 16:38:29 -0600

Error Number: 2013

Error: Lost connection to MySQL server during query

IP Address: 68.148.2.47

Page: /index.php?act=Login&CODE=01

mySQL query error: UPDATE ibf_sessions SET member_name='',member_id=0,member_group=2,login_type=0,running_time=1227219325,location='Login,0,01',in_error=0,location_1_type='',location_1_id=0,location_2_type='',location_2_id=0,location_3_type='',location_3_id=0 WHERE id='fc8231a33cc7d1c85aa6a6f75c36efaa'

===================================================

Date: Thu, 20 Nov 2008 17:01:47 -0600

Error Number: 2013

Error: Lost connection to MySQL server during query

IP Address: 199.64.0.252

Page: /index.php?

mySQL query error: UPDATE ibf_sessions SET member_name='bluedually',member_id=3401,member_group=3,login_type=0,running_time=1227221105,location='idx,0,',in_error=0,location_1_type='',location_1_id=0,location_2_type='',location_2_id=0,location_3_type='',location_3_id=0 WHERE id='1fa601ed824b2d7591adda6b4b1acad8'

===================================================

Date: Thu, 20 Nov 2008 17:01:59 -0600

Error Number: 2013

Error: Lost connection to MySQL server during query

IP Address: 199.64.0.252

Page: /index.php?

mySQL query error: UPDATE ibf_sessions SET member_name='bluedually',member_id=3401,member_group=3,login_type=0,running_time=1227221127,location='idx,0,',in_error=0,location_1_type='',location_1_id=0,location_2_type='',location_2_id=0,location_3_type='',location_3_id=0 WHERE id='1fa601ed824b2d7591adda6b4b1acad8'

===================================================

Date: Thu, 20 Nov 2008 17:07:13 -0600

Error Number: 2013

Error: Lost connection to MySQL server during query

IP Address: 199.64.0.252

Page: /index.php?

mySQL query error: UPDATE ibf_sessions SET member_name='bluedually',member_id=3401,member_group=3,login_type

Link to comment
Share on other sites
corbin Regular Member

corbin

Posted
Posted

It looks like it's just dropping the connection.  Not sure why.  Do you have a weird firewall setup or something?  Or they could be exploiting something to try to make it drop the connection, but I don't think the user is doing it on purpose.  Only way to know for sure will be if something is a dead give away that it's an attack, or if someone you know gets the error (well gets an error, and the error log has their IP).

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.