Every now and then I get a slew of database errors reported to me via email. They all look similar but from different IP addressed. I'm wondering if this is some sort of hack attempt? I do not use forerunner so I have password protected the forerunner directory which seems to have stopped the errors.
Here is what it looks like (I've edited some details for security):
Database error in vBulletin 4.2.3: Invalid SQL: SELECT post.postid, post.threadid, post.visible, post.title, post.userid, thread.forumid, thread.title AS thread_title, thread.postuserid, thread.visible AS thread_visible, thread.firstpostid FROM vbb_post AS post LEFT JOIN vbb_thread AS thread USING (threadid) WHERE postid IN (1 RLIKE (SELECT (CASE WHEN (ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),6,1))>112) THEN 1 ELSE 0x28 END))); MySQL Error : Got error 'parentheses not balanced' from regexp Error Number : 1139 Request Date : Tuesday, November 22nd 2016 @ 12:23:36 PM Error Date : Tuesday, November 22nd 2016 @ 12:23:36 PM Script : http://www.myforum.com/xyz/forumrunner/request.php Referrer : IP Address : 85.25.xxx.xxx Username : Unregistered Classname : vB_Database_MySQLi MySQL Version : Does this look like a hack attempt or what is going on?
Here is what it looks like (I've edited some details for security):
Database error in vBulletin 4.2.3: Invalid SQL: SELECT post.postid, post.threadid, post.visible, post.title, post.userid, thread.forumid, thread.title AS thread_title, thread.postuserid, thread.visible AS thread_visible, thread.firstpostid FROM vbb_post AS post LEFT JOIN vbb_thread AS thread USING (threadid) WHERE postid IN (1 RLIKE (SELECT (CASE WHEN (ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),6,1))>112) THEN 1 ELSE 0x28 END))); MySQL Error : Got error 'parentheses not balanced' from regexp Error Number : 1139 Request Date : Tuesday, November 22nd 2016 @ 12:23:36 PM Error Date : Tuesday, November 22nd 2016 @ 12:23:36 PM Script : http://www.myforum.com/xyz/forumrunner/request.php Referrer : IP Address : 85.25.xxx.xxx Username : Unregistered Classname : vB_Database_MySQLi MySQL Version : Does this look like a hack attempt or what is going on?
Comment