Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

Sql Injection In Call-Requests Add-On And Rate Limiting? Rate Topic   - - - - -

 
  • TurabG
  • Advanced Member
  • Members
  • Join Date: 05-Apr 17
  • 58 posts

Posted 16 December 2021 - 09:54 PM #1

Hi.

 

CS-Cart version 4.11.4.SP3

 

Someone is constantly sending call requests like:

 (select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
 -1" OR 2+951-951-1=0+0+0+1

I closed the storefront all together, activated "under attack mode" in Cloudflare. Albeit in a lower frequency, I still receive call requests. Isn't there a rate limiting on call requests? What should I do now?



 
  • harmsmitsdev
  • Senior Member
  • Members
  • Join Date: 22-Feb 20
  • 226 posts

Posted 18 December 2021 - 05:37 PM #2

There is no SQL injection. There are also no rate-limits.


Best Brands Support - We empower your business!

info@bestbrands.eu


 
  • maimai
  • Member
  • Members
  • Join Date: 07-Aug 21
  • 35 posts

Posted 19 December 2021 - 02:21 AM #3

Hi.

 

CS-Cart version 4.11.4.SP3

 

Someone is constantly sending call requests like:

 (select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
 -1" OR 2+951-951-1=0+0+0+1

I closed the storefront all together, activated "under attack mode" in Cloudflare. Albeit in a lower frequency, I still receive call requests. Isn't there a rate limiting on call requests? What should I do now?

 

How did you get these logs? is it in apache2 logs or in cs-cart logs? how did you check it?



 
  • TurabG
  • Advanced Member
  • Members
  • Join Date: 05-Apr 17
  • 58 posts

Posted 20 December 2021 - 02:41 PM #4

How did you get these logs? is it in apache2 logs or in cs-cart logs? how did you check it?

 

I didn't need to see the logs. Because call requests are notified by mail. I received more than 130 call requests like that until I renamed index.php to something else. (The store isn't really much active; I wanted to see what happens next; because I was still receiving call request mails although I closed the store from the admin panel.)



 
  • FDGWEB
  • Junior Member
  • Authorized Reseller
  • Join Date: 20-Aug 10
  • 173 posts

Posted 23 December 2021 - 10:43 PM #5

Not enough info. Unless you have the IP that is causing those queries it is hard to see what is going on. 


FDG Web, Inc - Seattle Web Design : Custom CS-Cart Programming & Design | Toll-Free: 877.239.3083

Download Proposal Templates & Web Design Contract Samples

 
  • TurabG
  • Advanced Member
  • Members
  • Join Date: 05-Apr 17
  • 58 posts

Posted 25 December 2021 - 03:44 PM #6

How will having the IP address help?