nBill Community nBill Home Page
21/May/2012, 10:09:09 PM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Click Here for the nBill home page, or take a tour.  
 
   Home   Help Search Login Register  
nBill Community > Version 1.x > Bug Reports > unknown runtime errors
Pages: [1]
« previous next »
  Print  
Author Topic: unknown runtime errors  (Read 1037 times)
dynorodney
Full Member
***
Offline Offline

Posts: 120


View Profile
« on: 19/September/2009, 04:04:27 PM »
Hi

Every now and again I get this appearing in my email (ive swapped my domain out):

Billing Version: 1.2.9
Service Pack: 0
Domain: https://www.mydomain.co.uk/cms
Date/Time: 19-Sep-2009 12:09:12 pm
IP Address: 85.92.223.14
Page: /cms/index.php?option=com_netinvoice
Referrer: https://www.mydomain.co.uk/cms/index.php
Error Log ID: 150
Error Message: Invalid argument supplied for foreach() File Name: /var/www/html/cms/components/com_netinvoice/netinvoice.php
Line Number: 0
PHP Version (and OS): 5.1.6 (Linux)
CMS: joomla
CMS Version: 1.5

I get it around 28 times - i.e. 28 emails. It doesnt coincide with an order (whenever we get a payment I get an email as well so it doesnt appear to be in the process of generating an invoice for example when it happens. Its happened today at 12:46 pm with me getting 28 emails through, all exactly the same and it happened sometime last week around about midnight ish, but again not related time wise to an order. It first happened a couple of months ago but I ignored it then! I cant view the code to see what for loop its trying to process. I did wonder whether something could be posting something to my system to try to break it/hack it. are you doing a foreach($_POST) type code around that line or can you advise accordingly?

Thanks

Tony
Logged
netshine
Administrator
Hero Member
*****
Offline Offline

Posts: 4,563


View Profile
« Reply #1 on: 19/September/2009, 07:13:51 PM »
Unfortunately, for some reason, the line number is not reported by PHP in that error message (line 0 does not exist), so I cannot tell for sure where in the code it is happening (there are several foreach loops in that file). Most of the foreach loops occur during order processing, but one of them is when someone uses the nBill login box, so my guess would be that someone is trying a brute force attack to try to login. If you check your apache logs for the time when the errors occur, you might be able to track it down to a particular IP address that you can blacklist.
Logged
dynorodney
Full Member
***
Offline Offline

Posts: 120


View Profile
« Reply #2 on: 22/September/2009, 09:24:37 AM »
Hi

How right you were - it was actually our mcafee appliance scan causing the issue - it tries to find weak spots in the web server code - such as forcing errors to show on screen and then produces reports. It runs automatically at its own pace but I hadnt associated the error with the scan as i didnt recognise the IP but it was. Its obviously forcing something into the login to try to break the server which is causing issues with nbill enough for your system to generate an error email but not enough to tell mcafee that usable information has been shown on screen as part of the forced attempt. Its obviously just feeding in data that nbill isn't expecting. 

Thanks for the quick reply.

Tony
Logged
Pages: [1]
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines Valid XHTML 1.0! Valid CSS!