News:

SMF 2.1.4 has been released! Take it for a spin! Read more.

Main Menu

Suspicious error email

Started by Jeff B, September 25, 2018, 09:16:09 AM

Previous topic - Next topic

Jeff B

Yesterday an email was somehow generated to all of our forum admins.

The following error occurred when processing a paid subscription
---------------------------------------------------------------
Paid subscription handler could not recover member ID


We do not use the paid subscription function, although I had looked at it certainly over a year ago and set up a test subscription, but never added a member to it or anything. I did delete the test and disabled the function under core features.

How might this happen? I want to be sure nothing nefarious going on.

Looking

You have more than 1 forum admin? That in itself is a risk, how many admins are we talking about?

vbgamer45

A request that is sent to subscriptions.php some times could be caused by automated bot.
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

Jeff B

Quote from: Looking on September 25, 2018, 09:19:44 AM
You have more than 1 forum admin? That in itself is a risk, how many admins are we talking about?

That is NOT an issue. My admins have been with me for 18 years. We started our forum with YaBB in 2000, and have progressef through the software variations to where we are now. They are no more of a risk than I am.  8 is the answer however.

Sir Osis of Liver

That error comes from subscriptions.php here -



// Get the subscription and member ID amoungst others...
@list ($subscription_id, $member_id) = $gatewayClass->precheck();

// Integer these just in case.
$subscription_id = (int) $subscription_id;
$member_id = (int) $member_id;

// This would be bad...
if (empty($member_id))
generateSubscriptionError($txt['paid_empty_member']);



I suppose it's possible someone tried to hack a subscription, but wouldn't know how to get subscriptions.php to throw that error by direct request.  Subscription will not activate without verification from PayPal, so any attempt to hack a sub would fail.

Ashes and diamonds, foe and friend,
 we were all equal in the end.

                                     - R. Waters

Jeff B

We just had this happen again this morning. almost 2 years later.

Sir Osis of Liver

Wouldn't worry about it if it's only happened twice.  subscriptions.php will respond to inputs even if paid subs is disabled (try this - https://www.simplemachines.org/community/subscriptions.php).  Best guess is bots threw some crap at it to see what it does.  Won't get them anywhere.
Ashes and diamonds, foe and friend,
 we were all equal in the end.

                                     - R. Waters

Jeff B


Advertisement: