View ProjeQtOr On SourceForge.net
ProjeQtOr - Project Management Tool
Support us on Capterra
OIN - Open Invention Network
ProjeQtOr free project management software - Assistance needed: "Try to hack detected" emails from Projeqtor - ProjeQtOr
 

Assistance needed: "Try to hack detected" emails from Projeqtor

More
19 May 2025 10:48 #1 by chandrashekhar
Assistance needed: "Try to hack detected" emails from Projeqtor was created by chandrashekhar
Hi,

I've received two emails today from the Projeqtor application with the subject line: "Try to hack detected.".

Please refer to the below log.

2025-05-17 19:09:00.092 ***** ERROR ***** [V12.1.2] [30] HACK ================================================================
2025-05-17 19:09:00.093 ***** ERROR ***** [V12.1.2] [30] Try to hack detected
2025-05-17 19:09:00.093 ***** ERROR ***** [V12.1.2] [30] Source Code = Cross-site scripting detected calling /projeqtor/tool/checkAlertToDisplay.php
2025-05-17 19:09:00.093 ***** ERROR ***** [V12.1.2] [30] QUERY_STRING = csrfToken=7dff8e75e488e13b69867f5494fcda5c3315c656a46b8a1838014d082d8b34c6c4c611&directAccessIndex=
2025-05-17 19:09:00.094 ***** ERROR ***** [V12.1.2] [30] REMOTE_ADDR = 192.xxx.xx.231
2025-05-17 19:09:00.094 ***** ERROR ***** [V12.1.2] [30] SCRIPT_FILENAME = C:/Apache24/htdocs/projeqtor/tool/checkAlertToDisplay.php
2025-05-17 19:09:00.094 ***** ERROR ***** [V12.1.2] [30] CONNECTED USER = #30 - This email address is being protected from spambots. You need JavaScript enabled to view it.
2025-05-17 19:09:00.095 ***** ERROR ***** [V12.1.2] [30] === Trace Stack for last error ===
2025-05-17 19:09:00.095 ***** ERROR ***** [V12.1.2] [30] => C:\Apache24\htdocs\projeqtor\tool\projeqtor.php at line 1709 calling debugPrintTraceStack()
2025-05-17 19:09:00.095 ***** ERROR ***** [V12.1.2] [30] => C:\Apache24\htdocs\projeqtor\tool\projeqtor.php at line 246 calling traceHack()
2025-05-17 19:09:00.095 ***** ERROR ***** [V12.1.2] [30] => C:\Apache24\htdocs\projeqtor\tool\checkAlertToDisplay.php at line 29 calling require_once()
2025-05-17 19:09:00.096 ***** ERROR ***** [V12.1.2] [30] ===
2025-05-17 19:09:00.096 ***** ERROR ***** [V12.1.2] [30] REQUEST_URI = /projeqtor/tool/checkAlertToDisplay.php?csrfToken=7dff8e75e488e13b69867f5494fcda5c3315c656a46b8a1838014d082d8b34c6c4c611&directAccessIndex=
2025-05-17 19:09:18.527 ***** ERROR ***** [V12.1.2] [30] HACK ================================================================
2025-05-17 19:09:18.527 ***** ERROR ***** [V12.1.2] [30] Try to hack detected
2025-05-17 19:09:18.528 ***** ERROR ***** [V12.1.2] [30] Source Code = Cross-site scripting detected calling /projeqtor/tool/jsonNotification.php
2025-05-17 19:09:18.528 ***** ERROR ***** [V12.1.2] [30] QUERY_STRING = csrfToken=7dff8e75e488e13b69867f5494fcda5c3315c656a46b8a1838014d082d8b34c6c4c611&directAccessIndex=
2025-05-17 19:09:18.528 ***** ERROR ***** [V12.1.2] [30] REMOTE_ADDR = 192.xxx.xx.231
2025-05-17 19:09:18.529 ***** ERROR ***** [V12.1.2] [30] SCRIPT_FILENAME = C:/Apache24/htdocs/projeqtor/tool/jsonNotification.php
2025-05-17 19:09:18.529 ***** ERROR ***** [V12.1.2] [30] CONNECTED USER = #30 - This email address is being protected from spambots. You need JavaScript enabled to view it.
2025-05-17 19:09:18.530 ***** ERROR ***** [V12.1.2] [30] === Trace Stack for last error ===
2025-05-17 19:09:18.530 ***** ERROR ***** [V12.1.2] [30] => C:\Apache24\htdocs\projeqtor\tool\projeqtor.php at line 1709 calling debugPrintTraceStack()
2025-05-17 19:09:18.530 ***** ERROR ***** [V12.1.2] [30] => C:\Apache24\htdocs\projeqtor\tool\projeqtor.php at line 246 calling traceHack()
2025-05-17 19:09:18.531 ***** ERROR ***** [V12.1.2] [30] => C:\Apache24\htdocs\projeqtor\tool\jsonNotification.php at line 30 calling require_once()
2025-05-17 19:09:18.531 ***** ERROR ***** [V12.1.2] [30] ===
2025-05-17 19:09:18.531 ***** ERROR ***** [V12.1.2] [30] REQUEST_URI = /projeqtor/tool/jsonNotification.php?csrfToken=7dff8e75e488e13b69867f5494fcda5c3315c656a46b8a1838014d082d8b34c6c4c611&directAccessIndex=
 
Could you please advise if this is something that requires my attention, or guide me on the appropriate next steps?Thank you for your assistance.

Best regards,

Please Log in or Create an account to join the conversation.

More
27 May 2025 16:40 #2 by babynus
Replied by babynus on topic Assistance needed: "Try to hack detected" emails from Projeqtor
Connected users using old version of code after migration ?
Babynus
Administrator of ProjeQtOr web site

Please Log in or Create an account to join the conversation.

More
28 May 2025 06:29 #3 by chandrashekhar
Replied by chandrashekhar on topic Assistance needed: "Try to hack detected" emails from Projeqtor
Hi,

Could you please provide more details about your question? I’m not sure I fully understand what you mean regarding the migration and the version of the code.

Thank you!

Please Log in or Create an account to join the conversation.

More
Yesterday 15:35 #4 by babynus
Replied by babynus on topic Assistance needed: "Try to hack detected" emails from Projeqtor
Try to hack in on checkAlertToDisplay.
This is called every 30 seconds from every browser connected to projeqtor.
Since V12.1, we activated CSRF token control.
Users conected with old version don't have the token so they are disconnected.
Babynus
Administrator of ProjeQtOr web site

Please Log in or Create an account to join the conversation.

Moderators: babynusprotion
Time to create page: 0.042 seconds

Cookies settings

×

Functional Cookies

Ce site utilise des cookies pour assurer son bon fonctionnement et ne peuvent pas être désactivés de nos systèmes. Nous ne les utilisons pas à des fins publicitaires. Si ces cookies sont bloqués, certaines parties du site ne pourront pas fonctionner.

Session

Please login to see yours activities!

Other cookies

Ce site web utilise un certain nombre de cookies pour gérer, par exemple, les sessions utilisateurs.

Login Form