smartfoxserver.com

SmartFoxServer support forums
https://smartfoxserver.com/forums/

Server Attacks Malformed XML Requests

https://smartfoxserver.com/forums/viewtopic.php?f=1&t=24056

Page 1 of 1

Server Attacks Malformed XML Requests

Posted: 08 Jan 2021, 01:26
by ruru
My SmartFoxServer freeze after receiving message like this

Code: Select all

[ INFO ][ SmartFoxServer.readIncomingMessages ] { DATA IN } : <!DOCTYPE vpruvbyo PUBLIC "help" "http://62.122.201.246/vpruvbyo.dtd">
[ WARNING ][ SmartFoxServer.dispatchEvent ] Malformed XML request, MSG: <!DOCTYPE vpruvbyo PUBLIC "help" "http://62.122.201.246/vpruvbyo.dtd">
 From: /90.146.16.34
[ WARNING ][ SmartFoxServer.dispatchEvent ] Disconnecting: java.nio.channels.SocketChannel[connected local=/206.189.33.199:5588 remote=/90.146.16.34:59448]
[ INFO ][ SmartFoxServer.readIncomingMessages ] { DATA IN } : <!DOCTYPE mzytdjmrck PUBLIC "help" "http://187.94.16.59/mzytdjmrck.dtd">
[ FINE ][ SmartFoxServer.lostConnectionTask ] User [ java.nio.channels.SocketChannel[closed] ] removed
[ WARNING ][ SmartFoxServer.dispatchEvent ] Malformed XML request, MSG: <!DOCTYPE mzytdjmrck PUBLIC "help" "http://187.94.16.59/mzytdjmrck.dtd">
 From: /90.146.16.34
[ WARNING ][ SmartFoxServer.dispatchEvent ] Disconnecting: java.nio.channels.SocketChannel[closed]
[ INFO ][ SmartFoxServer.readIncomingMessages ] { DATA IN } : <!DOCTYPE vyyledsfs PUBLIC "help" "http://178.150.237.198/vyyledsfs.dtd">
[ FINE ][ SmartFoxServer.lostConnectionTask ] User [ java.nio.channels.SocketChannel[closed] ] removed
[ WARNING ][ SmartFoxServer.dispatchEvent ] Malformed XML request, MSG: <!DOCTYPE vyyledsfs PUBLIC "help" "http://178.150.237.198/vyyledsfs.dtd">
 From: /168.181.121.195
[ WARNING ][ SmartFoxServer.dispatchEvent ] Disconnecting: java.nio.channels.SocketChannel[closed]
[ INFO ][ SmartFoxServer.readIncomingMessages ] { DATA IN } : <!DOCTYPE zthlitlae PUBLIC "help" "http://220.247.174.237/zthlitlae.dtd">
[ FINE ][ SmartFoxServer.lostConnectionTask ] User [ java.nio.channels.SocketChannel[closed] ] removed


I was already upgrade to SmartFoxServer Pro 1.6.20 patch it says can fix malformed xml but its still crashing the server, and when the attack stopped server will back to normal.

Re: Server Attacks Malformed XML Requests

Posted: 08 Jan 2021, 08:58
by Lapo
Hi,
the XML data doesn't look like it can cause any harm. Maybe the problem is that your server is under a spam/DDoS attack, meaning that someone is bombarding the server with lots of garbage requests, slowing down or blocking the server.

If this is the case you should see hundreds of those requests in the log files.
Is this correct?

Thanks

Re: Server Attacks Malformed XML Requests

Posted: 08 Jan 2021, 17:15
by ruru
Hello, thanks for the response.

I was try to simulate spam xml packets like that using python to smartfoxserver port and yes when the server received just 1 xml malformed request my smartfoxserver still can run normal, but when its more than 2 xml malformed received my smartfoxserver is freeze.

I set my save logs and console logs to FINEST its showing not much malformed xml request message because the server is really freeze, i can't open the admintools too when the server get attacked.

Re: Server Attacks Malformed XML Requests

Posted: 11 Jan 2021, 09:44
by Lapo
Please,
send us the code you're using to cause the issue and we'll look into it.

You can zip and send to our support@... email box with a reference to this thread.
Thanks

Re: Server Attacks Malformed XML Requests

Posted: 12 Jan 2021, 10:11
by ruru
I already send to smartfoxserver support email.

Re: Server Attacks Malformed XML Requests

Posted: 14 Feb 2021, 14:22
by AxelDeath
Could you give me that packet you made?
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/