LOLz! Speaking about copyright... :thumbup:
Printable View
LOLz! Speaking about copyright... :thumbup:
Quote:
Originally Posted by Hackzone
check out the sample i gaved.. there is a variable there.. that is used.. for testing the anti sql injection.. and it is sved into the log file
Fatal error: Call to a member function test() on a non-object in D:\MuReg\login.php on line 11
$query = "SELECT memb___id FROM MEMB_INFO WHERE memb___id='$login'";
$sql_inject->test($query); //line 11
$sql_username_check = mssql_query($query);
umn.. help?
me stupid or error in code?
Fuck U
help anyone?
Quote:
Originally Posted by StrEagle
Dude.. check the example.. u must put the Header Code on top of the page to Initialize the anti injection
Read the Example Properly
Hi John, its me again ^^
Maybe i am just plain dumb or whatever but i cant understand what to do with those lines of code.
Ok, i understand that i have to add some piece of code to the top of my page. Here's my first problem. WHICH PAGES??
Now i see, that you told us to use another piece of code to protect the sql query string, correct? Should i modify every single query string or what?
Sorry for these questions but i am really a php nooby so i need your help.
Cheers
//edit
I am using your MuSite Scripts 2.0
any pages.. that has a sql query involved.
better to be safe than sorry ..
found the problem:
$sql_inject->test($your_sql_data);
i copied the code before you had fixed it..
now it works
1-st day and already 1 attempt
gj
no, not allQuote:
Originally Posted by SubSonic
only those, in wich the queries use info entered from the user
if you can't make difference - put on all!
ill regularly post IP that attempted those.. u should to.. it is so funny to catch those hackers.. bahahahah!
my server is BG only, because my international connection is 10k..
so no point..
i have 2 bg hackers..
To joh_d,
I follow ur guide to each page of my websites, but unfortunately i got hacked,......... that's awful
When i meet the hacker, he said that he attacked by the SQL script hole....
Is there any solution for this kind of hacking
Can u help me? i will appreciate it very much.
waaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Isnt it easier to just check for string delimiters (') on string params and use intval on integer params ?
goood work john_d...very nice...
regards.shang ^_^
As we speak here about security, it would be useful to speak about crypting stored data at user's computer, for example cookie values. Because storing for example e-mail or login information it is a potential security hole. If not for server itself, but even for a player's account. Also this information may be used to execute sql injection. Any ideas?
That works good for 2 weeks hope no one hacks me >.<
1st. thing.. if u want to encrypt ur cookies.. in my mutoolz.. try getting the protector.php and get the two functions.
one is for exncrypting and other one is decrypting.. both use a hash method.. which is very difficult to crack if the hacker doesnt know ur hash or secret decode code.
2. Aramis.. to check of (') .. lolz.. who are u kidding.. people would just use html url decoded string like %20 or %27 which php will eventually convert back .
3. Marcus84, i believe it has nothing to do with the anti injection.. it will only protect against things u set it to protect.. try looking at ur website again.. and see if u left something.
ok... this script is great... it does it work but I have a problem with a page I created for password reseting:
here's the code:here's the file.inc.php:PHP Code:<?
include("file.inc.php");
if(!$_POST['pwd_change'])
{
?>
<form name="change_pass" method="post" action="<?$_SERVER['PHP_SELF']?>">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>Username:</td>
<td><input name="member" type="text" id="member"></td>
</tr>
<tr>
<td>Password:</td>
<td><input name="kodikos" type="password" id="pass"></td>
</tr>
<tr>
<td> </td>
<td><input name="pwd_change" type="submit" id="pwd_change" value="Change Pass!">
<input name="rst" type="reset" id="rst" value="Cancel"></td>
</tr>
</table>
</form>
<?
**
else
{
$sql = "SELECT * FROM MEMB_INFO WHERE memb___id = '".$_POST['member']."' OR 1=1";
$sqlinject->test($sql);
$result = @mssql_query($sql);
$num_rows = @mssql_num_rows($result);
if($num_rows <= 0)
{
echo 'No records found in database.<br>';
exit();
**
if(!$result)
{
echo 'Couldn\'t execute SELECT query<br>';
exit();
**
//$num_rows = mssql_num_rows($query);
$row = @mssql_fetch_array($result);
echo "<font style=\"font-family: tahoma, verdana, arial; font-size: 12px\">Password for <b>".$_POST['member']."</b>, is: <b>".$_POST['pass']."</b></font><br>";
$query = "UPDATE MEMB_INFO SET memb__pwd = '".$_POST['kodikos']."', memb___id = '".$_POST['member']."' WHERE memb___id = '".$_POST['member']."'";
$sqlinject->test($query);
$update = @mssql_query($query);
if(!$update)
{
echo 'Couldn\'t execute UPDATE query<br>';
**
mssql_close();
**
?>
at the first script you see that: $sql = "SELECT * FROM MEMB_INFO WHERE memb___id = '".$_POST['member']."' OR 1=1";??? The red letters are the injection since 1 is always equal to 1 so SQL shows all the results of your database. Now, what the injector scipt would normally do is to display another page istead of the page with all the dbase info, but it doesn't. It logs that someone injected into the database at the log file but it doesn't redirect the user to the page I specified. Instead it shows the page with the user name and pass that passed through the form. (And yes it changes the user name pass that was passed through the form).PHP Code:<?php
session_start();
require_once "sql_inject.php";
$bDestroy_session = TRUE;
$url_redirect = 'index.php';
$sqlinject = new sql_inject('./log_file_sql.log',$bDestroy_session,$url_redirect);
$dbhost = "localhost";
$dbuser = "some user";
$dbpass = "some pass";
$dbname = "MuOnline";
//connect database
$dbconn = @mssql_connect($dbhost, $dbuser, $dbpass);
if(!$dbconn)
{
echo 'Couldn\'t connect to database<br>';
**
mssql_close();
//select database name
$dbname = @mssql_select_db($dbname, $dbconn);
if(!$dbname)
{
echo 'Couldn\'t select database<br>';
**
mssql_close();
?>
Am I doing something wrong?
P.S: why this forum change all closing brackets to two asterisks? (**)
how it works is.. that.. if u type ur injection directly into the query, it doesnt stop it.. it just logs it.
It is kinda smart.. it detects u are the one who actually did the sql injection.. so wat u need to do is.. do wat all hackers do.. modify ur form and send the OR 1=1 (sample blah' OR 1=1 )something like that.
how it works is.. that.. if u type ur injection directly into the query, it doesnt stop it.. it just logs it.
It is kinda smart.. it detects u are the one who actually did the sql injection.. so wat u need to do is.. do wat all hackers do.. modify ur form and send the OR 1=1 (sample blah' OR 1=1 )something like that.
thats why on my sample.. i put a $_POST['variablename'] instead of a normal variable declaration..
on the side note.. u have no problem with POST and GET variables if u turn off register_global in php.ini that will stop anyone from making up new variables in the url and in the form.
but this is only site protection how can i protected my server from hacker. they are making exc items but hey are not gm :/ help me pls
I MUST WARN EVERY ONE, THAT THIS SCRIPT ISN'T STOPPING ALL KIND OF SQL INJECTIONS.
If you use it, every middle knowledge programmer may hack your site. Source need to be corrected in some places. My opinion is that the biggest hole that script isn't checking bare words (select, update,...) of the variables, because we may pass protection for all above methods of checking but words are words you can't pass them.
well if u can hack my website dude.. ill give u a medal. :) all im using is that script