secure??
Printable View
secure??
not bad, keep it up ;)
have secure??
nice one, but for me the main post pic dont work (had to install it :grr:)
E: u shouldnt ask for secure things, its master scripts based (is master's scripts secured eh^^), its BETA.. if u want secured u have to make it yourself
Work Injected !
:|Control Panel Not Work
Simple Update For This Web
Use This Config :
C:/xampp/htdocs/[WEB]SQL_Injection.txtPHP Code:<?php
$ip = $_SERVER['REMOTE_ADDR'];
$time = date("l dS of F Y h:i:s A");
$script = $_SERVER[PATH_TRANSLATED];
$fp = fopen ("C:/xampp/htdocs/[WEB]SQL_Injecttxt", "a+");
$sql_inject_1 = array(";","'","%",'"'); #Whoth need replace
$sql_inject_2 = array("", "","","""); #To wont replace
$GET_KEY = array_keys($_GET); #array keys from $_GET
$POST_KEY = array_keys($_POST); #array keys from $_POST
$COOKIE_KEY = array_keys($_COOKIE); #array keys from $_COOKIE
/*begin clear $_GET */
for($i=0;$i<count($GET_KEY);$i++)
{
$real_get[$i] = $_GET[$GET_KEY[$i]];
$_GET[$GET_KEY[$i]] = str_replace($sql_inject_1, $sql_inject_2, HtmlSpecialChars($_GET[$GET_KEY[$i]]));
if($real_get[$i] != $_GET[$GET_KEY[$i]])
{
fwrite ($fp, "IP: $ip\r\n");
fwrite ($fp, "Method: GET\r\n");
fwrite ($fp, "Value: $real_get[$i]\r\n");
fwrite ($fp, "Script: $script\r\n");
fwrite ($fp, "Time: $time\r\n");
fwrite ($fp, "==================================\r\n");
}
}
/*end clear $_GET */
/*begin clear $_POST */
for($i=0;$i<count($POST_KEY);$i++)
{
$real_post[$i] = $_POST[$POST_KEY[$i]];
$_POST[$POST_KEY[$i]] = str_replace($sql_inject_1, $sql_inject_2, HtmlSpecialChars($_POST[$POST_KEY[$i]]));
if($real_post[$i] != $_POST[$POST_KEY[$i]])
{
fwrite ($fp, "IP: $ip\r\n");
fwrite ($fp, "Method: POST\r\n");
fwrite ($fp, "Value: $real_post[$i]\r\n");
fwrite ($fp, "Script: $script\r\n");
fwrite ($fp, "Time: $time\r\n");
fwrite ($fp, "==================================\r\n");
}
}
/*end clear $_POST */
/*begin clear $_COOKIE */
for($i=0;$i<count($COOKIE_KEY);$i++)
{
$real_cookie[$i] = $_COOKIE[$COOKIE_KEY[$i]];
$_COOKIE[$COOKIE_KEY[$i]] = str_replace($sql_inject_1, $sql_inject_2, HtmlSpecialChars($_COOKIE[$COOKIE_KEY[$i]]));
if($real_cookie[$i] != $_COOKIE[$COOKIE_KEY[$i]])
{
fwrite ($fp, "IP: $ip\r\n");
fwrite ($fp, "Method: COOKIE\r\n");
fwrite ($fp, "Value: $real_cookie[$i]\r\n");
fwrite ($fp, "Script: $script\r\n");
fwrite ($fp, "Time: $time\r\n");
fwrite ($fp, "==================================\r\n");
}
}
/*end clear $_COOKIE */
fclose ($fp);
?>
<?
error_reporting(E_ALL ^E_NOTICE ^E_WARNING);
$simple['connection'] = 'mssql';
$simple['localhost'] = '127.0.0.1';
$simple['dbhost'] = '127.0.0.1';
$simple['database'] = 'MuOnline';
$simple['dbuser'] = 'sa';
$simple['dbpassword'] = 'fuckmoney';
require("includes/simple.php");
?>
when you are injected this file resut :
Code:IP: 89.41.187.4
Method: POST
Value: \'\';shutdown;--
Script:
Time: Sunday 19th 2008f October 2008 02:49:48 AM
==================================
IP: 89.41.187.4
Method: POST
Value: \'\';shutdown;--
Script:
Time: Sunday 19th 2008f October 2008 02:49:48 AM
==================================
IP: 89.41.187.4
Method: POST
Value: \'\';shutdown;--
Script:
Time: Sunday 19th 2008f October 2008 02:49:48 AM
==================================
IP: 89.41.187.4
Method: POST
Value: \'\';shutdown;--
Script:
Time: Sunday 19th 2008f October 2008 02:49:48 AM
==================================
IP: 89.41.187.4
Method: POST
Value: \'\';shutdown;--
Script:
Time: Sunday 19th 2008f October 2008 02:49:48 AM
==================================
IP: 89.41.187.4
Method: POST
Value: \'\';shutdown;--
Script:
Time: Sunday 19th 2008f October 2008 02:49:48 AM
==================================
IP: 89.41.187.4
Method: POST
Value: \'\';shutdown;--
Script:
Time: Sunday 19th 2008f October 2008 02:49:48 AM
==================================
Anti Inject?is Secured?:-"
Maybe add some screenshot's ?
Is the security is good?
In this web not user controp panel ... Please add ..
(sorry for my bad english)
Web is without security ppl.
немогу замутитть новости помогитееее
ENG have problems withh edding news