Anti Injection Register.php by Johny XD!

[Johnatan28]

<?php
$ip = $_SERVER['REMOTE_ADDR'];
$time = date("l dS of F Y h:i:s A");
$script = $_SERVER[PATH_TRANSLATED];
$fp = fopen ("[WEB]SQL_Injection.txt", "a+");
$sql_inject_1 = array(";","'","%",'"'); #Whoth need replace
$sql_inject_2 = array("", "","","&quot;"); #To wont replace
$GET_KEY = array_keys($_GET); #array keys from $_GET
$POST_KEY = array_keys($_POST); #array keys from $_POST
$COOKIE_KEY = array_keys($_COOKIE); #array keys from $_COOKIE
/*begin clear $_GET */
for($i=0;$i<count($GET_KEY);$i++)
{
$real_get[$i] = $_GET[$GET_KEY[$i]];
$_GET[$GET_KEY[$i]] = str_replace($sql_inject_1, $sql_inject_2, HtmlSpecialChars($_GET[$GET_KEY[$i]]));
if($real_get[$i] != $_GET[$GET_KEY[$i]])
{
fwrite ($fp, "IP: $ip\r\n");
fwrite ($fp, "Method: GET\r\n");
fwrite ($fp, "Value: $real_get[$i]\r\n");
fwrite ($fp, "Script: $script\r\n");
fwrite ($fp, "Time: $time\r\n");
fwrite ($fp, "==================================\r\n");
}
}
/*end clear $_GET */
/*begin clear $_POST */
for($i=0;$i<count($POST_KEY);$i++)
{
$real_post[$i] = $_POST[$POST_KEY[$i]];
$_POST[$POST_KEY[$i]] = str_replace($sql_inject_1, $sql_inject_2, HtmlSpecialChars($_POST[$POST_KEY[$i]]));
if($real_post[$i] != $_POST[$POST_KEY[$i]])
{
fwrite ($fp, "IP: $ip\r\n");
fwrite ($fp, "Method: POST\r\n");
fwrite ($fp, "Value: $real_post[$i]\r\n");
fwrite ($fp, "Script: $script\r\n");
fwrite ($fp, "Time: $time\r\n");
fwrite ($fp, "==================================\r\n");
}
}
/*end clear $_POST */
/*begin clear $_COOKIE */
for($i=0;$i<count($COOKIE_KEY);$i++)
{
$real_cookie[$i] = $_COOKIE[$COOKIE_KEY[$i]];
$_COOKIE[$COOKIE_KEY[$i]] = str_replace($sql_inject_1, $sql_inject_2, HtmlSpecialChars($_COOKIE[$COOKIE_KEY[$i]]));
if($real_cookie[$i] != $_COOKIE[$COOKIE_KEY[$i]])
{
fwrite ($fp, "IP: $ip\r\n");
fwrite ($fp, "Method: COOKIE\r\n");
fwrite ($fp, "Value: $real_cookie[$i]\r\n");
fwrite ($fp, "Script: $script\r\n");
fwrite ($fp, "Time: $time\r\n");
fwrite ($fp, "==================================\r\n");
}
}

/*end clear $_COOKIE */
fclose ($fp);
?>
<?php
ini_set('display_errors', 0);
$connection = mssql_connect('WINDOWS\SQLEXPRESS', 'sa', '2870898'); //Change YOURHOST and YOURPASSWORD

if(!connection || !mssql_select_db('ACCOUNT_DBF', $connection))
{
die('Unable to connect or select database!');
}

$checkusername = $_POST['Username'];
$query = mssql_query("SELECT account FROM ACCOUNT_TBL WHERE account = '$checkusername'");
$result = mssql_fetch_row($query);

if(isset($_POST['submit'])){
if($_POST['Username'] == ""){
$error = '<font color="red">Please enter a username.</font>';
}
else if($result[0] == $checkusername){
$error = '<font color="red">This username already exists. Please choose another one.</font>';
}
else if($_POST['Password'] == ""){
$error = '<font color="red">Please enter a password.</font>';
}
else if($_POST['Password2'] == ""){
$error = '<font color="red">You did not repeat your password.</font>';
}
else if($_POST['Password'] != $_POST['Password2']){
$error = '<font color="red">Passwords do not match.</font>';
}
else if($_POST['birthday'] == ""){
$error = '<font color="red">Please enter your birthday.</font>';
}
else if($_POST['mail'] == ""){
$error = '<font color="red">Please enter your e-mail adress.</font>';
}
else{
$password = md5('kikugalanet' . $_POST['Password']);
$stmt = mssql_init('webCreateAcc', $connection);
mssql_bind($stmt, '@account', $checkusername, SQLVARCHAR, false, false, 15);
mssql_bind($stmt, '@password', $password, SQLVARCHAR, false, false, 36);
mssql_bind($stmt, '@birthday', $_POST['birthday'], SQLVARCHAR, false, false, 120);
mssql_bind($stmt, '@email', $_POST['mail'], SQLVARCHAR, false, false, 120);
mssql_execute($stmt) or die ("Could not complete the registration. Please try again.");
mssql_free_statement($stmt);
$error = '<font color="green">Registration complete!</font>';
}
}

echo '<form action="register.php" method="post">';
echo 'Login:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="text" name="Username" /><br /><br />';
echo 'Contraseña:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="password" name="Password" /><br /><br />';
echo 'Repita Contraseña: <input type="password" name="Password2" /><br /><br />';
echo 'Cumpleaños: &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="text" name="birthday" /><br /><br />';
echo 'E-mail: &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="text" name="mail" /><br />';
echo '<input type="submit" name="submit" value="Registrar" />';
echo '</form>';
echo $error;

?>

Buenas, Este es solo un TEST server, despues finalizadas las pruebas se borraran todas las cuentas, Dentro del juego se les dara soporte.
Por favor le pedimos paciencia a todos los usuarios

P.D: I don't remember who made the code.. I took it from a webpage (release section)

just post the name in a post and I'll add the credits ^^

P.D: I don't tested it, and can anybody tell me is a good code?

[MentaL]

[Katsuro]

I think you may be missing a file or two.

[caja]

First nice code

Now here you write

$fp = fopen ("[WEB]SQL_Injection.txt", "a+");

Here you open a file called [WEB]SQL_Injection.txt and this a+ for read and writting, but you didn't post that .txt

And lol

Buenas, Este es solo un TEST server, despues finalizadas las pruebas se borraran todas las cuentas, Dentro del juego se les dara soporte.
Por favor le pedimos paciencia a todos los usuarios

[ctby23]

can u tell to me for what is this injection? :D

[caja]

can u tell to me for what is this injection? :D

It's Anti-Injection

It's for no SQL injection, that it's for change the operation that do another code

[theunreal]

So, You fightning with my SQL INJECTION guide? :D

[Mohanddo]

If you took the code from a webpage, its not exactly 'by Johny' then is it? ...

[ctby23]

anyone can tell me for what is anti-injection clearly? tnx

But tnx for answering caja

[caja]

anyone can tell me for what is anti-injection clearly? tnx

But tnx for answering caja

A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. SQL injection attacks are a type of injection attack, in which SQL commands are injected into data-plane input in order to effect the execution of predefined SQL commands.

* SQL injection attacks allow attackers to spoof identity, tamper with existing data, cause repudiation issues such as voiding transactions or changing balances, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and become administrators of the database server.
* SQL Injection is very common with PHP and ASP applications due to the prevalence of older functional interfaces. Due to the nature of programmatic interfaces available, J2EE and ASP.NET applications are less likely to have easily exploited SQL injections.
* The severity of SQL Injection attacks is limited by the attacker’s skill and imagination, and to a lesser extent, defense in depth countermeasures, such as low privilege connections to the database server and so on. In general, consider SQL Injection a high impact severity.


Clear?

[spikensbror]

That's way to ineffecient and complicated...
Why not just make a general function that parses the sql code.
Then just parse it, then send it to the procedure.

[Masius]

That's way to ineffecient and complicated...
Why not just make a general function that parses the sql code.
Then just parse it, then send it to the procedure.

best post in this thread.

[Johnatan28]

caja xd the [WEB]SQL_Injection.txt its create automatically xd

[spikensbror]

Also, this script could be considered illegal in some countries due to it logging IP.
And even more illegal since the log file is openly available to everyone.

In some countries, the IP is as highly considered as your ID or your credit-card number.

[Organic]

So, You fightning with my SQL INJECTION guide? :D

stupid nabcake.
No servers worth sql injecting use Caali's files anymore, go failmoar.

[ctby23]

A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. SQL injection attacks are a type of injection attack, in which SQL commands are injected into data-plane input in order to effect the execution of predefined SQL commands.

* SQL injection attacks allow attackers to spoof identity, tamper with existing data, cause repudiation issues such as voiding transactions or changing balances, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and become administrators of the database server.
* SQL Injection is very common with PHP and ASP applications due to the prevalence of older functional interfaces. Due to the nature of programmatic interfaces available, J2EE and ASP.NET applications are less likely to have easily exploited SQL injections.
* The severity of SQL Injection attacks is limited by the attacker’s skill and imagination, and to a lesser extent, defense in depth countermeasures, such as low privilege connections to the database server and so on. In general, consider SQL Injection a high impact severity.


Clear?

Tnx for answerig clearly caja....

[Mootie]

Doesn't look efficient or 100% effective. Don't forget to filter out hex(Probably need to parse the hex before the filter). <:

Logging should be a function not a long string of code like that. Spike is right about the parsing the input data and then simply putting it into a stored procedure.

I thinks the nabbs at OSFlyFF could use something like this, but better. :3

[Masius]

Doesn't look efficient or 100% effective. Don't forget to filter out hex(Probably need to parse the hex before the filter). <:

Logging should be a function not a long string of code like that. Spike is right about the parsing the input data and then simply putting it into a stored procedure.

I thinks the nabbs at OSFlyFF could use something like this, but better. :3

I take that as a challenge

[Mootie]

I take that as a challenge

You coded that reg? ';shutdown;-- kk. Nice quick sql injection test. Be very careful with the user input. It's possible to sql inject through IP forging if done properly(Example).

[Organic]

You coded that reg? ';shutdown;-- kk. Nice quick sql injection test. Be very careful with the user input. It's possible to sql inject through IP forging if done properly(Example).

Masius didn't write that, nabcakes.
go back to buying cp with donations. D8<

[Johnatan28]

hey the code is good or no? xd

I a good idea have the code in my register? xd

[spikensbror]

Just don't use it, it will hog on your apache server.

[Mootie]

Masius didn't write that, nabcakes.
go back to buying cp with donations. D8<

CP is my word. Gief or gtfo.