|
You last visited: Today at 09:35
Advertisement
SQL injections
Discussion on SQL injections within the Fiesta Online forum part of the MMORPGs category.
06/28/2016, 09:30
|
#1
|
elite*gold: 31
Join Date: Jun 2011
Posts: 590
Received Thanks: 288
|
SQL injections
Hello,
I recently got my server up but there already has been a huge wave of SQL injections. Now before I'm gonna wipe my db for the 3rd time now, I was wondering if there's any way to stop people from injecting.
I'm currently running with these:
xArva's launcher
NanFS
IIS7.5 w/ PHP7
Thanks in advance,
LoLBoL
Verstuurd vanaf mijn SM-G900F met Tapatalk
|
|
|
06/28/2016, 09:34
|
#2
|
elite*gold: 32
Join Date: Dec 2015
Posts: 2,275
Received Thanks: 1,113
|
Which Scripts are u using?
You should first fixx the SQL-Injection themselv before u do anything.
|
|
|
06/28/2016, 10:45
|
#3
|
elite*gold: 31
Join Date: Jun 2011
Posts: 590
Received Thanks: 288
|
The 2012 php register page (was told this could cause it) and a login.php with external config. I was thinking about making an sql user with access only to account & token table but I'm not sure that will work.
Verstuurd vanaf mijn SM-G900F met Tapatalk
|
|
|
06/28/2016, 11:17
|
#4
|
elite*gold: 0
Join Date: Jul 2011
Posts: 1,138
Received Thanks: 350
|
Use PDO prepare Statements
|
|
|
06/28/2016, 11:21
|
#5
|
elite*gold: 294
Join Date: Sep 2013
Posts: 1,410
Received Thanks: 635
|
Show me the Website.
And I will tell you possible security issues.
If you are already using PDO, prepared Statements are easy to embedd.
If not, there are easy functions stored in classes to check every users Input.
I can provide u samples of mine.
I am using outdated mssql_ functions which are secured by my selfmade security classes and never had issues with injects.
aaaaaand now Most of those cool pro coders with bellys here are going to blame me now "menz noob why r u sing mssql_ instead of pdo blabla".
|
|
|
06/28/2016, 17:55
|
#6
|
elite*gold: 0
Join Date: Jan 2011
Posts: 1,697
Received Thanks: 615
|
Quote:
Originally Posted by LoLBoL
The 2012 php register page (was told this could cause it) and a login.php with external config. I was thinking about making an sql user with access only to account & token table but I'm not sure that will work.
Verstuurd vanaf mijn SM-G900F met Tapatalk
|
Register 2012 .... has no right escape string...buy the way the Register is shit
from 2012 right ?
PHP Code:
<?php ob_start('ob_gzhandler'); session_start(); include_once "config.php"; echo "<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'> <html> <head> <title>".$title."</title> <meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'> <link href='css/style.css' rel='stylesheet' type='text/css'> <script language='JavaScript' type='text/JavaScript'> <!-- function disabledBttn(formname) { if (document.all || document.getElementById) { for (i=0;i<formname.length;i++) { var bttn=formname.elements[i]; if(bttn.type.toLowerCase()=='submit' || bttn.type.toLowerCase()=='reset' || bttn.type.toLowerCase()=='button') bttn.disabled=true; } } } //--> </script> </head> <body leftmargin='0' topmargin='10' marginwidth='0' marginheight='0'> <table width='100%' height='100%' border='0' align='center' cellpadding='0' cellspacing='0'> <tr> <td> <table width='430' border='0' align='center' cellpadding='0' cellspacing='0'> <tr> <td><img src='imgs/fiesta_logo.png' alt='top' width='300' height='168'></td> </tr> <tr> <td style='font-size:5px'> </td> </tr> <tr> <td align='center' bgcolor='white' style='border-bottom: solid 1px #cecece; border-top: solid 1px #cecece; border-left: solid 1px #cecece; border-right: solid 1px #cecece' class='padding_all' </td> </tr> </table> <br> <table width='350' border='0' align='center' cellpadding='0' cellspacing='0'> <tr> <td align='center' bgcolor='white' style='border-bottom: solid 1px #cecece; border-top: solid 1px #cecece; border-left: solid 1px #cecece; border-right: solid 1px #cecece' class='padding_all'>"; if($_POST[action]!="signup") { echo "<form method='post' onSubmit='disabledBttn(this)' action=".$_SERVER[PHP_SELF]."?id=reg".$_SERVER[QUERY_STRING]."> <table width='100%' border='0' align='center' cellpadding='2' cellspacing='2'> <tr> <td colspan='2'><img src='imgs/signup.gif' alt='signup' width='162' height='9'></td> </tr> <tr> <td width='10%'>Username</td><td><input type='text' name='username' size='20' maxlength='10'></td> </tr> <tr> <td width='10%'>E-Mail</td><td><input type='text' name='email' size='20' maxlength='25'></td> </tr> <tr> <td>Password</td><td><input type='password' name='password' size='20' maxlength='15'></td> </tr> <tr> <td colspan='2' align='right'><input type='submit' value='register' class='button'> <input type='reset' value='clear' class='button'></td> </tr> </table> <input type='hidden' name='action' value='signup'> </form>"; } else { $required=array( "Username"=>$_POST[username], "E-Mail"=>$_POST[email], "Password"=>$_POST[password], ); for($i=0;$i<count($required);$i++) { list($key,$value)=each($required); if(!$value) echo "<b>$key</b> is required<br>"; else $chkArr[]=true; } function rand_string() { $chars = "123456789"; $size = strlen($chars); for($i = 0; $i < 5; $i++) { $str .= $chars[rand(0, $size - 1)]; } return $str; } if(count($chkArr)==count($required)) { $connection = odbc_connect( $connection_string, $user, $pass ); if(!$func->is_valid_string($_POST[username]) && !$func->is_valid_string($_POST[password])) { $usernameP=$_POST[username]; $query = "SELECT * FROM [OdinAccounts].[dbo].[tAccounts] WHERE [sUsername]='$usernameP'"; $q = odbc_exec($connection, $query); $qt = odbc_do($connection, $query); $i = 0; while(odbc_fetch_row($qt)) $i++; if($i>0) echo"<b>$_POST[username]</b>, is already taken!"; else { $query = "INSERT INTO [OdinAccounts].[dbo].[tAccounts] ([nEMID],[sUsername],[sUserPass],[sUserPassSalt],[sEmail],[nAuthID],[sIP]) VALUES('".rand_string()."','$_POST[username]','$_POST[password]','$_POST[password]','$_POST[email]','3','127.0.0.1')"; $q = odbc_exec($connection, $query); if($q) echo"Username, <b>$_POST[username]</b> has been registered!"; } } else echo"Please re-enter username and password, remove all special characters!"; } echo "<br><br><a href='".$_SERVER[PHP_SELF]."?id=back'>Return</a>"; } echo " </td> </tr> <tr> <td bgcolor='#7f7f7f'><font color='#FFFFFF'>".$copy."</font></td> </tr> </table> </td> </tr> </table> </body> </html>"; exit; ob_end_flush(); ?>
PHP Code:
function is_valid_string($string) { $cfgBadChars='`~!@#$%^&*()+-_=[]{};\'\\:"|,/<>? '; if (empty($string)) return true; for ($i = 0; $i < strlen($cfgBadChars); $i++): if (strstr($string, $cfgBadChars[$i])) return true; endfor; return false; }
|
|
|
07/02/2016, 01:55
|
#7
|
elite*gold: 1
Join Date: Jul 2008
Posts: 78
Received Thanks: 93
|
Use mysql_real_escape_string() for all Critical inputs.... so on php.net...
|
|
|
|
Similar Threads
|
Website auf Injections checken
02/16/2014 - Web Development - 11 Replies
Hallo,
wollte mal fragen ob mir einer meine Homepage auf SQL-Injections checken kann. Oder auf andere kritische Fehler, die einen Datenbank-Zugriff gewähren könnten.
http://gaming-stats.de
Und gibt es Methoden dies zu verhindern? Sich mehr abzusichern? Gibt es Methoden Injections zu 100% nicht zuzulassen?
Grüße :p
|
[Help]Injections and autorisations.
08/16/2013 - S4 League - 9 Replies
Yo.
I re-installed windows 7, and i had a problem :
Injections for S4Client.exe don't work, because of system autorisation.
I'm in administrator account, i have all rights normally, executed as admin, uninstalled anti-virus,but it still doesnt inject.
I tried faith injector undetected, it says "injection successful" but it's not true, nothing changes ingame.
I tried process hacker, it says "Unable to inject the DLL into S4Client.exe (PID 1384): because of injection conflits, it wasn't...
|
Protection against dll injections
07/23/2012 - Metin2 Private Server - 0 Replies
Hello , i play in a server that have protection agains dll injections , the ichigo-defender. The ichigo-defender close the metin window when i inject any dll file.
Does anybody know how to bypass this ?? the client have protection against injections trought logininfo.py. they changed the name on logininfo.py on the exe file , and they compiled and encripted the file.
if anybody could help me i would be very grateful :)
and sorry for my english , hope you understand everything
|
[Tutorial]SQL Injections
12/02/2009 - Dekaron Private Server - 4 Replies
Too much spam on PMs. Please close the thread.
|
[Discussion]Dll injections in Dragonica THQ
07/12/2009 - Dragonica - 9 Replies
So i've been playing around with dll injection in dragonica online, THQ*Ice server, and I've put together some basics. I'm learning this stuff too so don't expect me to be some expert.
This is a code i pieced together from other guides I have found throughout my friend, google.
#include <windows.h>
//Define variables
DWORD ThreadID;
float *zoom = (float*)0x012D4A10; //Offset for zoom
|
All times are GMT +2. The time now is 09:35.
|
|