SQL Injection Fix (HELP)

11/09/2018 16:59 bmfuxia#1
Anyone know a fix of SQL DDOS attack, where DB gets deleted without a trace in logs?
11/09/2018 19:47 {Skrillex}#2
Hi,
DDOS (Disturbed Denial Of Service) has nothing todo with deleted databases.
Maybe you are using PHP-Files with unescaped user input.
To find a fix you need to find out how to escape or post your files here.

Regards
11/12/2018 16:29 nephren#3
Exactly. DDoS as mentioned comes from more than 1 machine, who sending a lot of requests until your Server cannot handle it anymore.

A deleted Database comes from SQL Injection, where at least 1 vulnerable code allows a Attacker to bypass your credentials or leak them and connect or delete.


SQL = Malicious Code Snippets
DDoS = Attack trough requests with Network
11/12/2018 17:00 bmfuxia#4
thanks for clarrying guys
11/18/2018 09:47 {Skrillex}#5
Stop making ads for another forum.

Now i tell how to fix SQL-Injection

First of all you need to put the escape function into a PHP File which is includet into all of your scripts. Best way is the php file where your database connection is.

Escape Function:
Code:
function ms_escape($data) { 
	if(!isset($data) or empty($data)) return '';
	if(is_numeric($data)) return $data;
	$non_displayables = array(
		'/%0[0-8bcef]/',			// url encoded 00-08, 11, 12, 14, 15
		'/%1[0-9a-f]/',				// url encoded 16-31
		'/[\x00-\x08]/',			// 00-08
		'/\x0b/',					// 11
		'/\x0c/',					// 12
		'/[\x0e-\x1f]/'				// 14-31
	);
	foreach($non_displayables as $regex)
		$data = preg_replace($regex,'',$data);
		$data = str_replace("'","''",$data);
	return $data;
}
Know you are able to use escape functon.

Now an example.

Code:
"SELECT* FROM [PS_UserData].[dbo].[Users_Master] WHERE [UserID] = $_POST['userid'];"
With this query a "hacker" is able to inject some bad code.

The fixxed way should be like this:
Code:
$userid = ms_escape($_POST['userid']);
Code:
"SELECT* FROM [PS_UserData].[dbo].[Users_Master] WHERE [UserID] = $UserID;"
I know that the SQL-Querys which i postet have a syntax error. With a bit of PHP experience you should be able to fix it.

Regards
12/04/2018 20:23 wurstbrot123#6
Also be sure your PS Login has the Injection Exploit on Loginpacket fixed