My site has been sabotaged
Moderator: General Moderators
My site has been sabotaged
I bought a script, and i guess it wasnt protected. I had been busy and hadnt check in on the page in a month and i saw that there was an unusually high ammount of incorrect log-ins. Log story short, when someone is trying to register, instead of going to the form processing script, it tries to log the person in, instead of adding the profile. I tried renaming the scripts so that the correct script was accessed, and renamed the verify login script to login_check.php, and when i tried to register, it looked for the new file login_check.php. I figured this wasnt an error, as i looked at the code, and on a service level it shows it is supposed to call the right script. Please help me, i need to get my site back up If you need to look at the scripts please contact me via pm, as i dont want to post it on here. Thanks again in advance for your help.
- feyd
- Neighborhood Spidermoddy
- Posts: 31559
- Joined: Mon Mar 29, 2004 3:24 pm
- Location: Bothell, Washington, USA
Do you have the original files? Have you compared them to the currently live files? Since you paid for this script you may want to contact the author.
If there is no direct vulnerability in the software, then it is likely that your files were compromized through the server itself via a different user account or even your own. It's difficult to say without knowing far more detail.
If there is no direct vulnerability in the software, then it is likely that your files were compromized through the server itself via a different user account or even your own. It's difficult to say without knowing far more detail.
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
- Ambush Commander
- DevNet Master
- Posts: 3698
- Joined: Mon Oct 25, 2004 9:29 pm
- Location: New Jersey, US
I am able to post all the code, but i have no idea where to even begin, i have looked over the code and didnt see any red flags, but i am by no means an average programer, i would be a novice at best. I have been told that the script is vulnerable to sql injection because the varables are not escaped. So on the other thread (I mistakenly thought i had posted orginally in the wrong forum and tried in what i thought was right) I posed the question.
Based on what i read from a page give by another member about escaping should i make the following changes?
To
However the other thread got to be more about how i posted the code wrong, which is cool because i want to follow the rules. But my question never was answered. If its neccessery i can post all the code I need to. Thanks for all your help
Based on what i read from a page give by another member about escaping should i make the following changes?
Code: Select all
$exista=@mysql_query("select * from models where user='$user' or email='$email'");To
Code: Select all
$exista=@mysql_query("select * from models where user='$user' or email='$email'",
mysql_real_escape_string($user),
mysql_real_escape_string($password));- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
Ok, no more thread floating. There was considerable discussion in the other thread about what you are going through. The question you just asked above should have gone in that thread. I would suggest we stop using this thread as a discussion platform for your code's vulnerabilities and move the entire conversation back into the other thread. Please.
I posted that question in the other forum, and as i sated when i posted it here, the other forum switched focus from my question to how i didnt follow the rules and my question was ignored. I wasnt trying to thread float just wanted an answer. But dont worry, I this will be my last post and also my last visit to this forum. I will find one that will asnwer my questions instead of just bashing me for screwing up. I have no problem being told that i messed up, but it seems like no one will shut up about it now and i got the point a while ago. I picked this thread to continue my question as it wasnt bloated with my screw up. If the mods didnt want a double thread they should have closed one of them. I regret that i am losing out on a good resourse, but if i can get the help that it offers what am i really losing. While i no that not everyone here, probably just a handful, is to blame, however those people need to grow up and stop professing their superiority.
- Maugrim_The_Reaper
- DevNet Master
- Posts: 2704
- Joined: Tue Nov 02, 2004 5:43 am
- Location: Ireland
I feel like floating a third...
Use the first version of the query, but something like:
This creates a new array of "escaped" values while leaving the originals untouched. Everything in the $sql array must be escaped so it's an easy way to disinguish between raw data ($user) and escaped data ($sql['user']).
When posting to the forums, we try to keep the rules enforced. It's not meant to come across as unfriendly at all. Stick around a bit longer and you'll see we're not an intolerable unfriendly bunch
.
Use the first version of the query, but something like:
Code: Select all
$sql = array();
$sql['user'] = mysql_real_escape_string($user);
$sql['email'] = mysql_real_escape_string($email);
$exista=@mysql_query("select * from models where user='" . $sql['user'] . "' or email='" . $sql['email'] . "'");When posting to the forums, we try to keep the rules enforced. It's not meant to come across as unfriendly at all. Stick around a bit longer and you'll see we're not an intolerable unfriendly bunch
jolinar,
Well yes, i am sorta ashamed that i did pay for this code, not much but still more than i should have. The guy i bought it from was self thought, not be reading books or anything, just trying stuff out, so he says. I bought this about a year ago, when I didnt know anything about programming, not that i know alot now, and I have been burned. The one good thing about it is i can change and alter the code anyway i want. I just wonder upon a full review if there would be more lines that needed correcting then ones that were okay. Live and learn I guess.
Well yes, i am sorta ashamed that i did pay for this code, not much but still more than i should have. The guy i bought it from was self thought, not be reading books or anything, just trying stuff out, so he says. I bought this about a year ago, when I didnt know anything about programming, not that i know alot now, and I have been burned. The one good thing about it is i can change and alter the code anyway i want. I just wonder upon a full review if there would be more lines that needed correcting then ones that were okay. Live and learn I guess.
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
Just to clarify things a little bit, it is not anyone's intent to bash anyone or anyone's code. Your first post was appropriately placed in the PHP - Security forum. But there was not code in it for us to evaluate. The second post was placed in Coding Critique, which is where you put your code when you want others to tear into it to some degree. That is not a forum in which we expect to look at things like Security primarily (though we do when critiquing code). That forum is where we go to see how other peoples code can be improved. After a few repsonses it was placed into PHP - Security to be evaluated for Security instead of general coding technique.draco2317 wrote:I posted that question in the other forum, and as i sated when i posted it here, the other forum switched focus from my question to how i didnt follow the rules and my question was ignored. I wasnt trying to thread float just wanted an answer. But dont worry, I this will be my last post and also my last visit to this forum. I will find one that will asnwer my questions instead of just bashing me for screwing up. I have no problem being told that i messed up, but it seems like no one will shut up about it now and i got the point a while ago. I picked this thread to continue my question as it wasnt bloated with my screw up. If the mods didnt want a double thread they should have closed one of them. I regret that i am losing out on a good resourse, but if i can get the help that it offers what am i really losing. While i no that not everyone here, probably just a handful, is to blame, however those people need to grow up and stop professing their superiority.
If I (and this is only from me) did or said anything that was received by you as offensive, I apologize. But please realize we, as moderators and admins, have jobs to do here to make sure our forums run smoothly for everyone. I am not trying to excuse any potentially offensive behavior on my part. I am just offering an explanation of why we do the things we do here.
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
