i want to know how they do php script injection by site?what tool can use to do this?and how to avoid from this?i hope some of you guys can help me with this..you can email me too
//Mod edit to remove email address to protect from spamming.
Full Version: Php Script Injection By Site
Hi Darklight,
Are you saying that you have gone to a web site that injected a PHP script into your PC that did some damage to your machine and that you want to know what tool those crooks used to do that to you so that you can do it back to them and keep them from doing it to you again?
If you want people to Email you about this you should ask them to use the 'reply by PM' feature instead of posting your actual email address because as you see a Moderator will come along and take your email address off of the post for security reasons.
Wendy
Are you saying that you have gone to a web site that injected a PHP script into your PC that did some damage to your machine and that you want to know what tool those crooks used to do that to you so that you can do it back to them and keep them from doing it to you again?
If you want people to Email you about this you should ask them to use the 'reply by PM' feature instead of posting your actual email address because as you see a Moderator will come along and take your email address off of the post for security reasons.
Wendy
yah its like that..but its not in my PC its in our site..i suspect they inject php script to have access to a part of the site to edit their character in a game..can someone help me with this?how they do that and how can we avoid this?PM me..thanks..
Hi Darklight,
OK so do you own the site that you're talking about? Or is it like on a server that you operate? I'm not a techie or anything like that but the reason that I'm asking is because I've been racking my brain for the past couple of weeks trying to get a server setup and I've ran into several things that are security related.
I know that there are settings in MySQL and phpMyAdmin that have to be set so that unauthorized knuckle heads can't get in and change anything without you knowing about it.
It kind of sounds to me like you already have a suspission as to 'Who' did the PHP script injection that you're talking about so why don't you just bann them from the site?
If its your server can't you check into your log and find out what they did and maybe undo it? And close whatever security hole allowed them to get in?
Sorry I couldn't be of more help Boo.
Wendy
OK so do you own the site that you're talking about? Or is it like on a server that you operate? I'm not a techie or anything like that but the reason that I'm asking is because I've been racking my brain for the past couple of weeks trying to get a server setup and I've ran into several things that are security related.
I know that there are settings in MySQL and phpMyAdmin that have to be set so that unauthorized knuckle heads can't get in and change anything without you knowing about it.
It kind of sounds to me like you already have a suspission as to 'Who' did the PHP script injection that you're talking about so why don't you just bann them from the site?
If its your server can't you check into your log and find out what they did and maybe undo it? And close whatever security hole allowed them to get in?
Sorry I couldn't be of more help Boo.
Wendy
im just a moderator there..its a site of online game..they access that site to edit their character that is not allowed..we've already block their IP..but i want to know except blocking their IP how can we protect our site from that?even we block them they can find and use other PC to do what they want i dont want to wait the time they gonna make big problem on our site..pls help me..can you teach me how to do php script injection and block this kind of thing?
Rewrite the php code to make it more secure. I know this is not
the answer you are looking for, but as long as crappy PHP code
exists PHP injection will exist.
A quick search for "php injection" at securiteam turns up 18 exploits.
If it's a Nuke site (postnuke, phpnuke) you can use Nuke Sentinal or
Admin Secure. Hope that helps.
the answer you are looking for, but as long as crappy PHP code
exists PHP injection will exist.
A quick search for "php injection" at securiteam turns up 18 exploits.
If it's a Nuke site (postnuke, phpnuke) you can use Nuke Sentinal or
Admin Secure. Hope that helps.
Hi Darklight,
Yep that could cause you lots of troubles. Here's a page with lots of stuff about how to keep it from happening again.
Hope some of that helps.
Wendy
Yep that could cause you lots of troubles. Here's a page with lots of stuff about how to keep it from happening again.
Hope some of that helps.
Wendy
Hi darklight, Here is a link to an SPI Dynamics whitepaper (.pdf direct link):
http://www.google.com.au/url?sa=t&ct=r...3s6qO8Be2TYBGCA
I devour any whitepaper or webcast these guys release so i am a bit biased towards them, sorry. It might be more than you wanted to know but it's worth the read if you are interested in security, and the more people that know how to build secure web apps the better. Raw has stated the best option, rewrite and test, rewrite and test........... oh and research.......
Also, while i agree that IP blocking is usefull, it doesn't cover users with dynamic IP addresses, reset your internet session and you have another address
leaving someone else blocked, security versus functionality strikes again. I don't this problem can ever be truly solved. I may be wrong though, i have been many, many times before.
Cheers, Lucent.
http://www.google.com.au/url?sa=t&ct=r...3s6qO8Be2TYBGCA
I devour any whitepaper or webcast these guys release so i am a bit biased towards them, sorry. It might be more than you wanted to know but it's worth the read if you are interested in security, and the more people that know how to build secure web apps the better. Raw has stated the best option, rewrite and test, rewrite and test........... oh and research.......
Also, while i agree that IP blocking is usefull, it doesn't cover users with dynamic IP addresses, reset your internet session and you have another address
leaving someone else blocked, security versus functionality strikes again. I don't this problem can ever be truly solved. I may be wrong though, i have been many, many times before.Cheers, Lucent.
thank you all guys..ill try what you gave to me..
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.