vb.org Archive
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB4 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=251)
-   -   How do I test for SQL Injection (https://vborg.vbsupport.ru/showthread.php?t=326655)

Max Taxable 11-10-2018 08:58 PM
He posted two, complete queries. Looks like you posted only part of the first one.

The queries are:
HTML Code:
SELECT title, phpcode, hookname, product FROM plugin WHERE phpcode LIKE '%base64%' OR phpcode LIKE '%exec%' OR phpcode LIKE '%system%' OR phpcode like '%pass_thru%' OR phpcode like '%iframe%';
And:
HTML Code:
SELECT styleid, title, template FROM template WHERE template LIKE '%base64%' OR template LIKE '%exec%' OR template LIKE '%system%' OR template like '%pass_thru%' OR template like '%iframe%';
Try them one at a time.

Scalemotorcars 11-10-2018 09:03 PM
Tried that also. Im the super admin so thats not it. aLSO TRIED IN THE sql OF PHPMyAdmin. Same result

This is the complete error I get trying either one.

Code:
An error occurred while attempting to execute your query. The following information was returned.
error number: 1146
error desc: Table 'REDACTED_forum.plugin' doesn't exist
Code:
An error occurred while attempting to execute your query. The following information was returned.
error number: 1146
error desc: Table 'REDACTED_forum.template' doesn't exist
And thanks for the help I really appreciate it.

Max Taxable 11-10-2018 09:06 PM
Quote:
error desc: Table 'p16t2ugb_forum.plugin' doesn't exist
I have no idea at all why it's trying to query that table, it's not called for in either query.

Need the guy who posted the queries to chime in, I may be mistaken what exactly it is he posted there. LOOKS like queries, might not be though.

Sorry i haven't been able to help you so far.

Scalemotorcars 11-10-2018 09:17 PM
Ok I added my prefix to the query and it worked. I got 3 pages of results just for the Plugin query.

Now what?

Max Taxable 11-10-2018 09:27 PM
Quote:
Originally Posted by Scalemotorcars (Post 2597326)
Ok I added my prefix to the query and it worked. I got 3 pages of results just for the Plugin query.

Now what?
No idea. Can't be good though.

snakes was online today, maybe he will chime in.

Scalemotorcars 11-10-2018 09:30 PM
So like I said I got the plugin query to work and got 42 results. (cant get the template one to work)

Anway

Maybe reinstall the plugins affected with overwriting enabled. That would change the code but not sure about the DB.

Thanks again.
Daniel

snakes1100 11-11-2018 10:40 AM
Well the 2 queries i gave you just pull the data from those tables, the results you can match to a default/clean install on a dev site for example.

Scalemotorcars 11-11-2018 04:10 PM
Now if I only had a dev site. :(

snakes1100 11-11-2018 04:36 PM
Those queries will only show you results that contain the keywords outlined base64 etc

Brandon Sheley 11-13-2018 10:09 AM
Quote:
Originally Posted by Scalemotorcars (Post 2597326)
Ok I added my prefix to the query and it worked. I got 3 pages of results just for the Plugin query.

Now what?
You can try searching one at a time

SELECT title, phpcode, hookname, product FROM plugin WHERE phpcode LIKE '%base64%';

SELECT title, phpcode, hookname, product FROM plugin WHERE phpcode LIKE '%iframe%';

What do you see with just this part of the command?
Any odd plugins that you don't remember adding?
A screenshot would help us, but really if your site was compromised, it's wise to have someone who knows what they're doing on board.


All times are GMT. The time now is 06:28 AM.
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06145 seconds
  • Memory Usage 1,739KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_code_printable
  • (2)bbcode_html_printable
  • (3)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete