vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 Programming Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=15)
-   -   How to Stop SQL Queries from hackers? (https://vborg.vbsupport.ru/showthread.php?t=258778)

Chad Warden 02-12-2011 05:44 PM
How to Stop SQL Queries from hackers?
 
Some guy keeps injecting random stuff into our root.
He recently injected a txt file that said "test.txt"

How are people doing this and how to stop things like this from happening?

vBarsiv 02-16-2011 12:30 AM
Well I understand there is a point. To solve this I'm all alone in first on the question mark in talking about the need to see the contents of the test.txt file. vbulletin sql injection system, usually being taken from search.php and index.php. CPU or ceiling, of course yaptırıyor pruning. pursuant to it can enter into the system.

briansol 02-16-2011 12:39 AM
if you're getting files, it's probably not SQL, but writable (chmod 777) directories.

Lynne 02-16-2011 02:10 AM
You should have taken a look at your access_logs from that day to see if it really is sql injection. Then, take a look at your server logs to see who is logging in to your server. This should be done the day it happens though since sometimes hosts don't keep this information around for long.


All times are GMT. The time now is 07:11 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01029 seconds
  • Memory Usage 1,706KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (4)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete