thryb Posted September 28, 2007 Share Posted September 28, 2007 Anyone know a software or something else to test your webpage for exploit and stuff? So its "kinda" secure ? I see people in the Beta test center comming with all those bugs from websites, do they test them by hand or with some software ? Thanks in advance! Quote Link to comment https://forums.phpfreaks.com/topic/71052-php-exploit-bug-sql-injection-tester/ Share on other sites More sharing options...
darkfreaks Posted September 28, 2007 Share Posted September 28, 2007 lol by experience. i could help ya secure your script. Quote Link to comment https://forums.phpfreaks.com/topic/71052-php-exploit-bug-sql-injection-tester/#findComment-357218 Share on other sites More sharing options...
thryb Posted September 28, 2007 Author Share Posted September 28, 2007 naw, its not that I need to secure it right now, still in alpha phase. But Id like to know if there is something we can find as a first mesure before betaing it Quote Link to comment https://forums.phpfreaks.com/topic/71052-php-exploit-bug-sql-injection-tester/#findComment-357498 Share on other sites More sharing options...
Psycho Posted September 28, 2007 Share Posted September 28, 2007 Good programming standards is key. For example when doing ANY database queries with user input I always run the variables through a function to make them database safe. As long as I do that consistently it will prevent QL injection. Quote Link to comment https://forums.phpfreaks.com/topic/71052-php-exploit-bug-sql-injection-tester/#findComment-357522 Share on other sites More sharing options...
darkfreaks Posted September 28, 2007 Share Posted September 28, 2007 mysql_real_escape_string also helps escape injection Quote Link to comment https://forums.phpfreaks.com/topic/71052-php-exploit-bug-sql-injection-tester/#findComment-357532 Share on other sites More sharing options...
Psycho Posted September 28, 2007 Share Posted September 28, 2007 mysql_real_escape_string also helps escape injection That's what I include in my function. Quote Link to comment https://forums.phpfreaks.com/topic/71052-php-exploit-bug-sql-injection-tester/#findComment-357536 Share on other sites More sharing options...
darkfreaks Posted September 28, 2007 Share Posted September 28, 2007 well your pretty safe as far as SQL injection then also strip_tags helps Quote Link to comment https://forums.phpfreaks.com/topic/71052-php-exploit-bug-sql-injection-tester/#findComment-357538 Share on other sites More sharing options...
thryb Posted September 29, 2007 Author Share Posted September 29, 2007 oki I use eral escape all the time to be safe, will look at strip_tags thanks for your answers! Quote Link to comment https://forums.phpfreaks.com/topic/71052-php-exploit-bug-sql-injection-tester/#findComment-357626 Share on other sites More sharing options...
darkfreaks Posted September 29, 2007 Share Posted September 29, 2007 strip tags will remove all HTML and PHP code unless you specify otherwise. Quote Link to comment https://forums.phpfreaks.com/topic/71052-php-exploit-bug-sql-injection-tester/#findComment-357627 Share on other sites More sharing options...
darkfreaks Posted September 29, 2007 Share Posted September 29, 2007 also i got a function for XSS attacks if you want its a freesource code i found for my stuff. <?php function RemoveXSS($val) { // remove all non-printable characters. CR(0a) and LF(0b) and TAB(9) are allowed // this prevents some character re-spacing such as <java\0script> // note that you have to handle splits with \n, \r, and \t later since they *are* allowed in some inputs $val = preg_replace('/([\x00-\x08][\x0b-\x0c][\x0e-\x20])/', '', $val); // straight replacements, the user should never need these since they're normal characters // this prevents like <IMG SRC=@avascript:alert('XSS')> $search = 'abcdefghijklmnopqrstuvwxyz'; $search .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'; $search .= '1234567890!@#$%^&*()'; $search .= '~`";:?+/={}[]-_|\'\\'; for ($i = 0; $i < strlen($search); $i++) { // ;? matches the ;, which is optional // 0{0,7} matches any padded zeros, which are optional and go up to 8 chars // @ @ search for the hex values $val = preg_replace('/(&#[x|X]0{0,8}'.dechex(ord($search[$i])).';?)/i', $search[$i], $val); // with a ; // @ @ 0{0,7} matches '0' zero to seven times $val = preg_replace('/(�{0,8}'.ord($search[$i]).';?)/', $search[$i], $val); // with a ; } // now the only remaining whitespace attacks are \t, \n, and \r $ra1 = Array('javascript', 'vbscript', 'expression', 'applet', 'meta', 'xml', 'blink', 'link', 'style', 'script', 'embed', 'object', 'iframe', 'frame', 'frameset', 'ilayer', 'layer', 'bgsound', 'title', 'base'); $ra2 = Array('onabort', 'onactivate', 'onafterprint', 'onafterupdate', 'onbeforeactivate', 'onbeforecopy', 'onbeforecut', 'onbeforedeactivate', 'onbeforeeditfocus', 'onbeforepaste', 'onbeforeprint', 'onbeforeunload', 'onbeforeupdate', 'onblur', 'onbounce', 'oncellchange', 'onchange', 'onclick', 'oncontextmenu', 'oncontrolselect', 'oncopy', 'oncut', 'ondataavailable', 'ondatasetchanged', 'ondatasetcomplete', 'ondblclick', 'ondeactivate', 'ondrag', 'ondragend', 'ondragenter', 'ondragleave', 'ondragover', 'ondragstart', 'ondrop', 'onerror', 'onerrorupdate', 'onfilterchange', 'onfinish', 'onfocus', 'onfocusin', 'onfocusout', 'onhelp', 'onkeydown', 'onkeypress', 'onkeyup', 'onlayoutcomplete', 'onload', 'onlosecapture', 'onmousedown', 'onmouseenter', 'onmouseleave', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', 'onmove', 'onmoveend', 'onmovestart', 'onpaste', 'onpropertychange', 'onreadystatechange', 'onreset', 'onresize', 'onresizeend', 'onresizestart', 'onrowenter', 'onrowexit', 'onrowsdelete', 'onrowsinserted', 'onscroll', 'onselect', 'onselectionchange', 'onselectstart', 'onstart', 'onstop', 'onsubmit', 'onunload'); $ra = array_merge($ra1, $ra2); $found = true; // keep replacing as long as the previous round replaced something while ($found == true) { $val_before = $val; for ($i = 0; $i < sizeof($ra); $i++) { $pattern = '/'; for ($j = 0; $j < strlen($ra[$i]); $j++) { if ($j > 0) { $pattern .= '('; $pattern .= '(&#[x|X]0{0,8}([9][a][b]);?)?'; $pattern .= '|(�{0,8}([9][10][13]);?)?'; $pattern .= ')?'; } $pattern .= $ra[$i][$j]; } $pattern .= '/i'; $replacement = substr($ra[$i], 0, 2).'<x>'.substr($ra[$i], 2); // add in <> to nerf the tag $val = preg_replace($pattern, $replacement, $val); // filter out the hex tags if ($val_before == $val) { // no replacements were made, so exit the loop $found = false; } } } return $val; } ?> Quote Link to comment https://forums.phpfreaks.com/topic/71052-php-exploit-bug-sql-injection-tester/#findComment-357628 Share on other sites More sharing options...
d.shankar Posted September 30, 2007 Share Posted September 30, 2007 You could also use freely available vulnerability scanners in the web. Quote Link to comment https://forums.phpfreaks.com/topic/71052-php-exploit-bug-sql-injection-tester/#findComment-358228 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.