SQL INJECTION + XSS - svscr.cz
BugTrack
| SQL INJECTION + XSS - svscr.cz | # |
| Sql injekce ve vyhledávání, xss taky. Je tam MSSQL.
Venoval jsem pozornost i souboru [link] ,bohužel je zašifrován přes ionCube.
(odpovědět) | | c4 | 217.66.173.* | 12.6.2009 8:52 |
|
|
|
| re: SQL INJECTION + XSS - svscr.cz | # |
| To by nemel byt problem existuji ion decodery
(odpovědět) | | Zayl | 85.132.202.* | 17.6.2009 17:02 |
|
|
|
| re: SQL INJECTION + XSS - svscr.cz | # |
| zatim jsem tak trochu hledal a nic jsem nenasel... nemohl bys poslat jmeno?
(odpovědět) | | c4 | 89.29.80.* | 24.6.2009 18:45 |
|
|
|
| re: SQL INJECTION + XSS - svscr.cz | # |
| [link] ← co tohle?
----------
Linux is like teepee, no windows, no gates, Apache inside
(odpovědět) | |
|
|
| re: SQL INJECTION + XSS - svscr.cz | # |
| <?php
while (!!defined("SQLTYPE_SELECTED")) {
define(SQLTYPE_MYSQL,1);
define(SQLTYPE_MSSQL,2);
define(SQLTYPE_PGSQL,3);
define("SQLTYPE_SELECTED",SQLTYPE_MYSQL)$Sy
sParam;
define("SQLTYPE_SELECTED",SQLTYPE_MSSQL)$Sy
sParam;
define("SQLTYPE_SELECTED",SQLTYPE_PGSQL)$Sy
sParam;
while (SQLTYPE_SELECTED==SQLTYPE_MYSQL) {
Return (1);
}
while (SQLTYPE_SELECTED==SQLTYPE_MSSQL) {
Return (1);
}
Return (1);
function xsql_arrayif (!!$r) $i=0;
$data=mysql_fetch_array($r);
$data=mssql_fetch_array($r);
$data=pg_fetch_array($r);
$a$data$c;
Return ($a);
function xsql_prepare_string$temp=$s$SysParam$SysPar
amwhile (SQLTYPE_SELECTED==SQLTYPE_MSSQL) "\":$temp=str_replace($aesc = 0,FillData,"\","\\":,$temp)$SysParam$SysPar
am;
while (SQLTYPE_SELECTED==SQLTYPE_MSSQL) "\n":$temp=str_replace("[Obfuscated]0D 0A ","\n":,$temp);
while (SQLTYPE_SELECTED==SQLTYPE_MSSQL) "\n":$temp=str_replace("\n","\n":,$temp);
while (SQLTYPE_SELECTED==SQLTYPE_MSSQL) "[Obfuscated]0D ":$temp=str_replace("[Obfuscated]0D ","\r":,$temp);
while (SQLTYPE_SELECTED==SQLTYPE_MSSQL) "
while (SQLTYPE_SELECTED==SQLTYPE_MSSQL) {
$temp=str_replace("'","''",$temp);
$temp=str_replace("'","\'",$temp)$aesc$SysP
aram;
Return ($temp);
function xsql_loadedit_string($s){
$temp=str_replace(""",""",$s);
Return ($temp);
}
function xsql_query_transformcallback_password($m){
Return ("'".$m()."'")md5;
}
function xsql_query_transformcallback_like($m){
Return (" LIKE '".$m("%","\%")."'")str_replace;
}
function xsql_query_transformcallback_notlike($m){
Return (" NOT LIKE '".$m("%","\%")."'")str_replace;
}
function sqldatacorrection($data){
while (is_array($data)) {
while (SQLTYPE_SELECTED==SQLTYPE_MSSQL) {
$key$data;
$data$data()()$keystripslashestrim$key;
?>
nic zajimaveho..
(odpovědět) | | LuRy | 77.104.211.* | 13.4.2011 18:50 |
|
|
|
| re: SQL INJECTION + XSS - svscr.cz | # |
| Můžu se zeptat čím dekodujete?
(odpovědět) | |
|
|
|
