Website Security

-

The internet is not 100% safe your website can be hacked at any time but there are some pretty easy ways to bypass some vulnerabilities by applying some codes to your website we would run through a few methods to secure your website from SQL injection, Cross site scripting, and file inclusion lets go do some codings 😊

 A: SQL Injection
-->Types                   
 Login Form Bypassing
  UNION SQL Injection
B: Cross Site Scripting
      --> Cross Site Request Forgery
C: File Inclusion
     Types-> Remote File Inclusion and Remote Code Execution
   

 On this post i am telling about five types of common web attacks, which are used in 
most types of defacements or dumps of databases.
The five exploits listed above are SQL injection, XSS, RCE, RFI, and LFI. Most of the 
time, we missed out some website code tags.. 
coz of this we get website attacks and allows the hacker for attack on vulnerable website enough of the talks lets get into action.

 =================================================
A: SQL Injection

 --> LOGIN FORM BYPASSING

 Here is an example of the vulnerable code that we can bypass very easily:

 index.html file:
<form action="login.php" method="POST" />
<p>Password: <input type="text" name="pass" /><br />
<input type="submit" value="Authenticate" /></p>
</form>

 login.php file:
<?php
// EXAMPLE CODE
$execute = "SELECT * from database WHERE password = '{$_POST['pass'])";
$result = mysql_query($execute);
?>

 We can simply bypass this by using ' or '1=1', which will execute "password = ''or '1=1'';".

 Alternatively, the user can also delete the database by executing "' drop table database; --".
PREVENTION:
Use mysql_real_escape_string in your php code.

Example:

<?php
$badword = "' OR 1 '";
$badword = mysql_real_escape_string($badword);
$message = "SELECT * from database WHERE password = "'$badword'";
echo "Blocked " . $message . ";
?>

 --> UNION SQL Injection

 UNION SQL injection is when the user uses the UNION command. The user checks for the vulnerability by
adding a tick to the end of a ".php?id=" file. If it comes back with a MySQL error, the site is most likely
vulnerable to UNION SQL injection. They proceed to use ORDER BY to find the columns, and at the end, they use
the UNION ALL SELECT command. An example is shown below.

 http://www.site.com/website.php?id=1'
You have an error in your SQL syntax near '' at line 1 SELECT SUM(quantity) 
as type FROM orders where (status='completed' OR status='confirmed' OR status='pending') AND user_id=1'
No error--> http://www.site.com/website.php?id=1 ORDER BY 1--

 Two columns, and it comes back with an error! This means that there is one column.
 http://www.site.com/website.php?id=1 ORDER BY 2-- 

Selects the all the columns and executes the version() command on the only column.
http://www.site.com/website.php?id=-1 UNION SELECT ALL version()-- 

SOLUTION:

Add something like below to prevent UNION SQL injection.

$evil = "(delete)|(update)|(union)|(insert)|(drop)|(http)|(--)|(/*)|(select)";
$patch = eregi_replace($evil, "", $patch);

=================================================
B: Cross Site Scripting

 Cross site scripting is a type of vulnerability used by hackers to inject code into vulnerable web pages.
If a site is vulnerable to cross site scripting, most likely users will try to inject the site with malicious javascript or try to
scam users by creating a form where users have to type their information in.
 Two types of XSS (cross site scripting) are persistent XSS and non-persistent XSS.
Example:
http://www.site.com/search.php?q=">

SOLUTION
(javascript) (Thank you, Microsoft!):

function RemoveBad(strTemp) {
    strTemp = strTemp.replace(/\<|\>|\"|\'|\%|\;|\(|\)|\&|\+|\-/g,"");
    return strTemp;
}

=================================================
C: File Inclusion

  Types: Remote File Inclusion/Local File Inclusion, and Remote Code Execution

 Remote File Inclusion allows a hacker to include a remote file through a script (usually PHP). This code is mostly patched on websites, but some websites are still
vulnerable to the vulnerability. RFI usually leads to remote code execution or javascript execution.

 Example of the vulnerable code:
<?php
include($_GET['page']);
?>

Exploiting it would be something like this:
http://www.site.com/page.php?page=../../../../../etc/passwd or
http://www.site.com/page.php?page=http://www.site.com/xyz.txt?

SOLUTION:

Validate the input.
$page = $_GET['page'];
$allowed = array('index.php', 'games.php' 'ip.php');
$iplogger = ('ip.php');
if (in_array $page, $pages)) {
include $page {
else
{
include $iplogger
die("IP logged.");
}

For remote code execution, the site would have to have a php executing command. You would patch this by about doing the same thing.

Popular posts from this blog

Tera's Services smtp-rdp-vps-cpanel-whm-shellz

-
Image
We got bunch of mails from our esteemed readers that they needed the below tools and we got many mails from Noobs too who have tricked by BAD guys but guess what, we had to help because that is exactly what TERATOOLS was created for to help Noobs and young hackers with every knowledge and tool to begin their journey into ETHICAL HACKING!! We offer the following service to our happy customers globally at the same price and we don't sell dead stuffs. SMTP Short for (Simple Mail Transfer Protocol) a protocol for sending e-mail messages between servers. Most e-mail systems that send mail over the Internet use SMTP to send messages from one server to another; the messages can then be retrieved with an e-mail client using either POP or IMAP. we sell all types UNLIMITED, HIGH but LIMITED 5k, 10k 50k, Zimbra, office365, gsuite powered SMTP, etc are in stock and selling fast. INBOX guaranteed  RDP Short for (Remote Desktop Protocol) is a Microsoft protocol designed to facilitate a
Read more

Paypal Javascript Exploit

-
Image
Paypal Javascript Exploit Here is a simple JavaScript exploit through which you can hack Paypal & download products for free without spending single penny . More then 500 sites are Vulnerable !! . Step by Step Guide : Go to the vulnerable site & paste the below JavaScript given below in the browser & hit enter ! . javascript:top.location=document.getElementsByName('return')[0].value; javascript:void(0); So after you have hit enter, just sit back & enjoy the free product .  Live Demo :~# Vulnerable Site  -  http://www.orderproductsdirect.com/Instantdownload.htm So after you paste the JavaScript in the URL then the product will be automatically downloaded :) More Vulnerable sites link  -  http://pastebin.com/nLuSZb9J   (some sites are patched)
Read more

Download Black Bulk Mailer

-
Image
BlackBulkMail uses the biggest email services in the world to send emails, it uses webmail (no smtp) to send emails just like you do in your regular browser. It is multi-threaded, supports proxies and is very fast. It can now send using hotmail/outlook/live, yahoo, gmail and aol accounts! Free Version > Download < sorry about the ad we've got bills too Take a few seconds to  Donate  0.00001$ btc to a sick and homeless child today! follow us on social media: |  Facebook  |  Instagram  |  Youtube  |  Google+  |
Read more

Fresh 2018 FUD pages

-
Image
Buy 100% Completely Fresh  2018 FUD pages from us today  office 365 Yahoo Gmail hinet 163 asia b2b emails pages  Paypal Chase Bank Of America Wells Fergo And Many  more... Pages: 20 + 3 free us bank pages for the first 10 buyers Bulk Price: $200 Single Price: $30 fixed SCAN RESULT :  0/52  Virus-total sorry about the ad just skip it payment method: BTC and Perfect money only! Contact us  Skype: sameer.alqaisl  Icq:      741475951 *don't get scammed by fake accounts* Take a few seconds to  Donate  0.00001$ btc to a sick and homeless child today! follow us on social media: |  Facebook  |  Instagram  |  Youtube  |  Google+  |
Read more