StarMedia
Va asteptam in grupul nostru de pe facebook: Click

Distribuiţi
Vezi subiectul anteriorIn josVezi subiectul urmator
avatar
sKiLeTu
Extreme
Extreme
Mesaje : 960
Varsta : 23
Localizare : Moldova,Chisinau,Truseni
Sunt pe forum din : 29/12/2009

[Release] Anti sql inject script + ip + command lo

la data de Sam 16 Oct 2010, 13:14
So. Now I will present my ban log system that records the ip-it manual, time, command that has tried to "hack" the server. Check all $ _POST and $ _GET requests.

When you try to use SELECT, DROP, -,;, 'recorded in the DB. You have 1 admin stranichka which is available to IP-then the administrator. There is indicated hours page from that been tried to hack the server (unless $ _GET request, and someone decided to try index.php? Op = 'shutdown-command or as). From this page if you believe people should be by clicking on a ban ip-and it no longer access the site. Everything is saved in DB.

Here are some screenshots.


-------------------------------------------------- -----------

-------------------------------------------------- -----------

-------------------------------------------------- -----------

-------------------------------------------------- -----------

Works for all web packages!

Elementary installation.
You need only these tables to add the table in MuOnline query analizer-a.

Code:

CREATE TABLE [antisqlinjection] (
[Tarikata] [varchar] (50) COLLATE Chinese_PRC_CI_AS NULL,
[Ip] [varchar] (50) COLLATE Chinese_PRC_CI_AS NULL,
[Komanda] [varchar] (50) COLLATE Chinese_PRC_CI_AS NULL,
[Chas] [int] NULL
) ON [PRIMARY]
GO

Code:

CREATE TABLE [banip] (
[Ip] [varchar] (50) COLLATE SQL_Latin1_General_CP437_BIN NULL
) ON [PRIMARY]
GO

Remove any other files. In the folder in the root admin and set conreal.php. Open index.php and add before
PHP Code:

The idea I get it to such a code DarksTeam but this works.


I forgot to put delall.php the directory admin /
Here he is.
PHP Code:



include "conreal.php";
$ ADDR = $ _SERVER ['REMOTE_ADDR'];
if ($ ADDR = $ adminip)
{
$ Getip = $ _GET ['ip'];
$ Banhim = mssql_query ("DELETE FROM antisqlinjection");
echo "You have successfully deleted all logs;
}
else
{
echo "You're not welcome here!"
}
?>
[Trebuie sa fiti inscris si conectat pentru a vedea acest link]
avatar
zohanel
Nou Venit
Nou Venit
Mesaje : 66
Varsta : 33
Localizare : Constanta
Sunt pe forum din : 11/01/2011

Re: [Release] Anti sql inject script + ip + command lo

la data de Lun 14 Feb 2011, 01:18
Mai e valabila informatia ? cum o punem in practica ca umpic descrierea e nerelevanta si nu ne da prea multe detali ca sa nu mai zicem de screenshots
avatar
mitzaxxl
Nou Venit
Nou Venit
Mesaje : 76
Varsta : 25
Localizare : Vaslui
Sunt pe forum din : 04/08/2010

Re: [Release] Anti sql inject script + ip + command lo

la data de Lun 02 Mai 2011, 21:45
te-a batut maxim copy paste
avatar
sKiLeTu
Extreme
Extreme
Mesaje : 960
Varsta : 23
Localizare : Moldova,Chisinau,Truseni
Sunt pe forum din : 29/12/2009

Re: [Release] Anti sql inject script + ip + command lo

la data de Mar 03 Mai 2011, 14:03
Ai Dreptate mitzaxxl
Dar Ajuta asta la Server
Continut sponsorizat

Re: [Release] Anti sql inject script + ip + command lo

Vezi subiectul anteriorSusVezi subiectul urmator
Permisiunile acestui forum:
Nu puteti raspunde la subiectele acestui forum