Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 7 hours ago.
Improve this question
I have a server side PHP code looking for this
Auth->login($_POST['uid'], $_POST['pwd']);
I need help to write the filter to crack the login page. For exmaple, when I type test','test')\ and hit enter, I get the following error
Auth->login('test','test')\;','')
I need a filter to comment everything after the semicolon
This is for a school project. There are common filters in php that will replace comments, semicolon, etc.
Related
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
a challenge like this $_GET['2020'] snippet boring me a long time, i want to know how this work, but do not know which keywords to search, maybe how the parameter works?
$_GET reads querystring parameters from the URL. So if someone goes to your PHP script with a URL like http://servername/scriptname.php?2020=ABC then when the PHP script runs, the variable $_GET['2020'] will contain the value ABC.
More info is available in the documentation: https://www.php.net/manual/en/reserved.variables.get.php
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 7 years ago.
Improve this question
here is the front end of it.
and this is the back end
http://localhost/phpmyadmin/#PMAURL-6:sql.php?db=bims&table=personal_info&server=1&target=&token=8254c6ededd52ca5284d30cf084621b9
This question is wrongly asked.
you may:
Take screen shots
Be specific on where the problem is
And if you wish to provide link, make sure it is hosted not recommended at all for database
And if it is a database, be careful not to share a sensitive database, Only share something that is strictly demo
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
Found a weird hack today someone was exploiting,
was wondering how this arbitary code could execute thousands of emails an hour.
http://pastebin.com/m7nBSmfB
There's nothing weird about the code you posted -- it builds up a PHP function in an obfuscated fashion -- then it calls the generated code.
The real problem/issue is, how is your server being made to run this code? If you have indeed been exploited by this, it's because you're allowing them to run arbitrary PHP code on your server.
You need to figure out how that happened.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
What would the code be to have a comments section on my website where logged in people can place a comment. I got a database and want to use html and php only. No 3th party involved.
Something simple and not to advanced.
You should check out some tutorials:
http://www.youtube.com/watch?v=KGmEZY6DBhw
http://www.2my4edge.com/2013/05/comment-system-using-php-and-mysql.html
We are not going to place an entire code here, you should show us that you've tried instead of just asking us to write all of your code.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 9 years ago.
Improve this question
It may sounds trivial. but I want to know the Secure way of generating user-IDs to be used in MySql table. This is because I feel that using pure Integer IDs can enable hacking?.
Everything can be hacked, the only difference is that if the ID is used as a parameter in the URL or any other input. Then a GUID could be better to use.
Example : url/?id=1.