Jump to content
enisina

Python sql inject

Recommended Posts

Consinfo.py add

def GetInjectText(text):
    characters = ["SELECT","TRUNCATE","INSERT","REPLACE","DELETE",'/', '>', '<', '|', ';', ':', '}', '{', '[', ']', '%', '#', '@', '^','&']
    succes = False
    for j in xrange(len(characters)):
        if text.find(characters[j]) != -1:
            succes = True
            break
    return succes

use

def __SendShoutChatPacket(self, text):
    if constInfo.GetInjectText(text):
       chat.AppendChat(chat.CHAT_TYPE_INFO, " SQL INJECT")
       return

quote from turkish forum

  • Love 2
  • Confused 2
  • Sad 1

Share this post


Link to post

Literally the worst fix ever :facepalm:

 

void LogManager::ShoutLog(const char * pszName, const char * pszText)
{
    m_sql.EscapeString(__escape_hint, sizeof(__escape_hint), pszText, strlen(pszText));
   // bla bla bla
}

  • Love 1

Share this post


Link to post
11 hours ago, Exygo said:

Literally the worst fix ever :facepalm:

 

void LogManager::ShoutLog(const char * pszName, const char * pszText)
{
    m_sql.EscapeString(__escape_hint, sizeof(__escape_hint), pszText, strlen(pszText));
   // bla bla bla
}

very clever friend this was just an example. if you can do better, do it and share

Share this post


Link to post
On 15.08.2019 at 08:32, Helia01 said:

🤒

над чем ты смеешься Тебе нравится детка: D

  • Sad 1

Share this post


Link to post
2 hours ago, enisina said:

над чем ты смеешься Тебе нравится детка: D

Rules

§1 Language

(1.1) Language

The language in this board is english. If you want to post something in your own language always add an english translation. The only exception for this rule is this section: Private Servers

 

Regards
Raylee

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

Terms of Use / Privacy Policy / Guidelines / We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.