Jump to content

Finding exploits


Recommended Posts

Well for one, how are we going to tell you what kind of problems your site is open to if we don’t know what the site is? For example if it’s not using a mysql database than sql injection is off the table.

Peter is right. Go through every file, and fix it. By the time you have tested a large site for problems on the user side you could have finished, especially since you understand how to fix the actual issues, but not how to test for them in that way. If you really wish to understand than I would suggest Google since I sincerely doubt anyone is going to sit down, and teach you when they don’t know you character. By that I mean it could be just to mess up a friend’s website etc...

Link to comment
Share on other sites

i kinda feel your pain i was trying to figure out what all phpmyadmin did to queries before they executed it and to do this i would have to find out where they executed it

looked through 1 file seen some includes looked in the included files... more includes and more and more includes then dead end so i just said forget it

i havent seen your files or directory but im gonna take a guess that its not as complex as phpmyadmin so it shouldn't be that hard

as for testing for exploits... theres really only 1 way to do it if you have decent knowledge of php then you could probably find them just by looking through the files

if not?

you are going to have to look through each if statement and executed function and think what would happen to this if the user did this? then try it out... if it works find a way to fix it

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...