Point-of-Sale malwares / RAM scrapers

Forum for analysis and discussion about malware.

Re: Point-of-Sale malwares / RAM scrapers

Postby benkow_ » Mon Oct 24, 2016 8:25 am

p1nk wrote:Looks like they didn't learn to properly handle user input:

Code: Select all
  // Create query
  $q = "SELECT * FROM `dbUsers` WHERE `username`='".$_POST["username"]."' AND `password`='".$_POST["password"]."' LIMIT 1";
  // Run query
  $r = mysql_query($q);

If it were only this problem.... ^^
benkow_
 
Posts: 69
Joined: Sat Jan 24, 2015 12:14 pm
Reputation point: 41

Re: Point-of-Sale malwares / RAM scrapers

Postby bsteo » Thu Nov 10, 2016 11:15 am

No PDO in XXI century? :)
bsteo
 
Posts: 84
Joined: Fri Nov 16, 2012 5:50 pm
Reputation point: 12

Re: Point-of-Sale malwares / RAM scrapers

Postby TETYYSs » Thu Nov 10, 2016 6:25 pm

bsteo wrote:No PDO in XXI century? :)

shh, dont give them ideas
User avatar
TETYYSs
 
Posts: 98
Joined: Fri Jun 28, 2013 6:51 pm
Reputation point: 20

Re: Point-of-Sale malwares / RAM scrapers

Postby Silence_is_best » Mon Mar 20, 2017 1:35 am

You do not have the required permissions to view the files attached to this post.
Silence_is_best
 
Posts: 7
Joined: Fri Aug 15, 2014 11:16 am
Reputation point: 0

Previous

Return to Malware

Who is online

Users browsing this forum: tx707 and 3 guests