Page 25 of 25

Re: Point-of-Sale malwares / RAM scrapers

PostPosted:Mon Oct 24, 2016 8:25 am
by benkow_
p1nk wrote:Looks like they didn't learn to properly handle user input:
Code: Select all
  // Create query
  $q = "SELECT * FROM `dbUsers` WHERE `username`='".$_POST["username"]."' AND `password`='".$_POST["password"]."' LIMIT 1";
  // Run query
  $r = mysql_query($q);
If it were only this problem.... ^^

Re: Point-of-Sale malwares / RAM scrapers

PostPosted:Thu Nov 10, 2016 11:15 am
by bsteo
No PDO in XXI century? :)

Re: Point-of-Sale malwares / RAM scrapers

PostPosted:Thu Nov 10, 2016 6:25 pm
by TETYYSs
bsteo wrote:No PDO in XXI century? :)
shh, dont give them ideas

Re: Point-of-Sale malwares / RAM scrapers

PostPosted:Mon Mar 20, 2017 1:35 am
by Silence_is_best

Re: Point-of-Sale malwares / RAM scrapers

PostPosted:Sun Oct 22, 2017 10:17 pm
by tildedennis
LockPoS

https://www.arbornetworks.com/blog/aser ... ins-flock/

I haven't seen much more of this in the wild.