Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    PHP SQL Injection

    General pfSense Questions
    2
    3
    792
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tux last edited by

      I noticed that the mysql driver for PHP is using an older version which is soon to be deprecated.  On my captive portal with radius I created a registration form with a simple query on a database server:

      $query = mysql_query("INSERT INTO reg_users (user_name, user_email, password, macaddress, phone_number, gender, reg_date) 
      VALUES 
      ('$user_name', '$user_email','$password', '$macaddress', '$phone_number', '$gender', '$reg_date')");
      

      Which is pretty much prone to sql injection, I just finished pentesting the form but I was wondering why sqlmap was not able to penetrate to such query.

      I also noticed that the phpinfo for pfsense has credits on extensions such as mysqli which is not supported by the current version or is it already supported? I would love to know what's under the hood.

      1 Reply Last reply Reply Quote 0
      • H
        Harvy66 last edited by

        Another quest is why is there code that hits tables directly? Everything should be through stored procedures and the client should not have direct table access. Much harder to dump tables with a SQL injection if you can't read the tables. /endrant

        1 Reply Last reply Reply Quote 0
        • T
          tux last edited by

          It's a pretty much accurate comment.  Though the resource in the /documentation is using the traditional way. :)  https://doc.pfsense.org/index.php/Using_Captive_Portal_with_FreeRADIUS#CaptivePortal_Self-Registration:FreeRADIUS.2B_MySQL

          1 Reply Last reply Reply Quote 0
          • First post
            Last post