4. PHP SQL Injection

PHP SQL Injection

  • T

    I noticed that the mysql driver for PHP is using an older version which is soon to be deprecated.  On my captive portal with radius I created a registration form with a simple query on a database server:

    $query = mysql_query("INSERT INTO reg_users (user_name, user_email, password, macaddress, phone_number, gender, reg_date) 
VALUES 
('$user_name', '$user_email','$password', '$macaddress', '$phone_number', '$gender', '$reg_date')");

    Which is pretty much prone to sql injection, I just finished pentesting the form but I was wondering why sqlmap was not able to penetrate to such query.

    I also noticed that the phpinfo for pfsense has credits on extensions such as mysqli which is not supported by the current version or is it already supported? I would love to know what's under the hood.

    0
  • H

    Another quest is why is there code that hits tables directly? Everything should be through stored procedures and the client should not have direct table access. Much harder to dump tables with a SQL injection if you can't read the tables. /endrant

    0
  • T

    It's a pretty much accurate comment.  Though the resource in the /documentation is using the traditional way. :)  https://doc.pfsense.org/index.php/Using_Captive_Portal_with_FreeRADIUS#CaptivePortal_Self-Registration:FreeRADIUS.2B_MySQL

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy