Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PHP SQL Injection

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tux
      last edited by

      I noticed that the mysql driver for PHP is using an older version which is soon to be deprecated.  On my captive portal with radius I created a registration form with a simple query on a database server:

      $query = mysql_query("INSERT INTO reg_users (user_name, user_email, password, macaddress, phone_number, gender, reg_date) 
      VALUES 
      ('$user_name', '$user_email','$password', '$macaddress', '$phone_number', '$gender', '$reg_date')");
      

      Which is pretty much prone to sql injection, I just finished pentesting the form but I was wondering why sqlmap was not able to penetrate to such query.

      I also noticed that the phpinfo for pfsense has credits on extensions such as mysqli which is not supported by the current version or is it already supported? I would love to know what's under the hood.

      1 Reply Last reply Reply Quote 0
      • H
        Harvy66
        last edited by

        Another quest is why is there code that hits tables directly? Everything should be through stored procedures and the client should not have direct table access. Much harder to dump tables with a SQL injection if you can't read the tables. /endrant

        1 Reply Last reply Reply Quote 0
        • T
          tux
          last edited by

          It's a pretty much accurate comment.  Though the resource in the /documentation is using the traditional way. :)  https://doc.pfsense.org/index.php/Using_Captive_Portal_with_FreeRADIUS#CaptivePortal_Self-Registration:FreeRADIUS.2B_MySQL

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.