xss sql injector detector

Готови за използване кодове
Post Reply
User avatar
deam0n
Web-tourist
Web-tourist
Posts: 3037
Joined: Sat Oct 01, 2005 4:33 pm
Answers: 204
Location: Шопландия
Contact:

xss sql injector detector

Post by deam0n » Thu Jun 27, 2013 1:03 pm

Полезно скриптче :Р

Code: Select all

<?php 
/**
 *
*
* Saving date to log file and sending email to administrator if there is SQL injection or XSS attempt
* 
*
* Atanas Atanasov
* 
*
* How to use&#58; Change $email var and include file wherever you want.
* 
 *
**/   
function SqlInjectionDetector&#40;&#41; &#123;
$email = "admin@root.bg";

  $data = $_SERVER&#91;'REQUEST_URI'&#93;.' '.$_SERVER&#91;'SCRIPT_FILENAME'&#93;.' '.$_SERVER&#91;'REMOTE_ADDR'&#93;.' '.$_SERVER&#91;"REQUEST_METHOD"&#93;.'  '.$_SERVER&#91;"REMOTE_PORT"&#93;.'  '.date&#40;'Y-m-d H&#58;i&#58;s'&#41;.'
';


$queryString = strtolower&#40;$_SERVER&#91;'REQUEST_URI'&#93;&#41;; 

if &#40;strstr&#40;$queryString,"<"&#41; || 
strstr&#40;$queryString,">"&#41; || 
strstr&#40;$queryString,"&#40;"&#41; || 
strstr&#40;$queryString,"&#41;"&#41; || 
strstr&#40;$queryString,".."&#41; || 
strstr&#40;$queryString,"%"&#41; || 
strstr&#40;$queryString,"*"&#41; || 
strstr&#40;$queryString,"+"&#41; || 
strstr&#40;$queryString,"!"&#41; || 
strstr&#40;$queryString,"@"&#41; ||
preg_match&#40;'/union.*select/i', $queryString&#41; ||
preg_match&#40;'/exec/i', $queryString&#41; ||
preg_match&#40;'/declare/i', $queryString&#41;  || 
preg_match&#40;'/drop/i', $queryString&#41; 
&#41; &#123; 


    $filename = '/logs/sql_injection_log_'.date&#40;'Y-m-d'&#41;.'.txt';
    $fh = fopen&#40;$filename, 'a'&#41;;
    fwrite&#40;$fh, $data&#41;;  
    fclose&#40;$fh&#41;;  
  

    // Send an email to the administrator
    $message = 'SqlInjectionAlarm function '.wordwrap&#40;$data, 70&#41;;
    
    $headers = 'From&#58; hackprevention@need.bg' . "\r\n" .
    'Reply-To&#58; '.$email. "\r\n" .
    'X-Mailer&#58; PHP/' . phpversion&#40;&#41;;
    
    // Send
    mail&#40;'support@need.bg', 'Possible Hack Attempt', $message, $headers&#41;; 
    

    
    header&#40;'Location&#58; http&#58;//www.google.com'&#41;;
    exit&#40;&#41;; 




&#125; 

&#125;

SqlInjectionDetector&#40;&#41;;
?> 

Msecurity
Потребител
Потребител
Posts: 753
Joined: Sat Sep 18, 2010 6:12 am
Answers: 19
Location: Варна

Post by Msecurity » Thu Jun 27, 2013 3:42 pm

А има ли вариант някак си да записва в базата данни инфото , освен да го изпраща по емейл.
Например: саматата атака, ип и т.н

User avatar
Hous
Гуру
Гуру
Posts: 2538
Joined: Sat Mar 22, 2008 9:19 pm
Answers: 111
Location: У нас

Post by Hous » Thu Jun 27, 2013 4:07 pm

Msecurity wrote:А има ли вариант някак си да записва в базата данни инфото , освен да го изпраща по емейл.
Например: саматата атака, ип и т.н
То го записва в txt файл, с малко преработка може да се insert в таблица...

Face_BG_Book
Нов
Нов
Posts: 15
Joined: Sun Mar 24, 2013 11:53 pm

Post by Face_BG_Book » Fri Jun 28, 2013 12:48 am

Това в Index-а ли се слага или отделен файл? :)

User avatar
deam0n
Web-tourist
Web-tourist
Posts: 3037
Joined: Sat Oct 01, 2005 4:33 pm
Answers: 204
Location: Шопландия
Contact:

Post by deam0n » Fri Jun 28, 2013 6:14 am

Face_BG_Book wrote:Това в Index-а ли се слага или отделен файл? :)
По-добре ще е в отделен файл и го include()-ваш :D

Post Reply