Skip to content

Instantly share code, notes, and snippets.

@JABirchall

JABirchall/BB.php

Last active August 29, 2015 14:06
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save JABirchall/2d95c1a29c691538ef12 to your computer and use it in GitHub Desktop.
Save JABirchall/2d95c1a29c691538ef12 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
BB.php
<?php // For highlighting
if (( isset( $_POST['username'] ) && $sqlBlacklist->CheckStringForAttackString( $_POST['username'] ) == true )) {
$sqlBlacklist->AddBlacklistedIP( djbgijfffi( $_SERVER['REMOTE_ADDR'] ), BLACKLIST_REASON_SQLI );
baecfadce( 'HTTP/1.0 404 Not Found' );
exit();
}else {
if (( isset( $_POST['password'] ) && $sqlBlacklist->CheckStringForAttackString( $_POST['password'] ) == true )) {
$sqlBlacklist->AddBlacklistedIP( djbgijfffi( $_SERVER['REMOTE_ADDR'] ), BLACKLIST_REASON_SQLI );
baecfadce( 'HTTP/1.0 404 Not Found' );
exit();
}
}
//Function Called
function CheckStringForAttackString($s_target_string = '') {
if (@cbjifghahd( $s_target_string ) < 3) return false;
@chbddcgfc(@behfgfiggh( $s_target_string ));
$target_string = ;
if ((((((iiaabihgi( $target_string, 'INSERT ' ) || iiaabihgi( $target_string, 'DROP ' )) || iiaabihgi( $target_string, 'SELECT ' )) || iiaabihgi( $target_string, 'FROM ' )) || iiaabihgi( $target_string, 'DELETE ' )) || iiaabihgi( $target_string, 'UPDATE ' )))
return true;
return false;
}
// I'm sure 'iiaabihgi()' is strpos() and 'cbjifghahd()' is strlength()
// I don't know what 'chbddcgfc()' and 'behfgfiggh()' are though I am guessing one is strtouper(). the other function I am not sure.
// edit #1 Found the other function is this
function CheckQueryForSQLi($query_str) {
if ($query_str){
if ((bcbfafjahh( $query_str, '\'' ) || bcbfafjahh( $query_str, '"' )))
return true;
}
return false;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment