7
Comments
  • 0
    Fucking lunatics :D
  • 1
    Found the infected block!
  • 0
    They're not that smart, so I wonder, who did they pay? Which security company was so low on cash and so desperate to do their dirty work?
  • 0
    Sql injection with data override
  • 0
    Why didn't the attackers redirect the main landing page, just some irrelevant deep link? Allah is mighty, Allah is great, lives in a trailer on social aid?
  • 1
    @Fast-Nop That's what the code does actually... Auto-redirect the homepage to that website link.
  • 1
    @djsumdog I think that there is a devrant rule about not talking politics. There are many other online places that will roll with your trolling though
  • 1
    @GiddyNaya credibleorganic.in isn't redirected to that link, at least not in my browser. Not even with uBlock Origin disabled. Or is that because you fixed it already?
  • 1
    The real question is why there are still sql injection vulnerabilities in 2021. Sanitizing data isn’t hard
  • 0
    Also they had a database injection vector and all they did with it was edit some html? That’s some serious lack of imagination right there
  • 1
    @Fast-Nop I don't know "credibleorganic.in" neither does the client. The affected website is a school website (*not putting the URL here) and visiting the landing page redirects to that credibleorganic link.
    I've been able to fix the code and ultimately change the db password but I'm still yet to find out how they where able to update the tables with malicious values.

    Just as @demoralizeddev pointed out; the client's website was poorly written. Notice the PHP echo block, that db value should have been sanitised/html_escaped rather than echoed directly because when not sanitised the browser executes any command that appears there, in this case "a meta redirect tag". Assuming the attacker injected a JavaScript redirect that would have been harder to detect cause the redirect would have been instant.
  • 0
    Whats the FE? doesnt it sanitize automatically like most modern FE frameworks/libraries do?
    I think sanitization should be done on the FE or the first entry point to the BE or am I mistaken?
  • 0
    @Crismon If you check my recent comment you'd notice from the image that it's plain HTML without any Frontend framework.
Add Comment