How bad is this db_query from an old D6 site?

I'm looking at an old D6 site that was done in a very non-standard way. What concerns me most are some .tpl.php files from the theme that use $_POST parameters to insert data into some tables, e.g.:

<?php    $uid = $user->uid;   $name = $user->name;   $title=$_POST['title'];   $comment=$_POST['comment'];       $nid=$_POST['nid'];   $cid=db_result(db_query("select  max(cid) from  comments"));   $cid2=$cid+1;   $timestamp=mktime();   db_query("insert  into  comments  values($cid2, 0, $nid,$uid,'$title' , '$comment', '', $timestamp, 0, 3,'01/', '$name', null, null)");  ?> 

This seems like very straightforward sql injection vector, but I'm not really an expert at exploiting such things, and my relatively feeble attacks have been caught by the new server. However, there are 1000 entries in the database where the titles are pretty clear attempts to execute injection attacks, and worse yet are the 1000 more with empty titles which might represent attacks that were successful.

So how bad is this? Here is my scale:

  1. 37GB of spam! Ha ha ha! No problem!
  2. Removing the insecure code and moving to a new server should be safe.
  3. The site will not really be safe until you switch to a new server, remove all the insecure code, and run some automated tests on the database and/or file structure to check for residual attack vectors.
  4. The site will not really be safe until you switch to a new server, remove all the insecure code, and then go through each file and each database row and manually check to make sure that it isn't an attack vector — in other words, it's probably easier to give up and start over, no matter the size of the site.


Category: 6 Time: 2016-07-30 Views: 2

Related post

  • How bad is this db_query() from an old site? 2016-07-30

    I'm looking at an old D6 site that was done in a very non-standard way. What concerns me most are some .tpl.php files from the theme that use $_POST parameters to insert data into some tables, e.g.: <?php $uid = $user->uid; $name = $user->name; $

  • How to convert this code from angular1 to angular2 2016-01-16

    there, i want use ng-class="{active: isOpen()}" in angular 2, but i don't know ,how to convert this code from angular1 to angular2, any one help me? thank you very much. my code from there:

  • How to import dashboard stickies from an old hard disk without using migration assistant? 2012-07-03

    I recently installed a new hard drive in my Macbook Pro for a fresh installation of OSX Lion. How can I get my dashboard stickies from the old hard disk without using migration assistant? --------------Solutions------------- You'll need to copy two f

  • How to import Launchy settings from an old install? 2012-10-26

    I have made a new, clean Windows install, but I'd like to copy over my Launchy settings from the old install. How can I do this? --------------Solutions------------- Usually, the local Launchy data is stored under %AppData%/Launchy (you can enter exa

  • How to recreate this effect from Apple's GameCenter? 2012-03-08

    How could I recreate the background and the effect on the ribbons, borders, and "Other" text in this screenshot from Apple's GameCenter app? To me, the background looks a little glittery, but also a bit like felt, while the other parts look kind

  • How can I move Works from my old laptop to its new replacement? 2013-02-15

    I have a Compaq Presario CQ62 with Windows 7 Home Paremium that is a few years old and while everything still works well, after much use/abuse I have broken the case below the keyboard. I just bought a Gateway LT4010u to replace it and I have already

  • how to extract .z file from an old QNX in Centos 2014-03-10

    z files from an old QNX system which needs to be unpacked in preferable Centos. These files are packed with the QNX pack method and there is no Virtual Machine (VMWARE) available to load QNX and unpack these files. I've tried all the available extrac

  • How to access the data from my old hardrive 2016-06-09

    my old laptop died on. Me after taking out the SATA hardrive and putting in to a SATA-enclosure, I am able to access one of the two important partitions that were on that hard drive. The biggest one which has most of the data however, I am not able t

  • How to automate data scraping from multiple pages of site where the URL doesn't change 2015-08-04

    I'm trying to amass a table in excel by extracting the data on a webpage. The site contains 27 pages with data that I would like to lump into one single table in Excel. However, the URL doesn't change from page to page. I watched a YouTube video that

  • How to move my data from my old MacBook Pro to my new one? 2010-04-19

    I just purchased a new MacBook Pro and already got an 2008 model. I wonder how I move all my data over to the new one. My first idea was, to use my Time Machine backup and restore from it, which seems to be a good idea and should work just fine regar

  • How do I transfer programs from my old computer to my new Windows 7 computer? 2010-08-22

    I know about the Easy Transfer tool included in Windows 7 that will transfer all my files but I want to transfer my programs. Also, I don't want to buy any gimmicky program if I don't have to. --------------Solutions------------- Many programs cannot

  • I have only two languages on my resume - how bad is this? 2010-11-21

    I have a question that can be best answered here, given the vast experience some of you guys have! I am going to finish my bachelor's degree in CS and let's face it, I am just comfortable with C++ and Python. C++ - I have no experience to show for an

  • How to safely transition users from an old interface to a new one? 2011-09-11

    We're about to launch a new interface of an order form (which is arguably better, based on research and user testing). At this time we don't want to hurt feelings, or shock returning visitors who are used to making orders on our current system. Are t

  • Copy-and-Pasted Test Code: How Bad is This? 2012-09-19

    My current job is mostly writing GUI test code for various applications that we work on. However, I find that I tend to copy and paste a lot of code within tests. The reason for this is that the areas I'm testing tend to be similar enough to need rep

  • How can I copy posts from my old (but still active) blog without SEO penalty? 2016-06-28

    I have had an old blog (which is still active) where I published some articles which I also want to publish on the new blog? How can I do this without SEO penalty? --------------Solutions------------- I am assuming that you are saying that you are wo

  • How to read this output from MySQL? 2013-03-11

    Query that is being ran: INSERT INTO `log_url` (`url_id`, `visitor_id`, `visit_time`) VALUES (?, ?, ?) Error that is being thrown: SQLSTATE[23000]: Integrity constraint violation: 1062 Duplicate entry '41721' for key 1 Where does 41721 fall into? How

  • What is this component from an old thermostat? 2013-07-23

    I recently cannibalized an old thermostat for parts, and found a strange looking component with no markings at all. Here's a picture (since I can't figure out how to describe it): My first guess was that this was some sort of resistor, but I can't se

  • How to migrate the posts from an old custom legacy blog to a new WordPress website? 2014-07-20

    I have to migrate the posts of a very old custom legacy blog made in ASP (the posts are stored in a MySql table) into a new WordPress blog. So I need your help to find the smartest solution to do it, I rule out the idea of ​​doing it manually because

  • How do I install updates from Windows.old folder? for Windows 8.1 2015-07-25

    Ran into some troubles lately, and tried to refresh/restore my Windows 8.1 pro 64 bit PC, but couldn't. So, I just installed (Custom Installation) the same OS again from the recovery media I created, and all the files there as usual moved to the wind

iOS development

Android development

Python development

JAVA development

Development language

PHP development

Ruby development


Front-end development


development tools

Open Platform

Javascript development

.NET development

cloud computing


Copyright (C), All Rights Reserved.

processed in 2.965 (s). 13 q(s)