p1nk wrote:Looks like they didn't learn to properly handle user input:If it were only this problem.... ^^
Code: Select all// Create query $q = "SELECT * FROM `dbUsers` WHERE `username`='".$_POST["username"]."' AND `password`='".$_POST["password"]."' LIMIT 1"; // Run query $r = mysql_query($q);
A forum for reverse engineering, OS internals and malware analysis
No PDO in XXI century? :)
bsteo wrote:No PDO in XXI century? :)shh, dont give them ideas
MajikPOS:
Via:
http://blog.trendmicro.com/trendlabs-se ... -and-rats/
VT links:
https://www.virustotal.com/en/file/4bbc ... /analysis/
https://www.virustotal.com/en/file/25e4 ... /analysis/
pass is infected
Via:
http://blog.trendmicro.com/trendlabs-se ... -and-rats/
VT links:
https://www.virustotal.com/en/file/4bbc ... /analysis/
https://www.virustotal.com/en/file/25e4 ... /analysis/
pass is infected
Attachments
samples
(28.98 KiB) Downloaded 69 times
(28.98 KiB) Downloaded 69 times
LockPoS
https://www.arbornetworks.com/blog/aser ... ins-flock/
I haven't seen much more of this in the wild.
https://www.arbornetworks.com/blog/aser ... ins-flock/
I haven't seen much more of this in the wild.
Attachments
(71.21 KiB) Downloaded 33 times