digip Posted February 1, 2015 Posted February 1, 2015 (edited) Yeah, I've actually got all of the source code posted on the site without usernames, passwords, and SSIDs of course. I also have the PHP code for the script that you (or your scanner) accessed showing how the messages are retrieved and posted on the webpage for the Arduino to pull.Not knowing I could have started with a -1 and parsed for the total records from the error, I just guessed first time around using 30. I could of just used the error message, since you seem to toss the last index at the top if you try to start out of the total record index, and then rewrote it to use the total from the first error messages totals, but here is what I did. <?php $i = 0; while ($i <= 30) { $links = file_get_contents('http://www.puffycode.com/messenger/msgrecv.php?index='.$i); echo filter_var($links,FILTER_SANITIZE_FULL_SPECIAL_CHARS)."<br />"; $i++; } ?> Edited February 1, 2015 by digip Quote
sud0nick Posted February 1, 2015 Author Posted February 1, 2015 (edited) Not knowing I could have started with a -1 and parsed for the total records from the error, I just guessed first time around using 30. I could of just used the error message, since you seem to toss the last index at the top if you try to start out of the total record index, and then rewrote it to use the total from the first error messages totals, but here is what I did. It wouldn't have given you an error because it automatically defaults to the last message in the database if the requested index is out of range. if ($reqIndex < $rowCount && $reqIndex >= 1) { $index = $reqIndex; } else { $index = $rowCount; } But you still could have parsed it to get the total count. I'm not understanding what you're getting at because it's already public. I'm not trying to hide the messages. Edit: Now there's 26 messages Edited February 1, 2015 by sud0nick Quote
digip Posted February 1, 2015 Posted February 1, 2015 I'm not understanding what you're getting at because it's already public. I'm not trying to hide the messages.It's all good though, was just for my own fun trying to see what was there since as mentioned, I can't see the page other than viewing source due to JS being off by default on my browser. Seeing you used an index with GET results via the URL itself, I just threw that together real quick to pull them down since TGYK mentioned using SQLi, and I was just stating, pulling the info could still be done, no SQLi needed. I read your site in a text editor, so I don't really see what everyone else does, since I'm literally parsing the text of the pages source to read what you we're linking to and then saw you posted the source to go along with the output for your pics in your first post. ..I think it's neat to be able to take stuff from the web and have it send to the lcd of your arduino though, but wasn't insinuating anything if that's what you meant. Quote
sud0nick Posted February 1, 2015 Author Posted February 1, 2015 lol ok. I replied to TGYK and stated I'm not using SQLi since it's outdated and vulnerable. I'm actually using PDO with prepared statements as it is much more secure. Since you were poking around it got me to double check my code and I found some places where I was still using SQLi but it's updated now. I was all paranoid, Quote
digip Posted February 1, 2015 Posted February 1, 2015 I think you and I are referring to two different things in case of SQLi though. "mysqli" statements in server side script queries, vs SQLi (Sequel injection). But yeah, was just stating you could get results from a DB without sequel injection attack since you allow HTML GET requests for URL manipulation to dump all the records. Quote
sud0nick Posted February 1, 2015 Author Posted February 1, 2015 I think you and I are referring to two different things in case of SQLi though. "mysqli" statements in server side script queries, vs SQLi (Sequel injection). But yeah, was just stating you could get results from a DB without sequel injection attack since you allow HTML GET requests for URL manipulation to dump all the records. Now we're on the same page. I've never heard SQL injection referred to as SQLi so I immediately thought of the PHP interface mysqli. Quote
sud0nick Posted February 1, 2015 Author Posted February 1, 2015 lol and thanks for the really big 383d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d44 Juan! Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.