mirror of
https://github.com/moodle/moodle.git
synced 2025-04-15 21:45:37 +02:00
Merged from MOODLE_15_STABLE: Fix for Secunia Advisory SA18267 - plus logging of suspicious activity
This commit is contained in:
martinlanghoff
parent
517cc94ce0
commit
ed5cc66d5d
@ -1,98 +1,10 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* @version V4.66 28 Sept 2005 (c) 2000-2005 John Lim (jlim@natsoft.com.my). All rights reserved.
|
||||
* Released under both BSD license and Lesser GPL library license.
|
||||
Whenever there is any discrepancy between the two licenses,
|
||||
the BSD license will take precedence.
|
||||
*/
|
||||
|
||||
/* Documentation on usage is at http://php.weblogs.com/adodb_csv
|
||||
*
|
||||
* Legal query string parameters:
|
||||
*
|
||||
* sql = holds sql string
|
||||
* nrows = number of rows to return
|
||||
* offset = skip offset rows of data
|
||||
* fetch = $ADODB_FETCH_MODE
|
||||
*
|
||||
* example:
|
||||
*
|
||||
* http://localhost/php/server.php?select+*+from+table&nrows=10&offset=2
|
||||
*/
|
||||
require_once('../../config.php');
|
||||
require_once('../weblib.php');
|
||||
|
||||
|
||||
/*
|
||||
* Define the IP address you want to accept requests from
|
||||
* as a security measure. If blank we accept anyone promisciously!
|
||||
*/
|
||||
$ACCEPTIP = '';
|
||||
|
||||
/*
|
||||
* Connection parameters
|
||||
*/
|
||||
$driver = 'mysql';
|
||||
$host = 'localhost'; // DSN for odbc
|
||||
$uid = 'root';
|
||||
$pwd = '';
|
||||
$database = 'test';
|
||||
|
||||
/*============================ DO NOT MODIFY BELOW HERE =================================*/
|
||||
// $sep must match csv2rs() in adodb.inc.php
|
||||
$sep = ' :::: ';
|
||||
|
||||
include('./adodb.inc.php');
|
||||
include_once(ADODB_DIR.'/adodb-csvlib.inc.php');
|
||||
|
||||
function err($s)
|
||||
{
|
||||
die('**** '.$s.' ');
|
||||
}
|
||||
|
||||
// undo stupid magic quotes
|
||||
function undomq(&$m)
|
||||
{
|
||||
if (get_magic_quotes_gpc()) {
|
||||
// undo the damage
|
||||
$m = str_replace('\\\\','\\',$m);
|
||||
$m = str_replace('\"','"',$m);
|
||||
$m = str_replace('\\\'','\'',$m);
|
||||
|
||||
}
|
||||
return $m;
|
||||
}
|
||||
|
||||
///////////////////////////////////////// DEFINITIONS
|
||||
|
||||
|
||||
$remote = $_SERVER["REMOTE_ADDR"];
|
||||
|
||||
if (empty($_REQUEST['sql'])) err('No SQL');
|
||||
|
||||
if (!empty($ACCEPTIP))
|
||||
if ($remote != '127.0.0.1' && $remote != $ACCEPTIP)
|
||||
err("Unauthorised client: '$remote'");
|
||||
|
||||
|
||||
$conn = &ADONewConnection($driver);
|
||||
|
||||
if (!$conn->Connect($host,$uid,$pwd,$database)) err($conn->ErrorNo(). $sep . $conn->ErrorMsg());
|
||||
$sql = undomq($_REQUEST['sql']);
|
||||
|
||||
if (isset($_REQUEST['fetch']))
|
||||
$ADODB_FETCH_MODE = $_REQUEST['fetch'];
|
||||
|
||||
if (isset($_REQUEST['nrows'])) {
|
||||
$nrows = $_REQUEST['nrows'];
|
||||
$offset = isset($_REQUEST['offset']) ? $_REQUEST['offset'] : -1;
|
||||
$rs = $conn->SelectLimit($sql,$nrows,$offset);
|
||||
} else
|
||||
$rs = $conn->Execute($sql);
|
||||
if ($rs){
|
||||
//$rs->timeToLive = 1;
|
||||
echo _rs2serialize($rs,$conn,$sql);
|
||||
$rs->Close();
|
||||
} else
|
||||
err($conn->ErrorNo(). $sep .$conn->ErrorMsg());
|
||||
add_to_log(0, 'adodb', 'intrusion attempt', 'lib/adodb/server.php');
|
||||
trigger_error('SECURITY WARNING: intrusion attempt against lib/adodb/server.php from ' . getremoteaddr());
|
||||
error('SECURITY WARNING: logged intrusion attempt against lib/adodb/server.php');
|
||||
|
||||
?>
|
||||
@ -1,65 +1,10 @@
|
||||
<?php
|
||||
error_reporting(E_ALL);
|
||||
ini_set('mssql.datetimeconvert',0);
|
||||
|
||||
function tmssql()
|
||||
{
|
||||
print "<h3>mssql</h3>";
|
||||
$db = mssql_connect('JAGUAR\vsdotnet','adodb','natsoft') or die('No Connection');
|
||||
mssql_select_db('northwind',$db);
|
||||
|
||||
$rs = mssql_query('select getdate() as date',$db);
|
||||
$o = mssql_fetch_row($rs);
|
||||
print_r($o);
|
||||
mssql_free_result($rs);
|
||||
|
||||
print "<p>Delete</p>"; flush();
|
||||
$rs2 = mssql_query('delete from adoxyz',$db);
|
||||
$p = mssql_num_rows($rs2);
|
||||
mssql_free_result($rs2);
|
||||
require_once('../../../config.php');
|
||||
require_once('../../weblib.php');
|
||||
|
||||
}
|
||||
add_to_log(0, 'adodb', 'intrusion attempt', 'lib/adodb/tests/tmssql.php');
|
||||
trigger_error('SECURITY WARNING: intrusion attempt against lib/tests/tmssql.php from ' . getremoteaddr());
|
||||
error('SECURITY WARNING: logged intrusion attempt against lib/adodb/tests/tmssql.php');
|
||||
|
||||
function tpear()
|
||||
{
|
||||
include_once('DB.php');
|
||||
|
||||
print "<h3>PEAR</h3>";
|
||||
$username = 'adodb';
|
||||
$password = 'natsoft';
|
||||
$hostname = 'JAGUAR\vsdotnet';
|
||||
$databasename = 'northwind';
|
||||
|
||||
$dsn = "mssql://$username:$password@$hostname/$databasename";
|
||||
$conn = &DB::connect($dsn);
|
||||
print "date=".$conn->GetOne('select getdate()')."<br>";
|
||||
@$conn->query('create table tester (id integer)');
|
||||
print "<p>Delete</p>"; flush();
|
||||
$rs = $conn->query('delete from tester');
|
||||
print "date=".$conn->GetOne('select getdate()')."<br>";
|
||||
}
|
||||
|
||||
function tadodb()
|
||||
{
|
||||
include_once('../adodb.inc.php');
|
||||
|
||||
print "<h3>ADOdb</h3>";
|
||||
$conn = NewADOConnection('mssql');
|
||||
$conn->Connect('JAGUAR\vsdotnet','adodb','natsoft','northwind');
|
||||
// $conn->debug=1;
|
||||
print "date=".$conn->GetOne('select getdate()')."<br>";
|
||||
$conn->Execute('create table tester (id integer)');
|
||||
print "<p>Delete</p>"; flush();
|
||||
$rs = $conn->Execute('delete from tester');
|
||||
print "date=".$conn->GetOne('select getdate()')."<br>";
|
||||
}
|
||||
?>
|
||||
<a href=tmssql.php?do=tmssql>mssql</a>
|
||||
<a href=tmssql.php?do=tpear>pear</a>
|
||||
<a href=tmssql.php?do=tadodb>adodb</a>
|
||||
<?php
|
||||
if (!empty($_GET['do'])) {
|
||||
$do = $_GET['do'];
|
||||
$do();
|
||||
}
|
||||
?>
|
||||
Loading…
x
Reference in New Issue
Block a user