Advisory: PHP-Nuke UNION SQL Injections
Date: Tuesday, April 27 @ 14:01:24 CEST
Topic: Bug Fixes


The Nuke Cops Beta 3 release of Union Tap has so far been tested by PHP-Nuke Admins with great success. This code patches all SQL Injections based on "UNION" that are delivered via a URL Query String. If you are running MySQL 4 or higher, this code is a must to protect your precious portal investment. It resides here and is about to go gold. Why does this patch matter so much from all the rest?

Using the magic of simple regular expressions (regex), it catches any instance of the word "Union" no matter its case-sensitive appeal in both plaintext and Base64. Union Tap is not just the first patch to catch Base64 Union Injection attempts, but its also the first in decoding raw URLs catching percentage code.

False positives are all but eliminated. Security is about adding the best layered protection possible, well if you must run Mysql 4, Union Tap provides that extra deep security that is needed.

Union Tap also takes another step beyond traditional security patches. It takes into account the possibility that your site uses REGISTER_GLOBALS. If your portal uses this PHP Setting, Union Tap protects you from possible variable injections.

This leaves us with a multi-faceted injection stopped patch: Union Tap.

Here is the code:

//Union Tap
//Copyright Zhen-Xjell 2004 http://nukecops.com
//Beta 3 Code to prevent UNION SQL Injections
unset($matches);
unset($loc);
if (preg_match("/([OdWo5NIbpuU4V2iJT0n]{5}) /", rawurldecode($loc=$_SERVER["QUERY_STRING"]), $matches)) {
die("YOU ARE SLAPPED BY <a href=\"http://nukecops.com\">NUKECOPS</a> BY USING '$matches[1]' INSIDE '$loc'.");
}






This article comes from NukeCops
http://www.nukecops.com

The URL for this story is:
http://www.nukecops.com/modules.php?name=News&file=article&sid=2004