dopetalk does not endorse any advertised product nor does it accept any liability for it's use or misuse

This website has run out of funding so feel free to contribute if you can afford it (see footer)

Author Topic: We Need Some php + SQL Code Written  (Read 6135 times)

Offline Chip (OP)

  • Server Admin
  • Hero Member
  • *****
  • Administrator
  • *****
  • Join Date: Dec 2014
  • Location: Australia
  • Posts: 6648
  • Reputation Power: 0
  • Chip has hidden their reputation power
  • Gender: Male
  • Last Login:Yesterday at 05:53:23 PM
  • Deeply Confused Learner
  • Profession: IT Engineer
We Need Some php + SQL Code Written
« on: August 24, 2015, 07:00:41 PM »
any competent software developers out there in junkie-land ?
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
Our Discord Server invitation link is https://discord.gg/jB2qmRrxyD

Offline Chip (OP)

  • Server Admin
  • Hero Member
  • *****
  • Administrator
  • *****
  • Join Date: Dec 2014
  • Location: Australia
  • Posts: 6648
  • Reputation Power: 0
  • Chip has hidden their reputation power
  • Gender: Male
  • Last Login:Yesterday at 05:53:23 PM
  • Deeply Confused Learner
  • Profession: IT Engineer
Re: We Need Some php + SQL Code Written
« Reply #1 on: August 24, 2015, 08:46:58 PM »
from most recent to oldest

Chipper: ... with the members names too, of course
40mgtofreedom: im good at modifying code, piping things, using the tools
Chipper: 40, i need to list and out sort all IP's first, that should be heaps of help, right ?
40mgtofreedom: you're a better programmer than i
40mgtofreedom: dude i just copped 20 1mg Klonopins and 840mg of methadone
40mgtofreedom: its weird this scrolls upwards lol
40mgtofreedom: of course i would never damage or change a thing
40mgtofreedom: btw would you like me to keep looking for security holes?
Chipper: 40, i wrote a PM and VM dumper in php and that's my anti-solicitation weapon (not to mention the same DB on MY intranet's unsecured TEST system)
40mgtofreedom: or get the ip address and get the first 11 chars (9 numbers and 2 periods i.e. 100.100.100) and see if thats equal to the other class C subnet then tell if the last octets are changing, but really ppl have static ips or semi static these days
Chipper: 40, it's going to be a combination of php and scripting, i reckon - i just have to pipe the output of my php sql query into "sed" or something
40mgtofreedom: but theres tor exit nodes, a million vpns, proxies which are pretty much worthless (proxies these days)
40mgtofreedom: im sure theres a blacklist back there somewhere right? first of all get a copy of like kasperspys bad ip/spam ranges, maybe one from malware bytes and just ban the fuck out of those ranges, if someone is banned give them a gateway to email a mod to analyze them on case by case basis
40mgtofreedom: but bash to php???? lol not so good
40mgtofreedom: i can do i in bash
40mgtofreedom: but writing it from scratch....
40mgtofreedom: as far as php, find a script that does it and i can tell you whether or not its secure code and modify it
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
Our Discord Server invitation link is https://discord.gg/jB2qmRrxyD

Offline 40mgtofreedom

  • Jr. Member
  • **
  • Join Date: Aug 2015
  • Location:
  • Posts: 78
  • Reputation Power: 4
  • 40mgtofreedom is new on the scene.
  • Last Login:January 11, 2017, 07:52:53 AM
  • /home/stackhammer
Re: We Need Some php + SQL Code Written
« Reply #2 on: August 24, 2015, 08:51:35 PM »
ok so the ip in question is assigned a variable and then compared against a sorted blacklist.... if it falls in the end or beginning you can even run the sort backwards or forwards

dude what kind of firewall are you running, are all these things running on one box>?? i really need more info like setup, whats running what, how you get ips, etc..
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions

Offline 40mgtofreedom

  • Jr. Member
  • **
  • Join Date: Aug 2015
  • Location:
  • Posts: 78
  • Reputation Power: 4
  • 40mgtofreedom is new on the scene.
  • Last Login:January 11, 2017, 07:52:53 AM
  • /home/stackhammer
Re: We Need Some php + SQL Code Written
« Reply #3 on: August 24, 2015, 08:54:13 PM »
you could put pfsense on literally any computer 486 and up and let it be the firewall in front of the webserver, are you running apache???

pfsense has amazing rules, and its intelligent, like what you're talking about writing is pretty much written in there, you just gotta guide and tweak what youre looking for
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions

Offline 40mgtofreedom

  • Jr. Member
  • **
  • Join Date: Aug 2015
  • Location:
  • Posts: 78
  • Reputation Power: 4
  • 40mgtofreedom is new on the scene.
  • Last Login:January 11, 2017, 07:52:53 AM
  • /home/stackhammer
Re: We Need Some php + SQL Code Written
« Reply #4 on: August 24, 2015, 08:56:41 PM »
can you draw me a diagram like in mspaint or gimp or something that just shows basic layout of machines and whats running on them, wiring diagram so i can get a picture of how the traffic is flowing
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions

Offline 40mgtofreedom

  • Jr. Member
  • **
  • Join Date: Aug 2015
  • Location:
  • Posts: 78
  • Reputation Power: 4
  • 40mgtofreedom is new on the scene.
  • Last Login:January 11, 2017, 07:52:53 AM
  • /home/stackhammer
Re: We Need Some php + SQL Code Written
« Reply #5 on: August 24, 2015, 08:59:07 PM »
also on the list sorting with php you can always use the endswith() and startswith() especially for the ends with
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions

Offline Chip (OP)

  • Server Admin
  • Hero Member
  • *****
  • Administrator
  • *****
  • Join Date: Dec 2014
  • Location: Australia
  • Posts: 6648
  • Reputation Power: 0
  • Chip has hidden their reputation power
  • Gender: Male
  • Last Login:Yesterday at 05:53:23 PM
  • Deeply Confused Learner
  • Profession: IT Engineer
Re: We Need Some php + SQL Code Written
« Reply #6 on: August 24, 2015, 09:01:09 PM »
it's packed with utilities, lots of scripts i wrote to help me, monitoring tools and performance monitors, network monitors etc.. it's got everything almost i could throw at it - do you want ?:

[root@forum SQL]# chkconfig --list
amavisd         0:off   1:off   2:off   3:off   4:off   5:off   6:off
auditd          0:off   1:off   2:on    3:on    4:on    5:on    6:off
blk-availability        0:off   1:on    2:on    3:on    4:on    5:on    6:off
cgconfig        0:off   1:off   2:off   3:off   4:off   5:off   6:off
cgred           0:off   1:off   2:off   3:off   4:off   5:off   6:off
clamd           0:off   1:off   2:off   3:off   4:off   5:off   6:off
clamd.amavisd   0:off   1:off   2:off   3:off   4:off   5:off   6:off
crond           0:off   1:off   2:on    3:on    4:on    5:on    6:off
cups            0:off   1:off   2:on    3:on    4:on    5:on    6:off
dovecot         0:off   1:off   2:on    3:on    4:off   5:on    6:off
fail2ban        0:off   1:off   2:off   3:on    4:on    5:on    6:off
htcacheclean    0:off   1:off   2:off   3:off   4:off   5:off   6:off
httpd           0:off   1:off   2:on    3:on    4:off   5:on    6:off
icinga          0:off   1:off   2:on    3:on    4:on    5:on    6:off
ip6tables       0:off   1:off   2:on    3:on    4:on    5:on    6:off
ipset           0:off   1:off   2:on    3:on    4:on    5:on    6:off
iptables        0:off   1:off   2:on    3:on    4:on    5:on    6:off
iscsi           0:off   1:off   2:off   3:on    4:on    5:on    6:off
iscsid          0:off   1:off   2:off   3:on    4:on    5:on    6:off
lvm2-monitor    0:off   1:on    2:on    3:on    4:on    5:on    6:off
mailman         0:off   1:off   2:on    3:on    4:off   5:on    6:off
mdmonitor       0:off   1:off   2:on    3:on    4:on    5:on    6:off
messagebus      0:off   1:off   2:on    3:on    4:on    5:on    6:off
multipathd      0:off   1:off   2:off   3:off   4:off   5:off   6:off
mysqld          0:off   1:off   2:on    3:on    4:off   5:on    6:off
named           0:off   1:off   2:off   3:off   4:off   5:off   6:off
netconsole      0:off   1:off   2:off   3:off   4:off   5:off   6:off
netfs           0:off   1:off   2:off   3:on    4:on    5:on    6:off
network         0:off   1:off   2:on    3:on    4:on    5:on    6:off
nmb             0:off   1:off   2:off   3:off   4:off   5:off   6:off
ntop            0:off   1:off   2:off   3:off   4:off   5:off   6:off
ntpd            0:off   1:off   2:off   3:off   4:off   5:off   6:off
ntpdate         0:off   1:off   2:off   3:off   4:off   5:off   6:off
portreserve     0:off   1:off   2:on    3:on    4:on    5:on    6:off
postfix         0:off   1:off   2:on    3:on    4:on    5:on    6:off
postgresql-9.2  0:off   1:off   2:off   3:off   4:off   5:off   6:off
postgresql-9.3  0:off   1:off   2:on    3:on    4:on    5:on    6:off
pure-ftpd       0:off   1:off   2:on    3:on    4:off   5:on    6:off
rdisc           0:off   1:off   2:off   3:off   4:off   5:off   6:off
restorecond     0:off   1:off   2:off   3:off   4:off   5:off   6:off
rsyslog         0:off   1:off   2:on    3:on    4:on    5:on    6:off
saslauthd       0:off   1:off   2:on    3:on    4:on    5:on    6:off
smb             0:off   1:off   2:on    3:on    4:on    5:on    6:off
snmpd           0:off   1:off   2:off   3:off   4:off   5:off   6:off
snmptrapd       0:off   1:off   2:off   3:off   4:off   5:off   6:off
spamassassin    0:off   1:off   2:off   3:off   4:off   5:off   6:off
sshd            0:off   1:off   2:on    3:on    4:on    5:on    6:off
svnserve        0:off   1:off   2:off   3:off   4:off   5:off   6:off
udev-post       0:off   1:on    2:on    3:on    4:on    5:on    6:off
webmin          0:off   1:off   2:on    3:on    4:on    5:on    6:off
winbind         0:off   1:off   2:off   3:off   4:off   5:off   6:off
xinetd          0:off   1:off   2:off   3:on    4:on    5:on    6:off
zabbix-agent    0:off   1:off   2:off   3:off   4:off   5:off   6:off
zabbix-java-gateway     0:off   1:off   2:off   3:off   4:off   5:off   6:off
zabbix-server   0:off   1:off   2:off   3:off   4:off   5:off   6:off

i have some manual starts too.

the classic LAMP base.

... later, i config'ed and autostart service spamassassin start
« Last Edit: August 24, 2015, 09:35:19 PM by Chipper »
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
Our Discord Server invitation link is https://discord.gg/jB2qmRrxyD

Offline Chip (OP)

  • Server Admin
  • Hero Member
  • *****
  • Administrator
  • *****
  • Join Date: Dec 2014
  • Location: Australia
  • Posts: 6648
  • Reputation Power: 0
  • Chip has hidden their reputation power
  • Gender: Male
  • Last Login:Yesterday at 05:53:23 PM
  • Deeply Confused Learner
  • Profession: IT Engineer
Re: We Need Some php + SQL Code Written
« Reply #7 on: August 24, 2015, 09:01:58 PM »
also on the list sorting with php you can always use the endswith() and startswith() especially for the ends with

i was thinking the SQL sort ...
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
Our Discord Server invitation link is https://discord.gg/jB2qmRrxyD

Offline Chip (OP)

  • Server Admin
  • Hero Member
  • *****
  • Administrator
  • *****
  • Join Date: Dec 2014
  • Location: Australia
  • Posts: 6648
  • Reputation Power: 0
  • Chip has hidden their reputation power
  • Gender: Male
  • Last Login:Yesterday at 05:53:23 PM
  • Deeply Confused Learner
  • Profession: IT Engineer
Re: We Need Some php + SQL Code Written
« Reply #8 on: August 24, 2015, 09:02:41 PM »
let me have a poke around. i'm an IBM guy so all this is still quite new to me.
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
Our Discord Server invitation link is https://discord.gg/jB2qmRrxyD

Offline shirobug

  • Regular
  • *
  • Join Date: Aug 2015
  • Location:
  • Posts: 43
  • Reputation Power: 7
  • shirobug is new on the scene.
  • Last Login:June 05, 2017, 11:36:28 PM
  • Welcome to our community forum ...
Re: We Need Some php + SQL Code Written
« Reply #9 on: August 28, 2015, 03:36:59 AM »
It's not entirely clear to me what you're looking for, but I know PHP and SQL so could probably lend a hand.

I saw some mention of trying to match a single IP address with a CIDR block.  That's pretty easy to do, see StackOverflow here:

http://stackoverflow.com/questions/594112/matching-an-ip-to-a-cidr-mask-in-php5

Also, if you are talking about blocking bad IP's, you could do all that the operating system level with iptables:

iptables -I INPUT -i eth0 -s 1.2.3.4 -j DROP
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions

Offline Opus

  • Tech
  • Sr. Member
  • *
  • SA_Chat+
  • **
  • Join Date: Aug 2015
  • Location: long windy bumpy ass road
  • Posts: 542
  • Reputation Power: 31
  • Opus is working their way up.Opus is working their way up.Opus is working their way up.
  • Last Login:May 06, 2018, 01:21:20 AM
  • 110, 100, 90, 80, 76, 70, 64, 60, 58
Re: We Need Some php + SQL Code Written
« Reply #10 on: August 28, 2015, 04:16:42 AM »
webmin??

wow..

Chipper, brother, you gotta be careful about what you post openly, that's just simply too much information.. Plz be careful, not everyone has as big of a heart as you..

added: why run postgres when already running mysql?
« Last Edit: August 28, 2015, 04:20:23 AM by Opus »
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No artist tolerates reality -- Freidrich Neitzsche

The word "republican" comes in the dictionary right after "reptile" and just before "repugnant." -- Julia Roberts

It is no measure of health to be well adjusted to a profoundly sick society -- Krishnamurti

Offline Chip (OP)

  • Server Admin
  • Hero Member
  • *****
  • Administrator
  • *****
  • Join Date: Dec 2014
  • Location: Australia
  • Posts: 6648
  • Reputation Power: 0
  • Chip has hidden their reputation power
  • Gender: Male
  • Last Login:Yesterday at 05:53:23 PM
  • Deeply Confused Learner
  • Profession: IT Engineer
Re: We Need Some php + SQL Code Written
« Reply #11 on: August 28, 2015, 08:25:23 AM »
it was part of the audit tool you mentioned to me.

i forget it's name now.

i am aware of it but decided to keep it.

i like webmin - it's handy for mail but i do understand the dangers.

yeah, i'm a trusting guy, too much so.
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
Our Discord Server invitation link is https://discord.gg/jB2qmRrxyD

Offline Opus

  • Tech
  • Sr. Member
  • *
  • SA_Chat+
  • **
  • Join Date: Aug 2015
  • Location: long windy bumpy ass road
  • Posts: 542
  • Reputation Power: 31
  • Opus is working their way up.Opus is working their way up.Opus is working their way up.
  • Last Login:May 06, 2018, 01:21:20 AM
  • 110, 100, 90, 80, 76, 70, 64, 60, 58
Re: We Need Some php + SQL Code Written
« Reply #12 on: August 28, 2015, 08:50:25 AM »
Server auditing should be done from a separate box.

What if the server had already been rooted? You likely wouldn't be able to trust *anything* the kernel told you in the first place, an audit might be completely worthless.

There are tools out there for finding rootkits on a local machine, but really it's best to run a minimum of software & services (especially stuff like databases) on any production server, for both security and performance reasons. I'd recommend finding a cheap used laptop to dedicate for admin/auditing purposes..

friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No artist tolerates reality -- Freidrich Neitzsche

The word "republican" comes in the dictionary right after "reptile" and just before "repugnant." -- Julia Roberts

It is no measure of health to be well adjusted to a profoundly sick society -- Krishnamurti

Offline Chip (OP)

  • Server Admin
  • Hero Member
  • *****
  • Administrator
  • *****
  • Join Date: Dec 2014
  • Location: Australia
  • Posts: 6648
  • Reputation Power: 0
  • Chip has hidden their reputation power
  • Gender: Male
  • Last Login:Yesterday at 05:53:23 PM
  • Deeply Confused Learner
  • Profession: IT Engineer
Re: We Need Some php + SQL Code Written
« Reply #13 on: August 28, 2015, 09:08:26 AM »
now you tell me ! (Doh!).

i have installed RKHunter and so far, so good.

i got carried away and installed all sorts of crap. too late now, i guess.
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
Our Discord Server invitation link is https://discord.gg/jB2qmRrxyD

Offline Opus

  • Tech
  • Sr. Member
  • *
  • SA_Chat+
  • **
  • Join Date: Aug 2015
  • Location: long windy bumpy ass road
  • Posts: 542
  • Reputation Power: 31
  • Opus is working their way up.Opus is working their way up.Opus is working their way up.
  • Last Login:May 06, 2018, 01:21:20 AM
  • 110, 100, 90, 80, 76, 70, 64, 60, 58
Re: We Need Some php + SQL Code Written
« Reply #14 on: August 28, 2015, 09:11:48 AM »
Nah, not too late at all. Just shutdown/remove the shit you don't need and find a cheap box to dedicate for admin tasks..

You're doing fine buddy.
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No artist tolerates reality -- Freidrich Neitzsche

The word "republican" comes in the dictionary right after "reptile" and just before "repugnant." -- Julia Roberts

It is no measure of health to be well adjusted to a profoundly sick society -- Krishnamurti

Tags:
 

Related Topics

  Subject / Started by Replies Last post
3 Replies
158 Views
Last post March 09, 2015, 03:57:56 PM
by Chip
3 Replies
9872 Views
Last post July 21, 2015, 03:53:45 AM
by candy
11 Replies
11599 Views
Last post September 29, 2015, 09:11:31 PM
by St. Theresa
7 Replies
10267 Views
Last post November 09, 2015, 01:37:57 PM
by Chip
0 Replies
762 Views
Last post January 18, 2016, 12:04:31 PM
by Z
7 Replies
8226 Views
Last post October 28, 2016, 11:40:39 PM
by Dopeless Hopefiend
26 Replies
22071 Views
Last post August 09, 2018, 04:13:16 AM
by bignasty
11 Replies
11175 Views
Last post January 10, 2017, 10:34:33 AM
by Lolleedee
13 Replies
13974 Views
Last post December 25, 2016, 04:21:53 PM
by dysmorphic
9 Replies
11175 Views
Last post January 11, 2020, 07:47:40 PM
by Hooman


dopetalk does not endorse any advertised product nor does it accept any liability for it's use or misuse





TERMS AND CONDITIONS

In no event will d&u or any person involved in creating, producing, or distributing site information be liable for any direct, indirect, incidental, punitive, special or consequential damages arising out of the use of or inability to use d&u. You agree to indemnify and hold harmless d&u, its domain founders, sponsors, maintainers, server administrators, volunteers and contributors from and against all liability, claims, damages, costs and expenses, including legal fees, that arise directly or indirectly from the use of any part of the d&u site.


TO USE THIS WEBSITE YOU MUST AGREE TO THE TERMS AND CONDITIONS ABOVE


Founded December 2014
SimplePortal 2.3.6 © 2008-2014, SimplePortal