StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POWebsite Link Injection
primarykey
Id
2166340
data
AcceptedAnswerId
0
AnswerCount
4
ClosedDate
CommentCount
2
CommunityOwnedDate
CreationDate
2010-01-30T00:56:00.323
FavoriteCount
0
LastActivityDate
2010-05-11T11:01:07.567
LastEditDate
2010-05-11T11:01:07.567
LastEditorUserId
1
OwnerUserId
255217
ParentId
0
PostTypeId
1
Score
2
ViewCount
1514
LastEditorDisplayName
text
Body
<p>I have a website that is fairly static. It has some forms on it to send in contact information, mailing list submissions, etc. Perhaps hours/days after an upload to the site I found that the main index page had new code in it that I had not placed there that contained a hidden bunch of links in a invisible div.</p> <p>I have the following code the handles the variables sent in from the form.</p> <pre><code><?php // PHP Mail Order to email@email.com w/ some error detection. $jamemail = "email@email.com"; function check_input($data, $problem='') { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); if ($problem && strlen($data) == 0) { die($problem); } return $data; } $email = check_input($_POST['email'], "Please input email address."); $name = check_input($_POST['name'], "Please input name."); mail($jamemail, "Mailing List Submission", "Name: " . $name . " Email: " .$email); header('Location: index.php'); ?> </code></pre> <p>I have the following code within the index page to present the form with some Javascript to do error detection on the content of the submission prior to submission.</p> <pre><code> <form action="sendlist.php" method="post" onSubmit="return checkmaill(this);"> <label for="name"><strong>Name: </strong></label> <input type="text" name="name"/><br /> <label for="email"><strong>Email: </strong></label> <input type="text" name="email"/><br /> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="submit" value="Subscribe" style="width: 100px;"/> </form> </code></pre> <p>At the end of the day, the source code where the injected hyperlinks is as follows:</p> <pre><code></body> </html><font style="position: absolute;overflow: hidden;height: 0;width: 0"> xeex172901 <a href=http://menorca.caeb.com/od9c2/xjdmy/onondaga.php>onondaga</a> <a href=http://menorca.caeb.com/od9c2/xjdmy/tami.php>tami</a> <a href=http://menorca.caeb.com/od9c2/xjdmy/shotguns.php>shotguns</a> <a href=http://menorca.caeb.com/od9c2/xjdmy/weir.php>weir</a> <a href=http://menorca.caeb.com/od9c2/xjdmy/copperhead.php>copperhead</a> <a href=http://menorca.caeb.com/od9c2/xjdmy/mpv.php>mpv</a> <a href=http://menorca.caeb.com/od9c2/xjdmy/brunei.php>brunei</a> <a href=http://menorca.caeb.com/od9c2/xjdmy/doreen.php>doreen</a> </code></pre>
Tags
<php><scripting><email><hyperlink><code-injection>
Title
Website Link Injection
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USJeff Atwood
UserOwnerUserId
1. USRyan B
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
  singulars
  PostTypePostTypeId
  PTAnswer
2. PO
  singulars
  PostTypePostTypeId
  PTAnswer
3. PO
  singulars
  PostTypePostTypeId
  PTAnswer
VotesPostIdCreationDate
1. VO
  singulars
  PostPostId
  POWebsite Link Injection
  UserUserId
  This table or related slice is empty.
  VoteTypeVoteTypeId
  VTUpMod
2. VO
  singulars
  PostPostId
  POWebsite Link Injection
  UserUserId
  This table or related slice is empty.
  VoteTypeVoteTypeId
  VTUpMod
CommentsPostId
1. COI don't think anything in that PHP script has the ability to write to file - are you sure that your server is secure? (no security holes).
  singulars
  PostPostId
  POWebsite Link Injection
  UserUserId
  USrobbo
2. COWell, I don't run the server myself as we run the website on a hosting package provided by Hasweb. If it keeps happening I'll have to send in a ticket for help to see if the server has issues.
  singulars
  PostPostId
  POWebsite Link Injection
  UserUserId
  USRyan B

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.