You are currently browsing the Markus Breitenbach weblog archives for the day August 18, 2006 6:14 pm.
- Advertising (1)
- Artificial Intelligence (AI) (13)
- Classification (3)
- Clustering (1)
- Coding / Programming (8)
- Cryptography (1)
- Data Mining (22)
- Economy / Investing (1)
- ewrt linux (2)
- Fixing Stuff (8)
- Machine Learning (32)
- Math (2)
- Politics (3)
- Predictive Modeling (5)
- Psychology (3)
- Ramblings (26)
- Random (9)
- Security (16)
- Society (13)
- Sociology (4)
- spam (3)
- Statistics (20)
- January 28, 2012 4:56 pm: Will 2012 be the year of Big Data?
- August 14, 2011 10:41 pm: UK plans to exempt data mining from copyright laws
- June 21, 2011 3:26 am: Risk Assessment of Rare Events in adversarial Scenarios
- March 26, 2011 7:57 pm: How Kinect body tracking works and how Machine Learning helped
- March 1, 2011 11:58 am: European Court of Justice ruling (indirectly) on what cannot be used in Insurance Risk Models
- December 11, 2010 8:35 pm: Mining of Massive Datasets
- December 4, 2010 2:28 pm: Ideas on communicating risks and probabilities to the general public
- October 17, 2010 5:48 pm: Birthday Paradox
- August 5, 2010 1:06 am: Elo Scores and Rating Contestants
- July 11, 2010 8:56 pm: GraphLab & Parallel Machine Learning
Blogroll
Uncategorized
Useful Links
- January 2012
- August 2011
- June 2011
- March 2011
- December 2010
- October 2010
- August 2010
- July 2010
- June 2010
- February 2010
- January 2010
- November 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
Archive for August 18, 2006 6:14 pm
Table prefix in PHP Nuke…
August 18, 2006 6:14 pm by Markus.
Ever tried to install some PHP app for your website? Especially the ones that come with a sql-schema file that you need to run through MySQL? What I wonder about is that many of these applications - PHPNuke for example - support prefixing table names. Having non-standard table names can be helpful in making SQL-injection attacks more difficult. Not impossible, mind you, it just adds another layer of obscurity - but of the shelf script-kiddie exploits won’t work anymore. And yet editing such a schema file is a pain for administrators. Which explains why people rarely do it…
Anyway… Here’s my perl one-liner for changing the schema files table names prefix for PHP Nuke:
perl -i -pe ’s/(TABLE|INTO) (nuke_)/$1 qqq$2/g’ nuke.sql
This will change the default prefix “nuke” to “qqqnuke” in the schema file. Then you change the prefix in the config.php file accordingly (change $prefix and $user_prefix). Done…
Posted in Security | Print | No Comments »