Inspirations, captions, ideas and notes.

I came across this sometime ago, but complete forgot about it. If you are looking for ways to trap malicious codes in your cfm sites, have a look at this:


Function isHackAttempt(MaliciousCode) {
//Set the Regular Expression used and any local vars
Var strRegex = "(%)|(-- )|(' )|(script)|()|(%3c)|(%3e)|(script)|(SELECT)|(UPDATE) |(INSERT) |(DELETE) |(DROP)|(GRANT) |(REVOKE)|(UNION)|(<)|(>)";
Var blnCodeDetection = False;

//If argument is a Structure loop through it
If (IsStruct(MaliciousCode)) {
For (Field in MaliciousCode) {
If (REFindNoCase(strRegex, MaliciousCode[Field])) {
blnCodeDetection = True; //Malicious code was found, set flag var
}
}//If argument is an Array loop through it
} Else If (IsArray(MaliciousCode)) {
For (x = 1; x LTE ArrayLen(MaliciousCode); x = x + 1) {
If (REFindNoCase(strRegex, MaliciousCode[x])) {
blnCodeDetection = True; //Malicious code was found, set flag var
}
}//If none of the above its an individual variable
} Else {
If (REFindNoCase(strRegex, MaliciousCode[Field])) {
blnCodeDetection = True; //Malicious code was found, set flag var
}
}
Return blnCodeDetection; //Return the boolean result
}


Then all you need to do is figure out what you want to do with the errors that have been trapped – e.g. if isHackAttempt is true, display an error message.

Place the above code in your application.cfm and customise according to your specific needs.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: