MySQL DB is hackable?

George_Loungos · May 7, 2020, 6:19am

I try to capture packets in my app with this program but when i run it my app returns connection failed and it doesn’t return anything. If i close the program then my app works again and receive data. Did you do something diffirent?

Harsh_Rajput · May 7, 2020, 6:26am

Is it your phone rooted?
If not you have to install parallel space from http canary app.
Go to settings in side menu and download from this app.
You have to use parallel space and add parallel space in this app and then u able to capture packets.

George_Loungos · May 7, 2020, 7:05am

I install parallel space 64bit and my app returns me an error message that i setup if the response Code isn’t 200 but still not getting any data in HttpCanary.

ShaikhSajidAli · May 7, 2020, 7:27am

HttpCanary is rest api debugger app same as postman for web.
You url is exposed somewhere so anyone can post data via this

juananton1991 · May 7, 2020, 8:19am

Hi @ShaikhSajidAli,

this is an interesting discussion.

I do not know if it would work better to put the MySQL codes in php files on your hosting, as I indicate on this website:

and also encrypt the data, for example with this extension:

Harsh_Rajput · May 7, 2020, 9:28am

Hi @ShaikhSajidAli
So i had just read lots of documentation about this.
I didn’t get any clue . So how to protect url.

dhinchakblog · May 7, 2020, 11:13am

i have same problem . People using script to hack database in my people add money via referral code

Harsh_Rajput · May 7, 2020, 11:17am

Same with my case. I don’t know what should do we now?

Mika · May 7, 2020, 11:18am

Use Firebase. And use the secure google login.

dhinchakblog · May 7, 2020, 11:21am

But firebase not have data structure like MySQL and its more cheaper than firebase

Zia_Choudhary · May 7, 2020, 11:34am

furthermore we cannot run queries in firebase . can we?
But if @Kodular adds firebase firestore component then it would be possible…

ShaikhSajidAli · May 7, 2020, 11:57am

Well for me as i developing for my project i make api for mysql using jwt and slim or node.js it prevents sql injection and other attacks

dhinchakblog · May 7, 2020, 12:04pm

Would you like share some tips or tutorial. i am beginner and kodular help me lots learn how to develop app without coding

Zia_Choudhary · May 7, 2020, 12:13pm

Thats nice but if we not allow the user to run any query by his own and everything is highly programmed in kodular even then he can hack???

ShaikhSajidAli · May 7, 2020, 12:59pm

I didn’t believe on this all thing depends on your logic not kodular

George_Loungos · May 7, 2020, 1:08pm

Did you try with rooted phone or with non-rooted. I was able to sniff only with my rooted tablet.

Harsh_Rajput · May 7, 2020, 1:15pm

I was also tried in rooted phone

George_Loungos · May 7, 2020, 1:16pm

So with non-rooted phone?

Harsh_Rajput · May 7, 2020, 1:21pm

I had try but not successful.

George_Loungos · May 7, 2020, 1:28pm

So the problem is the users with rooted phones. You can use Device Utilities and forbid these users to open your app. If they can’t open your app and run the queries they will not get any response back.