Login or Register  • Home • Downloads • Your Account • Forums •

Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in I want information about: fopen View next topic View previous topic   Web RavenPHPScripts (This Site)      Ravens PHP Scripts And Web Hosting Forum Index » Security - PHP Nuke Author Message MissVicky New Member Joined: Mar 23, 2004 Posts: 21 Posted: Mon Mar 29, 2004 2:48 pm Although it was not any of my php nuke sites; my web hosts did have a hacker a few weeks ago that attempted to rewrite all index pages of their web clientes. According to them; it was a php nuke site fopen function that caused the vulnerability. They stated: ------------------------------------------------------------------- " The version of PHP-Nuke that was compromised used a function called fopen. That function allows people to open up a file from a remote server as if it were local and execute it. When the entire data stream is controlled there should be no problem. The problem is when user input is trust as valid for the fopen call. In that case it allows anyone who accesses the site to tell it to execute code from anywhere on the internet. Earlier versions of PHP-Nuke are notorious for not verifying user input before passing it on to the fopen call. I'm not sure if later versions have fixed those problems however given that most people rarely upgrade their software to newer versions with security fixes even if later versions do have the fix any install which isn't running the latest code is vulnerable. " -------------------------------------------------------------------------------- I would like to know if the newer versions are open to this vulnerability and if so; where and how to prevent it. As you can see; I have no knowledge on this specific content but security is a big issue with me and I want to learn! Thank you for any input on the fopen that you can provide. Miss Vicky Raven Site Admin/Owner Joined: Aug 27, 2002 Posts: 16986 Location: Kansas Posted: Mon Mar 29, 2004 3:00 pm It has nothing to do with nuke [only], per se. fopen() Only registered users can see links on this board! Get registered or login to the forums! is a common function in php. Now it is true that badly coded data input may have been compromized that allowed fopen() access to a file that normally it would not have. This may have been an addon or something but I have never heard of an exploit for fopen in nuke. Last edited by Raven on Mon Mar 29, 2004 3:02 pm; edited 1 time in total Raven Site Admin/Owner Joined: Aug 27, 2002 Posts: 16986 Location: Kansas Posted: Mon Mar 29, 2004 3:02 pm Ask your provider to send along the compromized and I will be happy to look into it. Send it by PM though sixonetonoffun Spouse Contemplates Divorce Joined: Jan 02, 2003 Posts: 2499 Posted: Tue Mar 30, 2004 8:52 am Here is basic exploit info that helps understanding the validation issue in plain english. Only registered users can see links on this board! Get registered or login to the forums! Raven Site Admin/Owner Joined: Aug 27, 2002 Posts: 16986 Location: Kansas Posted: Tue Mar 30, 2004 9:07 am Exactly - input not validated. Thanks Six for the link. MissVicky, please try to get more info from your provider as I requested. As I said I am not aware of any recent versions of Nuke having this "feature". MissVicky New Member Joined: Mar 23, 2004 Posts: 21 Posted: Tue Mar 30, 2004 11:08 am I sent the request over to them yesterday, Raven and will stay on top of it as well. Thank you again and thank you to Six too! Miss Vicky pdoobepd Worker Joined: May 07, 2005 Posts: 129 Posted: Mon Jan 09, 2006 4:41 pm I would also like more info. on this. I was told that I need to change coding from FOPEN=On to FOPEN=Off but no where in my mainfile.php does it state FOPEN=On. Which leaves me wondering was this fixed in prior patches to 7.6 patch 3.1 already or does it even apply to the above version??? Ging... evaders99 Former Moderator in Good Standing Joined: Apr 30, 2004 Posts: 3221 Posted: Mon Jan 09, 2006 5:08 pm That sounds like a PHP configuration, nothing that you can do with phpNuke specifically. But try .htaccess if your host allows it pdoobepd Worker Joined: May 07, 2005 Posts: 129 Posted: Tue Jan 10, 2006 10:04 am I did contact my webhost about the above...However due to the fact they would have to take every site down while the edit is done they are reluctant to do so. I find this rather amusing that they would say the above which is as near to a quote as I can get, and they don't allow access to the files needed for edits due to security reasons...hmmm I just gave them a heads up on a Security Hole and they say they are reluctant to take things down for the time it would take to fix a leak that could result in many sites being taken down by an outsider... Someone Give me a Big stick djmaze Subject Matter Expert Joined: May 15, 2004 Posts: 689 Location: http://tinyurl.com/5z8dmv Posted: Wed Jan 11, 2006 10:05 pm Nonsense. Does your host know what he's doing ? 1. Open php.ini and set Code: allow_url_fopen = Off 2. service apache restart done. That would reduce their "99.9% uptime" to "99.89999%" update if you ask me. P.S. If i was your host you would stay 99.9% cos i don't have to reboot anything when i set that up Display posts from previous:   All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year  Oldest FirstNewest First        Ravens PHP Scripts And Web Hosting Forum Index » Security - PHP Nuke  Jump to:  Select a forum Read Me First!!!----------------Board Rules and Regulations Web Hosting Services----------------RWH GeneralRWH Pre Sale QuestionsRWH Client Center Application OnlyRWH OtherFAQ - PHP5 w/phpSuExec Conversion From PHP4PHP5 Conversion Issues From PHP4 RavenNuke(tm) Programming Standards/Approaches/Philosophy----------------RavenNuke / Raven CMS CMS WikiSecurity IssuesConverting/Creating BlocksConverting/Creating ModulesConverting/Creating ThemesConverting/Creating OtherConverting/Creating General DiscussionCertification - Submit Scripts For RavenNuke(tm) CertificationCertification - Modules, Blocks, Other Scripts/Applications Converted For RavenNuke(tm)Certification - All Discussion RavenNuke(tm) v2.5x----------------RavenNuke(tm) v2.5x RavenNuke(tm) v2.4x----------------v2.4 RN Announcementsv2.4 RN Documentationv2.4 RN Issues RavenNuke(tm) v2.3x----------------v2.3 RN Announcementsv2.3 RN Quick Fixesv2.3 RN Issuesv2.3 RN Documentationv2.3 RN Feedback/Suggestionsv2.30.01 RN Security Issuesv2.30.01 RN New Installation Issuesv2.30.01 RN Upgrade Issuesv2.30.01 RN All Other Issues RavenNuke(tm) v2.2x----------------RN v2.20.00 - AnnouncementsRN v2.20.00 - All IssuesRN v2.20.00 - Feedback RavenNuke(tm) Addons----------------FCKeditor/WYSIWYG IssuesnukeFeed/FeedCreatorForum Attachment ModnukeSEOShortLinks/TegoNukeNukePie/SimplePieeCommerce Site Specific Stuff----------------READ ME FIRSTAnnouncementsRaven's v7.0 Customized DistroHack Attempt ScriptRaven's Customized Distribution PacksBUGS/FIXES - Raven's v7.3 Customized DistroCache Lite Admin ModuleNuke Tool Box (TM)Captcha SecurityRaven's RavenNuke(tm) v1.x DistroRaven's RavenNuke(tm) v2.00.00 - v2.02.00 DistroWYSIWYG - Raven's RavenNuke(tm) v2.x DistroRaven's Collapsing Forums BlockGT - Raven's RavenNuke(tm) v2.x DistroRaven's RavenNuke(tm) v2.02.02 DistroPost Fixes - Raven's RavenNuke(tm) v2.02.02 DistroPublic Testing of RavenNuke(tm) v2.10.00HtAccesserIssues/Problems With This Site Security----------------NukeSentinel(tm) Country and IP2Country UpdatesSecurity - PHP NukeSecurity - OtherNukeSentinel(tm) v2.6.xNukeSentinel(tm) v2.5.xNukeSentinel(tm) v2.4.xNukeSentinel(tm)NukeSentinel(tm) Bug ReportsNukeSentinel(tm) Enhancement RequestsNukeSentinel(tm) AnnouncementsPHP-Nuke Patched Series By Chatserv Information About Forums----------------PHPBBBB2NukePunBB PHP-Portal Project (Not General phpnuke!)----------------AnnouncementsDesign Discussions Scripts - General----------------Bug FixesGeneral/Other StuffHow To'sInstallation HelpPost Installation HelpGT - Next Gen and StandardSeeking applications ...ThemesBlocksModulesMaking Nuke Efficientphpnuke 8.1phpnuke 8.0phpnuke 7.9phpnuke 7.8phpnuke 7.7phpnuke 7.6phpnuke 7.6 Bugs/Fixesphpnuke 7.5phpnuke 7.4phpnuke 7.3phpnuke 7.2phpnuke 7.1phpnuke 7.0phpnuke 6.9phpnuke 6.8Bug Fixes for phpnuke 6.5phpnuke 6.5Gallery/Gallery2CNB Your AccountBrowser Specific IssuesUpgrading NukeNuke Treasury NSN Scripts----------------NSN NewsNSN GroupsNSN OtherNSN Gr Downloads - a.k.a NukeDepositoryNSN NukeProject Other CMS/Portal Applications----------------Post NukeNuke PlatinumNuke Evolution PHPBB----------------Stand Alonew/Nuke 6.5w/Nuke 6.9BBtoNuke ModsBBtoNuke General Programming - Server Help----------------PHPMySQLFor HireApacheHTMLCSSJavaScriptServer Help Guestbook Application (KISGB)----------------KISGB General Support Stock Quote Application (KISSQ)----------------KISSQ General Support RavenNuke(tm) v2.10.01----------------RN v2.10.01 - All IssuesRN v2.10.01 - Feedback RavenNuke(tm) v2.10.00----------------RN AnnouncementsRN FAQRN Bug FixesRN Not BugsRN Documentation Issues/SuggestionsRN Enhancement Requests and SuggestionsRN NSN Groups IssuesRN Themes IssuesRN NukeSentinel(tm) issuesRN Installer/Setup IssuesRN Bug Reports - Other IssuesRN Conversion Issues From v2.02RN Conversion Issues From Standard phpNukeRN The Good, The Bad, The Ugly 6.5 Hacks----------------Old Articles Hack Nuke News Module Hack To Allow Ordering of Articles----------------News Module Hack - AnnouncementsNews Module Hack - BugsNews Module Hack - Enhancement RequestsNews Module Hack - Discussion Other Stuff----------------Other - DiscussionOther - Sites To VisitOther - Chit ChatOther - PoliticsOther - Movie ReviewsOther - Humor Religion----------------Religion - GeneralPrayer/Praise Requests Potpourri----------------Rants & Raves Private----------------Reading - AnnouncementsReading - Digital BooksReading - Hard/Soft cover BooksReading - Digital MagazinesReading - Printed Magazines  View next topic View previous topic You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum Forums ©

All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2011 by Raven

You can syndicate our news using the file



Website engines core code is © copyright by PHP-Nuke but has been heavily patched and modified by myself and others.
PHP-Nuke is a free software released under the GNU/GPL.


:: fisubice phpbb2 style by Daz :: PHP-Nuke theme by www.nukemods.com :::: fisubice Theme Modified by the RavenNuke™ Team ::
:: :: ::

zerosum