Claims of exploit that can bypass Sentinel

Posted: Sun Aug 08, 2004 9:44 pm

I was over at NukeCops reading the security forum, and I came upon the following post http://nukecops.com/postt32676.html wherein DJMaze posted an exploit that can supposedly bypass Sentinel.

I'm currently (and will be for the next week) on an antiquated machine on dial-up, and I cannot verify this claim. Can anyone take a look at it, and report their results back here? Thanks.

registered · Posted: Sun Aug 08, 2004 10:39 pm

The script doesn't do anything on my sites, mind you I use EDL 2.1 on most of them.

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

It's a totally useless script other than informative. I can see how it might bypass (I will have to try it later to know for sure) all the scripts out there but the only way it could or would be if an admin would make that script available which one never would. And, it is very easily plugged. Or, the cracker would have to be able to install that script on your site, in which case you have much bigger problems than that script! If I were still posting over there I would ask DJ to explain how he thinks a visitor to your site would ever execute that? Of course Apache wouldn't log anything! It's a form with post variables. No big secret there. Furthermore, the useless dribble at the top of that post is just that - useless dribble. All sites/servers are crackable if one tries hard enough. If these kiddies were able to crack us, trust me - they would have by now. But, they can't, at least not until a new hole is discovered. Hadjuk posts old code that waraxe posted quite a while ago. Several if not all have been patched by Chat. Full path disclosures are pretty simple to hide - just turn error display off and write to a log.

Hangin' Around Joined: Feb 01, 2004 Posts: 34

I tried a couple and they were blocked.

RavensScripts

Posted: Mon Aug 09, 2004 9:24 am

You people are still wasting your time with that site? Rolling Eyes

Posted: Mon Aug 09, 2004 9:40 am

It's good for a laugh if anything Laughing

Client Joined: Apr 10, 2004 Posts: 649 Location: UK

I've been over there today complaining about Protector messing up my site still, months after I took it off and replacing it with Sentinel lol

Posted: Mon Aug 09, 2004 6:13 pm

chatserv wrote:

You people are still wasting your time with that site? Rolling Eyes

That's for sure!........... Laughing

Posted: Tue Aug 10, 2004 6:58 am

Question (since I felt it fell under this thread and not a new one):
[ Only registered users can see links on this board! Get registered or login! ]

Supposedly there's some super-secret-spy-squirrel hack that bypasses Protector (*biting tongue*), but since I use Sentinel, is there any info about those two hacks to pass on? Or is Protector just showing their lack of updating and moving with the times?

Posted: Tue Aug 10, 2004 10:11 am

After conferring with Chatserv, we are pretty sure what that is referring to and YES, Sentinel should be protecting you as long as you have v2.0.1. v2.0.0 also works but in a slightly different way. That's why we updated the code.

Posted: Tue Aug 10, 2004 1:03 pm

Bob also reminded me of this. Sentinel has protected against the Forums/Private Messages exploit since 1.0 and with 2.0.1 it also checks the base 64 it's not a new exploit but an old that has resurfaced.

Worker Joined: Oct 07, 2003 Posts: 211

Quote:

Supposedly there's some super-secret-spy-squirrel hack that bypasses Protector (*biting tongue*), but since I use Sentinel, is there any info about those two hacks to pass on? Or is Protector just showing their lack of updating and moving with the times?

Just an FYI, Sentinel does stop the exploit they are referring to in the Protector forums. From what I can tell, Mister and Jabba are working on fixing the problem in Protector also. I don't think they are trying to be "secret-squirrel" about the issue, they just don't want to broadcast a way to bypass their protection until it is fixed. It kind of makes sense to me.

Posted: Tue Aug 10, 2004 6:16 pm

Thanks for letting us know that Sentinel does stop the exploit RavensScripts

Posted: Tue Aug 10, 2004 9:43 pm

Dauthus wrote:

Quote:

Supposedly there's some super-secret-spy-squirrel hack that bypasses Protector (*biting tongue*), but since I use Sentinel, is there any info about those two hacks to pass on? Or is Protector just showing their lack of updating and moving with the times?

Just an FYI, Sentinel does stop the exploit they are referring to in the Protector forums. From what I can tell, Mister and Jabba are working on fixing the problem in Protector also. I don't think they are trying to be "secret-squirrel" about the issue, they just don't want to broadcast a way to bypass their protection until it is fixed. It kind of makes sense to me.

Yeah, guess you missed my sarcasm....sorry....but thanks for the info.