Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
MissVicky
New Member
New Member


Joined: Mar 23, 2004
Posts: 21

PostPosted: Mon Mar 29, 2004 2:48 pm Reply with quote

Although it was not any of my php nuke sites; my web hosts did have a hacker a few weeks ago that attempted to rewrite all index pages of their web clientes.

According to them; it was a php nuke site fopen function that caused the vulnerability. They stated:

-------------------------------------------------------------------
" The version of PHP-Nuke that was compromised used a function called fopen. That function allows people to open up a file from a remote server as if it were local and execute it. When the entire data stream is controlled there should be no problem.

The problem is when user input is trust as valid for the fopen call. In that case it allows anyone who accesses the site to tell it to execute code from anywhere on the internet. Earlier versions of PHP-Nuke are notorious for not verifying user input before passing it on to the fopen call.

I'm not sure if later versions have fixed those problems however given that most people rarely upgrade their software to newer versions with security fixes even if later versions do have the fix any install which isn't running the latest code is vulnerable. "
--------------------------------------------------------------------------------

I would like to know if the newer versions are open to this vulnerability and if so; where and how to prevent it. As you can see; I have no knowledge on this specific content but security is a big issue with me and I want to learn!

Thank you for any input on the fopen that you can provide.
Miss Vicky
 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17077

PostPosted: Mon Mar 29, 2004 3:00 pm Reply with quote

It has nothing to do with nuke [only], per se. fopen() Only registered users can see links on this board! Get registered or login! is a common function in php. Now it is true that badly coded data input may have been compromized that allowed fopen() access to a file that normally it would not have. This may have been an addon or something but I have never heard of an exploit for fopen in nuke.


Last edited by Raven on Mon Mar 29, 2004 3:02 pm; edited 1 time in total 
View user's profile Send private message
Raven
PostPosted: Mon Mar 29, 2004 3:02 pm Reply with quote

Ask your provider to send along the compromized and I will be happy to look into it. Send it by PM though Laughing
 
sixonetonoffun
Spouse Contemplates Divorce


Joined: Jan 02, 2003
Posts: 2496

PostPosted: Tue Mar 30, 2004 8:52 am Reply with quote

Here is basic exploit info that helps understanding the validation issue in plain english. Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
Raven
PostPosted: Tue Mar 30, 2004 9:07 am Reply with quote

Exactly - input not validated. Thanks Six for the link. MissVicky, please try to get more info from your provider as I requested. As I said I am not aware of any recent versions of Nuke having this "feature".
 
MissVicky
PostPosted: Tue Mar 30, 2004 11:08 am Reply with quote

I sent the request over to them yesterday, Raven and will stay on top of it as well. Thank you again and thank you to Six too!
Miss Vicky
 
pdoobepd
Worker
Worker


Joined: May 07, 2005
Posts: 129

PostPosted: Mon Jan 09, 2006 4:41 pm Reply with quote

I would also like more info. on this.

I was told that I need to change coding from FOPEN=On to FOPEN=Off but no where in my mainfile.php does it state FOPEN=On. Which leaves me wondering was this fixed in prior patches to 7.6 patch 3.1 already or does it even apply to the above version???

Ging...

_________________
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Mon Jan 09, 2006 5:08 pm Reply with quote

That sounds like a PHP configuration, nothing that you can do with phpNuke specifically. But try .htaccess if your host allows it

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
pdoobepd
PostPosted: Tue Jan 10, 2006 10:04 am Reply with quote

I did contact my webhost about the above...However due to the fact they would have to take every site down while the edit is done they are reluctant to do so. I find this rather amusing that they would say the above which is as near to a quote as I can get, and they don't allow access to the files needed for edits due to security reasons...hmmm I just gave them a heads up on a Security Hole and they say they are reluctant to take things down for the time it would take to fix a leak that could result in many sites being taken down by an outsider...
Someone Give me a Big stick Smack
 
djmaze
Subject Matter Expert


Joined: May 15, 2004
Posts: 719
Location: http://tinyurl.com/5z8dmv

PostPosted: Wed Jan 11, 2006 10:05 pm Reply with quote

Nonsense. Does your host know what he's doing ? RTFM

1. Open php.ini and set
Code:
allow_url_fopen = Off

2. service apache restart

done.
That would reduce their "99.9% uptime" to "99.89999%" update if you ask me.

P.S. If i was your host you would stay 99.9% cos i don't have to reboot anything when i set that up Laughing
 
View user's profile Send private message Visit poster's website
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©