Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> General/Other Stuff
Author Message
hitwalker
Sells PC To Pay For Divorce



Joined:
Posts: 5661

PostPosted: Fri Apr 22, 2005 5:49 pm Reply with quote

A friend of mine discovered a weird bug in the phpbb forum when he was looking at my forum.
when you go to all posts of a person (find all posts of..) that goes to this url..
ftopict-51-.html

you get "Possible Santy Worm Attack!" with a white screen and nothing more.
So the friend checked his site and i did exactly the same...
Where does this comes from ?
 
View user's profile Send private message
Holbrookau
Hangin' Around



Joined: Jun 25, 2004
Posts: 32

PostPosted: Fri Apr 22, 2005 7:58 pm Reply with quote

Quote:
Where does this comes from ?
From the highlight part of the URL. Santy uses a flaw in the PHP highlight function which has seen many PHP-Nuke/phpBB sites exploited. A fix was made but is a blanket one that has the undersirable effect of thinking highlight in phpBB search strings are also exploits.
Best you do a search here or at the phpBB website on the subject as I'm sure there is a better fix available now.
 
View user's profile Send private message
hitwalker







PostPosted: Sat Apr 23, 2005 3:20 am Reply with quote

i dont understand realy.
i haven a completely updated forum ,so i dont understand why i get this error.
 
hitwalker







PostPosted: Sat Apr 23, 2005 3:30 am Reply with quote

yeah it was this...

Code:


From includes/nukesentinel.php

Code:

// Stop Santy Worm
// If you have problems with forums remove ,highlight from the string below
if($ab_config['santy_protection'] == 1) {
  $bad_uri_content=array("rush","highlight","perl","chr(","pillar","visualcoder","sess_");
  while(list($stid,$uri_content)=each($bad_uri_content)) { if(stristr($_SERVER['REQUEST_URI'], $uri_content)) { die(_AB_SANTY); } }

 
montego
Site Admin



Joined: Aug 29, 2004
Posts: 9457
Location: Arizona

PostPosted: Sat Apr 23, 2005 8:17 am Reply with quote

According to Raven's posts here, if you have the Santy worm mod_rewrite statements in your .htaccess file, you can comment out the Sentinel code. It affects Menalto's Gallery too. I don't have time to find the posts, but I do remember them here.

_________________
Where Do YOU Stand?
HTML Newsletter::ShortLinks::Mailer::Downloads and more... 
View user's profile Send private message Visit poster's website
Raven
Site Admin/Owner



Joined: Aug 27, 2002
Posts: 17088

PostPosted: Sat Apr 23, 2005 8:22 am Reply with quote

That is correct. Also, if you are using the latest version of NukeSentinel(tm), the Santy worm protection in NukeSentinel(tm) is now controlled in the Administration panel.
 
View user's profile Send private message
hitwalker







PostPosted: Sat Apr 23, 2005 8:36 am Reply with quote

yeah i knew that but i couldnt figure out where it came from..
but its solved... Smile
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> General/Other Stuff

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©