Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

Possible code error
 View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.5.x
Author Message
dirtyrat
New Member
New Member



Joined: May 18, 2007
Posts: 10
PostPosted: Tue Jun 26, 2007 10:14 am Reply with quote
I've been having problems with some users performing functions on my site. The most recent problem was a single user. He attempted to register several times with no success. After finally getting registered, he tried to send a PM only to have that fail.

After reading several threads, there was one that directed me to look at "includes\nukesentinel.php". While examining the code near:

Code:
if (!isset($_COOKIE['admin']) OR !is_admin($_COOKIE['admin'])) {


  // Check for SCRIPTING attack


  // Copyright 2004(c) ChatServ


I found this line:

Code:
     (eregi("\([^>]*\"?[^)]*\)", $secvalue)) ||


My question is whether the ")" is correct in the ?[^)] section.

This is from Sentinel version 2.5.08.
 
View user's profile Send private message
Gremmie
Former Moderator in Good Standing



Joined: Apr 06, 2006
Posts: 2415
Location: Iowa, USA
PostPosted: Tue Jun 26, 2007 10:30 am Reply with quote
It would help if you would explain what problems this user was having exactly in registering, and what was Sentinel doing to prevent it?

What failed when he tried to send a PM?

_________________
GCalendar - An Event Calendar for PHP-Nuke
Member_Map - A Google Maps Nuke Module 
View user's profile Send private message
dirtyrat
PostPosted: Tue Jun 26, 2007 11:50 am Reply with quote
Well, I wasn't directly asking about my site problem, just the code variance.

But, since you asked. All of the errors were Abuse-Script errors. This is on a phpNuke 7.9 patched site running Sentinel 2.5.08.

First register attempt:
Code:
Reason: Abuse-Script


--------------------


User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)


Query String: joinkof.com/modules.php?name=Your_Account&op=activate&username=(Delta)


Get String: joinkof.com/modules.php?name=Your_Account&op=activate&username=(Delta)


Post String: joinkof.com/modules.php


Forwarded For: none


Client IP: none


Remote Address: 65.24.28.3


Remote Port: 64088


Request Method: GET


Another registration attempt:
Code:
Reason: Abuse-Script


--------------------


User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)


Query String:


joinkof.com/modules.php?name=Your_Account&op=activate&username=(Delta) D.O.


2526&check_num=472ca5e3ec9b20e650b05c92123510e4


Get String:


joinkof.com/modules.php?name=Your_Account&op=activate&username=(Delta) D.O.


2526&check_num=472ca5e3ec9b20e650b05c92123510e4


Post String: joinkof.com/modules.php


Forwarded For: none


Client IP: none


Remote Address: 65.24.28.3


Remote Port: 61741


Request Method: GET


Another registration attempt:
Code:
Reason: Abuse-Script


--------------------


User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)


Query String:


joinkof.com/modules.php?name=Your_Account&op=activate&username=(Delta)_D.O._2526&check_num=0254c4c61d19af7367be00fd412fe370


Get String:


joinkof.com/modules.php?name=Your_Account&op=activate&username=(Delta)_D.O._2526&check_num=0254c4c61d19af7367be00fd412fe370


Post String: joinkof.com/modules.php


Forwarded For: none


Client IP: none


Remote Address: 65.24.28.3


Remote Port: 60197


Request Method: GET


And the PM error (where he was trying to tell us about his problems):
[ Only registered users can see links on this board! Get registered or login! ]

Thanks for the help.
 
Gremmie
PostPosted: Tue Jun 26, 2007 1:13 pm Reply with quote
I think it is the parenthesis in his username that is tripping up Sentinel.

And in the PM he pasted HTML code into it which also caused Sentinel to trip.
 
jakec
Site Admin



Joined: Feb 06, 2006
Posts: 3048
Location: United Kingdom
PostPosted: Tue Jun 26, 2007 1:17 pm Reply with quote
If the user removes the brackets from the username, does it work?
 
View user's profile Send private message
jakec
PostPosted: Tue Jun 26, 2007 1:19 pm Reply with quote
Great minds think alike! Wink
 
dirtyrat
PostPosted: Tue Jun 26, 2007 4:41 pm Reply with quote
So, there is no way to use parentheses in a username?
 
Gremmie
PostPosted: Tue Jun 26, 2007 5:39 pm Reply with quote
Apparently not with Sentinel... Wink

That can get passed on to the developers and we can see what they say...
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.5.x


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©