SecurityFocus has reported about a vulnerability in admin.php that allows an attacker to create a superuser or modify existing ones, several solutions have been provided and i for one will check into them but in the meantime i offer adding to admin.php after the credits the following:if(stristr($_SERVER["QUERY_STRING"],'AddAuthor') || stristr($_SERVER["QUERY_STRING"],'UpdateAuthor')) {
die("Illegal Operation");
}Neither op should pass through the url anyway so my first choice is to block them, i will check into this issue tomorrow.
[Admin Note:] For those who use my Hacker Script, you can do this
if(stristr($_SERVER["QUERY_STRING"],'AddAuthor') || stristr($_SERVER["QUERY_STRING"],'UpdateAuthor')) {
$loc = $_SERVER['QUERY_STRING'];
header("Location: hackattempt.php?$loc");
die();
}
Related
Re: admin.php vulnerability (Score: 1) |  | So that's directly after the credits and before: $checkurl = $_SERVER['REQUEST_URI']; if (preg_match("/?admin/", "$checkurl")) { echo "die"; exit; Thanks, chatserv. |
| Re: admin.php vulnerability (Score: 1) by chatserv on Tuesday, March 23, 2004 @ 10:08:16 CST (User Info | Send a Message) http://www.scriptheaven.net | |
Correct Lateron |
Re: admin.php vulnerability (Score: 1) | | I would love to just wake up in the morning and not see these things :mad: :so tired: Well, maybe PHP Portal will be able to stem the tide, at lease with the frequency .... |
| Re: admin.php vulnerability (Score: 1) by chatserv on Tuesday, March 23, 2004 @ 10:10:07 CST (User Info | Send a Message) http://www.scriptheaven.net | |
One day... Hey Raven, shouldn't you also add %20union to the code posted? we don't want peepz removing the previous code thinking this one will handle both things. |
| Re: admin.php vulnerability (Score: 1) by chatserv on Tuesday, March 23, 2004 @ 10:12:09 CST (User Info | Send a Message) http://www.scriptheaven.net | |
Nevermind, i now imagine you meant for the code to be placed in admin.php and not on mainfile.php, i promise to wait til i'm fully awake before posting replies in the future. :p |
| Re: admin.php vulnerability (Score: 1) by Raven on Tuesday, March 23, 2004 @ 10:37:12 CST (User Info | Send a Message) | |
/me slaps CS :lol: |
| Re: admin.php vulnerability (Score: 1) by chatserv on Tuesday, March 23, 2004 @ 10:53:14 CST (User Info | Send a Message) http://www.scriptheaven.net | |
Ouch, what'd i do? On second thought that woke me up, Thanks !! :p |
Re: admin.php vulnerability (Score: 1) | | I applied the patch. Is this exploit the same as this one on nukecops.com: http://www.nukecops.com/modules.php?name=News&file=article&sid=1793&mode=&order=0&thold=0 ? greetz, Bart |
| Re: admin.php vulnerability (Score: 1) by Raven on Wednesday, March 24, 2004 @ 04:54:10 CST (User Info | Send a Message) | |
Yes. |
| Re: admin.php vulnerability (Score: 1) by Johan1982 on Wednesday, March 24, 2004 @ 13:11:39 CST (User Info | Send a Message) | |
Which is the best patch? because the Zhen's patch causes small problems, This it is the definitive patch? |
| Re: admin.php vulnerability (Score: 1) by Raven on Wednesday, March 24, 2004 @ 13:18:37 CST (User Info | Send a Message) | |
Best is in the eyes of the beholder. Trust me, and I mean no disrespect to you, we wouldn't publish it here if we didn't think it contained all that was needed. And we aren't even copyrighting ours :lol: |
| Re: admin.php vulnerability (Score: 1) by Johan1982 on Wednesday, March 24, 2004 @ 13:34:26 CST (User Info | Send a Message) | |
Ok, Well, my doubt was because in the news it says "Neither op should pass through the url anyway so my first choice is to block them", thanks |
| Re: admin.php vulnerability (Score: 1) by luchtzak on Wednesday, March 24, 2004 @ 17:03:06 CST (User Info | Send a Message) | |
:-) :-) LOL |
Re: admin.php vulnerability (Score: 1) | | Does the new php-nuke 7.2 already contain this security patch? Thanks, Robb |
| Re: admin.php vulnerability (Score: 1) by Raven on Wednesday, March 24, 2004 @ 21:24:24 CST (User Info | Send a Message) | |
No. This was 'discovered' after 7.2 was released. |
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
