Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

Admin panel > HTTP Referers > check url
 View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
BlueLion
New Member
New Member



Joined: Aug 10, 2004
Posts: 12
PostPosted: Sat Oct 22, 2005 5:59 am Reply with quote
PHP-Nuke 7.6pl3.1
Location: http://www.YOUR-SITE.com/admin.php?op=hreferer
Problem: When checking out one of the listed URL's PHP-Nuke comes up with: "Illegal Operation".
URL: http://www.YOUR-SITE.com/index.php?url=http://www.ANOTHER-SITE.com


I've looked into the /mainfile.php where this part is blocking the operation:

Code:
// Additional security (Union, CLike, XSS)


if(!file_exists('includes/nukesentinel.php')) {


  if(isset($_SERVER['QUERY_STRING']) && (!stripos_clone($_SERVER['QUERY_STRING'], "ad_click") || !stripos_clone($_SERVER['QUERY_STRING'], "url"))) {


    $queryString = $_SERVER['QUERY_STRING'];


    if (stripos_clone($queryString,'%20union%20') OR stripos_clone($queryString,'/*') OR stripos_clone($queryString,'*/union/*') OR stripos_clone($queryString,'c2nyaxb0') OR stripos_clone($queryString,'+union+') OR stripos_clone($queryString,'http://') OR (stripos_clone($queryString,'cmd=') AND !stripos_clone($queryString,'&cmd')) OR (stripos_clone($queryString,'exec') AND !stripos_clone($queryString,'execu')) OR stripos_clone($queryString,'concat')) {


      die('Illegal Operation');


    }


  }


}


And in particular this part:

Code:
OR stripos_clone($queryString,'http://')


One site runs Sentinel and the problem has never occured on that pages, but locally and on sites where sentinel isn't installed it will look for this part of code, because of this line:

Code:
if(!file_exists('includes/nukesentinel.php'))


When stripping out this

Code:
OR stripos_clone($queryString,'http://')


the referer can be checked with this URL: http://www.YOUR-SITE.com/index.php?url=http://www.ANOTHER-SITE.com

Questions:
Is it save to remove the following?
Code:
OR stripos_clone($queryString,'http://')


Any other suggestion to get this solved, except installing Sentinel?
Is sentinel not checking this?


BlueLion
 
View user's profile Send private message Visit poster's website
Raven
Site Admin/Owner



Joined: Aug 27, 2002
Posts: 17088
PostPosted: Sat Oct 22, 2005 6:51 am Reply with quote
That is a tough call. That referer line is how one can easily get redirected to a bad page, but at the same time many legitimate applications use that type syntax. You, as webmaster, have to make that call.
 
View user's profile Send private message
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©