| Author |
Message |
oprime2001
Worker
Joined: Jun 04, 2004
Posts: 119
Location: Chicago IL USA
|
 Posted:
Sun Aug 08, 2004 9:44 pm |
|
I was over at NukeCops reading the security forum, and I came upon the following post Only registered users can see links on this board! Get registered or login! wherein Only registered users can see links on this board! Get registered or login! posted an exploit that can supposedly bypass Sentinel.
I'm currently (and will be for the next week) on an antiquated machine on dial-up, and I cannot verify this claim. Can anyone take a look at it, and report their results back here? Thanks. |
| |
|
|
|
Doodle
Hangin' Around
Joined: Jan 26, 2004
Posts: 46
Location: 127.0.0.1
|
| Posted:
Sun Aug 08, 2004 10:39 pm |
|
|
 
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Mon Aug 09, 2004 12:35 am |
|
It's a totally useless script other than informative. I can see how it might bypass (I will have to try it later to know for sure) all the scripts out there but the only way it could or would be if an admin would make that script available which one never would. And, it is very easily plugged. Or, the cracker would have to be able to install that script on your site, in which case you have much bigger problems than that script! If I were still posting over there I would ask DJ to explain how he thinks a visitor to your site would ever execute that? Of course Apache wouldn't log anything! It's a form with post variables. No big secret there. Furthermore, the useless dribble at the top of that post is just that - useless dribble. All sites/servers are crackable if one tries hard enough. If these kiddies were able to crack us, trust me - they would have by now. But, they can't, at least not until a new hole is discovered. Hadjuk posts old code that waraxe posted quite a while ago. Several if not all have been patched by Chat. Full path disclosures are pretty simple to hide - just turn error display off and write to a log. |
| |
|
|
|
|
diablo
Hangin' Around
Joined: Feb 01, 2004
Posts: 34
|
| Posted:
Mon Aug 09, 2004 1:35 am |
|
I tried a couple and they were blocked.
 |
| |
|
|
|
|
chatserv
Member Emeritus
Joined: May 02, 2003
Posts: 1389
Location: Puerto Rico
|
| Posted:
Mon Aug 09, 2004 9:24 am |
|
You people are still wasting your time with that site?  |
| |
|
|
|
|
Doodle
|
| Posted:
Mon Aug 09, 2004 9:40 am |
|
It's good for a laugh if anything  |
| |
|
|
|
|
Muffin
Client
Joined: Apr 10, 2004
Posts: 649
Location: UK
|
| Posted:
Mon Aug 09, 2004 9:45 am |
|
I've been over there today complaining about Protector messing up my site still, months after I took it off and replacing it with Sentinel lol |
_________________
Classic Mini rules the bends & bends the rules!
[img] |
|
|
|
|
Nukeum66
Life Cycles Becoming CPU Cycles
Joined: Jul 30, 2003
Posts: 551
Location: Neurotic, State, USA
|
| Posted:
Mon Aug 09, 2004 6:13 pm |
|
| chatserv wrote: | | You people are still wasting your time with that site? |
That's for sure!........... |
_________________
Scott Johnson MIS Ubuntu/Linux 11.10 |
|
|
|
|
SmackDaddy
Involved
Joined: Jun 02, 2004
Posts: 268
Location: Englewood, OH
|
| Posted:
Tue Aug 10, 2004 6:58 am |
|
Question (since I felt it fell under this thread and not a new one):
http://protector.warcenter.se/postt941.html?sid=48ece423300d7b37b939dfad4c7f4031
Supposedly there's some super-secret-spy-squirrel hack that bypasses Protector (*biting tongue*), but since I use Sentinel, is there any info about those two hacks to pass on? Or is Protector just showing their lack of updating and moving with the times? |
| |
|
|
|
|
Raven
|
| Posted:
Tue Aug 10, 2004 10:11 am |
|
After conferring with Chatserv, we are pretty sure what that is referring to and YES, Sentinel should be protecting you as long as you have v2.0.1. v2.0.0 also works but in a slightly different way. That's why we updated the code. |
| |
|
|
|
|
Raven
|
| Posted:
Tue Aug 10, 2004 1:03 pm |
|
Bob also reminded me of this. Sentinel has protected against the Forums/Private Messages exploit since 1.0 and with 2.0.1 it also checks the base 64 it's not a new exploit but an old that has resurfaced. |
| |
|
|
|
|
Dauthus
Worker
Joined: Oct 07, 2003
Posts: 211
|
| Posted:
Tue Aug 10, 2004 5:51 pm |
|
| Quote: |
Supposedly there's some super-secret-spy-squirrel hack that bypasses Protector (*biting tongue*), but since I use Sentinel, is there any info about those two hacks to pass on? Or is Protector just showing their lack of updating and moving with the times?
|
Just an FYI, Sentinel does stop the exploit they are referring to in the Protector forums. From what I can tell, Mister and Jabba are working on fixing the problem in Protector also. I don't think they are trying to be "secret-squirrel" about the issue, they just don't want to broadcast a way to bypass their protection until it is fixed. It kind of makes sense to me. |
| |
|
|
|
|
Raven
|
| Posted:
Tue Aug 10, 2004 6:16 pm |
|
Thanks for letting us know that Sentinel does stop the exploit |
| |
|
|
|
|
SmackDaddy
|
| Posted:
Tue Aug 10, 2004 9:43 pm |
|
| Dauthus wrote: | | Quote: |
Supposedly there's some super-secret-spy-squirrel hack that bypasses Protector (*biting tongue*), but since I use Sentinel, is there any info about those two hacks to pass on? Or is Protector just showing their lack of updating and moving with the times?
|
Just an FYI, Sentinel does stop the exploit they are referring to in the Protector forums. From what I can tell, Mister and Jabba are working on fixing the problem in Protector also. I don't think they are trying to be "secret-squirrel" about the issue, they just don't want to broadcast a way to bypass their protection until it is fixed. It kind of makes sense to me. |
Yeah, guess you missed my sarcasm....sorry....but thanks for the info. |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
