|
- Readme First! -
Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 357 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
Admin AddAuthor POST Twist Exploit |
|
 Nuke Cops had released Admin Tap (this one is version 3) to address the old problem of adding authors to your PHP-Nuke portal without your knowledge. We cannot stress enough how important our patch is because it addresses not just GETs but also POSTs. We've been receiving emails stating that other vendor patches do not work against POST. Our Admin Tap addresses this. Please research your options and choose wisely amongst vendor patches.
|
|
Posted on Sunday, May 16 @ 07:58:14 CEST by IACOJ |
|
|
|
|
| |
|
|
| | The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
| No Comments Allowed for Anonymous, please register | | | | |
Re: Admin AddAuthor POST Twist Exploit (Score: 1)
by purasorte on Sunday, May 16 @ 09:21:19 CEST
(User Info | Send a Message) | I received:
Warning: Compilation failed: nothing to repeat at offset 0 in /home/restricted/home/mysite/public_html/admin.php on line 54
Solution:
http://nukecops.net/postp121465.html#121465 [nukecops.net]
|
Re: Admin AddAuthor POST Twist Exploit (Score: 1)
by IACOJ on Sunday, May 16 @ 09:35:27 CEST
(User Info | Send a Message) | | What's your line 54? |
]
Re: Admin AddAuthor POST Twist Exploit (Score: 1)
by purasorte on Sunday, May 16 @ 09:39:33 CEST
(User Info | Send a Message) | Sorry:
it was:
if (preg_match("/?admin/", "$checkurl")) {
its now:
if (preg_match("/?admin/", "$checkurl")) { |
]
Re: Admin AddAuthor POST Twist Exploit (Score: 1)
by purasorte on Sunday, May 16 @ 09:45:29 CEST
(User Info | Send a Message) | There was just a "" missing in /?admin
The "" dont print here...
See another topic about:
http://nukecops.com/postt28502.html
Sorry bad English |
]
Re: Admin AddAuthor POST Twist Exploit (Score: 1)
by purasorte on Sunday, May 16 @ 09:47:56 CEST
(User Info | Send a Message) | There was just a "backslash" missing in /?admin
The "backslash" dont print here...
See another topic about:
http://nukecops.com/postt28502.html
Sorry bad English |
]
Re: Admin AddAuthor POST Twist Exploit (Score: 1)
by IACOJ on Sunday, May 16 @ 10:17:24 CEST
(User Info | Send a Message) | | Ah yes, the missing backslash in the article. Thank you |
]
| | | | |
Re: Admin AddAuthor POST Twist Exploit (Score: 1)
by chatserv on Sunday, May 16 @ 10:41:01 CEST
(User Info | Send a Message) http://nukeresources.com | | Guess i should warn Nuke users about this, although i have not encountered any patches being sold out there i'm aware that i do not visit all websites so it might be a possibility and it must be the case since patches by "other vendors" are mentioned within this article so my advice to you? don't waste your money,many of us offer patches for free, if you pay for installs that's another story but never pay for a patch. I for one offer everything i release for free and i would think that by now i have proven my consistency as have many others. |
Re: Admin AddAuthor POST Twist Exploit (Score: 1)
by IACOJ on Sunday, May 16 @ 11:25:39 CEST
(User Info | Send a Message) | | The "other vendors" I referenced do not charge for patches. At least the ones we were advised about. |
]
Re: Admin AddAuthor POST Twist Exploit (Score: 1)
by chatserv on Sunday, May 16 @ 11:38:10 CEST
(User Info | Send a Message) http://nukeresources.com | Ah then thanks for the clarification, guess the term vendor confused me so i felt like warning users, i'd hate to see someone taking advantage of users by selling anything aimed at securing or fixing a free program like Nuke.
Now regarding the post/get issue i think i saw a comment on the forums about this and i think people are confused if that's the one in question, Hack Alert does not claim to tackle all forms of attacks, only union based ones, the admin hack does not employ such an attack, it passes op names through the url, by default Nuke does not require said operators to be passed through the url, matter of fact there's no need for it, but on the other hand Nuke doesn't stop people from passing them. It's like i said in one post, union attacks are not the only thing out there, there are many other forms of attacks and each is equally dangerous. |
]
| | | | |
Re: Admin AddAuthor POST Twist Exploit (Score: 1)
by inkydink1234 on Monday, May 17 @ 11:54:18 CEST
(User Info | Send a Message) | | Raven offers an admin fix that keeps all exploits out. It's simple - it just adds HTTP Authentication to even get into the admin module. See http://ravenphpscripts.com for more info. |
Re: Admin AddAuthor POST Twist Exploit (Score: 1)
by Zhen-Xjell on Monday, May 17 @ 12:53:12 CEST
(User Info | Send a Message) http://castlecops.com | | Using HTTP Authentication does not deal with XSS exploits which cause authenticate logged in Admins to still get hacked. AdminTap handles this. |
]
Re: Admin AddAuthor POST Twist Exploit (Score: 1)
by inkydink1234 on Monday, May 17 @ 16:20:47 CEST
(User Info | Send a Message) | | First of all, how many people have admins that hack their own site? Come on. And assuming that was a big threat, which of course it isn't, if you have Chat's admin.php fix in place after Raven's it's covered anyway. Could they use a post or a cookie attack? Possibly. I'd like to see your proof of concept on that one. |
]
Re: Admin AddAuthor POST Twist Exploit (Score: 1)
by IACOJ on Monday, May 17 @ 17:13:23 CEST
(User Info | Send a Message) | We have seen the following similar URI:
admin.php?op=AddAuthor&add_aid=ADDAID&add_name=God&add_pwd=ADDPWD&add_email=foo@bar.com&add_radminsuper=1
Used within IMG tags that when viewed by validated admins against their domain will launch an attack on themselves without knowing.
These attacks can be sent via forums, via news articles, and even via HTML emails.
Admin Tap stops these. HTTP Authentication does not. Once you are logged in, then the attack works. Admin Tap works regardless of logged in status.
The choice to either secure your system or not is all yours. We simply provide the know-how. |
]
Re: Admin AddAuthor POST Twist Exploit (Score: 1)
by inkydink1234 on Monday, May 17 @ 20:27:48 CEST
(User Info | Send a Message) | | Well you deleted my other post. Let's try it again. Read the other post. HTTP Authenticate doesn't trap the exploit. Chatserv's fix from quite a while ago does. |
]
Re: Admin AddAuthor POST Twist Exploit (Score: 1)
by Zhen-Xjell on Tuesday, May 18 @ 09:00:59 CEST
(User Info | Send a Message) http://castlecops.com | No your comment was set to 'troll' for your rude reply. Its still there for folks to read. However, you don't get it... if you are logged in already into admin.php you are susceptible to the attack. Use of AdminTap prevents this.
Obviously you have an understanding issue. Your love for me must be clouding your mind. |
]
| | | | | |
