|
- Readme First! -
Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 362 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
Fortress™ Request for Comments |
|
 Fortress™ is making great innovations and is riding ahead of the wave of attacks. It is no longer just a reporting tool, Fortress™ is an intelligent banning tool that runs with no overhead on your system. The alerts can be publicly displayed as shown here and here. Fortress™ is independent and can run on any operating system platform and any web server that runs PHP.
Any PHP site can utilize this ground breaking technology with complete success. I'd like to thank Mister for his work on Protector which has given me the fire to write Fortress™. He is an inspiration to us all for proactive web security.
Currently Union Tap Code acts as a doorway into Fortress™. Next versions of Fortress™ will expand its presense into the realm of admin.php via our exclusive winning Admin Tap patch (proves itself everyday against admin.php attacks).
While getting the next version ready for release, please feel free to comment on what you'd like to see included now versus later.
Thanks,
Paul Laudanski
|
|
Posted on Monday, May 17 @ 15:06:47 CEST by Zhen-Xjell |
|
|
|
|
| |
|
Average Score: 2.09
Votes: 11
|
|
|
|
|
|
|
| | The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
| No Comments Allowed for Anonymous, please register | | | | |
Re: Fortress™ Request for Comments (Score: 1)
by TrevorE on Monday, May 17 @ 15:13:25 CEST
(User Info | Send a Message) | | Wow, thats really cool! |
| | | | |
Re: Fortress™ Request for Comments (Score: 1)
by IACOJ on Monday, May 17 @ 17:45:42 CEST
(User Info | Send a Message) | | Yes all will be included. |
]
Re: Fortress™ Request for Comments (Score: 1)
by phaseiii on Monday, May 17 @ 18:12:27 CEST
(User Info | Send a Message) http://PhaseIII.org/ | | What would be cooler is if there was a way to do like some of the spam lists and have the lists constantly merge to make *one giant ban list* |
]
Re: Fortress™ Request for Comments (Score: 1)
by IACOJ on Monday, May 17 @ 18:34:08 CEST
(User Info | Send a Message) | | That's what the plan is. |
]
| | | | |
Re: Fortress™ Request for Comments (Score: 1)
by zanis on Monday, May 17 @ 19:10:27 CEST
(User Info | Send a Message) | Hello!
The question is - when will it be released? It seems that there is loads of build up but nothing coming!
Cheers
Zanis |
Re: Fortress™ Request for Comments (Score: 1)
by IACOJ on Monday, May 17 @ 19:17:22 CEST
(User Info | Send a Message) | | Your question was answered last week, the release is expected this weekend. Thanks for your patience. |
]
| | | | |
Re: Fortress™ Request for Comments (Score: 1)
by RastaMan on Monday, May 17 @ 20:08:20 CEST
(User Info | Send a Message) | | Why Fortress? Why not Protector from warcenter? |
Re: Fortress™ Request for Comments (Score: 1)
by burnwave on Tuesday, May 18 @ 00:02:05 CEST
(User Info | Send a Message) http://burnwave.com | It's pretty obvious. Some of nukecops work is derived from other's work without proper credentials, etc.
This has been proven with some NSN work.
But hey, might as well hit up everyone, eh RastaMan? |
]
Re: Fortress™ Request for Comments (Score: 1)
by RastaMan on Tuesday, May 18 @ 18:58:32 CEST
(User Info | Send a Message) | | Really? I would have never guessed. Hmmm. Protector http://protector.warcenter.se has been making the way on automated phpnuke security. I would have figured NukeCops would have helped fuel Protectors effort. From what I have seen, Protector FAR surpasses Fortess. |
]
| | | | |
Re: Fortress™ Request for Comments (Score: 1)
by inkydink1234 on Monday, May 17 @ 20:26:16 CEST
(User Info | Send a Message) | Union Tap has BIG hole!
http://www.waraxe.us/?modname=sa&id=030 |
Re: Fortress™ Request for Comments (Score: 1)
by IACOJ on Monday, May 17 @ 21:04:49 CEST
(User Info | Send a Message) | | How is that a hole? You try it on site and you'll find that IP banned. |
]
Re: Fortress™ Request for Comments (Score: 1)
by IACOJ on Monday, May 17 @ 21:41:01 CEST
(User Info | Send a Message) | | If you don't believe me that it will ban you, take a look at the fortress.htm and do a search for "cookie" you will see that someone has tried it, and they are banned. Failing that you can always try it yourself, but as I have previously said if anyone attempts these "exploits" on this site, they will be banned. We will not undo the banning because you didn't understand how the code works, or what the exploit claims to do. |
]
Re: Fortress™ Request for Comments (Score: 1)
by inkydink1234 on Monday, May 17 @ 21:46:00 CEST
(User Info | Send a Message) | From the Waraxe site:
B5 - XSS through nukecops UnionTap Sql Prevention Code:
Well, you know, this is my favourite one - securing one hole will induct new one.
Let's look at beginning of the "mainfile.php" from PhpNuke 7.3 :
//Union Tap
//Copyright Zhen-Xjell 2004 http://nukecops.com
//Beta 3 Code to prevent UNION SQL Injections
unset($matches);
unset($loc);
if (preg_match("/([OdWo5NIbpuU4V2iJT0n]{5}) /", rawurldecode($loc=$_SERVER["QUERY_STRING"]), $matches)) {
die("YOU ARE SLAPPED BY NUKECOPS [nukecops.com] BY USING '$matches[1]' INSIDE '$loc'.");
}
So this clever code will catch up nonmasked sql injection attempts, made through "GET" request...
Let's try this request:
http://localhost/nuke73/index.php?foo=bar%20union%20select
and we see nice message like this:
YOU ARE SLAPPED BY NUKECOPS BY USING 'union' INSIDE 'foo=bar%20union%20select'.
Uh, how scary...
But what, if we issue request like this (try it with M$ Internet Explorer for succes!):
http://localhost/nuke73/index.php?foo=bar%20union%20select%20alert(document.cookie);
Oops, nice case of cross-site scripting! And because anti-xss filtering code is located
AFTER UnionTap, then we can use even most common "" tags...
Heya to nukecops and have a nice day
|
]
]
Re: Fortress™ Request for Comments (Score: 1)
by Dunderklumpen on Tuesday, May 18 @ 04:56:45 CEST
(User Info | Send a Message) | | I tried that - on a patched site. Fortress nailed it. |
]
Re: Fortress™ Request for Comments (Score: 1)
by inkydink1234 on Tuesday, May 18 @ 08:10:50 CEST
(User Info | Send a Message) | | That's because ZX altered the proof in my last comment. It is still vulnerable until he issues a fix. |
]
Re: Fortress™ Request for Comments (Score: 1)
by Zhen-Xjell on Tuesday, May 18 @ 08:24:34 CEST
(User Info | Send a Message) http://castlecops.com | | Its amazing how well you know everything I do. I think I found my beloved fan who loves me so much. |
]
Re: Fortress™ Request for Comments (Score: 1)
by IACOJ on Tuesday, May 18 @ 08:53:03 CEST
(User Info | Send a Message) | Hi inkydink,
As I previously stated if you go to http://nukecops.com/fortress.htm if you are using IE click on 'edit' and then on 'find', in the prompt type in 'cookie'. You will see very clearly indicates the so called exploit is caught.
If you wish to frequent sites which claim to patch exploits that don't actually exist that is your choice. It has become clear to me that neither you or the folks at waraxe understand how the code works. I'm not going to waste my time any further trying to convince you of something you can't seem to grasp. |
]
Re: Fortress™ Request for Comments (Score: 1)
by nobleclem on Tuesday, May 18 @ 10:36:02 CEST
(User Info | Send a Message) http://hackerassassins.com | | Yes but I also remember reading in the forums several people including myself asking how it works and all that is said if anything is it just catches the sql injections. So for people who are not expert coders no most of us dont know what exactly how you came up with the preg_match statement. |
]
Re: Fortress™ Request for Comments (Score: 1)
by BrainSmashR on Tuesday, May 18 @ 12:07:28 CEST
(User Info | Send a Message) http://www.brainsmashr.com | Why would he even WANT to do that? So someone else can find another hole to exploit?
That's like leaving your children alone with a Catholic priest. He "might" not molest them.....but why take the chance? |
]
Re: Fortress™ Request for Comments (Score: 1)
by oprime2001 on Tuesday, May 18 @ 17:14:36 CEST
(User Info | Send a Message) | I thought "security through obfuscation" never worked. Granted, the code is not truly obfuscated. IMHO, it is better that a "novice" find the exploits/hole than some malicious blackhat.
|
]
Re: Fortress™ Request for Comments (Score: 1)
by BrainSmashR on Wednesday, May 19 @ 18:51:05 CEST
(User Info | Send a Message) http://www.brainsmashr.com | You're right, anyone who wants the software can download it for free.
Now the guy who asked the question has been a member of NC for nearly a year and has made a total of 16 posts (looked his stats up).
So while I agree with your idea in "theory"......the simple fact is that this guy wasn't some Nuke-pro asking for the code.
He was some "novice" asking for the latest answers to the newest Nuke "hacker" prevention methods.....and I agree with not providing the information on a public forum for any and all to see/use...........
|
]
| | | | |
Re: Fortress™ Request for Comments (Score: 1)
by BBrDawg on Monday, May 17 @ 20:48:12 CEST
(User Info | Send a Message) | | How about "Auto-Update" button to bring the code current? |
| | | | | |
