|
- Readme First! -
Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 533 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
Beta Fortress(TM) 1.20 Released |
|
 You've asked for it, so here it is. It will be the masthead for a new generation of security tools to safeguard your websites. All instructions and donation credits are already included within the application. Future versions will rely on your support thru donations. This release protects your sites against all forms of HTTP GET injections:
bad html tags
union injections
C comment codes
Fortress(tm) filters them thru plaintext, base64, and even HEX.
|
|
Posted on Sunday, May 23 @ 10:45:39 CEST by Zhen-Xjell |
|
|
|
|
| |
|
Average Score: 3.22
Votes: 9
|
|
|
|
|
|
|
| | The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
| No Comments Allowed for Anonymous, please register | | | | |
Re: Beta Fortress(TM) 1.20 Released (Score: 1)
by valkster on Sunday, May 23 @ 11:19:37 CEST
(User Info | Send a Message) http://zamboozle.com | Pasting current code to mainfile.php gets me this . .
Parse error: parse error in /home/............./public_html/1/mainfile.php on line 1241
Fatal error: Call to a member function on a non-object in /home/.............../public_html/1/index.php on line 18
Things look good. I created the fortress.htm and csv files manually. |
| | | | |
Re: Beta Fortress(TM) 1.20 Released (Score: 1)
by Tank863 on Sunday, May 23 @ 11:28:49 CEST
(User Info | Send a Message) http://tankweb.net | I also when cutting and pasting to the mainfile received the exact same errors.
|
| | | | |
Re: Beta Fortress(TM) 1.20 Released (Score: 1)
by genoxide on Sunday, May 23 @ 11:36:24 CEST
(User Info | Send a Message) http://www.projectxero.org | im getting those errors Warning: Variable passed to each() is not an array or object in /home/xerogen/public_html/fortress.php on line 42
|
| | | | |
Re: Beta Fortress(TM) 1.20 Released (Score: 1)
by Zhen-Xjell on Sunday, May 23 @ 11:42:52 CEST
(User Info | Send a Message) http://castlecops.com | Hi folks, please do not copy/paste the new mainfile.php code as each version is going to be different I didn't include it for that purpose. You'll have to manually modify your mainfile.php to be similar to the one I have in fortress.php. Specifically, you are looking for where the "Add new lines" are supposed to go. Within fortress.php, the UTC Final code resembles what the NC mainfile.php looks like. You can copy/paste your mainfile.php if you need our special attention.
Just paste the top part, not mainfile in its entirety. |
| | | | |
Re: Beta Fortress(TM) 1.20 Released (Score: 1)
by nuke-lux on Sunday, May 23 @ 13:03:39 CEST
(User Info | Send a Message) http://www.nukecommunity.com | I use patched php-nuke 7.3 by chatserv and i had no problems to install the fortress file, but then i wanted to test it so i visited security focus to get the latest bug and i found this one: http://www.securityfocus.com/bid/10365 but when i tried it, it worked, so is this a bug fortress doesn't cover or did i do something wrong when i installed fortress?
I also tried this code http://www.nukecommunity.com/modules.php?name=Downloads&d_op=viewsdownload&sid=-1/**/UNION/**/SELECT/**/0,0,aid,pwd,0,0,0,0,0,0,0,0/**/FROM/**/nuke_authors/**/WHERE/**/radminsuper=1/**/LIMIT/**/1/* , but nothing happened, i got not banned i only had to go back to index.php ...? |
| | | | |
Re: Beta Fortress(TM) 1.20 Released (Score: 1)
by speedx on Sunday, May 23 @ 14:33:41 CEST
(User Info | Send a Message) | Seems it is all working, can login as admin but if I try to login as a user I get this error
"Sorry, such file doesn't exist..." |
| | | | |
Re: Beta Fortress(TM) 1.20 Released (Score: 1)
by nix on Sunday, May 23 @ 15:17:40 CEST
(User Info | Send a Message) | Can someone help me with the changes to mainfile.php
Here is my mainfile.php It seems diffrent then the example in the fortress.php I am using nuke 7.0
************************************************************************/
/* PHP-NUKE: Advanced Content Management System */
/* ============================================ */
/* */
/* Copyright (c) 2002 by Francisco Burzi */
/* http://phpnuke.org */
/* */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License. */
/************************************************************************/
$phpver = phpversion();
if ($phpver >= '4.0.4pl1' && strstr($HTTP_USER_AGENT,'compatible')) {
if (extension_loaded('zlib')) {
ob_end_clean();
ob_start('ob_gzhandler');
}
} else if ($phpver > '4.0') {
if (strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip')) {
if (extension_loaded('zlib')) {
$do_gzip_compress = TRUE;
ob_start();
ob_implicit_flush(0);
//header('Content-Encoding: gzip');
}
}
}
$phpver = explode(".", $phpver);
$phpver = "$phpver[0]$phpver[1]";
if ($phpver >= 41) {
$PHP_SELF = $_SERVER['PHP_SELF'];
}
if (!ini_get("register_globals")) {
import_request_variables('GPC');
}
foreach ($_GET as $secvalue) {
if ((eregi("<[^>]*script*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*object*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*iframe*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*applet*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*meta*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*style*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*form*\"?[^>]*>", $secvalue)) ||
(eregi("\([^>]*\"?[^)]*\)", $secvalue)) ||
(eregi("\"", $secvalue))) {
# die ("<center><img src=images/logo.gif><br><br><b>The html tags you attempted to use are not allowed</b><br><br>[ <a href=\"javascript:history.go(-1)\"><b>Go Back</b></a> ]");
}
}
foreach ($_POST as $secvalue) {
if ((eregi("<[^>]*script*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*style*\"?[^>]*>", $secvalue))) {
die ("<center><img src=images/logo.gif><br><br><b>The html tags you attempted to use are not allowed</b><br><br>[ <a href=\"javascript:history.go(-1)\"><b>Go Back</b></a> ]");
}
}
if (eregi("mainfile.php",$PHP_SELF)) {
Header("Location: index.php");
die();
}
if ($forum_admin == 1) {
require_once("../../../config.php");
require_once("../../../db/db.php");
} elseif ($inside_mod == 1) {
require_once("../../config.php");
require_once("../../db/db.php");
} else {
require_once("config.php");
require_once("db/db.php");
/* FOLL
Read the rest of this comment... |
| | | | |
Re: Beta Fortress(TM) 1.20 Released (Score: 1)
by Mouldy_punk on Sunday, May 23 @ 15:36:12 CEST
(User Info | Send a Message) http://www.mouldypunk.com | | I have installed it and I havn't recieved any errors, which was nice. But I don't have a fortress.csv file or a fortress.htm file. Where do they come from? |
| | | | |
Re: Beta Fortress(TM) 1.20 Released (Score: 1)
by PHPautH on Sunday, May 23 @ 16:44:28 CEST
(User Info | Send a Message) | | EXCELLENT!!! THIS VERSION 1.20!!! CONGRATULATIONS!!!! |
| | | | |
Re: Beta Fortress(TM) 1.20 Released (Score: 1)
by echostorm on Sunday, May 23 @ 19:30:04 CEST
(User Info | Send a Message) | I am running Nuke 7.3 and need some help. I am posting the top part of my mainfile here, could someone please add the fortress stuff in it for me? I can then just edit the names, etc? Thank you.
[b]NUKECOPS BY USING '$matches[1]' INSIDE '$loc'.");
}
if (stristr($_SERVER["QUERY_STRING"],'%20union%20')) header("Location: index.php");
$phpver = phpversion();
if ($phpver >= '4.0.4pl1' && strstr($HTTP_USER_AGENT,'compatible')) {
if (extension_loaded('zlib')) {
ob_end_clean();
ob_start('ob_gzhandler');
}
} else if ($phpver > '4.0') {
if (strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip')) {
if (extension_loaded('zlib')) {
$do_gzip_compress = TRUE;
ob_start();
ob_implicit_flush(0);
//header('Content-Encoding: gzip');
}
}
}
$phpver = explode(".", $phpver);
$phpver = "$phpver[0]$phpver[1]";
if ($phpver >= 41) {
$PHP_SELF = $_SERVER['PHP_SELF'];
}
if (!ini_get("register_globals")) {
import_request_variables('GPC');
}
foreach ($_GET as $secvalue) {
if ((eregi("]script*"?[^>]*>", $secvalue)) ||
(eregi("]*object*"?[^>]*>", $secvalue)) ||
(eregi("]*iframe*"?[^>]*>", $secvalue)) ||
(eregi("]*applet*"?[^>]*>", $secvalue)) ||
(eregi("]*meta*"?[^>]*>", $secvalue)) ||
(eregi("]*style*"?[^>]*>", $secvalue)) ||
(eregi("]*form*"?[^>]*>", $secvalue)) ||
(eregi("([^>]*"?[^)]*)", $secvalue)) ||
(eregi(""", $secvalue))) {
die ("
The html tags you attempted to use are not allowed
[ Go Back ]");
}
}
[/b] |
| | | | |
Re: Beta Fortress(TM) 1.20 Released (Score: 1)
by IACOJ on Sunday, May 23 @ 21:19:18 CEST
(User Info | Send a Message) | Hello everyone.
Please make sure you check the config section of Fortress(TM) there are changes which need to be made by you. If those changes are not made we here at NC get your email alerts rather then you getting them. |
| | | | |
Re: Beta Fortress(TM) 1.20 Released (Score: 1)
by BrainSmashR on Tuesday, May 25 @ 18:07:48 CEST
(User Info | Send a Message) http://www.brainsmashr.com | Installed fortress, clicked a link on my homepage and was instantly banned, now I see that my server (on my site all the time for some reason) is now also banned. How do I fix this?
|
| | | | | |
