You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 282 guest(s) and 28 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Nuke Cops :: View topic - admin.php security hole [ ]
 Forum FAQ  •  Search  •   •  Memberlist  •  Usergroups   •  Register  •  Profile •    •  Log in to check your private messages  •  Log in

 
Post new topic  Reply to topicprinter-friendly view
View previous topic Log in to check your private messages View next topic
Author Message
foxyfemfem
Support Staff
Support Staff


Joined: Jan 23, 2003
Posts: 668

Location: USA

PostPosted: Sun Dec 14, 2003 3:25 pm Reply with quoteBack to top

Hello,

Other than the admin.php can this code
chris wrote:
$checkmyurl = getenv("REQUEST_URI");

if ((!(strpos("$checkmyurl", "?admin=") === FALSE)) ||
(!(strpos("$checkmyurl", "&admin=") === FALSE))) {
echo "die";
exit;
}
be added to the mainfile.php, index.php and modules.php files for extra security?

_________________
If you shoot for the moon and miss, you'll still be amongst the stars.
Find all posts by foxyfemfemView user's profileSend private message
chris
Support Mod
Support Mod


Joined: Jul 17, 2003
Posts: 12


PostPosted: Mon Dec 15, 2003 6:49 pm Reply with quoteBack to top

My understanding is that the vulnerability in question affects only the admin.php file. Not 100% sure though.

I think a central place for checking the URL parameters is a good idea. As such, the mainfile.php is the predestined place for it (there is already code that checks each URL parameter there). Since everything includes mainfile.php, it should be safe to put it there.

Try it. And double check it. Wink
Find all posts by chrisView user's profileSend private messageVisit poster's website
foxyfemfem
Support Staff
Support Staff


Joined: Jan 23, 2003
Posts: 668

Location: USA

PostPosted: Mon Dec 15, 2003 7:22 pm Reply with quoteBack to top

Hello,

I added the above code to my mainfile.php, so far so good. You're right everything in phpnuke include the mainfile.php. It would be a good ideal to add a code there to stop intruders. Hopefully, this will work.

_________________
If you shoot for the moon and miss, you'll still be amongst the stars.
Find all posts by foxyfemfemView user's profileSend private message
harryo
Nuke Soldier
Nuke Soldier


Joined: Oct 15, 2003
Posts: 16


PostPosted: Thu Dec 18, 2003 1:13 pm Reply with quoteBack to top

Does anybody see an issue with this code (in mainfile.php):

Code:
$checkmyurl = $_SERVER['REQUEST_URI'];
 if (empty($checkmyurl)) {
    $checkmyurl = getenv("REQUEST_URI");
}

if (eregi("mainfile.php",$PHP_SELF)) {
    Header("Location: index.php");
    die();
} elseif (((strpos("$checkmyurl", "?admin="))) || ((strpos("$checkmyurl", "&admin=")))) {
    Header("Location: index.php");
    die();
}


HarryO
Find all posts by harryoView user's profileSend private message
chris
Support Mod
Support Mod


Joined: Jul 17, 2003
Posts: 12


PostPosted: Fri Dec 19, 2003 2:30 pm Reply with quoteBack to top

Looks O.K. to me.
Find all posts by chrisView user's profileSend private messageVisit poster's website
chatserv
General
General


Joined: Jan 12, 2003
Posts: 3128

Location: Puerto Rico

PostPosted: Sun Dec 28, 2003 8:34 am Reply with quoteBack to top

For the record Zhen's code can be modified to block both instances mentioned in a earlier post of this topic, something like:

Code:
$checkurl = $_SERVER['REQUEST_URI'];

if ((preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
echo "die";
exit;
}

_________________
Feed a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime.
ScriptHeaven | NukeResources
Find all posts by chatservView user's profileSend private messageVisit poster's website
echostorm
Nuke Soldier
Nuke Soldier


Joined: Oct 13, 2003
Posts: 33


PostPosted: Sun Dec 28, 2003 11:10 am Reply with quoteBack to top

I looked threw all the post here and probably missed what I was looking for...Do you just stick that code into the admn.php file somewhere? Does it matter where in the file? Thank you.
Find all posts by echostormView user's profileSend private message
chatserv
General
General


Joined: Jan 12, 2003
Posts: 3128

Location: Puerto Rico

PostPosted: Sun Dec 28, 2003 11:27 am Reply with quoteBack to top

Add it to admin.php right after the credits.

_________________
Feed a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime.
ScriptHeaven | NukeResources
Find all posts by chatservView user's profileSend private messageVisit poster's website
echostorm
Nuke Soldier
Nuke Soldier


Joined: Oct 13, 2003
Posts: 33


PostPosted: Sun Dec 28, 2003 11:28 am Reply with quoteBack to top

Thank you.
Find all posts by echostormView user's profileSend private message
corey
Nuke Cadet
Nuke Cadet


Joined: Jul 23, 2003
Posts: 9


PostPosted: Thu Sep 02, 2004 5:35 pm Reply with quoteBack to top

I have never altered files and my site has been hacked regularly could someone check if I insert the code in the admin.php file like this?

<?php

/************************************************************************/
/* PHP-NUKE: Advanced Content Management System */
/* ============================================ */
/* */
/* Copyright (c) 2002 by Francisco Burzi */
/* http://phpnuke.org */
/* */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License. */
/************************************************************************/

$url = getenv("REQUEST_URI");

if (preg_match("/\?admin/", "$url")) {
echo "die";
exit;
}
require_once("mainfile.php");
get_lang(admin);
Find all posts by coreyView user's profileSend private message
Evaders99
Site Admin
Site Admin


Joined: Aug 17, 2003
Posts: 12482


PostPosted: Thu Sep 02, 2004 6:21 pm Reply with quoteBack to top

Note how old this thread it.

All the details on securing your system: http://www.nukecops.com/postt32206.html

_________________
Helping those that help themselves
Read FIRST or DIE!

"Fighting is terrible, but not as terrible as losing the will to fight."
Star Wars Rebellion Network - Need Help? Evaders Squadron Coding
Find all posts by Evaders99View user's profileSend private messageVisit poster's websiteAIM Address
Display posts from previous:      
Post new topic  Reply to topicprinter-friendly view
View previous topic Log in to check your private messages View next topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



Powered by phpBB © 2001, 2005 phpBB Group

Ported by Nuke Cops © 2003 www.nukecops.com
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::
Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.623 Seconds - 427 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::