Admin Exploit - XSS Type
Date: Monday, March 22 @ 16:29:14 CET
Topic: Security

BEWARE. There is a new cross site browser scripting exploit where authentic PHP-Nuke admins may inadvertantly create new authors, remove authors, and basically do any admin.php functions without their knowledge!

I created a quick patch to watch over this activity. In your admin.php, find my previous admin.php patch:

if (preg_match("/?admin/", "$checkurl")) {
echo "die";
exit;
}


Add this before it:

//Security XSS Prevention by Zhen-Xjell 22 Mar 2004 NukeCops.com Copyright All Rights Reserved
$refer = $_SERVER['HTTP_REFERER'];

$argv = $_SERVER['argv'];

if ($argv[0] != "") {
if (!preg_match("/admin.php/", "$refer")) {
echo "<BR>$refer<BR>die";
exit;
}
}



And after it add this:

// Addition by Zhen-Xjell NukeCops.com Mar 22 2004 Copyright All Rights Reserved
if (preg_match("/AddAuthor/", "$checkurl")) {
echo "die";
exit;
}
if (preg_match("/UpdateAuthor/", "$checkurl")) {
echo "die";
exit;
}


This article comes from NukeCops
http://www.nukecops.com

The URL for this story is:
http://www.nukecops.com/modules.php?name=News&file=article&sid=1793