You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 293 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Nuke Cops :: View topic - admin.php security hole [ ]
 Forum FAQ  •  Search  •   •  Memberlist  •  Usergroups   •  Register  •  Profile •    •  Log in to check your private messages  •  Log in

admin.php security hole
Goto page 1, 2, 3, 4, 5, 6  Next		  
Post new topic  Reply to topicprinter-friendly view Nuke Cops Forum Index » Nuke Security
View previous topic Log in to check your private messages View next topic
Author Message
Zhen-Xjell
Nuke Cops Founder
Nuke Cops Founder


Joined: Nov 14, 2002
Posts: 5939
PostPosted: Sat Oct 11, 2003 12:33 pm Reply with quoteBack to top
I've just written and implemented our new admin.php security hole patch. I've tested it and it seems to work, so I'm having my staff continue testing. If all goes well I'll release it tomorrow. So consider this a heads up!

_________________
Paul Laudanski, Microsoft MVP Windows-Security
CastleCops: [de] [en] [wiki]
Find all posts by Zhen-XjellView user's profileSend private messageSend e-mailVisit poster's website
poppafrog
Lieutenant
Lieutenant


Joined: Jul 14, 2003
Posts: 153
PostPosted: Sat Oct 11, 2003 12:45 pm Reply with quoteBack to top
Thanks ZX for the heads up and hard work you always put in for us.

_________________
Image
Find all posts by poppafrogView user's profileSend private messageVisit poster's website
chatserv
General
General


Joined: Jan 12, 2003
Posts: 3128

Location: Puerto Rico
PostPosted: Sun Oct 12, 2003 7:42 pm Reply with quoteBack to top
The code posted in the frontpage article is incorrect because of Nuke's filtering so it's best if it's placed here.

Code:
$checkmyurl = getenv("REQUEST_URI");

if (preg_match("/\?admin/", "$checkmyurl")) {
echo "die - see nukecops.com";
exit;
}

_________________
Feed a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime.
ScriptHeaven | NukeResources

Last edited by chatserv on Mon Oct 13, 2003 6:08 am; edited 1 time in total
Find all posts by chatservView user's profileSend private messageVisit poster's website
Zhen-Xjell
Nuke Cops Founder
Nuke Cops Founder


Joined: Nov 14, 2002
Posts: 5939
PostPosted: Sun Oct 12, 2003 7:49 pm Reply with quoteBack to top
Thanks for saving my butt there CS. Yes, the PHP-Nuke news filtering does filter out required characters.

_________________
Paul Laudanski, Microsoft MVP Windows-Security
CastleCops: [de] [en] [wiki]
Find all posts by Zhen-XjellView user's profileSend private messageSend e-mailVisit poster's website
tinjaw
Nuke Cadet
Nuke Cadet


Joined: Oct 12, 2003
Posts: 4
PostPosted: Sun Oct 12, 2003 8:04 pm Reply with quoteBack to top
I added the code and now I can't add a new block with a RSS feed. It complains about the URL. Can somebody sanity check this for me? I'll post more details if nobody can reproduce the error by default.

--------------

There is a problem with the RSS file URL

Please check the URL and RSS file name, then try again.

--------------------
Find all posts by tinjawView user's profileSend private message
Zhen-Xjell
Nuke Cops Founder
Nuke Cops Founder


Joined: Nov 14, 2002
Posts: 5939
PostPosted: Sun Oct 12, 2003 8:08 pm Reply with quoteBack to top
Hi'ya sanity check has been completed on several PHP-Nuke websites and all has been fine. Please insert the code into your admin.php. Otherwise, please post exactly where you placed it in your code.

_________________
Paul Laudanski, Microsoft MVP Windows-Security
CastleCops: [de] [en] [wiki]
Find all posts by Zhen-XjellView user's profileSend private messageSend e-mailVisit poster's website
speedx
Corporal
Corporal


Joined: Oct 01, 2003
Posts: 59
PostPosted: Sun Oct 12, 2003 8:13 pm Reply with quoteBack to top
So does it go like this?

<?php


$url = getenv("REQUEST_URI");

if (preg_match("/\?admin/", "$url")) {
echo "die";
exit;
}
require_once("mainfile.php");
get_lang(admin);
Find all posts by speedxView user's profileSend private message
Zhen-Xjell
Nuke Cops Founder
Nuke Cops Founder


Joined: Nov 14, 2002
Posts: 5939
PostPosted: Sun Oct 12, 2003 8:17 pm Reply with quoteBack to top
Yes that is correct.

_________________
Paul Laudanski, Microsoft MVP Windows-Security
CastleCops: [de] [en] [wiki]
Find all posts by Zhen-XjellView user's profileSend private messageSend e-mailVisit poster's website
speedx
Corporal
Corporal


Joined: Oct 01, 2003
Posts: 59
PostPosted: Sun Oct 12, 2003 8:18 pm Reply with quoteBack to top
Ok just making sure.. site seems to be ok with that code in there..
Find all posts by speedxView user's profileSend private message
Zhen-Xjell
Nuke Cops Founder
Nuke Cops Founder


Joined: Nov 14, 2002
Posts: 5939
PostPosted: Sun Oct 12, 2003 8:19 pm Reply with quoteBack to top
Yes it will be good with that code.

_________________
Paul Laudanski, Microsoft MVP Windows-Security
CastleCops: [de] [en] [wiki]
Find all posts by Zhen-XjellView user's profileSend private messageSend e-mailVisit poster's website
tinjaw
Nuke Cadet
Nuke Cadet


Joined: Oct 12, 2003
Posts: 4
PostPosted: Sun Oct 12, 2003 8:20 pm Reply with quoteBack to top
chatserv pegged it. That's the bugger.
Find all posts by tinjawView user's profileSend private message
speedx
Corporal
Corporal


Joined: Oct 01, 2003
Posts: 59
PostPosted: Sun Oct 12, 2003 8:24 pm Reply with quoteBack to top
tinjaw thats only if you are using rss correct? use the code chatserv posted?
Find all posts by speedxView user's profileSend private message
Johan1982
Nuke Soldier
Nuke Soldier


Joined: Oct 13, 2003
Posts: 22
PostPosted: Sun Oct 12, 2003 8:28 pm Reply with quoteBack to top
Also Nuke 6.0?
Find all posts by Johan1982View user's profileSend private message
tinjaw
Nuke Cadet
Nuke Cadet


Joined: Oct 12, 2003
Posts: 4
PostPosted: Sun Oct 12, 2003 8:29 pm Reply with quoteBack to top
speedx: If you attempt to add a block and that block is a custom block based on a RSS feed, the code that checks the URL also uses the $URL variable. This causes a conflict. Therefore the security fix needs to use a variable named something other than $URL to be backward compatible.
Find all posts by tinjawView user's profileSend private message
speedx
Corporal
Corporal


Joined: Oct 01, 2003
Posts: 59
PostPosted: Sun Oct 12, 2003 8:31 pm Reply with quoteBack to top
roger that ..
Find all posts by speedxView user's profileSend private message
Display posts from previous:      
Post new topic  Reply to topicprinter-friendly view Nuke Cops Forum Index » Nuke Security
View previous topic Log in to check your private messages View next topic
Goto page 1, 2, 3, 4, 5, 6  Next You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group

Ported by Nuke Cops © 2003 www.nukecops.com
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::
Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.115 Seconds - 222 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::