You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 165 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Admin AddAuthor POST Twist Exploit
SecurityNuke Cops had released Admin Tap (this one is version 3) to address the old problem of adding authors to your PHP-Nuke portal without your knowledge. We cannot stress enough how important our patch is because it addresses not just GETs but also POSTs. We've been receiving emails stating that other vendor patches do not work against POST. Our Admin Tap addresses this. Please research your options and choose wisely amongst vendor patches.
Posted on Sunday, May 16 @ 07:58:14 CEST by IACOJ
 
Related Links
· Computer Cops
· More about Security
· News by IACOJ
Most read story about Security:
PHP-Nuke admin.php security hole - PATCHED
Article Rating
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad
Options

 Printer Friendly Page  Printer Friendly Page

 Send to a Friend  Send to a Friend
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register

Re: Admin AddAuthor POST Twist Exploit (Score: 1)
by purasorte on Sunday, May 16 @ 09:21:19 CEST
(User Info | Send a Message)
I received:
Warning: Compilation failed: nothing to repeat at offset 0 in /home/restricted/home/mysite/public_html/admin.php on line 54
Solution:
http://nukecops.net/postp121465.html#121465 [nukecops.net]

Re: Admin AddAuthor POST Twist Exploit (Score: 1)
by chatserv on Sunday, May 16 @ 10:41:01 CEST
(User Info | Send a Message) http://nukeresources.com
Guess i should warn Nuke users about this, although i have not encountered any patches being sold out there i'm aware that i do not visit all websites so it might be a possibility and it must be the case since patches by "other vendors" are mentioned within this article so my advice to you? don't waste your money,many of us offer patches for free, if you pay for installs that's another story but never pay for a patch. I for one offer everything i release for free and i would think that by now i have proven my consistency as have many others.

Re: Admin AddAuthor POST Twist Exploit (Score: 1)
by inkydink1234 on Monday, May 17 @ 11:54:18 CEST
(User Info | Send a Message)
Raven offers an admin fix that keeps all exploits out. It's simple - it just adds HTTP Authentication to even get into the admin module. See http://ravenphpscripts.com for more info.
Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.282 Seconds - 555 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::