|
- Readme First! -
Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 155 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
|
|
Posted on Saturday, August 16 @ 10:00:00 CEST by Zhen-Xjell |
|
|
|
|
| |
|
|
| | The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
| No Comments Allowed for Anonymous, please register | | | | |
Re: phpBB vulnerability (Score: 1)
by VinDSL on Sunday, August 17 @ 02:48:19 CEST
(User Info | Send a Message) http://www.lenon.com/ |
Excuse me, but how is this any different than allowing HTML tags on the rest of the site, like this Comment Section for instance? And, if the HTML tags don't allow cross-site scripting in PHP-Nuke, why would they work in phpBB, but not the rest of the site?
Hrm... something doesn't add up here... |
| | | | |
Re: phpBB vulnerability (Score: 1)
by intel352 on Sunday, August 17 @ 03:42:25 CEST
(User Info | Send a Message) http://www.nukebbmods.net | i'm just pointing out the forum vulnerability... i dunno if the same vulnerability exists in nuke, but if the nuke html parser checks for stuff like javascript in urls, then maybe that stops the vulnerability....
no clue tho.
so, since BBCode is so much more secure, it'd be pretty interesting to see someone release a version of Nuke with bbcode support hacked in, with admin controls to enable/disable tags, etc
THAT would be nice ;) |
| | | | |
Re: phpBB vulnerability (Score: 1)
by intel352 on Sunday, August 17 @ 03:44:03 CEST
(User Info | Send a Message) http://www.nukebbmods.net | | btw, in the news post, it says 'primarily the tag', that was meant to be 'primarily the [a] tag' (replace the brackets with regular html brackets) |
| | | | |
Re: phpBB vulnerability (Score: 1)
by VinDSL on Sunday, August 17 @ 07:30:42 CEST
(User Info | Send a Message) http://www.lenon.com/ |
I just went to my site a turned on HTML tags in phpBB. Then I tried to inject some Javascript into a message. When I tried to preview it or save it, all it did was return me to the home page. Then I tried it with HTML turned off with the same result[s].
I'm 99.9% sure that it's being blocked by mainfile.php, so I don't think there's any problem with leaving HTML enabled in phpBB, as far as cross-site scripting is concerned, since it's wrapped in PHP-Nuke.
Now, in the standalone product, it may be a totally different situation. phpBB doesn't have Nuke to protect it... :) |
| | | | |
Re: phpBB vulnerability (Score: 1)
by VinDSL on Sunday, August 17 @ 08:12:15 CEST
(User Info | Send a Message) http://www.lenon.com/ |
Apologies to intel352!
I just reread the article and went back to my site and tested phpBB again. I turned on HTML and enabled the anchor tag. Then I injected the code again, but this time in HEX. Guess what? It didn't have any problem at all providing a link to a CGI script on my site. I would guess the meta character filters on phpBB aren't working right.
Good catch! I'm turning off HTML in phpBB and leaving it off... |
| | | | | |
