4images Forum & Community
Welcome, Guest. Please login or register.
Did you miss your activation email?
November 21, 2018, 06:38:30 PM

Login with username, password and session length
Search:     Advanced search
Togle to toolbar
Translate this page with =>
Translate this page >
* Home Help Search Login Register
 
+  4images Forum & Community
|-+  4images Help / Hilfe
| |-+  Bug Fixes & Patches
| | |-+  [1.7 / 1.7.1] Security fix in sessions.php
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: «« « 1 2 3 [4] 5 » »» Print
Author Topic: [1.7 / 1.7.1] Security fix in sessions.php  (Read 228006 times)
TariqAlAli
Newbie
*
Offline Offline

Posts: 13

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #45 on: July 16, 2005, 10:08:12 AM »

HI All,

it has been a month since my first post about this fix. No more penetration to my server via SESSION  Very Happy Very Happy

no other details will be posted  Laughing Laughing Laughing

My advise, replace ASAP.


Regards

Tariq
Logged
Dan1113
Jr. Member
**
Offline Offline

Posts: 72

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #46 on: July 24, 2005, 12:55:44 AM »

I see that the vbulletin 2.x integration is ok, but what about the 3.x?

Here's the line in 3.x
$user_id = ($this->read_cookie_data(COOKIE_PREFIX."userid")) ? $this->read_cookie_data(COOKIE_PREFIX."userid") : GUEST;
Logged
V@no
If you don't tell me what to do, I won't tell you where you should go :)
Administrator
4images Guru
*****
Offline Offline

Posts: 17849

Thank You
-Given: 47
-Receive: 577

mmm PHP...


View Profile WWW
« Reply #47 on: July 24, 2005, 05:27:40 AM »

1
$user_id = ($this->read_cookie_data(COOKIE_PREFIX."userid")) ? intval($this->read_cookie_data(COOKIE_PREFIX."userid")) : GUEST;
Logged

Your first three "must do" before you ask a question:
Please do not PM me asking for help unless you've been specifically asked to do so. Such PMs will be deleted without answer. (forum rule #6)
Extension for Firefox/Thunderbird: Master Password+    Back/Forward History Tweaks (restartless)    Cookies Manager+    Fit Images (restartless for Thunderbird)
pkitty
Newbie
*
Offline Offline

Posts: 28

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #48 on: August 18, 2005, 04:20:30 AM »

I have a problem, I did this fix when it first came out, I recently had an influx of members, and I got an email today from one of them with a link in it, and when I clicked on it, I was logged into her account, I checked and double checked...this is the part of the code I changed in includes/sessions.php  am I missing something?

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
  function demand_session() {
    $this->get_session_id();
    if (!$this->load_session_info()) {
      $this->delete_old_sessions();
    $user_id = ($this->read_cookie_data("userid")) ? intval($this->read_cookie_data("userid")) : GUEST;
    $this->start_session($user_id);
    }
    else {
      $this->user_info = $this->load_user_info($this->session_info['session_user_id']);
      $update_cutoff = ($this->user_info['user_id'] != GUEST) ? $this->current_time - $this->user_info['user_lastaction'] : $this->current_time - $this->session_info['session_lastaction'];
      if ($update_cutoff > 60) {
        $this->update_session();
        $this->delete_old_sessions();
      }
    }
  }

  function start_session($user_id = GUEST, $login_process = 0) {
    global $site_db;

    $this->user_info = $this->load_user_info($user_id);
    if ($this->user_info['user_id'] != GUEST && !$login_process) {
      if ($this->read_cookie_data("userpass") === $this->user_info['user_password'] && $this->user_info['user_level'] > USER_AWAITING) {
        $this->set_cookie_data("userpass", $this->user_info['user_password']);
      }
      else {
        $this->set_cookie_data("userpass", "", 0);
        $this->user_info = $this->load_user_info(GUEST);
      }
    }

       
Logged
Jan
Administrator
4images Guru
*****
Offline Offline

Posts: 5024

Thank You
-Given: 0
-Receive: 33


View Profile WWW
« Reply #49 on: August 19, 2005, 01:53:20 PM »

Seems to be that problem: http://www.4homepages.de/forum/index.php?topic=8895.0
Logged

Your first three "must do" before you ask a question:
1. Forum rules
2. FAQ
3. Search
pkitty
Newbie
*
Offline Offline

Posts: 28

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #50 on: August 20, 2005, 07:46:54 PM »

I already have that in my includes/sessions.php.... see down below, so that cant be the problem unless I should have that in there...this is so confusing.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
  if (!isset($this->session_info['session_user_id'])) {
        return false;
    }

if (!isset($this->session_info['session_ip']) || (isset($this->session_info['session_ip']) && $this->session_info['session_ip'] != $this->user_ip))
    {
      session_regenerate_id();
      $this->session_id = session_id();
      return false;
    }

    return $this->session_info;
  }

Logged
hyde101
Sr. Member
****
Offline Offline

Posts: 410

Thank You
-Given: 0
-Receive: 0

34TR.COM (Running 4images)


View Profile WWW
« Reply #51 on: August 23, 2005, 06:47:30 PM »

I have 1.7 and I already have this modificition, (didn't need to change in sessions.php)
Logged


Please Vote for my site: Here
pkitty
Newbie
*
Offline Offline

Posts: 28

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #52 on: August 24, 2005, 03:39:42 AM »

I too have 1.7...have you had a member send you an email with a link in it to see if the fix worked, or did you just add it and assume like I did it was fixed.  I cannot have people being able to log into others accounts, or have my host be at risk....is there no solution to this or was the code looked at to see if I did something wrong?  Its been almost 5 days.....I dont want to have to delete my photo album from my server because of this...does anybody know what it is?
Logged
Xyu BAM
Full Member
***
Offline Offline

Posts: 145

Thank You
-Given: 0
-Receive: 2


View Profile
« Reply #53 on: August 24, 2005, 05:19:18 AM »

I too have 1.7...have you had a member send you an email with a link in it to see if the fix worked, or did you just add it and assume like I did it was fixed. I cannot have people being able to log into others accounts, or have my host be at risk....is there no solution to this or was the code looked at to see if I did something wrong? Its been almost 5 days.....I dont want to have to delete my photo album from my server because of this...does anybody know what it is?
your problem is not related to this topic...
Logged
hyde101
Sr. Member
****
Offline Offline

Posts: 410

Thank You
-Given: 0
-Receive: 0

34TR.COM (Running 4images)


View Profile WWW
« Reply #54 on: August 24, 2005, 06:04:56 AM »

But as I said, I have 1.7 and I didn't need to change this as it was already there..
Probably some other mod changed it? I don't remember, really. But it's there (new format)
Logged


Please Vote for my site: Here
pkitty
Newbie
*
Offline Offline

Posts: 28

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #55 on: August 24, 2005, 04:49:03 PM »

I too have 1.7...have you had a member send you an email with a link in it to see if the fix worked, or did you just add it and assume like I did it was fixed. I cannot have people being able to log into others accounts, or have my host be at risk....is there no solution to this or was the code looked at to see if I did something wrong? Its been almost 5 days.....I dont want to have to delete my photo album from my server because of this...does anybody know what it is?
your problem is not related to this topic...

Well then what topic IS it related to? 
Logged
xico
Newbie
*
Offline Offline

Posts: 30

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #56 on: September 12, 2005, 12:51:40 AM »

I made that change few months ago and today i was hacked... do you have another recent security fix?
Logged
Xyu BAM
Full Member
***
Offline Offline

Posts: 145

Thank You
-Given: 0
-Receive: 2


View Profile
« Reply #57 on: September 12, 2005, 08:13:17 AM »

I made that change few months ago and today i was hacked... do you have another recent security fix?
and what is your evidence that your've been hacked THROUGH 4images ?
Logged
hyde101
Sr. Member
****
Offline Offline

Posts: 410

Thank You
-Given: 0
-Receive: 0

34TR.COM (Running 4images)


View Profile WWW
« Reply #58 on: September 12, 2005, 03:32:26 PM »

That's terrible..

Xico, what else do you have public on your server? any php forums such as phpbb or invision board?
please list the versions of any other php script you have on your server..

What kind of "hack" was it? Was it "deface" (changing of INDEX)
Logged


Please Vote for my site: Here
TheOracle
Guest
« Reply #59 on: September 13, 2005, 03:15:37 AM »

Quote  [Expand]

please list the versions of any other php script you have on your server..


@Xico:

If you intend to list your Global Server Information on the forum, please install this MOD first if you haven't do so. It will facilitate your task. Wink

http://www.4homepages.de/forum/index.php?topic=9289.msg43918#msg43918

Logged
Pages: «« « 1 2 3 [4] 5 » »» Print 
« previous next »
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF | SMF © 2015, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.235 seconds with 19 queries.