Author Topic: [1.7 / 1.7.1] Security fix in sessions.php  (Read 269763 times)

0 Members and 1 Guest are viewing this topic.

Offline arindra

  • Jr. Member
  • **
  • Posts: 97
    • View Profile
Re: [1.7,1.7.1] Security fix in sessions.php
« Reply #15 on: June 13, 2005, 11:36:24 AM »
have done it ... am using integration with Invisionboard .
but can someone explain what this fix does exactly ?

Offline martrix

  • Hero Member
  • *****
  • Posts: 755
    • View Profile
    • overlord.cz
Re: [1.7,1.7.1] Security fix in sessions.php
« Reply #16 on: June 13, 2005, 04:54:15 PM »
Bitte hab Verständnis dafür, dass ich darauf nicht näher eingehe. Es gibt viele Installationen die diesen Fix nicht haben und wenn ich erkläre wie und wo man das ausnutzt...naja du verstehst ;)

Gruß Jan
in other language and other words:

Please understand that I won't give you more information on this fix.
There are many 4images installations out there without this fix installed and when I explain you, how one may misuse that... well...hope you understand ;)

in short:
things you would not like could happen without this fix being implemented...
MAяTRIX


Offline Unsichtbar

  • Newbie
  • *
  • Posts: 14
    • View Profile
Re: [1.7,1.7.1] Security fix in sessions.php
« Reply #17 on: June 14, 2005, 05:08:33 PM »
thanks...  :D

Offline TariqAlAli

  • Newbie
  • *
  • Posts: 13
    • View Profile
Re: [1.7,1.7.1] Security fix in sessions.php
« Reply #18 on: June 15, 2005, 07:42:50 AM »
HI all

I believe this fix stopps anonymous from uploading files to your tmp folder via apache where you can even run those files remotely..

I was a victim. an intruder was uploading SPAM Email scripts and running them remotely. I just did the changes and hope this will fix it.. if it works I will update you.


Regards

Tariq AlAli

Offline V@no

  • If you don't tell me what to do, I won't tell you where you should go :)
  • Global Moderator
  • 4images Guru
  • *****
  • Posts: 17.849
  • mmm PHP...
    • View Profile
    • 4images MODs Demo
Re: [1.7,1.7.1] Security fix in sessions.php
« Reply #19 on: June 15, 2005, 07:45:33 AM »
HI all

I believe this fix stopped anonymous from uploading files to your tmp folder via apache where you can even run those files remotely..

I was a victim. an intruder was uploading SPAM Email scripts and running them remotely. I just did the changes and hope this will fix it.. if it works I will update you.


Regards

Tariq AlAli
what u just discribed seems to be your server issue, and not 4images.
Your first three "must do" before you ask a question:
Please do not PM me asking for help unless you've been specifically asked to do so. Such PMs will be deleted without answer. (forum rule #6)
Extension for Firefox/Thunderbird: Master Password+    Back/Forward History Tweaks (restartless)    Cookies Manager+    Fit Images (restartless for Thunderbird)

Offline TariqAlAli

  • Newbie
  • *
  • Posts: 13
    • View Profile
Re: [1.7,1.7.1] Security fix in sessions.php
« Reply #20 on: June 15, 2005, 07:59:29 AM »
HI all

I believe this fix stopped anonymous from uploading files to your tmp folder via apache where you can even run those files remotely..

I was a victim. an intruder was uploading SPAM Email scripts and running them remotely. I just did the changes and hope this will fix it.. if it works I will update you.


Regards

Tariq AlAli
what u just discribed seems to be your server issue, and not 4images.

well this happened to me since day one i installed 4images, anyhow as I mentioned "It might be". Since I modified the file the intruder had stopped the penetration to the server.

Also I noticed when I installed 4images a month ago that if i log in with my account and give a photo URL (Session) to a user, he will be login in with my session/ID.

I will be doing several exercises and will update you accordingly.

Thank you again.

Regards


Tariq AlAli

Offline V@no

  • If you don't tell me what to do, I won't tell you where you should go :)
  • Global Moderator
  • 4images Guru
  • *****
  • Posts: 17.849
  • mmm PHP...
    • View Profile
    • 4images MODs Demo
Re: [1.7,1.7.1] Security fix in sessions.php
« Reply #21 on: June 15, 2005, 08:04:21 AM »
Also I noticed when I installed 4images a month ago that if i log in with my account and give a photo URL (Session) to a user, he will be login in with my session/ID.i
that is a perfectly normal behavour.
Your first three "must do" before you ask a question:
Please do not PM me asking for help unless you've been specifically asked to do so. Such PMs will be deleted without answer. (forum rule #6)
Extension for Firefox/Thunderbird: Master Password+    Back/Forward History Tweaks (restartless)    Cookies Manager+    Fit Images (restartless for Thunderbird)

Offline TariqAlAli

  • Newbie
  • *
  • Posts: 13
    • View Profile
Re: [1.7,1.7.1] Security fix in sessions.php
« Reply #22 on: June 16, 2005, 09:51:43 AM »
HI All

My thoughts going to be 100% correct. The security bug was the reason for hacking my server. It is been 48hrs since i implemented the new fix and the hacker did not login to the server.

I will give it another 72hrs; before I announce that the hack was from that bug and will try to post you how to penerate the servers with that bug.

Thank you all.


Offline V@no

  • If you don't tell me what to do, I won't tell you where you should go :)
  • Global Moderator
  • 4images Guru
  • *****
  • Posts: 17.849
  • mmm PHP...
    • View Profile
    • 4images MODs Demo
Re: [1.7,1.7.1] Security fix in sessions.php
« Reply #23 on: June 16, 2005, 02:23:49 PM »
I will give it another 72hrs; before I announce that the hack was from that bug and will try to post you how to penerate the servers with that bug.
via PM please, not public.
Your first three "must do" before you ask a question:
Please do not PM me asking for help unless you've been specifically asked to do so. Such PMs will be deleted without answer. (forum rule #6)
Extension for Firefox/Thunderbird: Master Password+    Back/Forward History Tweaks (restartless)    Cookies Manager+    Fit Images (restartless for Thunderbird)

Offline martrix

  • Hero Member
  • *****
  • Posts: 755
    • View Profile
    • overlord.cz
Re: [1.7,1.7.1] Security fix in sessions.php
« Reply #24 on: June 16, 2005, 09:47:21 PM »
will try to post you how to penerate the servers with that bug.
Oh my god! Don't even think about giving out this information publicly! PLEASE!
Send it to Jan or V@no via PM, but not in a public thread in this forum - I beg you!
MAяTRIX


Offline SonGokuuu

  • Jr. Member
  • **
  • Posts: 58
    • View Profile
    • http://www.z-zero.de
Re: [1.7,1.7.1] Security fix in sessions.php
« Reply #25 on: June 17, 2005, 05:07:47 PM »
Ich habe das Bugfix nun aufgespielt, allerdings wird nun nicht mehr unten über den Usern, die online sind, der Text Es sind x Benutzer und x Besucher online angezeigt. Wie kann man diesen wiederherstellen und das Sicherheitsloch trotzdem schließen?


Falls ihr nicht wisst was ich meine:  http://www.zetzero.net/Anime-Folio/
(Unten im oberen Teil ein hellgrauer Balken, dort steht die Schrift die sonst drin stand aber nicht mehr, darunter dann die Usernamen, die online sind, allerdings mit oben etwas Platz)

Offline RoadDogg

  • Sr. Member
  • ****
  • Posts: 488
    • View Profile
    • Düsipixel
Re: [1.7,1.7.1] Security fix in sessions.php
« Reply #26 on: June 18, 2005, 09:34:33 AM »
Der Fix hat damit aber nichts zu tun, da musst du noch was anderes geändert haben?
For support requests please don´t forget link to your Gallery/to phpinfo.php
Code: [Select]
<?
phpinfo()
?>
safe_mode must turned OFF
Please check Error Messages

Offline SonGokuuu

  • Jr. Member
  • **
  • Posts: 58
    • View Profile
    • http://www.z-zero.de
Re: [1.7,1.7.1] Security fix in sessions.php
« Reply #27 on: June 18, 2005, 02:55:26 PM »
Nein, habe lediglich bei der Datei den oben angegebenen Part ersetzt und dann überspielt, sonst wurden keine Änderungen durchgeführt.

Offline nd.h

  • Pre-Newbie
  • Posts: 2
    • View Profile
Re: [1.7,1.7.1] Security fix in sessions.php
« Reply #28 on: June 20, 2005, 07:44:35 PM »
Gehe ich recht in der Annahme, dass diese Zeile nicht vorhanden ist, wenn ich die Galerie in phpBB integriert habe?
(ich weis leider nicht mehr, welche Zeilen dabei entfernt wurden)
the foolish ones taught more to me
than the wise ones ever could
calvin russel

Offline RoadDogg

  • Sr. Member
  • ****
  • Posts: 488
    • View Profile
    • Düsipixel
Re: [1.7,1.7.1] Security fix in sessions.php
« Reply #29 on: June 20, 2005, 08:18:25 PM »
Wenige Beiträge weiter oben steht das:

no this line :$user_id = ($this->read_cookie_data("userid")) ? $this->read_cookie_data("userid") : GUEST;

I integrated phpBB 2.0.15 .
that version does not have this hole, dont worry about this fix ;)

For support requests please don´t forget link to your Gallery/to phpinfo.php
Code: [Select]
<?
phpinfo()
?>
safe_mode must turned OFF
Please check Error Messages