FAQ  •  Suchen  •  Download  •  Lesezeichen  •  Mitgliederliste  •  Benutzergruppen   •  Registrieren  •  Profil  •  Einloggen, um private Nachrichten zu lesen  •  Login Vulnerable Part in eXTreme Styles Mod - Please fix it NOW ! Nächstes Thema anzeigen Vorheriges Thema anzeigen phpBB2.de Foren-Übersicht » Allgemeines » Nachrichten / News Mainpage » Vulnerable Part in eXTreme Styles Mod - Please fix it NOW ! Autor Nachricht stefan Administrator Anmeldungsdatum: 01.08.2002 Beiträge: 4735 Wohnort: Aachen Verfasst am: Do 27 März, 2008 12:10   A Security Hole was found in the eXtreme Styles Mod which is also used in phpBB2 Plus 1.5x. You should apply this fix NOW: Open file admin/admin_xs.php FIND: Code: if(empty($setmodules)) {    return; } REPLACE WITH: Code: if (!defined('IN_PHPBB')) {    die('Hacking attempt'); } if(empty($setmodules)) {    return; } CyberAlien post: http://www.phpbbstyles.com/viewtopic.php?p=92240#92240 Other files, potential vulnerability: Open /includes/functions_kb.php file FIND: Code: // // get_quick_stats(); // gets number of articles // BEFORE ADD: Code: if ( !defined('IN_PHPBB') ) {    die('Hacking attempt'); } Open /includes/functions.php file FIND: Code: //-- mod : post icon ------------------------------------------------------------------------------- BEFORE ADD: Code: if ( !defined('IN_PHPBB') ) {    die('Hacking attempt'); } Thanks to ThE KuKa for Notification ! _________________ Bye Stefan Styles Demo Forum :: Download Database :: phpBB2 Plus 1.5x Demo phpBB2 Toplist :: International phpBB2 Support Anwesend - Back in Business Kein Support per PM - No Support via PM Google Verfasst am: jonny-b phpBB2.de User Anmeldungsdatum: 19.05.2004 Beiträge: 2400 Wohnort: New York City Verfasst am: Do 27 März, 2008 15:28   thanks for the update Kuka! Stefan, whats the good word? Any other updates planned for Plus? Best, jB _________________ I make themes for Plus 1.53a and phpBB2. Check out mergenine for more info. ThE KuKa phpBB2.de User Anmeldungsdatum: 20.07.2003 Beiträge: 10 Wohnort: Spain Verfasst am: Do 27 März, 2008 18:36   _________________ Translation Groupie Smartor | Language S. & Tester Mods.db9.dk | International Support Spain for phpBB phpBB-Es.COM | Icy Phoenix Admin | phpBBMODs.Es AlleyKat phpBB2.de User Anmeldungsdatum: 06.08.2003 Beiträge: 140 Verfasst am: Fr 28 März, 2008 02:06   Another one; in includes/kb_cat.php replace the 29. line Code:    $category_id = $_GET['cat']; with Code:    $category_id = ( isset( $HTTP_GET_VARS['cat'] ) ) ? intval ( $HTTP_GET_VARS['cat'])  : intval ( $HTTP_POST_VARS['cat'] ); - an exploit is in the wild, so this fix should be applied immediately. _________________ Latent phpBB2.de User Anmeldungsdatum: 01.11.2004 Beiträge: 137 Verfasst am: Fr 28 März, 2008 02:42   Thanx the Kuka, stefan and AlleyKat.. what about jonny's question stefan? Latent phpBB2.de User Anmeldungsdatum: 01.11.2004 Beiträge: 137 Verfasst am: Fr 28 März, 2008 03:16   Yesterday when i edited the file admin_xs.php portal page was working but after i edited other files portal page has disappeared again: http://www.phpbb2.de/ftopic46012-15.html there is a problem but i didnt understand it, what you think may be it is about CTRACKER? http://www.phpbb2.de/ftopic40846-15.html spott phpBB2.de User Anmeldungsdatum: 24.12.2006 Beiträge: 2 Verfasst am: So 30 März, 2008 09:01   Hi I get also hacked. Here is how: First - IP where I get hacked: 81.192.223.194 - so You can block this IP. How: I found from my log files this line: Code: /kb.php?mode=cat&cat=-99999/**/union/**/select/**/0,1,2,3,concat(user_i,char(58),username,char(58),user_password),5/**/from/**/phpbb_users/**/where/**/user_id=2/news_rss.php HTTP/1.1" 2001" 200 14024 What e-amil hacker uses: joshkof@gmail.com What hacker has made in portal - lucky I think nothing. He get admin access and disables all other admins. Changes also portal e-mail address. I checked the apache logs and I don't find nothing suspected anymore in this IP activity. He look to the portal, changes admins and emails and thats all. I removed kb.php file and added fixes from this thread. But I have question about news_rss.php file. Is this also dangerous or not. Right now I removed this file also. Choas phpBB2.de User Anmeldungsdatum: 14.02.2007 Beiträge: 73 Verfasst am: Mo 31 März, 2008 21:12   Did you mean in includes/kb_cat.php we must replace : AlleyKat hat folgendes geschrieben: Code:    $category_id = $_GET['cat']; To this code ? AlleyKat hat folgendes geschrieben: Code:    $category_id = ( isset( $HTTP_GET_VARS['cat'] ) ) ? intval ( $HTTP_GET_VARS['cat'])  : intval ( $HTTP_POST_VARS['cat'] ); - an exploit is in the wild, so this fix should be applied immediately. Am I right ? AlleyKat phpBB2.de User Anmeldungsdatum: 06.08.2003 Beiträge: 140 Verfasst am: Do 03 Apr, 2008 04:13   Choas > That is what I wrote, and that is what I meant, yes. spott > That is what the fix is supposed to block. _________________ Choas phpBB2.de User Anmeldungsdatum: 14.02.2007 Beiträge: 73 Verfasst am: Do 03 Apr, 2008 09:05   Thanks alot I found in PaFiledb some hackers can upload some hack tools and even enject database. Any Idia ? jonny-b phpBB2.de User Anmeldungsdatum: 19.05.2004 Beiträge: 2400 Wohnort: New York City Verfasst am: Do 03 Apr, 2008 14:51   Change your file UPLOAD permission to ADMIN or MOD's only. _________________ I make themes for Plus 1.53a and phpBB2. Check out mergenine for more info. Latent phpBB2.de User Anmeldungsdatum: 01.11.2004 Beiträge: 137 Verfasst am: Sa 05 Apr, 2008 08:21   How can we chanfe our file UPLOAD permissions, on ACP? jonny-b phpBB2.de User Anmeldungsdatum: 19.05.2004 Beiträge: 2400 Wohnort: New York City Verfasst am: Sa 05 Apr, 2008 21:01   ACP --> Download, Permissions --> Change permissions as needed. _________________ I make themes for Plus 1.53a and phpBB2. Check out mergenine for more info. jonny-b phpBB2.de User Anmeldungsdatum: 19.05.2004 Beiträge: 2400 Wohnort: New York City Verfasst am: Do 10 Apr, 2008 15:04   just ad's _________________ I make themes for Plus 1.53a and phpBB2. Check out mergenine for more info. ThE KuKa phpBB2.de User Anmeldungsdatum: 20.07.2003 Beiträge: 10 Wohnort: Spain Verfasst am: So 20 Apr, 2008 21:27   TIP: Not use NEVER prefix phpbb_ use other prefix tables _________________ Translation Groupie Smartor | Language S. & Tester Mods.db9.dk | International Support Spain for phpBB phpBB-Es.COM | Icy Phoenix Admin | phpBBMODs.Es Beiträge der letzten Zeit anzeigen:   Alle Beiträge1 Tag7 Tage2 Wochen1 Monat3 Monate6 Monate1 Jahr  Die ältesten zuerstDie neusten zuerst  phpBB2.de Foren-Übersicht » Allgemeines » Nachrichten / News Mainpage » Vulnerable Part in eXTreme Styles Mod - Please fix it NOW !  Gehe zu:  Forum auswählenphpBB2.de Foren-Übersicht|--Allgemeines|   |--Nachrichten / News Mainpage|   |--Knowledge Base Ankündigungen / Announcements|--phpBB2 Plus 1.5|   |--phpBB2 Plus 1.5 Support - German|   |   |--Ankündigungen (Nur lesen)|   |   |--Installation / Upgrade|   |   |--Mods & Co.|   |   |--Support allgemein|   |   |--Themes|   |   |--phpBB2 Plus 1.53 Beta|   |   |   |--Plus 1.53 Beta Ankündigung / Download|   |   |   |--Plus 1.53 Beta Installation/Upgrade|   |   |   |--Plus 1.53 Beta Support|   |   |   |--Plus 1.53 Beta Bug-Reports|   |--phpBB2 Plus 1.5 Support - English|   |   |--Announcements|   |   |--Installation / Upgrading|   |   |--Mods & Co.|   |   |--Support Forum|   |   |--Themes|   |   |--phpBB2 Plus 1.53 Beta|   |   |   |--Plus 1.53 Beta Announcements / Download|   |   |   |--Plus 1.53 Beta Installation/Upgrade|   |   |   |--Plus 1.53 Beta Support|   |   |   |--Plus 1.53 Beta Bug-Reports|--phpBB2.x|   |--phpBB2.x - Ankündigungen|   |--phpBB2.x - Anleitungen / FAQs|   |--phpBB2.x - Installation|   |--phpBB2.x - Support|   |--phpBB2.x - Diskussion|   |--phpBB2.x - Webspace / Provider|--phpBB2.x - MODs|   |--phpBB2.x - Released Final MODs|   |--phpBB2.x - Alpha/Beta MODs|   |--phpBB2.x - MOD Support|   |--phpBB2.x - MOD Request|--phpBB2.x - Styles|   |--phpBB2.x - Released Styles|   |--phpBB2.x - Styles Support|   |--phpBB2.x - Show off|   |--phpBB2.x - Buttons, Logos, Banner|--phpBB2.x - English Language|   |--phpBB2.x - English phpBB2.x Talk|   |--phpBB2.x - English MOD Support|   |--phpBB2.x - English Style Support|--Technik|   |--Coding|--Sonstiges|   |--Test-Forum|   |--Smalltalk|   |--Download Announcements|   |--Trash  Nächstes Thema anzeigen Vorheriges Thema anzeigen Du kannst keine Beiträge in dieses Forum schreiben. Du kannst auf Beiträge in diesem Forum nicht antworten. Du kannst deine Beiträge in diesem Forum nicht bearbeiten. Du kannst deine Beiträge in diesem Forum nicht löschen. Du kannst an Umfragen in diesem Forum nicht mitmachen. Du kannst Dateien in diesem Forum nicht posten Du kannst Dateien in diesem Forum nicht herunterladen Ähnliche Beiträge Thema Autor Forum Antworten Verfasst am Member, part, problem, DonvanVliet Support Forum 1 Mi 02 Sep, 2009 19:46 Tusi Template & Styles Tusi phpBB2.x - Show off 0 Di 17 März, 2009 14:09 Styles probleme mit posting.php?mode=... Grete Support allgemein 0 Mi 28 Jan, 2009 18:36 ExExtreame Styles mod deaktivieren??? Lemmon2 Support allgemein 1 Di 08 Apr, 2008 09:25 Plus 1.53a vulnerable - eXtreme Style... ThE KuKa Support Forum 7 Mi 26 März, 2008 22:42