IntegraMOD

Whew, just got back from vacation and looks like I missed all of the excitement...

I checked-over my server, and I don't see anything out of place (I had register_globals=off) in my php.ini file - was that enough to prevent this attack?

Is there anything else I should be checking?

It looks like most of the hacks did some major damage to sites, but nothing looks out of place on mine (it's a private site so new users need to be verified, and don't have much in the way of posting access until I authorize them) - that may have helped too?

N.

register_globals=off did the trick... )

Mike

Hi, we are using IM Portal (we were hacked using integramod, but decided to move over to just IM portal when restoring)

i have begun to apply the patches but can not find where to appy the following code

where does this go ?

Code: Select all

// Security update 02 September 2006 B starts // Find]) || (int)isset($HTTP_GET_VARS[STYLE_URL]) )    {       (int)$style = urldecode( (isset($HTTP_POST_VARS[STYLE_URL])) ? $HTTP_POST_VARS[STYLE_URL] : (int)$HTTP_GET_VARS[STYLE_URL] );       if($style == 0) { die('Hacking attempt'); exit; }       if ( $theme = setup_style((int)$style) )       {          setcookie($board_config['cookie_name'] . '_style', $style, time() + 31536000, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);          return;       }    }        if ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_style']) )    {       $style = $HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_style'];       if ( $theme = setup_style((int)$style) )       {          return;       }    } // Security update 02 September 2006 B ends //

This is for the change style mod which is not part of IM Portal... So this update is not required unless you add the change style block...
Mike

Hi Guys, not sure if it is all related. But ever since doing these updates. I have three problems:
1.Tried to add acid theme - would not work
2. Tried to reverted back ro subice and now anoucments block does not work
3. Cannot select any stock style now (orange etc) fromprofile, just style select block
4. Attachments mod seems to be missing stuff.


Any help would be great, thanks.

[flash=,:20kr6uij]http://www.irish-paintball.net/images/problem1.gif[/flash:20kr6uij]

[flash=,:20kr6uij]http://www.irish-paintball.net/images/problem2.gif[/flash:20kr6uij]

[flash=,:20kr6uij]http://www.irish-paintball.net/images/problem3.gif[/flash:20kr6uij]



Thanks

So my site was just hacked and i had it fixed minutes later. It was the def_auth.php file that was destroyed and i JUST backed up right before the hack lol what luck. Database is fine. I have dodged a bullet a few times now by being able to fix my site BUT sooner or later my site will be destroyed. This register globals thing does it work for one using IM 1.4.0? and it is an out of date version of phpbb as well.


Personally Im thinking of ditching phpbb alltogether and just getting out of the forums thing and going with a regular old website now. this is just to dam much to worry about. months and years of work gets destroyed in minutes. Good thing for backups.

richiebgood, try deleting all your cookies... as they do affect styles... If you still have a problem replace the def_themes.php with an original one as it can become corrupt.

MWE_001, did you add the security fixes [url=http]here![/url]? The affect 1.4.0 and 1.4.1...
Mike

Yeah Michaelo, I got ya on the other post thx, chief. Im getting ready to apply it now and see. Thx again Ray

Imagine dropping in out of the blue like I just did and discovering that there have been security problems with Integramod 1.40. This forum is full of great ideas and discussions but if someone (me) were to start from scratch today to patch a 1.40 installation on phpBB 2.0.17, where the heck would I start?

As suggested I already made my def_auth.php read only but I can't seem to find my php.ini file anywhere on my server.

I run my own W2003 server. The server is on IIS 6 but the forum sites have no extensions applied except for php. The Integramod forum is on a redirected url and port so maybe this has foiled the hackers so far but I still want to get this up to date to avoid problems.

http://forum.brased.org

At this point could someone step back and summarize what needs to be done and where all the files are that can be downloaded.

Appreciate it....

I believe the main reason this has not been undertaken is down to to the size of the support team coupled with the time taken to development and test IntegraMod 1.4.1.

It will include all patches and security fixes. Currently in testing... should be released soon...

Best to get everyone on the same page so we can concentrate efforts. Note most suppliers will implement php5x if they have not already done so, requiring everyone to upgrade sooner or later

Mike

OK then. I shall wait patiently for the 1.41 release. In the meantime, should I upgrade my Kismod 1.40 from php 4.3.11 to 5.1.6?

I read that chaging a few of the parameters in php.ini could avoid possible security risks. It appears it should be normally in the windows directory.

Dummy question here - how could my system be working without it?

php.ini... is in your xamppphp directory if you are using xampp and in windows/winnt if you are using something else....

KisMOd 1.4.0 is actually IntegraMod 1.4.0... Check the security forum for security issues... look at the first two post (i think!). The fixes in the main post solved all problems...

Mike

OK.. I'll rephrase the same message:

Is it OK to upgrade to php 5.1.6 if you have an Integramod 1.4.0 installation?

I have no php.ini file. How could this be?

"rockeiro";p="16877" wrote:I have no php.ini file. How could this be?

There is always a php.ini file, but just not everyone is allowed to find and/or change it...
Some (many) hosts will hide this for the users, and all you can do then, is ask your host to do the modification, because it's also in their own interest to close that door to hackers...

So you can contact your host and ask them to set the register_globals off in php.ini...
Give them this link]http://www.zend.com/zend/art/art-oertli.php[/url]
And ask them to read the part after 'Master the Global Variable Scope' about how they can prevent security holes by doing so..

Ah! for some reason I assume it was a local forum <img>