Latest posts for the topic "New hack for version 2.3.1"

New hack for version 2.3.1

Anonymous — GMT

The following code was submitted to my guesbook (version 2.3.1) which allowed a hacker to take over the index.php page:

r00t_System

r00t_System ownz here by MaMa

#rsy - irc.gigachat.net - olinuxbrasil@bol.com.br

admin attention on configuration!

When I looked at the source code on that particular page, I saw the following code:

edit

delete

Is there a fix for this. I was able to regain the page through the php control panel but I'd rather not have to do that again.

Please reply to kenroar at yahoo.com

Sample of hack

Anonymous — GMT

I found another sample of this hack at http://www.stadiumguide.com/guestbook/

Apparently this individual is searching out all html enabled guestbooks with version 2.3.1

amber222 — GMT

Some hackers search these forums, so it's not a good idea to put the actual code here.

Also, if you have an account, you can edit a post, but I don't think guests can do that.

The Admin does not monitor this site, so I don't think there is any way to delete it.

With that comment the hacker left, "admin attention on configuration", it sounds like
they are warning you to make sure you disable html.

Anonymous — GMT

What I really want to know is how they did it. If I know how they did it, I can take precautions. I have not given any write permissions on my templates. Somehow they were able to hijack the page- possibly using html coding in the message box.

If you do a search on r00t_System you will find hundreds of websits this guy has hacked. He has nothing better to do with his time, I guess.

amber222 — GMT

Well, I'm thinking it is because html was enabled. They sent the code in a post.

Carbonize is looking into this to see if that's the case. I assume when he knows for sure he'll let us know.

In the meantime, I would urge everyone to turn off html.

Carbonize — GMT

Yup if you allow HTML the guestbook allows ALL HTML.

Auron — GMT

[quote="Carbonize"]Yup if you allow HTML the guestbook allows ALL HTML.[/quote]

To re-iterate that its not like phpBB which blocks [b]ALL[/b] HTML tags
and allows only allows certain ones that you specify.

Auron

Carbonize — GMT

Yup so can I be bothered writing code to only allow certain HTML or do I remove all HTMLM functionality from the update I am making ?

amber222 — GMT

I think we should forget about html.