[phpBB Debug] PHP Notice: in file [ROOT]/includes/session.php on line 2208: Array to string conversion
[phpBB Debug] PHP Notice: in file [ROOT]/includes/session.php on line 2208: Array to string conversion
[phpBB Debug] PHP Notice: in file [ROOT]/includes/session.php on line 2208: Array to string conversion
[phpBB Debug] PHP Notice: in file [ROOT]/includes/session.php on line 2208: Array to string conversion
[phpBB Debug] PHP Notice: in file [ROOT]/includes/session.php on line 2208: Array to string conversion
[phpBB Debug] PHP Notice: in file [ROOT]/includes/session.php on line 2208: Array to string conversion
[phpBB Debug] PHP Notice: in file [ROOT]/includes/session.php on line 2208: Array to string conversion
[phpBB Debug] PHP Notice: in file [ROOT]/includes/session.php on line 2208: Array to string conversion
[phpBB Debug] PHP Notice: in file [ROOT]/includes/session.php on line 2208: Array to string conversion
[phpBB Debug] PHP Notice: in file [ROOT]/includes/session.php on line 2208: Array to string conversion
[phpBB Debug] PHP Notice: in file [ROOT]/includes/session.php on line 2208: Array to string conversion
[phpBB Debug] PHP Notice: in file [ROOT]/includes/session.php on line 2208: Array to string conversion
[phpBB Debug] PHP Notice: in file [ROOT]/includes/session.php on line 2208: Array to string conversion
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4688: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4690: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4691: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4692: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
NeoThermic.com • View topic - To exploit or not to exploit, that is the question!

To exploit or not to exploit, that is the question!

News artcles from the front page. Comment on them here.

To exploit or not to exploit, that is the question!

Postby NeoThermic » Sat, 16 2006 Sep 00:23:31

Please note: the following is the express views of myself only. It is not the views of the phpBB group, or indeed anyone else.

I was recently pointed to this topic by a user of phpBB, citing it as a fix to an apparent vulnerability.

Now, the basis of this vulnerability is that if someone calls /includes/functions.php directly, and register globals is on, they can set $phpbb_root_path and do arbitrary file inclusion.

Lets get this quite clear. functions.php only contains functions. There's no code outside of the functions (there's 18 functions). Anyone who knows an ounce of PHP knows that you can't call a function by directly calling a PHP file unless the code in said PHP file calls the function. In other words, there is no exploit here. There is no "sloppy coding" here either.

To this end, I have a challenge to those who really believe there is an exploit here. This file, echopassword.php contains one function, echopassword(). If you can successfully set $yes to any value (it isn't set in the code, only checked), you can get my password. Yes, my actual password. I have full faith that your attempts will not work as PHP does not work the way you think; that function can not be called externally in any shape.

And if you still think there's a problem with functions.php after this, please don't forget functions_admin.php, function_selects.php, and functions_validate.php

Plus, if you are wondering why functions_post.php has the check, that is because there's code outside of the functions.
NeoThermic
Site Owner
Site Owner
 
Posts: 104
Joined: Tue, 19 2004 Oct 23:21:02

Re: To exploit or not to exploit, that is the question!

Postby Stu15 » Sat, 16 2006 Sep 01:11:56

NeoThermic wrote:I was recently pointed to this topic by a user of phpBB, citing it as a fix to an apparent vulnerability.


:roll:

and again everyone will think that phpbb is a security issue :roll:
Stu15
Newbie
Newbie
 
Posts: 2
Joined: Sat, 20 2005 Aug 05:34:58
Location: New Zealand

Scope of PHP variables and how to not exploit them

Postby Trackback » Sat, 16 2006 Sep 04:31:31

Micheal's Blog sent this trackback:
As most of us know by now, there's generally 3 types of people when it comes to knowledge. First there's the group that think they know what they are doing and actually do know what they are doing. Second there's the group that think they don't know what they are doing and actually don't. Then lastly we have probably the most problematic group of all - the group that thinks they know what they are doing but really don't. Being in the programming world, I see this quite often. Also being in the world of information security, I see a lot of wannabe "experts" that in the end just cause trouble.
I'm just a Trackback bot. I have no function other than making Trackbacks for people!
Trackback
Bot
 
Posts: 2
Joined: Tue, 27 2005 Sep 15:11:01
Location: NeoThermic's Blog

Postby Micheal's Blog » Sat, 16 2006 Sep 22:24:40

Well, I've found some interesting information. Of course we all know that phpBB isn't exploitable, but certain pre-mod packages are. I've updated my blog with the information
Micheal's Blog
 

They not like you

Postby ToonArmy » Sat, 23 2006 Sep 09:53:49

Looks like they don't like your site NeoThermic:

Code: Select all
ERROR 404
Your site has been identified as a bad referer.

There is a number of reasons for this:

1. Your website contains adult material or inappropriate content.
2. Your domain name matches a censored word (Porn,sex,milf etc..)
3. Your website contains inappropriate adverts/spam.
4. Your website has viruses.


I read that topic and thoroughly enjoyed the lameness of it, I guess some people just cannot face being incorrect.
ToonArmy
 

Re: They not like you

Postby NeoThermic » Sat, 23 2006 Sep 16:16:18

ToonArmy wrote:I read that topic and thoroughly enjoyed the lameness of it, I guess some people just cannot face being incorrect.


Evidently so, and further childish actions by blocking my site from linking to them. Oh well, if they wish to dig themselves into a hole and hide from the truth, they're welcome to, but dont' be surprised if the rest of the world laughs at them for it.

NeoThermic
NeoThermic
Site Owner
Site Owner
 
Posts: 104
Joined: Tue, 19 2004 Oct 23:21:02

Re: They not like you

Postby who_cares » Mon, 25 2006 Sep 23:29:29

ToonArmy wrote:
Code: Select all
ERROR 404
Your site has been identified as a bad referer.

they're above sending proper error codes too
who_cares
Newbie
Newbie
 
Posts: 29
Joined: Fri, 15 2005 Apr 00:32:01
Location: ATL


Return to Frontpage News

Who is online

Users browsing this forum: No registered users and 1 guest

cron