To exploit or not to exploit, that is the question!

Post a reply


In an effort to prevent automatic submissions, we require that you complete the following challenge.

BBCode is OFF
Smilies are OFF

Topic review
   

Expand view Topic review: To exploit or not to exploit, that is the question!

Re: They not like you

by who_cares » Mon, 25 2006 Sep 23:29:29

ToonArmy wrote:

Code: Select all

ERROR 404
Your site has been identified as a bad referer.

they're above sending proper error codes too

Re: They not like you

by NeoThermic » Sat, 23 2006 Sep 16:16:18

ToonArmy wrote:I read that topic and thoroughly enjoyed the lameness of it, I guess some people just cannot face being incorrect.


Evidently so, and further childish actions by blocking my site from linking to them. Oh well, if they wish to dig themselves into a hole and hide from the truth, they're welcome to, but dont' be surprised if the rest of the world laughs at them for it.

NeoThermic

They not like you

by ToonArmy » Sat, 23 2006 Sep 09:53:49

Looks like they don't like your site NeoThermic:

Code: Select all

ERROR 404
Your site has been identified as a bad referer.

There is a number of reasons for this:

1. Your website contains adult material or inappropriate content.
2. Your domain name matches a censored word (Porn,sex,milf etc..)
3. Your website contains inappropriate adverts/spam.
4. Your website has viruses.


I read that topic and thoroughly enjoyed the lameness of it, I guess some people just cannot face being incorrect.

by Micheal's Blog » Sat, 16 2006 Sep 22:24:40

Well, I've found some interesting information. Of course we all know that phpBB isn't exploitable, but certain pre-mod packages are. I've updated my blog with the information

Scope of PHP variables and how to not exploit them

by Trackback » Sat, 16 2006 Sep 04:31:31

Micheal's Blog sent this trackback:
As most of us know by now, there's generally 3 types of people when it comes to knowledge. First there's the group that think they know what they are doing and actually do know what they are doing. Second there's the group that think they don't know what they are doing and actually don't. Then lastly we have probably the most problematic group of all - the group that thinks they know what they are doing but really don't. Being in the programming world, I see this quite often. Also being in the world of information security, I see a lot of wannabe "experts" that in the end just cause trouble.

Re: To exploit or not to exploit, that is the question!

by Stu15 » Sat, 16 2006 Sep 01:11:56

NeoThermic wrote:I was recently pointed to this topic by a user of phpBB, citing it as a fix to an apparent vulnerability.


:roll:

and again everyone will think that phpbb is a security issue :roll:

To exploit or not to exploit, that is the question!

by NeoThermic » Sat, 16 2006 Sep 00:23:31

Please note: the following is the express views of myself only. It is not the views of the phpBB group, or indeed anyone else.

I was recently pointed to this topic by a user of phpBB, citing it as a fix to an apparent vulnerability.

Now, the basis of this vulnerability is that if someone calls /includes/functions.php directly, and register globals is on, they can set $phpbb_root_path and do arbitrary file inclusion.

Lets get this quite clear. functions.php only contains functions. There's no code outside of the functions (there's 18 functions). Anyone who knows an ounce of PHP knows that you can't call a function by directly calling a PHP file unless the code in said PHP file calls the function. In other words, there is no exploit here. There is no "sloppy coding" here either.

To this end, I have a challenge to those who really believe there is an exploit here. This file, echopassword.php contains one function, echopassword(). If you can successfully set $yes to any value (it isn't set in the code, only checked), you can get my password. Yes, my actual password. I have full faith that your attempts will not work as PHP does not work the way you think; that function can not be called externally in any shape.

And if you still think there's a problem with functions.php after this, please don't forget functions_admin.php, function_selects.php, and functions_validate.php

Plus, if you are wondering why functions_post.php has the check, that is because there's code outside of the functions.

Top