Warning Serious Flaws in Htaccess / Ip restriction Hack(s)!

Niels · 09-03-2005, 10:21 AM

Thread:
IP Restriction 1.2 + Fake 404/Fake 403/Redirect
Sql injection thread: the one from fury will look up later ;)

Flaw:

You must first be a registered member to view any code.

With register_globals set to Off use this to get in with an false ip:
http://forum-url.com/index.php?w00t=true
And You are inside!

Fix:
Set register_globals to on or:

You must first be a registered member to view any code.

In the new htaccess/ip hack by Fury it's fixed by setting $valid / $w00t to false before the ip check so he just adds $valid = "false";
The ip restriction/htaccess hack by Isaiah had this flaw also but I can't find the code anymore ? :S

Then another last word in the mysql query for htaccess many hacks are using something like this:

You must first be a registered member to view any code.

$_SERVER['PHP_AUTH_USER']
isn't addslasht before the query!!!
Username: ' OR username = '
With this the script could be vuln to sql injections although it would be hard to find any damiging code...
Fix:

You must first be a registered member to view any code.

This post is NOT any critic on these hacks!!! It's for information and security...

I hope you enjoyed AND/OR learned from this post.

Greets,
Niels AKA Slash.

biocore · 09-03-2005, 05:45 PM

Real nice work mate, respect, i hope you test the one from fury soon too ;)

Fury · 09-08-2005, 04:26 PM

pff, you tested the hack of my hack

glad you found some security issiues that should be fixed

and one's that i fixed already

cool mate. Thanks for the effort!

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)