|
Page 1 of 1
|
 CageFreak 
Joined: September 2006
Posts: 16
|
 Bug When Deleting Or Modifying Category And Boards
Quote: SECURITY ALERT » » » »
CBACK CrackerTracker has detected a potential attack on this site with a worm or exploit script so the Security System stopped the script.
If you can see this page after including a new MOD into your board or after clicking on a link please contact the Board Administrator with this error message and a description what you have done before you could see this page, that the Admin has the possibility to fix the problem.
That comes up
Can anyone fix this
I need help
|
#1 Fri 29 Sep, 2006 03:20 |
|
Sponsors
|
Icy Phoenix is an open source project, you can show your appreciation and support future development by donating to the project.
|
| |
difus
Joined: August 2006
Posts: 763
Location: 
|
Re: Bug When Deleting Or Modifying Category And Boards
I'll see later 
|
#2 Fri 29 Sep, 2006 08:48 |
|
tos
Joined: August 2006
Posts: 1
|
Re: Bug When Deleting Or Modifying Category And Boards
...similar problem
ACP > Configuration > Board
i try to modify something and
CBACK CrackerTracker - Misconfiguration
The Sessionlength is set undersize! Maybe thus you will always logged out of the Forum before you can correct the setting.
CrackerTracker Professional 5.0.2, xs058
|
#3 Fri 29 Sep, 2006 10:09 |
|
difus
Joined: August 2006
Posts: 763
Location:
|
Re: Bug When Deleting Or Modifying Category And Boards
I think it is blocked by ctracker/engines/ct_security.php
try to cut some of code
$ct_rules = array('http_', '_server', 'delete%20', 'delete ', 'drop%20', 'drop ', 'create%20',
'create ', 'update%20', 'update ', 'insert%20', 'insert ',
'select%20', 'select ', 'bulk%20', 'bulk ', 'union%20', 'union ',
'or%20', 'or ', 'and%20', 'and ', 'exec', '@@', '%22', '"', 'openquery',
'openrowset', 'msdasql', 'sqloledb', 'sysobjects', 'syscolums',
'syslogins', 'sysxlogins', 'char%20', 'char ', 'into%20', 'into ',
'load%20', 'load ', '*', 'msys', 'alert%20', 'alert ', 'eval%20', 'eval ',
'onkeyup', 'x5cx', 'fromcharcode', 'javascript:', 'javascript.', 'vbscript:',
'vbscript.', 'http-equiv', '->', 'expression%20', 'expression ',
'url%20', 'url ', 'innerhtml', 'document.', 'dynsrc', 'jsessionid',
'style%20', 'style ', 'phpsessid', '<applet', '<div', '<emded', '<iframe', '<img',
'<meta', '<object', '<script', '<textarea', 'onabort', 'onblur',
'onchange', 'onclick', 'ondblclick', 'ondragdrop', 'onerror',
'onfocus', 'onkeydown', 'onkeypress', 'onload', 'onmouse',
'onmove', 'onreset', 'onresize', 'onselect', 'onsubmit',
'onunload', 'onreadystatechange', 'xmlhttp', 'uname%20', 'uname ',
'id%20', 'id ', 'ls%20', 'ls ', 'cat%20', 'cat ', 'rm%20', 'rm ',
'kill%20', 'kill ', 'mail%20', 'mail ', 'wget%20', 'wget ', 'wget(',
'pwd%20', 'pwd ', 'objectclass', 'objectcategory', '<!-%20', '<!- ',
'total%20', 'total ', 'http%20request', 'http request', 'phpb8b4f2a0',
'phpinfo', 'php:', 'globals', '%2527', '%27', ''', 'chr(',
'chr=', 'chr%20', 'chr ', '%20chr', ' chr', 'cmd=', 'cmd%20', 'cmd',
'%20cmd', ' cmd', 'rush=', '%20rush', ' rush', 'rush%20', 'rush ',
'union%20', 'union ', '%20union', ' union', 'union(', 'union=',
'%20echr', ' echr', 'esystem', 'cp%20', 'cp ', 'cp(', '%20cp', ' cp',
'mdir%20', 'mdir ', '%20mdir', ' mdir', 'mdir(', 'mcd%20', 'mcd ',
'mrd%20', 'mrd ', 'rm%20', 'rm ', '%20mcd', ' mcd', '%20mrd', ' mrd',
'%20rm', ' rm', 'mcd(', 'mrd(', 'rm(', 'mcd=', 'mrd=', 'mv%20', 'mv ',
'rmdir%20', 'rmdir ', 'mv(', 'rmdir(', 'chmod(', 'chmod%20', 'chmod ',
'cc%20', 'cc ', '%20chmod', ' chmod', 'chmod(', 'chmod=', 'chown%20', 'chown ',
'chgrp%20', 'chgrp ', 'chown(', 'chgrp(', 'locate%20', 'locate ', 'grep%20', 'grep ',
'locate(', 'grep(', 'diff%20', 'diff ', 'kill%20', 'kill ', 'kill(', 'killall',
'passwd%20', 'passwd ', '%20passwd', ' passwd', 'passwd(', 'telnet%20', 'telnet ',
'vi(', 'vi%20', 'vi ', 'nigga(', '%20nigga', ' nigga', 'nigga%20', 'nigga ',
'fopen', 'fwrite', '%20like', ' like', 'like%20', 'like ', '$_',
'$get', '.system', 'http_php', '%20getenv', ' getenv', 'getenv%20', 'getenv ',
'new_password', '/password', 'etc/', '/groups', '/gshadow',
'http_user_agent', 'http_host', 'bin/', 'wget%20', 'wget ', 'uname%5c',
'uname', 'usr', '/chgrp', '=chown', 'usr/bin', 'g%5c',
'g', 'bin/python', 'bin/tclsh', 'bin/nasm', 'perl%20', 'perl ', '.pl',
'traceroute%20', 'traceroute ', 'tracert%20', 'tracert ', 'ping%20', 'ping ',
'/usr/x11r6/bin/xterm', 'lsof%20', 'lsof ', '/mail', '.conf', 'motd%20', 'motd ',
'http/1.', '.inc.php', 'config.php', 'cgi-', '.eml', 'file%5c://',
'file:', 'file://', 'window.open', 'img src', 'img%20src', 'img src',
'.jsp', 'ftp.', 'xp_enumdsn', 'xp_availablemedia',
'xp_filelist', 'nc.exe', '.htpasswd', 'servlet', '/etc/passwd', '/etc/shadow',
'wwwacl', '~root', '~ftp', '.js', '.jsp', '.history',
'bash_history', '~nobody', 'server-info', 'server-status',
'%20reboot', ' reboot', '%20halt', ' halt', '%20powerdown', ' powerdown',
'/home/ftp', '=reboot', 'www/', 'init%20', 'init ','=halt', '=powerdown',
'ereg(', 'secure_site', 'chunked', 'org.apache', '/servlet/con',
'/robot', 'mod_gzip_status', '.inc', '.system', 'getenv',
'http_', '_php', 'php_', 'phpinfo()', '<?php', '?>', '%3C%3Fphp',
'%3F>', 'sql=', '_global', 'global_', 'global[', '_server',
'server_', 'server[', '/modules', 'modules/', 'phpadmin',
'root_path', '_globals', 'globals_', 'globals[', 'iso-8859-1',
'?hl=', '%3fhl=', '.exe', '.sh', '%00', rawurldecode('%00'), '_env');
for example
cut
I recomend first to cut all this, leaving '_env'
If it is helped you when try to search the code blocking you
|
#4 Fri 29 Sep, 2006 11:07 |
|
CageFreak
Joined: September 2006
Posts: 16
|
Re: Bug When Deleting Or Modifying Category And Boards
Now that u know my user and pass can u do that for me?
|
#5 Fri 29 Sep, 2006 21:46 |
|
difus
Joined: August 2006
Posts: 763
Location:
|
Re: Bug When Deleting Or Modifying Category And Boards
I did
try 
|
#6 Fri 29 Sep, 2006 21:50 |
|
CageFreak
Joined: September 2006
Posts: 16
|
Re: Bug When Deleting Or Modifying Category And Boards
I tried but still
|
#7 Fri 29 Sep, 2006 21:51 |
|
difus
Joined: August 2006
Posts: 763
Location:
|
Re: Bug When Deleting Or Modifying Category And Boards
but I can, why you don't ?
|
#8 Fri 29 Sep, 2006 21:53 |
|
difus
Joined: August 2006
Posts: 763
Location:
|
Re: Bug When Deleting Or Modifying Category And Boards
go to ACP ctracker settings and deactivate all
|
#9 Fri 29 Sep, 2006 21:56 |
|
CageFreak
Joined: September 2006
Posts: 16
|
Re: Bug When Deleting Or Modifying Category And Boards
Ill try that
|
#10 Fri 29 Sep, 2006 22:01 |
|
CageFreak
Joined: September 2006
Posts: 16
|
Re: Bug When Deleting Or Modifying Category And Boards
It Worked 
|
#11 Fri 29 Sep, 2006 22:06 |
|
CageFreak
Joined: September 2006
Posts: 16
|
Re: Bug When Deleting Or Modifying Category And Boards
DAmnit it dosnt work now
|
#12 Fri 29 Sep, 2006 22:12 |
|
Mighty Gorgon
Luca Libralato
Joined: August 2006
Posts: 7191
Location:  Borgo San Michele
|
Re: Bug When Deleting Or Modifying Category And Boards
It is not a 058 bug, since 058 doesn't have CT5. 
Please, post in bugs only official release bugs.
____________ Luca
SEARCH is the quickest way to get support.
Icy Phoenix ColorizeIt - CustomIcy - HON
|
#13 Sun 01 Oct, 2006 14:12 |
|
|
|
Page 1 of 1
|
 Was this topic useful?
 Was this topic useful?
| Link this topic |
|---|
| URL |
|
| BBCode |
|
| HTML |
|
You cannot post new topics
You cannot reply to topics
You cannot edit your posts
You cannot delete your posts
You cannot vote in polls
You cannot attach files
You can download files
You cannot post calendar events
|
|
|
|
