Full Disclosure mailing list archives
Do not use the fix in lib-common.php . use in lib-security.php at /system/ dir
From: "Lorenzo Hernandez Garcia-Hierro" <lorenzohgh () nsrg-security com>
Date: Sun, 5 Oct 2003 22:08:00 +0200
If you use the fix in your lib-common.php you will damage your geeklog installation. Use instead in lib-security.php ;-) at the [your geeklog core files , not html]/system Include the fix after <?php tag. ----- THE FIX ---- foreach ($HTTP_GET_VARS as $secvalue) { if ((eregi("<[^>]*script*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*object*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*iframe*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*applet*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*meta*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*style*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*form*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*img*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*span*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*h1*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*table*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*body*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*pre*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*em*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*input*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*td*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*option*\"?[^>]*>", $secvalue)) || (eregi(";", $secvalue)) || (eregi("'", $secvalue)) || (eregi("ยด", $secvalue)) || (eregi("`", $secvalue)) || (eregi("+", $secvalue)) || (eregi("\"", $secvalue))) { die (";-) whereis lammer lammer: you"); } } ----- <<EOF ----- The advantage of this method is that all files of geeklog are using lib-common.php and the lib-common.php script includes the code of lib-security.php , al the things can be controlled by one script , thi is more easy than edit all the independant files of the html dir and include the fix. Enjoy ! Regards, ------------------------------------------------------ Lorenzo Hernandez Garcia-Hierro --- Security Consultant --- ------------------NSRGroup------------------- PGP: Keyfingerprint D185 3555 8ECD 3921 6B21 ACC6 CEBB 2826 4B4C 283E ID: 0x4B4C283E Size: 4096 ********************************** NSRGroup ( No Secure Root Group Security Research Team ) / ( NovaPPC Security Research Group ) http://www.nsrg-security.com ______________________ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Do not use the fix in lib-common.php . use in lib-security.php at /system/ dir Lorenzo Hernandez Garcia-Hierro (Oct 05)
- Re: Do not use the fix in lib-common.php . use in lib-security.php at /system/ dir Paul Tinsley (Oct 05)