Please Boonex to analyse a new kind (for me) of attack on wall module.
Is there any holes in wall? Why http://www.mysite.com/m/wall/post/ - bringt empty site?
Must be there something to show. 404 or "Get the fk out of here" or something else suitable....
Here is my report
------------------------------------------
Total impact: 18
Affected tags: xss, csrf, id, rfe, lfi
Variable: REQUEST.content | Value: 6OJUlk <a href=\"http://vcejhxzgsbwz.com/\">
vcejhxzgsbwz</a>, [url=http://cbpjycmudpbj.com/]cbpjycmudpbj[/url], [link=http://kbaemeulrmts.com/]kbaemeulrmts[/link], http://auavkgszvwxs.com/
Impact: 9 | Tags: xss, csrf, id, rfe, lfi
Description: Detects JavaScript language constructs | Tags: xss, csrf, id, rfe | ID: 20
Description: Detects url injections and RFE attempts | Tags: id, rfe, lfi | ID: 61
Variable: POST.content | Value: 6OJUlk <a href=\"http://vcejhxzgsbwz.com/\">vcejhxzgsbwz</a>, [url=http://cbpjycmudpbj.com/]cbpjycmudpbj[/url], [link=http://kbaemeulrmts.com/]kbaemeulrmts[/link], http://auavkgszvwxs.com/
Impact: 9 | Tags: xss, csrf, id, rfe, lfi
Description: Detects JavaScript language constructs | Tags: xss, csrf, id, rfe | ID: 20
Description: Detects url injections and RFE attempts | Tags: id, rfe, lfi | ID: 61
REMOTE_ADDR: 188.92.73.175
HTTP_X_FORWARDED_FOR:
HTTP_CLIENT_IP:
SCRIPT_FILENAME: /var/www/web0/html/modules/index.php
QUERY_STRING: r=wall/post/
REQUEST_URI: /m/wall/post/
QUERY_STRING: r=wall/post/
SCRIPT_NAME: /modules/index.php
PHP_SELF: /modules/index.php
-----------------------------------------
Got anyone the same sht?
Greets
|
denast,
please see my response on the similar post i have answered.
http://www.boonex.com/unity/forums/#topic/Why-such-messages-.htm
Please Boonex to analyse a new kind (for me) of attack on wall module.
Is there any holes in wall? Why http://www.mysite.com/m/wall/post/ - bringt empty site?
Must be there something to show. 404 or "Get the fk out of here" or something else suitable....
Here is my report
------------------------------------------
Total impact: 18
Affected tags: xss, csrf, id, rfe, lfi
Variable: REQUEST.content | Value: 6OJUlk <a href=\"http://vcejhxzgsbwz.com/\">
vcejhxzgsbwz</a>, [url=http://cbpjycmudpbj.com/]cbpjycmudpbj[/url], [link=http://kbaemeulrmts.com/]kbaemeulrmts[/link], http://auavkgszvwxs.com/
Impact: 9 | Tags: xss, csrf, id, rfe, lfi
Description: Detects JavaScript language constructs | Tags: xss, csrf, id, rfe | ID: 20
Description: Detects url injections and RFE attempts | Tags: id, rfe, lfi | ID: 61
Variable: POST.content | Value: 6OJUlk <a href=\"http://vcejhxzgsbwz.com/\">vcejhxzgsbwz</a>, [url=http://cbpjycmudpbj.com/]cbpjycmudpbj[/url], [link=http://kbaemeulrmts.com/]kbaemeulrmts[/link], http://auavkgszvwxs.com/
Impact: 9 | Tags: xss, csrf, id, rfe, lfi
Description: Detects JavaScript language constructs | Tags: xss, csrf, id, rfe | ID: 20
Description: Detects url injections and RFE attempts | Tags: id, rfe, lfi | ID: 61
REMOTE_ADDR: 188.92.73.175
HTTP_X_FORWARDED_FOR:
HTTP_CLIENT_IP:
SCRIPT_FILENAME: /var/www/web0/html/modules/index.php
QUERY_STRING: r=wall/post/
REQUEST_URI: /m/wall/post/
QUERY_STRING: r=wall/post/
SCRIPT_NAME: /modules/index.php
PHP_SELF: /modules/index.php
-----------------------------------------
Got anyone the same sht?
Greets
Regards,
DosDawg
When a GIG is not enough --> Terabyte Dolphin Technical Support - Server Management and Support |
Good Morning.
Thanks, DosDowg, unfortunately I know already well all you are trying to tell me.
-1 is no solution. It goes generally about security.inc.php
For example Kolimarfey Places. For embed a video with just usual youtube "embed" code, that gives me allways - "possible security attack... ect", I must change 27 to 51, cause vulnerability or whatever it calls was 50. That I can embed....
My question was: what is there a HOLE "injection possibility" in WALL MODULE?
Has Boonex already this issue or report from friends hackers about it?
And will it be fixed in future version - to get nomore this wall-attacks.
Greets.
|
denast,
this has been declared as non-functional at this time, and it has been suggested by boonex that we just disable the security feature. as to my knowledge as to whether or not it will be fixed, presumably it will be fixed in the next release. i have not trac'd it down to see if it has been fixed.
Good Morning.
Thanks, DosDowg, unfortunately I know already well all you are trying to tell me.
-1 is no solution. It goes generally about security.inc.php
For example Kolimarfey Places. For embed a video with just usual youtube "embed" code, that gives me allways - "possible security attack... ect", I must change 27 to 51, cause vulnerability or whatever it calls was 50. That I can embed....
My question was: what is there a HOLE "injection possibility" in WALL MODULE?
Has Boonex already this issue or report from friends hackers about it?
And will it be fixed in future version - to get nomore this wall-attacks.
Greets.
When a GIG is not enough --> Terabyte Dolphin Technical Support - Server Management and Support |
