BugTraq
Back to list
|
Post reply
Re: bug in Invision Power Board[patch]
Aug 11 2003 12:33PM
silent needle (silentneedle hotmail com)
In-Reply-To: <20030809082131.25004.qmail (at) www.securityfocus (dot) com [email concealed]>
to patch the forum
all what you have to do
is adding these lines in the begining of admin.php
======admin.php======
<?php
if (strstr($adsess,"'") != NULL){
echo "Silent Needle: i don't like you.<br>dont try to hack. :) [be a
white hat don't be a black hat]<br><a href='index.php'>index.php</a>";
exit;
}
if (strstr($adsess,"\"") != NULL){
echo "Silent Needle: i don't like you.<br>dont try to hack. :) [be a
white hat don't be a black hat]<br><a href='index.php'>index.php</a>";
exit;
}
//.........
//rest of code
=====================
this work with me and i hope it work with you too.
Oh Long Night
greetz to: SP.IC, NetSpider, ARAB-HAK, zalaboza, C0NIk, and all
arabsecure.net t34m..
Silent Needle
member of ArabSecure.net t34m
silentneedle (at) hotmail (dot) com [email concealed]
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
to patch the forum
all what you have to do
is adding these lines in the begining of admin.php
======admin.php======
<?php
if (strstr($adsess,"'") != NULL){
echo "Silent Needle: i don't like you.<br>dont try to hack. :) [be a
white hat don't be a black hat]<br><a href='index.php'>index.php</a>";
exit;
}
if (strstr($adsess,"\"") != NULL){
echo "Silent Needle: i don't like you.<br>dont try to hack. :) [be a
white hat don't be a black hat]<br><a href='index.php'>index.php</a>";
exit;
}
//.........
//rest of code
=====================
this work with me and i hope it work with you too.
Oh Long Night
greetz to: SP.IC, NetSpider, ARAB-HAK, zalaboza, C0NIk, and all
arabsecure.net t34m..
Silent Needle
member of ArabSecure.net t34m
silentneedle (at) hotmail (dot) com [email concealed]
[ reply ]