|
- Readme First! -
Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 710 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
|
 MikeMiles, a support staffer at Nuke Cops reported a new XSS exploit against PHP-Nuke and here is the patch that gets placed into the mainfile.php around line 674.
Find the following lines:
$str = eregi_replace("<a[^>]*href[[:space:]]*=[[:space:]]*\"?[[:space:]]*([^" >]*)[[:space:]]*\"?[^>]*>",
'<a href="1">', $str); # "
// Delete all attribs from Anchor, except an href, double quoted.
$str = eregi_replace("<[[:space:]]* img[[:space:]]*([^>]*)[[:space:]]*>", '', $str);
// Delete all img tags
And place the following lines after:
$str = eregi_replace("<a[^>]*href[[:space:]]*=[[:space:]]*\"?javascript[[:punct:]]*\"?[^>]*>", '', $str);
// Delete javascript code from a href tags -- Zhen-Xjell @ http://nukecops.com
This will prevent XSS javascript code. This is a common exploit that the patch guards against which could potentially steal the admin's cookie data.
|
|
Posted on Sunday, August 24 @ 22:36:15 CEST by Zhen-Xjell |
|
|
|
|
| |
|
|
| | The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
| No Comments Allowed for Anonymous, please register | | | | |
Re: XSS Patch Released (Score: 1)
by sting on Sunday, August 24 @ 22:58:09 CEST
(User Info | Send a Message) http://www.nukehaven.net | Get an error:
Parse error: parse error in /home/mysite/public_html/mainfile.php on line 648
Fatal error: Call to a member function on a non-object in /home/mysite/public_html/index.php on line 18
What am I missing?
Thanks,
-sting |
| | | | |
Re: XSS Patch Released (Score: 1)
by nopeace4u on Sunday, August 24 @ 23:22:26 CEST
(User Info | Send a Message) http://www.webhostgem.com | Have same problem -- http://test.clan-njk.com
Parse error: parse error in /home/clannjk/public_html/test/mainfile.php on line 683
Fatal error: Call to a member function on a non-object in /home/clannjk/public_html/test/index.php on line 18
|
| | | | |
Re: XSS Patch Released (Score: 1)
by Zhen-Xjell on Sunday, August 24 @ 23:31:39 CEST
(User Info | Send a Message) http://castlecops.com | Please Note:
This patch was tested on several PHP-Nuke sites including 5.x and 6.x releases with 100% success rate.
I don't know why folks are having issues, but lets try to resolve them immediately. |
| | | | |
Re: XSS Patch Released (Score: 1)
by Feret on Sunday, August 24 @ 23:44:28 CEST
(User Info | Send a Message) http://www.sunandshadows.com | getting this error:
Parse error: parse error in /home/sunandsh/public_html/mainfile.php on line 656
Fatal error: Call to a member function on a non-object in /home/sunandsh/public_html/modules.php on line 22
here is the code around it
[code] // Delete all spaces from html tags .
$str = eregi_replace("]*href[[:space:]]*=[[:space:]]*"?[[:space:]]*([^" >]*)[[:space:]]*"?[^>]*>",
'', $str); # "
// Delete all attribs from Anchor, except an href, double quoted.
$str = eregi_replace("]*)[[:space:]]*>", '', $str);
// Delete all img tags
$str = eregi_replace("]*href[[:space:]]*=[[:space:]]*"?javascript[[:punct:]]*"?[^>]*>", '', $str);
// Delete javascript code from a href tags -- Zhen-Xjell @ http://nukecops.com
$tmp = "";
while (ereg("]*)>",$str,$reg)) {
[/code] |
| | | | |
re: THE FIX (Score: 1)
by Evaders99 on Monday, August 25 @ 00:37:36 CEST
(User Info | Send a Message) http://www.swrebellion.com | Or not.. sorry, it seems that its stripping code it isn't supposed to.
Definitely copy this line from the CVS and it will work. |
- re: THE FIX by smotrs on Monday, August 25 @ 11:49:05 CEST
- re: THE FIX by smotrs on Monday, August 25 @ 11:55:45 CEST
- re: THE FIX by Zhen-Xjell on Monday, August 25 @ 12:26:23 CEST
- re: THE FIX by smotrs on Monday, August 25 @ 16:20:23 CEST
| | | | |
Re: XSS Patch Released (Score: 1)
by Panama on Tuesday, August 26 @ 00:07:42 CEST
(User Info | Send a Message) | I added the code - but then the security image stopped displaying when I tried to log in as admin.
Then I took the patch back out - and the security code will still not display! Help!
|
| | | | | |
