Welcome to Geeklog, Anonymous Sunday, November 24 2024 @ 10:50 pm EST
Geeklog Forums
Security Flaw?
Status: offline
fog
Forum User
Newbie
Registered: 10/11/03
Posts: 2
I noticed an odd URL in my logs last night:
http://my_domain/portal.php?what=http://asap&item=http://asap
I had no idea what this was, but it struck me as suspicious. I tried the URL myself, and it seems to just set an HTTP refresh back to itself of 0, so my browser refreshes the page over and over, as quickly as it can. Essentially a poor man's attempt at DOS?
I just applied the security updates from 1.3.8-1sr3, but this trick still works on my site. But on the Geeklog site, I just get an error: www.geeklog.netportal.php could not be found.
Is this, then, a documented issue, and I need to upgrade, not just apply the latest patch? Or do I have a trailing slash somewhere geeklog.net doesn't which allows this to happen?
http://my_domain/portal.php?what=http://asap&item=http://asap
I had no idea what this was, but it struck me as suspicious. I tried the URL myself, and it seems to just set an HTTP refresh back to itself of 0, so my browser refreshes the page over and over, as quickly as it can. Essentially a poor man's attempt at DOS?
I just applied the security updates from 1.3.8-1sr3, but this trick still works on my site. But on the Geeklog site, I just get an error: www.geeklog.netportal.php could not be found.
Is this, then, a documented issue, and I need to upgrade, not just apply the latest patch? Or do I have a trailing slash somewhere geeklog.net doesn't which allows this to happen?
12
10
Quote
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Not sure what this is trying to accomplish. Someone looking for a way to increase hits on a website, maybe. I don't think it was meant as a threat to your site.
Clearly, whoever did it didn't bother having a look at Geeklog's source code ...
The continuous reload is a bug in 1.3.8. To fix it, you'll need to check for an empty $url in portal.php like this:
if (!empty($item)) {
$url = DB_getItem ($_TABLES['links'], 'url', "lid = '{$item}'");
if (empty ($url)) {
$url = $_CONF['site_url'];
}
DB_change($_TABLES['links'],'hits','hits + 1','lid',$item,'',true);
$display .= COM_refresh($url);
} else {
$display .= COM_refresh($_CONF['site_url']);
}
echo $display;
bye, Dirk
Clearly, whoever did it didn't bother having a look at Geeklog's source code ...
The continuous reload is a bug in 1.3.8. To fix it, you'll need to check for an empty $url in portal.php like this:
Text Formatted Code
$display = '';if (!empty($item)) {
$url = DB_getItem ($_TABLES['links'], 'url', "lid = '{$item}'");
if (empty ($url)) {
$url = $_CONF['site_url'];
}
DB_change($_TABLES['links'],'hits','hits + 1','lid',$item,'',true);
$display .= COM_refresh($url);
} else {
$display .= COM_refresh($_CONF['site_url']);
}
echo $display;
bye, Dirk
11
11
Quote
All times are EST. The time is now 10:50 pm.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content