lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: 11 Aug 2003 12:33:33 -0000
From: silent needle <silentneedle@...mail.com>
To: bugtraq@...urityfocus.com
Subject: Re: bug in Invision Power Board[patch]


In-Reply-To: <20030809082131.25004.qmail@....securityfocus.com>

to patch the forum
all what you have to do
is adding these lines in the begining of admin.php
======admin.php======
<?php

if (strstr($adsess,"'") != NULL){
  echo "Silent Needle: i don't like you.<br>dont try to hack. :) [be a 
white hat don't be a black hat]<br><a href='index.php'>index.php</a>"; 
  exit;
}
if (strstr($adsess,"\"") != NULL){
  echo "Silent Needle: i don't like you.<br>dont try to hack. :) [be a 
white hat don't be a black hat]<br><a href='index.php'>index.php</a>"; 
  exit;
}
//.........
//rest of code
=====================
this work with me and i hope it work with you too.

Oh Long Night
greetz to: SP.IC, NetSpider, ARAB-HAK, zalaboza, C0NIk, and all 
arabsecure.net t34m..

Silent Needle
member of ArabSecure.net t34m
silentneedle@...mail.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ