coppermine 1.3 security exploit :: Archived

purepersian

guys, the user that keeps changing usernames, i SUSPENDED his account and hes using the same account, he came on shoutblock and said "aah u think u can suspend my account? haha"
now hes back changing usernames in the comments field

i even blocked his ip and ip range

why does this guy wanna ruin my site? Sad

what have i done to him? bloody hell

alexm

purepersian wrote:

guys, the user that keeps changing usernames, i SUSPENDED his account and hes using the same account, he came on shoutblock and said "aah u think u can suspend my account? haha"
now hes back changing usernames in the comments field
i even blocked his ip and ip range

If you can provide server logs, please PM me and I'll give you an email address to send them to.

Quote::

why does this guy wanna ruin my site? Sad

what have i done to him? bloody hell

Some people are just jerks like that.

As far as I can tell, this seems to be isolated to your site only. Without better information, we may never know how this guy's doing it.

alex

purepersian

ok thanks a lot

maybe he is abusing some cookies i dont know

he can some how post a comment in coppermine and then change the name, even though i have disabled the EDIT button and also the username field

he can also use a username that i have SUSPENDED and make shouts in the shoutblock and also post comments in the gallery

he can also post multiple comments in the gallery even though iv disabled the function

and iv also banned his ip address and ip range in my htaccess file but he still comes through Sad

maybe a full reinstall of the site would be a good idea? but then again id lose all database information, iv got too many things put on the site to have to do it again, so that would be a last resort

purepersian

DJ Maze

Mon Sep 06, 2004 3:48 pm VS Mon Sep 06, 2004 5:49 pm

nice way to bump, but there's no way to block UNLESS you block posting from outside servers.
Don't ask me to fix cos we are already working on that and it has issues.

You can try CVS version but that has a ZERO SUPPORT tollerence.

NanoCaiordo

The link for the fix on the home page needs to be update as well, still point at 1.7

masterbeta

ok this file is unavailable?

anyone help?

masterbeta

the file on the mainpage of this site is still unavailable...where is the file?

kikilala · Nice poster Offline Joined: Aug 25, 2004 Posts: 102

I've update the file that is given in the main page. But I still can edit the my name in the comments. Am I updating the right file?

db_input from the main page >>> replacing >>> db_input in modules/coppermine

Is this right? If this is right, I'm still able to change the nick in the comments section.,

winglet

Ok, I replaced the db_input.php file with the 1.8 ver and get this error:

Warning: file(): php_network_getaddresses: getaddrinfo failed: Name or service not known in /home/mydomain/www/www/modules/coppermine/include/functions.inc on line 215

Warning: file(http://nukephotogallery.com/ver/version.php?ver=1.3.0c): failed to open stream: No such file or directory in /home/mydomain/www/www/modules/coppermine/include/functions.inc on line 215

Running 8.2b with Coppermine 1.3.0c

??

Stephen · Silver Supporter Offline Joined: Apr 21, 2004 Posts: 734

winglet, cpgnuke.com/Forums/vie...html#24822

winglet

Arrgh...after looking at line 215 in include.php even my pea-sized brain was able to determine it had something to do with the nukedgallery version update thingy...haven't worked on my site for a while and the error seemed to happen right after I put the new exploit cure file in...thanks Stephen, my bad...

Trevor

The error is only related to nukephotogallery.com being down, it has nothing to do with anything you could have done