Navigator
Online Users
In total there are 753 users online :: 1 registered, 0 hidden and 752 guests
Most users ever online was 1091 on Wed Aug 16, 2023 5:27 pm
Registered users: Bing [Bot] based on users active over the past 60 minutes
CrackerTracker Exploit False Positives
Moderator: Integra Moderator
Re: CrackerTracker Exploit False Positives
Author: Teelk » Wed Feb 07, 2007 10:30 am
That is only for the "wheel of fortune MOD".
Last edited by Teelk on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
-
Teelk - Dev Team
- Posts: 1309
- Likes: 0 post
- Liked in: 0 post
- Joined: Tue Mar 14, 2006 5:25 pm
- Cash on hand: 0.00
- Location: Canada
Re: CrackerTracker Exploit False Positives
Author: Leadfoot » Wed Feb 07, 2007 11:20 am
actually psypru its for the game "wheel of forune" which is part of the amod arcade mod. Just so you are clear.
Last edited by Leadfoot on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
-
Leadfoot - Integra Member
- Posts: 131
- Likes: 0 post
- Liked in: 0 post
- Joined: Sun Oct 01, 2006 4:02 pm
- Cash on hand: 0.00
Re: CrackerTracker Exploit False Positives
Author: ScottDaMan » Thu Feb 08, 2007 3:01 pm
Couple false positives related to the qbar.
Script-Filename: /forum/admin/admin_qbar.php
Original:
$ct_ignorepvar = array('url');
New
$ct_ignorepvar = array('url','explain','shortcut');
Here's the debug details:
and
Script-Filename: /forum/admin/admin_qbar.php
Original:
$ct_ignorepvar = array('url');
New
$ct_ignorepvar = array('url','explain','shortcut');
Here's the debug details:
- Code: Select all
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++Script-Filename]------------------------------------------#/forum/admin/admin_qbar.php ##-----[ FIND ]------------------------------------------#define('IN_PHPBB', 1); ##-----[ AFTER, ADD ]------------------------------------------#define('CT_SECLEVEL', 'MEDIUM');$ct_ignorepvar = array('explain');
and
- Code: Select all
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++Script-Filename]------------------------------------------#/forum/admin/admin_qbar.php ##-----[ FIND ]------------------------------------------#define('IN_PHPBB', 1); ##-----[ AFTER, ADD ]------------------------------------------#define('CT_SECLEVEL', 'MEDIUM');$ct_ignorepvar = array('shortcut'); ##-----[ SAVE/CLOSE ALL FILES ]------------------------------------------## EoM
Last edited by ScottDaMan on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
[url=http]Star Wars United[/url] - My IM141 Board.
-
ScottDaMan - Members
- Posts: 46
- Likes: 0 post
- Liked in: 0 post
- Joined: Wed Jan 31, 2007 11:40 am
- Cash on hand: 0.00
Re: CrackerTracker Exploit False Positives
Author: Leadfoot » Fri Feb 09, 2007 3:22 pm
Ok have the debug info and fix for cookie mod.
That stopped the cracker tracker error for me.
- Code: Select all
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++Script-Filename: /forum/cookieMOD/cookie.php---------------- Request-Method: POST Matching rule: _phpIn variable: cookie_namePossible solution:------------------ ##-----[ OPEN ]------------------------------------------#/forum/cookieMOD/cookie.php ##-----[ FIND ]------------------------------------------#define('IN_PHPBB', 1); ##-----[ AFTER, ADD ]------------------------------------------#define('CT_SECLEVEL', 'MEDIUM');$ct_ignorepvar = array('cookie_name'); ##-----[ SAVE/CLOSE ALL FILES ]------------------------------------------## EoM
That stopped the cracker tracker error for me.
Last edited by Leadfoot on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
-
Leadfoot - Integra Member
- Posts: 131
- Likes: 0 post
- Liked in: 0 post
- Joined: Sun Oct 01, 2006 4:02 pm
- Cash on hand: 0.00
Re: CrackerTracker Exploit False Positives
Author: thatjoeguy » Mon Feb 12, 2007 9:41 am
I just tried modiying the Welcome PM through the ACP and got the CTracker warning. Put it into debug and found the possible fix, but it doesn't solve the probem.
The log says:
I didn't find:
require('./pagestart.' . $phpEx);
But instead found
require("pagestart.$phpEx");
and inserted the code after that, but it seems to have had no effect.
The log says:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /admin/admin_wpm.php
----------------
Request-Method: POST
Matching rule: or
In variable: wpm_message
Matching rule: and
In variable: wpm_message
Matching rule: '
In variable: wpm_message
Possible solution:
------------------
#
#-----[ OPEN ]------------------------------------------
#
/admin/admin_wpm.php
#
#-----[ FIND ]------------------------------------------
#
require('./pagestart.' . $phpEx);
#
#-----[ AFTER, ADD ]------------------------------------------
#
define('CT_SECLEVEL', 'MEDIUM');
$ct_ignorepvar = array('wpm_message');
#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM
I didn't find:
require('./pagestart.' . $phpEx);
But instead found
require("pagestart.$phpEx");
and inserted the code after that, but it seems to have had no effect.
Last edited by thatjoeguy on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
-
thatjoeguy - Members
- Posts: 48
- Likes: 0 post
- Liked in: 0 post
- Joined: Thu Apr 06, 2006 3:55 pm
- Cash on hand: 0.00
Author: Leadfoot » Tue Feb 13, 2007 1:39 am
I thought I would go try and see if I could debug it even farther joeguy. But I seemed to also run into other issues which I will put in another post. But try this it may work.
#
#-----[ OPEN ]------------------------------------------
#
/forum/admin/admin_wpm.php
#
#-----[ FIND ]------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ AFTER, ADD ]------------------------------------------
#
define('CT_SECLEVEL', 'MEDIUM');
$ct_ignorepvar = array('wpm_message');
#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
#
#-----[ OPEN ]------------------------------------------
#
/forum/admin/admin_wpm.php
#
#-----[ FIND ]------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ AFTER, ADD ]------------------------------------------
#
define('CT_SECLEVEL', 'MEDIUM');
$ct_ignorepvar = array('wpm_message');
#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
Last edited by Leadfoot on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
-
Leadfoot - Integra Member
- Posts: 131
- Likes: 0 post
- Liked in: 0 post
- Joined: Sun Oct 01, 2006 4:02 pm
- Cash on hand: 0.00
Re: CrackerTracker Exploit False Positives
Author: BMD » Wed Feb 14, 2007 7:52 am
I just went to change the Welcoming PM and hit a CT issue
I get how to edit the code... but I am on a paid host provider server and don't see the referenced path at all, and I believe they use linux
anyone got a clue?
also I already implemented Zack's patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /usr/local/apache/cgi-bin/php.cgi-4.3.1
----------------
Request-Method: POST
Matching rule: or
In variable: wpm_message
Matching rule: and
In variable: wpm_message
Matching rule: "
In variable: wpm_message
Matching rule: '
In variable: wpm_message
Possible solution:
------------------
#
#-----[ OPEN ]------------------------------------------
#
/usr/local/apache/cgi-bin/php.cgi-4.3.1
#
#-----[ FIND ]------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ AFTER, ADD ]------------------------------------------
#
define('CT_SECLEVEL', 'MEDIUM');
$ct_ignorepvar = array('wpm_message');
#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM
I get how to edit the code... but I am on a paid host provider server and don't see the referenced path at all, and I believe they use linux
anyone got a clue?
also I already implemented Zack's patch
Last edited by BMD on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
-
BMD - Members
- Posts: 84
- Likes: 0 post
- Liked in: 0 post
- Joined: Thu Aug 24, 2006 4:12 am
- Cash on hand: 0.00
Author: tekguru » Wed Feb 14, 2007 9:49 am
Once these are all resolved with there be a definitive fix?
Last edited by tekguru on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
[size=99px]http][/size]
[url=http][img=left]http://www.4winmobile.com/news/MVP_Horizontal_FullColor.png[/img][/url]
[url=http][img=left]http://www.4winmobile.com/news/MVP_Horizontal_FullColor.png[/img][/url]
-
tekguru - Sr Integra Member
- Posts: 329
- Likes: 0 post
- Liked in: 0 post
- Joined: Tue Mar 28, 2006 10:29 pm
- Cash on hand: 0.00
Re: CrackerTracker Exploit False Positives
Author: JohnnyTheOne » Wed Feb 14, 2007 2:33 pm
The following debug worked to me.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /home/profile.php
----------------
Request-Method: POST
Matching rule: delete
In variable: delete_user
Possible solution:
------------------
#
#-----[ OPEN ]------------------------------------------
#
/home/profile.php
#
#-----[ FIND ]------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ AFTER, ADD ]------------------------------------------
#
define('CT_SECLEVEL', 'MEDIUM');
$ct_ignorepvar = array('delete_user');
#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM
Last edited by JohnnyTheOne on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
-
JohnnyTheOne - Members
- Posts: 78
- Likes: 0 post
- Liked in: 0 post
- Joined: Tue Apr 18, 2006 7:35 am
- Cash on hand: 0.00
- Location: Hengelo (ov)
Re: CrackerTracker Exploit False Positives
Author: JohnnyTheOne » Wed Feb 14, 2007 5:04 pm
end the following Warning: No ending delimiter '#' found in /var/www/vhosts/johnnytheone.com/httpdocs/home/ctracker/engines/ct_security.php on line 357
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /home/admin/admin_pa_ug_auth.php
----------------
Request-Method: GET
Possible solution:
------------------
#
#-----[ OPEN ]------------------------------------------
#
/home/admin/admin_pa_ug_auth.php
#
#-----[ FIND ]------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ AFTER, ADD ]------------------------------------------
#
define('CT_SECLEVEL', 'MEDIUM');
$ct_ignoregvar = array('');
#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM
Last edited by JohnnyTheOne on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
-
JohnnyTheOne - Members
- Posts: 78
- Likes: 0 post
- Liked in: 0 post
- Joined: Tue Apr 18, 2006 7:35 am
- Cash on hand: 0.00
- Location: Hengelo (ov)
Re: CrackerTracker Exploit False Positives
Author: Leadfoot » Thu Feb 15, 2007 2:21 pm
Ok one more for you guys
when trying to submit an update to navigation menu I would get ct warning when hitting submit on the edit.
here is the fix
when trying to submit an update to navigation menu I would get ct warning when hitting submit on the edit.
here is the fix
- Code: Select all
Script-Filename: /forum/admin/admin_qbar.php---------------- Request-Method: POST Matching rule: load In variable: explainPossible solution:------------------ ##-----[ OPEN ]------------------------------------------#/forum/admin/admin_qbar.php ##-----[ FIND ]------------------------------------------#define('IN_PHPBB', 1); ##-----[ AFTER, ADD ]------------------------------------------#define('CT_SECLEVEL', 'MEDIUM');$ct_ignorepvar = array('explain'); ##-----[ SAVE/CLOSE ALL FILES ]------------------------------------------## EoM
Last edited by Leadfoot on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
-
Leadfoot - Integra Member
- Posts: 131
- Likes: 0 post
- Liked in: 0 post
- Joined: Sun Oct 01, 2006 4:02 pm
- Cash on hand: 0.00
Author: sanji » Fri Feb 16, 2007 5:17 am
I can not add an administrator to my board: When going in User Admin -> Permissions, I get a false positive when submitting the name of a user.
OK, I have not find how to solve the problem yet...
sanji
OK, I have not find how to solve the problem yet...
sanji
Last edited by sanji on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
[img]http://www.secret-japan.com/forum/images/banners/fuji%20secret-japan%2088x31.gif[/img] [url=http]Secret Japan[/url] : discover Japan off the beaten tracks
-
sanji - Sr Integra Member
- Posts: 291
- Likes: 0 post
- Liked in: 0 post
- Joined: Wed Apr 12, 2006 8:18 pm
- Cash on hand: 0.00
Re: CrackerTracker Exploit False Positives
Author: Pogue Moran » Fri Feb 16, 2007 10:49 am
Can anyone help me fix a false positive? I'm trying to get the inline quickediting function of Ajax but I keep getting a false positive everytime I try to save the edit what do I need to do to fix this?
Below is the install file
[url=http]Ajaxed Install Instruction[/url]
Below is the install file
[url=http]Ajaxed Install Instruction[/url]
Last edited by Pogue Moran on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
-
Pogue Moran - Members
- Posts: 74
- Likes: 0 post
- Liked in: 0 post
- Joined: Sat Jun 24, 2006 4:48 pm
- Cash on hand: 0.00
Re: CrackerTracker Exploit False Positives
Author: fish222222 » Fri Feb 16, 2007 10:59 am
I get false positives on just about everything I do, even with all of the security turned off. I just put 1.4.0 back on and called it good. Too many issues to deal with to mess with it.
Last edited by fish222222 on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
-
fish222222 - Newbie
- Posts: 17
- Likes: 0 post
- Liked in: 0 post
- Joined: Mon Jan 22, 2007 4:37 pm
- Cash on hand: 0.00
Re: CrackerTracker Exploit False Positives
Author: Khoas » Sat Feb 17, 2007 3:41 am
Adding a banner:
- Code: Select all
Possible solution]------------------------------------------#/forum/admin/admin_banner.php ##-----[ FIND ]------------------------------------------#define('IN_PHPBB', 1); ##-----[ AFTER, ADD ]------------------------------------------#define('CT_SECLEVEL', 'MEDIUM');$ct_ignorepvar = array('banner_name'); ##-----[ SAVE/CLOSE ALL FILES ]------------------------------------------## EoM
Last edited by Khoas on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
-
Khoas - Newbie
- Posts: 1
- Likes: 0 post
- Liked in: 0 post
- Joined: Fri May 19, 2006 6:27 am
- Cash on hand: 0.00
Who is online
Registered users: Bing [Bot]
