IntegraMOD

[atomhead]

Code: Select all

##-----[ OPEN ]------------------------------------------#/forums/kb.php  ##-----[ FIND ]------------------------------------------#define('IN_PHPBB', 1);  ##-----[ AFTER, ADD ]------------------------------------------#define('CT_SECLEVEL', 'MEDIUM');$ct_ignorepvar = array('article_desc','message');  ##-----[ SAVE/CLOSE ALL FILES ]------------------------------------------## EoM  

False positive.. applying this fix doesn't get rid of it. Error is when trying to add a KB article.

[JohnnyTheOne]

and the following debug worked

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /home/admin/admin_pa_license.php
----------------

Request-Method: POST

Matching rule: or
In variable: form

Matching rule: and
In variable: form

Matching rule: exec
In variable: form

Matching rule: "
In variable: form

Matching rule: into
In variable: form

Matching rule: id
In variable: form

Matching rule: rm
In variable: form

Matching rule: '
In variable: form

Matching rule: rm
In variable: form

Possible solution:
------------------

#
#-----[ OPEN ]------------------------------------------
#
/home/admin/admin_pa_license.php

#
#-----[ FIND ]------------------------------------------
#
define('IN_PHPBB', 1);

#
#-----[ AFTER, ADD ]------------------------------------------
#
define('CT_SECLEVEL', 'MEDIUM');
$ct_ignorepvar = array('form');

#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM

[fish222222]

I get false positives when I try to edit a template, put a filter in the show only files that contain box, and then try to change directories. It seems to be fine if I don't change directories though. Anyone have a fix for this?

[JohnnyTheOne]

and the following debug worked <img>

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /home/ratings.php
----------------

Request-Method: GET

Possible solution:
------------------

#
#-----[ OPEN ]------------------------------------------
#
/home/ratings.php

#
#-----[ FIND ]------------------------------------------
#
define('IN_PHPBB', 1);

#
#-----[ AFTER, ADD ]------------------------------------------
#
define('CT_SECLEVEL', 'MEDIUM');
$ct_ignoregvar = array('');

#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM

[atomhead]

Code: Select all

##-----[ OPEN ]------------------------------------------#/forums/kb.php  ##-----[ FIND ]------------------------------------------#define('IN_PHPBB', 1);  ##-----[ AFTER, ADD ]------------------------------------------#define('CT_SECLEVEL', 'MEDIUM');$ct_ignorepvar = array('article_desc','message');  ##-----[ SAVE/CLOSE ALL FILES ]------------------------------------------## EoM  

False positive.. applying this fix doesn't get rid of it. Error is when trying to add a KB article.

Same problem with trying to change the Links information in Qbar edit menu. Qbar > Nav Menu (i renamed it from whatever it was before) > Links edit > Submit = borked

[midjam]

Hi guys

I have a problem with deleting the private messages and with the path name in debugging

PMs won`t delete

And when i use the debugger i get

#
#-----[ OPEN ]------------------------------------------
#
/ "never any dir path here just the / "

#
#-----[ FIND ]------------------------------------------
#
include($phpbb_root_path . 'common.'.$phpEx);

Please help as my inbox is getting big and i can`t delete any posts <img>

[JohnnyTheOne]

and the following debug <img>

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /home/admin/admin_phpbbmyadmin.php
----------------

Request-Method: GET

Matching rule: delete%20
In variable: this_query

Matching rule: '
In variable: this_query

Possible solution:
------------------

#
#-----[ OPEN ]------------------------------------------
#
/home/admin/admin_phpbbmyadmin.php

#
#-----[ FIND ]------------------------------------------
#
define('IN_PHPBB', 1);

#
#-----[ AFTER, ADD ]------------------------------------------
#
define('CT_SECLEVEL', 'MEDIUM');
$ct_ignoregvar = array('this_query');

#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM

[cobra_pliskin]

I tried every thing but I get always the false positive when I try to check out REQUIRED FIELD in ALTER FORM DISPLAY under PCP.
What else to try?
I tried with a kick ... the only result was to lose a shoe down from the window!

[JohnnyTheOne]

and the following debug

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /home/admin/admin_extensions.php
----------------

Request-Method: POST

Matching rule: '
In variable: add_extension_group

Possible solution:
------------------

#
#-----[ OPEN ]------------------------------------------
#
/home/admin/admin_extensions.php

#
#-----[ FIND ]------------------------------------------
#
define('IN_PHPBB', 1);

#
#-----[ AFTER, ADD ]------------------------------------------
#
define('CT_SECLEVEL', 'MEDIUM');
$ct_ignorepvar = array('add_extension_group');

#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM

[midjam]

Hi again guys

Anyone know why i`m getting no pathname?

#
#-----[ OPEN ]------------------------------------------
#
/ "never any dir path here just the / "

#
#-----[ FIND ]------------------------------------------
#
include($phpbb_root_path . 'common.'.$phpEx);

[Juppertje]

i have simulair problem in forum/admin/admin_users.php

This user is blokked and i can not deblock this member i get message

SECURITY ALERT ÂÂÂ » ÂÂÂ » ÂÂÂ » ÂÂÂ »
CBACK CrackerTracker has detected a potential attack on this site with a worm or exploit .script so the Security System stopped the .script.


If you can see this page after including a new MOD into your board or after clicking on a link please contact the Board Administrator with this error message and a de.scription what you have done before you could see this page, that the Admin has the possibility to fix the problem.

[JohnnyTheOne]

the following debug is helpful to those who have installed it on 141

Script-Filename: /home/admin/admin_ina_xtras.php
----------------

Request-Method: POST

Matching rule: or
In variable: challenge_msg
In variable: trophy_msg

Possible solution:
------------------

#
#-----[ OPEN ]------------------------------------------
#
/home/admin/admin_ina_xtras.php

#
#-----[ FIND ]------------------------------------------
#
define('IN_PHPBB', 1);

#
#-----[ AFTER, ADD ]------------------------------------------
#
define('CT_SECLEVEL', 'MEDIUM');
$ct_ignorepvar = array('challenge_msg','trophy_msg');

#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM

Juppertje,
read the first post and this http://www.integramod.com/forum/kb.php?mode=article&k=22

[richiebgood]

Tell a friend is still giving me trouble. In the forum, when i want to send a topic that works ok.

On the portal, when i want to send some news articles there is no problem except with a few. Any ideas.

Debug info:

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /forum/tellafriend.php
----------------

Request-Method: GET

Possible solution:
------------------

#
#-----[ OPEN ]------------------------------------------
#
/forum/tellafriend.php

#
#-----[ FIND ]------------------------------------------
#
define('IN_PHPBB', 1);

#
#-----[ AFTER, ADD ]------------------------------------------
#
define('CT_SECLEVEL', 'MEDIUM');
$ct_ignoregvar = array('');

#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM



My tellafriend.php file.

<?php
define('IN_PHPBB', true);
define('CT_SECLEVEL', 'LOW');
$ct_ignorepvar = array('message','submit','');
$phpbb_root_path = "./";
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
include($phpbb_root_path . 'includes/functions_post.'.$phpEx);

[shaythong]

and the following debug <img>

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /home/admin/admin_phpbbmyadmin.php
----------------

Request-Method: GET

Matching rule: delete%20
In variable: this_query

Matching rule: '
In variable: this_query

Possible solution:
------------------

#
#-----[ OPEN ]------------------------------------------
#
/home/admin/admin_phpbbmyadmin.php

#
#-----[ FIND ]------------------------------------------
#
define('IN_PHPBB', 1);

#
#-----[ AFTER, ADD ]------------------------------------------
#
define('CT_SECLEVEL', 'MEDIUM');
$ct_ignoregvar = array('this_query');

#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM

This doesn't work?

[Wiked]

This CtackerTracker is more trouble than its worth IMO.

Until someone comes up with a way to to fix these errors that actually work then I think I will re upload 140 to my site.

Turning on debug mode and using logmanager, viewing the code to add to fix these errors doesn't work at all for me.