darkfreaks Posted July 12, 2008 Share Posted July 12, 2008 ah ok well its looking better i rescanned only picked up 17 exploits last time it was 500 Link to comment https://forums.phpfreaks.com/topic/114400-free-subscription-for-your-feedback/page/2/#findComment-588643 Share on other sites More sharing options...
rarebit Posted July 12, 2008 Author Share Posted July 12, 2008 Looking through the logs i'm seeing a good brute force attempt going for a login (i'm not sure if they realise the system banned them time ago?), but i'm thinking what if the name of the login input fields were to change periodically in a similar way to captcha, or whether it's overkill? *** 17, yep better, but I still got a big list todo and also get onto hosts about a few issues after weekend... Many thanks for your time, effort and electrons! Link to comment https://forums.phpfreaks.com/topic/114400-free-subscription-for-your-feedback/page/2/#findComment-588648 Share on other sites More sharing options...
darkfreaks Posted July 13, 2008 Share Posted July 13, 2008 it may be my program scanning the login files it is still picking up autocomplete as enabled on those files Link to comment https://forums.phpfreaks.com/topic/114400-free-subscription-for-your-feedback/page/2/#findComment-588649 Share on other sites More sharing options...
rarebit Posted July 13, 2008 Author Share Posted July 13, 2008 24 28 78 88 whois is unclear as to where, but not pushed the search, my eyes feel like they've been washed in bleech :'( Link to comment https://forums.phpfreaks.com/topic/114400-free-subscription-for-your-feedback/page/2/#findComment-588654 Share on other sites More sharing options...
darkfreaks Posted July 13, 2008 Share Posted July 13, 2008 hahaha yeah just make sure everything under login/register is autocomplete=off that will cut you down to 14 exploits if nothing else pops up. oh and did your host disable Trace HTTP Method or did you do it throgh .htacess? Link to comment https://forums.phpfreaks.com/topic/114400-free-subscription-for-your-feedback/page/2/#findComment-588656 Share on other sites More sharing options...
rarebit Posted July 13, 2008 Author Share Posted July 13, 2008 I changed the login autocompletes, but most of the registration stuff uses a daft forms class I wrote ages ago, but I decided earlier to get rid, so i'll handle them 2m... Not touched the 'Trace HTTP' issue yet! But i've just found this Link to comment https://forums.phpfreaks.com/topic/114400-free-subscription-for-your-feedback/page/2/#findComment-588661 Share on other sites More sharing options...
darkfreaks Posted July 13, 2008 Share Posted July 13, 2008 nice does the rewrite rule apply for HTTP Method TRACK ??? that will get rid of another exploit Link to comment https://forums.phpfreaks.com/topic/114400-free-subscription-for-your-feedback/page/2/#findComment-588663 Share on other sites More sharing options...
rarebit Posted July 13, 2008 Author Share Posted July 13, 2008 this is a better page, then when looking at this it looks like this: RewriteEngine on RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] handles the lot... (even though he was using apache 1.3) but later suggested this way: RewriteEngine on RewriteCond %{REQUEST_METHOD} !^(GET|POST|HEAD)$ RewriteRule .* - [F] Link to comment https://forums.phpfreaks.com/topic/114400-free-subscription-for-your-feedback/page/2/#findComment-588665 Share on other sites More sharing options...
darkfreaks Posted July 13, 2008 Share Posted July 13, 2008 nice whatever you did it no longer picks up trace but it picked up track so ill rescan after this to see if that goes away Link to comment https://forums.phpfreaks.com/topic/114400-free-subscription-for-your-feedback/page/2/#findComment-588667 Share on other sites More sharing options...
rarebit Posted July 13, 2008 Author Share Posted July 13, 2008 I've just tried this but it looks like it still gets it? Link to comment https://forums.phpfreaks.com/topic/114400-free-subscription-for-your-feedback/page/2/#findComment-588668 Share on other sites More sharing options...
darkfreaks Posted July 13, 2008 Share Posted July 13, 2008 lol that site doesnt even work Link to comment https://forums.phpfreaks.com/topic/114400-free-subscription-for-your-feedback/page/2/#findComment-588669 Share on other sites More sharing options...
rarebit Posted July 13, 2008 Author Share Posted July 13, 2008 I'm trying it with telnet and i'm not getting a response with or without the mod_rewrite stuff, it just hangs? Link to comment https://forums.phpfreaks.com/topic/114400-free-subscription-for-your-feedback/page/2/#findComment-588672 Share on other sites More sharing options...
darkfreaks Posted July 13, 2008 Share Posted July 13, 2008 your fine my program dont detect it Link to comment https://forums.phpfreaks.com/topic/114400-free-subscription-for-your-feedback/page/2/#findComment-588685 Share on other sites More sharing options...
darkfreaks Posted July 13, 2008 Share Posted July 13, 2008 the rewrite doesnt work man your gunna have to ask ur host to disable trace and track method via server Link to comment https://forums.phpfreaks.com/topic/114400-free-subscription-for-your-feedback/page/2/#findComment-588965 Share on other sites More sharing options...
Recommended Posts