[31094] in bugtraq
Re: bug in Invision Power Board[patch]
daemon@ATHENA.MIT.EDU (silent needle)
Mon Aug 11 12:45:13 2003
Date: 11 Aug 2003 12:33:33 -0000
Message-ID: <20030811123333.23812.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: silent needle <silentneedle@hotmail.com>
To: bugtraq@securityfocus.com
In-Reply-To: <20030809082131.25004.qmail@www.securityfocus.com>
to patch the forum
all what you have to do
is adding these lines in the begining of admin.php
======admin.php======
<?php
if (strstr($adsess,"'") != NULL){
echo "Silent Needle: i don't like you.<br>dont try to hack. :) [be a
white hat don't be a black hat]<br><a href='index.php'>index.php</a>";
exit;
}
if (strstr($adsess,"\"") != NULL){
echo "Silent Needle: i don't like you.<br>dont try to hack. :) [be a
white hat don't be a black hat]<br><a href='index.php'>index.php</a>";
exit;
}
//.........
//rest of code
=====================
this work with me and i hope it work with you too.
Oh Long Night
greetz to: SP.IC, NetSpider, ARAB-HAK, zalaboza, C0NIk, and all
arabsecure.net t34m..
Silent Needle
member of ArabSecure.net t34m
silentneedle@hotmail.com
