Page 1 of 1
Security threat
Posted: Sun 17 Mar, 2002 7:17 pm
by Cronkilla
There is a very old still widly used 'exploit' for this BB.I cant remember where i put it, ill have to find it or code it back up again.I think there has been a patch released but i am not certain to if its 100% safe .
Posted: Mon 18 Mar, 2002 5:23 am
by Beast
Hi Cronkilla,
I think your referring to the old
JS or
URL exploit.
As far as i know these have been patched.
Regards
Jay
Posted: Mon 18 Mar, 2002 9:49 am
by Cronkilla
Im not aware of those risks but the one i was refering too is the way in which the board is coded it allows users to log in as admin via certain url's basically bypassing normal security.
Posted: Mon 18 Mar, 2002 10:25 am
by Beast
Ah the url exploit to gain different user levels and admin.
I have confirmed that this exploit no longer exists as the new style board does not use user levels no more.
But if you do come across the url code i would be interested if you could email me it.
Regards
Jay.
Posted: Mon 18 Mar, 2002 5:48 pm
by Cronkilla
I am very positive the exploit is still commonly used on this type of board. I will have to gte a few of my friends round and we will have to go through the code and find the design flaw and make a patch up for it,of course this caudl take minutes days or never
as all those who code in any language will know