Quote:

Is it possible for somebody to upload something that *purports* to be a image but is in fact an executable script of some kind. IOW, is there any upload area in XOOPS that may accept various types of restricted uploads that may not be scanning the files as designed?

Looking through the logs once again, the very last GET before the POST from user.php was for "uploads/blank.gif". At that last GET the user had a SESSIONID and one IP, when the POST happened the user had the same SESSIONID with a different IP.

Is there a correlation there?


jaquita

Hi billyvision,

I'm not a XOOPS expert but I like looking at the different ways people present their data. I think you're going to have a very nice site very quickly. You have a lot of interesting things to look at without it being overwhelming. Especially some of those cute little animated icons.

Now some problems I noticed. This is from just a quick run through the site. Just so you'll know, I'm using Mozilla 1.7.11 under Gentoo Linux 2005.1.

One problem I experienced was when I first loaded the site everything was centered. I followed one of the links from the top menu and when I did the entire site was shifted to the left border and never got recentered afterwards. The width of the site remained fixed though. NOTE: I just reloaded the site from the original URL and it centered again. It looks like some links are using "http://www.ayubians.com/amc/" instead ofhttp://www.ayubians.com/thesite/".

You have a banner at the top of the center page area that sometimes says "Ayubians.com Greetings Service", other times other things. This banner area is cut off to about half way down it's height so I can only see the bottom half of anything it contains.

Is the top menu you're using one of the XOOPS modules? I'm just exploring XOOPS myself so I'm not familiar with everything it offers. It looks like it might be useful to me for another site I have in mind.

All in all, I think you're doing well.

jaquita

Quote:

Is it possible you made a typo in register.php when you made that change? You also might want to make sure your editor didn't put any extra spaces or linefeeds AFTER the closing php bracket "?>" in that file.

jaquita

I noticed that single POST as well and was wondering about it. I'm not very familiar with the XOOPS code (yet) but is it possible to post php code, or any executable code for that matter, into a forum message that could then be executed when the message is loaded through a direct call?

Just wondering.

jaquita

At a first glance at the logs it appears the intruder was using newBB just before, during, and immediately after gaining access. Also, the PHPSESSIONID is exactly the same throughout that log sequence although it comes from two different IP's. I didn't know that was possible.

It also looks like "/modules/newbb/viewtopic.php topic_id=2&forum=1" was important during the core sequence up to gaining admin access. After that, it's not used anymore.

Those are just observations of the log. Exactly what it means within the XOOPS framework I don't know.

Good luck.

jaquita

Having read through this thread I don't see anywhere where the OS XOOPS is running on is mentioned. But I'll throw in my two cents worth anyhow.

If XOOPS is running on Linux make sure you check your file permissions and verify that the web server has access to read and possibly write to the XOOPS files. Especially if you've just added an upgrade or new module.

I'm using Xoops-2.2.3 running on ArchLinux and haven't had any serious problems. However, I *HAVE* seen XOOPS and other php programs display odd behaviour when they can't read some files because of misconfigured permissions.

Just a thought.

jaquita

Nice and clean, fast too. I couldn't find anything there that says what your site is about or for. However, I did vote in your poll

jaquita

As a Linux user I have tried almost every php IDE available for Linux and have found all of them lacking in some way.

For php development, Eclipse is a bear of a program and neither phpEclipse nor Xored TruStudio, both Eclipse plugins, work "as advertised". Both seem to be geared more toward Windows users rather than Linux users.

Eclipse is also majorly focused toward Java development with most of the other languages only nominally supported as far as I can tell.

Zend Studio seems to work really well under Gentoo Linux but it also had issues and annoying little bugs. The biggest issue is the price. To me, $300 is a lot of money when there are so many other equally unsuitable choices.

Until something really useful for Linux comes along I find a combination of phpEclipse (bugs, Java and all) and whatever small editor is available when I need one suitable for most things.

From the looks of things, Windows php developers have a rather large and colorful choice of options.

jaquita

I agree with Lourdes, very gentle colors, easy on the eyes. One little error I noticed is right at the beginning of the first paragraph "If your looking for information". The word "your" should be "you're".

Nice site. Good luck.

Jaquita