Jump to content

IPS Releases Updates to Community Suite

Guest IPS News

By Guest IPS News
in Feedback

Recommended Posts

bfarber Grand Master

bfarber

Posted
Posted

Are you hosted a customer? It sounds like you have encoded files - if you open those files are they all meaningless characters? If so, try uploading the files in binary mode.

  • Replies 182
  • Created
  • Last Reply
Real Deal Apprentice

Real Deal

Posted
Posted

Are you hosted a customer? It sounds like you have encoded files - if you open those files are they all meaningless characters? If so, try uploading the files in binary mode.


Yes, I'm hosted by Invision. Do you want me to just upload that particular php file in binary, or the entire folder again (all folders)? I wasn't sure if you guys were responding to my ticket, so I didn't want to upload anything, just in case someone was in there fixing it.

EDIT: I've started uploading all files and folders as binary...I suppose I could always go back and change that if it's incorrect.
bfarber Grand Master

bfarber

Posted
Posted

Not a problem. :)

As an fyi, encoded files need to be uploaded in binary mode, and most ftp programs aren't so good at detecting this with php files - the extension typically maps to ASCII (since unencoded files need to be uploaded as ASCII).

UBERHOST.NET Rookie

UBERHOST.NET

Posted
Posted

Think you missed my point, I have a zero that is not mentioned anywhere else, but as a date format it looks logical :lol:



By the way was an email sent out to customers about the update? I didn't get one but just happened to notice it when I logged into the forum.


DO'H! Now I see what you mean, lol.

As to an email, I certainly didn't receive one. I noticed it here like you did. :ph34r:
theclub Newbie

theclub

Posted
Posted

Your instructions for the new patch says to look for this line ...

$html = preg_replace( "/name=[\"']iconid[\"']\s*value=[\"']".intval($post_icon)."\s?[\"']/


... but mine looks like this ...

$html = preg_replace( "/name=[\"']iconid[\"']\s*value=[\"']$post_icon\s?[\"']


Do l need to put the brackets around $post_icon?


:blink:

theclub Newbie

theclub

Posted
Posted

Where is the problem ?



The problem is, you have absolutely no idea what you're doing, and you're trying to upgrade your forum.

The solution is to get someone to do it for you who knows what they're doing.


:)
freefreer Newbie

freefreer

Posted
Posted

The problem is, you have absolutely no idea what you're doing, and you're trying to upgrade your forum.



The solution is to get someone to do it for you who knows what they're doing.


:)



:blink: :o

thank you

is their any other one have objective reply ?
Boult Newbie

Boult

Posted
Posted

2 days ago I updated my board to the latest so the version has the .s in the build nbr. so I believe that my board is secure enough to prevent exploit attempts I seen few days ago from .ru email folks.

But today in the early morning like around 6am Az time, someone from vietnam signed up and hacked and made himself a admin and made my board send password change request to two of my email address. the admin account password was changed. but my username under admin mode wasn't because I received the email and I went in my board so my username is intact except for my admin which I had to change the password so I can log in as admin. then thanks to member registered today mod I was able to see who did it. so I went to look at validating list but he's not there obviously he changed his account to admin (how?)

so I took his ip address and added to ban filter so he won't do it again. and deleted his account.

I wish I could post attachment here but he registered as xavuong using this email address: shangyouboy@yahoo.com from the ip address: 203.162.3.159

he found a way to make himself as admin... hmm...

I am using 2.1.6 with the latest patches.. that the ".s" shows in the ACP.

I am considering uploading all the files from the full package while running the "difference" since I have several mods. just to make sure I didn't miss a hole.

FYI: he didn't do any damaging stuff just that he accessed the admin log to remove the info that he changed his account to admin and left while I accessed my board. he left afterward...

athlonkmf Newbie

athlonkmf

Posted
Posted

:blink: :o



thank you



is their any other one have objective reply ?



unfortunately, that guy is right...

unzip your file before uploading. type in the correct url to start upgrading, but the way you're doing things now makes me think that the chance that you ruin your whole site is about 80%.


2 days ago I updated my board to the latest so the version has the .s in the build nbr. so I believe that my board is secure enough to prevent exploit attempts I seen few days ago from .ru email folks.



But today in the early morning like around 6am Az time, someone from vietnam signed up and hacked and made himself a admin and made my board send password change request to two of my email address. the admin account password was changed. but my username under admin mode wasn't because I received the email and I went in my board so my username is intact except for my admin which I had to change the password so I can log in as admin. then thanks to member registered today mod I was able to see who did it. so I went to look at validating list but he's not there obviously he changed his account to admin (how?)



so I took his ip address and added to ban filter so he won't do it again. and deleted his account.



I wish I could post attachment here but he registered as xavuong using this email address: shangyouboy@yahoo.com from the ip address: 203.162.3.159



he found a way to make himself as admin... hmm...



I am using 2.1.6 with the latest patches.. that the ".s" shows in the ACP.



I am considering uploading all the files from the full package while running the "difference" since I have several mods. just to make sure I didn't miss a hole.



FYI: he didn't do any damaging stuff just that he accessed the admin log to remove the info that he changed his account to admin and left while I accessed my board. he left afterward...



sounds like you got hacked before and they left a little backdoor....

Do a complete clean upgrade. Meaning, copy your current forum-dir to your home computer, remove the dir from the server, upload the new version with the old conf_global.php, and then do an upgrade
Boult Newbie

Boult

Posted
Posted

seriously? backdoor in ipb? why would I take them offline in order to install fresh using old conf_global.php?

I don't think they left a backdoor but just one user found the exploit that IPB missed. I didn't say "they" since it is only one person that finally made himself admin.. while others .ru email address folks failed... interesting before I applied the .s patch nothing happens then after .s patch.. I get one that got in.

you see that IPB said they are not able to recreate the exploit on their test boards.. hmm would that be a deception to get IPB patch for no reason?

freefreer Newbie

freefreer

Posted
Posted

unzip your file before uploading.



I tried to unzip the file before uploading .. and I got an error because the file is not a valid Win 32 application

Thank you
bfarber Grand Master

bfarber

Posted
Posted

seriously? backdoor in ipb? why would I take them offline in order to install fresh using old conf_global.php?



I don't think they left a backdoor but just one user found the exploit that IPB missed. I didn't say "they" since it is only one person that finally made himself admin.. while others .ru email address folks failed... interesting before I applied the .s patch nothing happens then after .s patch.. I get one that got in.



you see that IPB said they are not able to recreate the exploit on their test boards.. hmm would that be a deception to get IPB patch for no reason?



We could not exploit the holes reported - however that doesn't mean a dedicated hacker couldn't. We are taking the approach better safe than sorry - since it is potentially possible that the affected code is indeed exploitable. I don't think we can be faulted for trying to protect our customers.

And the new patches in no way introduced an exploit. You can use the manual patch instructios to see what was changed - intval was added in a couple spots and that is it, this doesn't introduce an exploit. That doesn't mean in 100's of thousands of lines of code other exploits are impossible and absolutely don't exist - however it is quite rare someone would hack a random board, but not go after the giant sites running our software. Additionally we are not aware of any other exploits at this time. So my best recommendation is to submit a support ticket and make sure you have your error and access logs available for us to review. We take all security reports very seriously and would be happy to look into it for you, but that sort of thing just can't be done by discussion here on the forums because we'll need your sensitive login information, etc. etc.

I tried to unzip the file before uploading .. and I got an error because the file is not a valid Win 32 application



Thank you



:huh: - seriously, I'd recommend submitting a ticket asking for help. Our technicians will be able to upgrade your site for you. :)
mtlister Newbie

mtlister

Posted
Posted

I have a problem. This happened while upgrading my forum script from 2.0.4 to 2.1.6.

Everything was going fine until it started to rebuild the template files at the very end and it froze. Now I get this error when I try to access the board:

IPB WARNING [2] load_template(/ipbforum/cache/skin_cache/cacheid_2/skin_global.php): failed to open stream: No such file or directory (Line: 1351 of /sources/ipsclass.php)



And this when I try to run the upgrade script again:

Could not locate the required upgrade script: 'upg_/version_upgrade.php'



Any help?
Sam A Explorer

Sam A

Posted
Posted

Why doesn't the latest update change the long version number in the ACP? I thought that was the whole point of this new system?

kak Newbie

kak

Posted
Posted

F*CK, the download of the file doesn't work. I get a sql-error! :(

mySQL query error: SELECT * FROM download_packages WHERE download_id= AND download_allow LIKE '%,2,%'



SQL error:


SQL error code:


Date: Monday 22nd of May 2006 04:53:14 PM

Brandon C Collaborator

Brandon C

Posted
Posted

F*CK, the download of the file doesn't work. I get a sql-error! :(


Please make sure you are logged into your client center before you attempt to download the file or you will receive the above error.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Invision Community © 2024 IPS, Inc.
×
×
  • Create New...