Hacking Attempt

All web design discussion, including Ultimate Quiz MOD support.

Moderator: CricketMX Forum Moderators

Swader
Greenhorn
Greenhorn
Posts: 9
Joined: Tue Jun 13, 2006 12:29 pm

So what do I need to do....

I at present have this code...

Code: Select all

      if (in_array($var, $not_unset))
      {
         die('Hacking attempt!');
      }
      unset($$var);
Should I replace it with the other one.??
Swader
Greenhorn
Greenhorn
Posts: 9
Joined: Tue Jun 13, 2006 12:29 pm

sputum wrote:The problem is this change in the last phpbb update in the common.php:

Code: Select all

#
#-----[ FIND ]---------------------------------------------
#
      if (!in_array($var, $not_unset))
      {
         unset($$var);
      }

#
#-----[ REPLACE WITH ]---------------------------------------------
#
      if (in_array($var, $not_unset))
      {
         die('Hacking attempt!');
      }
      unset($$var);
Thnx... I reverted it and its working now.

Guyz who have updated to the latest 2.0..21 version do this....

Code: Select all

#
#-----[ FIND ]---------------------------------------------
#
      if (in_array($var, $not_unset))
      {
         die('Hacking attempt!');
      }
      unset($$var);

#
#-----[ REPLACE WITH ]---------------------------------------------
#
      if (!in_array($var, $not_unset))
      {
         unset($$var);
      }
sputum
Greenhorn
Greenhorn
Posts: 9
Joined: Mon Jun 12, 2006 2:39 pm

thats a workaround, but i guess its kind of a security problem...

i guess the quiz mod has to be modieifed...

btw: majorflame bookmakers mod has the same Problem!
User avatar
battye
Site Admin
Site Admin
Posts: 14391
Joined: Sun Jan 11, 2004 8:26 am
Location: Australia
Contact:

Ah, thank you for finding that. I will investigate it and see what is happening.
CricketMX.com in 2022: Still the home of bat's, rat's and other farmyard animals!

"OK, life [as you chose to define it] repeats until there are no more lessons to be learned." - nrnoble (June 12, 2005)
"the new forum looks awesome, it's getting bigger & better" - p2p-sharing-rules (11 Jan, 2008)
"Looks like CMX is not only getting bigger...but, also getting better!!" - moongirl (14 Dec, 2007)
fighteur8
Greenhorn
Greenhorn
Posts: 12
Joined: Tue Oct 11, 2005 8:38 pm
Contact:

have you find a solution ?

except the code to change in common.php wich is a security issue...

:wink:
User avatar
battye
Site Admin
Site Admin
Posts: 14391
Joined: Sun Jan 11, 2004 8:26 am
Location: Australia
Contact:

fighteur8 wrote:have you find a solution ?

except the code to change in common.php wich is a security issue...

:wink:
Sort of. It is quite complicated, and I imagine will require a fair few changes.
CricketMX.com in 2022: Still the home of bat's, rat's and other farmyard animals!

"OK, life [as you chose to define it] repeats until there are no more lessons to be learned." - nrnoble (June 12, 2005)
"the new forum looks awesome, it's getting bigger & better" - p2p-sharing-rules (11 Jan, 2008)
"Looks like CMX is not only getting bigger...but, also getting better!!" - moongirl (14 Dec, 2007)
MetaneT
Greenhorn
Greenhorn
Posts: 1
Joined: Wed Jul 05, 2006 7:59 pm

fighteur8 wrote:have you find a solution ?

except the code to change in common.php wich is a security issue...

:wink:
firstly hi all,
thanks to the coders of this cool mod :D

I got the same Hacking Attemp problem before I did the code changes u gave above.

Now it is well working but I wondered if the changes makes any security issue?

sorry for my bad english
User avatar
battye
Site Admin
Site Admin
Posts: 14391
Joined: Sun Jan 11, 2004 8:26 am
Location: Australia
Contact:

Fixed, download 1.3.1 from:

http://www.cmxmods.net/quiz.php
CricketMX.com in 2022: Still the home of bat's, rat's and other farmyard animals!

"OK, life [as you chose to define it] repeats until there are no more lessons to be learned." - nrnoble (June 12, 2005)
"the new forum looks awesome, it's getting bigger & better" - p2p-sharing-rules (11 Jan, 2008)
"Looks like CMX is not only getting bigger...but, also getting better!!" - moongirl (14 Dec, 2007)
Nano
Greenhorn
Greenhorn
Posts: 2
Joined: Mon Jul 23, 2007 8:37 pm

I'm running phpBB 2.0.21 with Cash Mod.. and upgraded from Quiz mod 1.3.0 to 1.3.3 however I still have the problem "Hacking Attempt" when a user submits their answers to a quiz. I've searched all day today for answers to this persisting issue, and frequently I see that 1.3.1 fixed this, however I cannot find where to download 1.3.1, only 1.3.3. Are there instructions in 1.3.1 that are not in 1.3.3 that will help me fix this? As in SQL changes or anything? The included quiz_install and quiz_updater seem to make no changes in SQL tables updating 1.3.0>1.3.3. If the changes are in included files I've uploaded them all... if the changes are in Files to Edit section of instructions I've done those too.. but the problem persists. Any ideas? Everything else works perfectly only the Hacking Attempt when user submits answers /boggle.
User avatar
battye
Site Admin
Site Admin
Posts: 14391
Joined: Sun Jan 11, 2004 8:26 am
Location: Australia
Contact:

v1.3.1: here
v1.3.2: here

and of course, 1.3.3 is available at cmxmods.net :)

Thanks for registering! :)
CricketMX.com in 2022: Still the home of bat's, rat's and other farmyard animals!

"OK, life [as you chose to define it] repeats until there are no more lessons to be learned." - nrnoble (June 12, 2005)
"the new forum looks awesome, it's getting bigger & better" - p2p-sharing-rules (11 Jan, 2008)
"Looks like CMX is not only getting bigger...but, also getting better!!" - moongirl (14 Dec, 2007)
Nano
Greenhorn
Greenhorn
Posts: 2
Joined: Mon Jul 23, 2007 8:37 pm

Ahh thanks for the links and quick reply :) I'll try em out later on this afternoon.
User avatar
battye
Site Admin
Site Admin
Posts: 14391
Joined: Sun Jan 11, 2004 8:26 am
Location: Australia
Contact:

You're welcome :)

Welcome to the forum, feel free to check out our OT Forum :)
CricketMX.com in 2022: Still the home of bat's, rat's and other farmyard animals!

"OK, life [as you chose to define it] repeats until there are no more lessons to be learned." - nrnoble (June 12, 2005)
"the new forum looks awesome, it's getting bigger & better" - p2p-sharing-rules (11 Jan, 2008)
"Looks like CMX is not only getting bigger...but, also getting better!!" - moongirl (14 Dec, 2007)
Post Reply