(substr($linkref,0,7) == 'telnet:') || (substr($linkref,0,5) == 'wais: ')) {
return True;
} else {
return False;
}
} // isExternalLink
#################################################
2. /modules/diary/showdiary.php, /modules/diary/showeventlist.php, /modules/gallery/showgallery.php and in the /modules/reviews/showreviews.php script's local document contains
The success attack request has opened register_globals.
showdiary.php document 32-45 lines
--------------------------------
#################################################
global $HTTP_SERVER_VARS;
if ((substr ($HTTP_SERVER_VARS [“PHP_SELF”], - 11) == 'control.php') ||
(substr ($HTTP_SERVER_VARS [“PHP_SELF”], - 10) == 'module.php') ||
(substr ($HTTP_SERVER_VARS [“PHP_SELF”], - 16) == 'showcontents.php')) {
require_once ('. /modules/moduleSec.php');
} else {
require_once ('. /moduleSec.php');
}
$GLOBALS [“ModuleName”] = 'diary';
if (! isset ($GLOBALS [“gsLanguage”])) {Header (“Location: \
“. $GLOBALS [“rootdp”]. “module.php? link=”. $GLOBALS [“modules_home”]. $GLOBALS [“ModuleRef”] \
. “/showdiary.php”); } include_once \
($GLOBALS [“language_home”]. $GLOBALS [“gsLanguage”].”/lang_admin.php "); include_once \
($GLOBALS [“language_home”]. $GLOBALS [“gsLanguage”].”/lang_main.php ");
#################################################
/modules/moduleSec.php script uses in inspecting contains the attempt.
#################################################
function moduleExternalLink ($linkref)
{
if ($linkref! = '') {
if ((substr($linkref,0,5) == 'http:') || \
(substr($linkref,0,6) == 'https:') ||
(substr($linkref,0,5) == 'file:') || \
(substr($linkref,0,4) == 'ftp:') ||
(substr($linkref,0,7) == 'gopher:') || \
(substr($linkref,0,7) == 'mailto:') ||
(substr($linkref,0,5) == 'news:') || \
Other pages: : <<Prev * 1 * 2 * 3 * 4 * 5 * 6 * Next>>
|
You are here: hacking technology
> System crack
> Content
Category: Home
> System crack