MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > XSS Vulns in memberlist and modcp.
Full Version: XSS Vulns in memberlist and modcp.
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2

[email protected]

2011-12-13, 12:13 AM
(2011-12-13, 12:06 AM)Nathan Malcolm Wrote: [ -> ]Forum URL?

Http://xerostorm.net

Memberlist has been removed as if he does it again he can gain admin access.
Okay, well I got it fixed by replacing all files within the admin folder. Still need to figure out and fix the vuln.

pavemen

2011-12-13, 12:40 AM
(2011-12-12, 11:02 PM)[email protected] Wrote: [ -> ]I bought a forum from someone

sure its not a backdoor the previous owner left?

if the issue is modcp, then the account in question has mod access, otherwise the issue is on all pages. i say this because modcp.php tests for permissions before all but one function specific to that page. everything else prior to the permission check is common to all other pages.

[email protected]

2011-12-13, 12:47 AM
(2011-12-13, 12:40 AM)pavemen Wrote: [ -> ]
(2011-12-12, 11:02 PM)[email protected] Wrote: [ -> ]I bought a forum from someone

sure its not a backdoor the previous owner left?

if the issue is modcp, then the account in question has mod access, otherwise the issue is on all pages. i say this because modcp.php tests for permissions before all but one function specific to that page. everything else prior to the permission check is common to all other pages.

It was hacked before I had even had it, the hacker got admin through memberlist, then defaced that are of modcp. As for the guy that said something about facebook plugins, the previous owner did actually have one, I took that off once I gained ownership.

pavemen

2011-12-13, 12:51 AM
you need to search for users that have "script" in their name. But first disable JS in your browser, so the user search in ACP, then delete the user.

Kaeden

2011-12-13, 01:01 AM
If you have access to your SQL management system you could run a query to find them all.

However, I think you should start with a fresh new copy after you sanitize the database (if that FB plugin is the case).

crazy4cs

2011-12-13, 05:15 AM
Download the full backup including files and folder. Go through each folder checking the files and see if you find any other additional php shells, it'd be likely to be done via shells. The current version doesn't have any XSS or hence multiple sites would be getting hacked.

Also check your templates, go to ACP > Tools & Maintenance > Check templates (on right side) and see if there are any potential harmful template variables.
Pages: 1 2
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > XSS Vulns in memberlist and modcp.