(ask) cara patch website yg ada bugnya

[Mr.ping]

om2 semua, ane mau tanya gmn cara ngepatch website yg ada bugnya???

[tian hv]

kasih link dong om ntah pic..
klo gini ya mana bisa omz..

[Mr.ping]

(05-09-2011 04:42 PM)tian hv Wrote:  kasih link dong om ntah pic..
klo gini ya mana bisa omz..

misalnya ini om, bug CMS balitbang

Code:

http://www.sman2sekayu.sch.id/editor/filemanager/connectors/test.html

[KataM]

(05-09-2011 04:47 PM)Mr.ping Wrote:  

(05-09-2011 04:42 PM)tian hv Wrote:  kasih link dong om ntah pic..
klo gini ya mana bisa omz..

misalnya ini om, bug CMS balitbang

Code:

http://www.sman2sekayu.sch.id/editor/filemanager/connectors/test.html

ane rasa ,, ente harus belajar PHP,,

[eidelweiss]

(05-09-2011 04:47 PM)Mr.ping Wrote:  

(05-09-2011 04:42 PM)tian hv Wrote:  kasih link dong om ntah pic..
klo gini ya mana bisa omz..

misalnya ini om, bug CMS balitbang

Code:

http://www.sman2sekayu.sch.id/editor/filemanager/connectors/test.html

CMS balitbang bug nya pada fckeditor bisa di liat di sini om:

VULN CMS BALITBANG

yaitu remote file upload (shell upload or etc)

patch:

salah satu cara ngepatch nya dari saya..
pada configuration di fckeditor nya..

Code:

/editor/filemanager/connectors/php/config.php

global $Config ;

// SECURITY: You must explicitly enable this "connector". (Set it to "true").
// WARNING: don't just set "$Config['Enabled'] = true ;", you must be sure that only
//      authenticated users can access this file or use some kind of session checking.
$Config['Enabled'] = true ; // <= 1

---

// Path to user files relative to the document root.
$Config['UserFilesPath'] = 'http://localhost/webtemp/userfiles/' ;  // <= here is the path of attacker file or shell backdoor will be placed.

// following setting enabled.
$Config['ForceSingleExtension'] = true ;    // <= 2

ubah menjadi "false"

[Mr.ping]

(05-09-2011 04:53 PM)KataM Wrote:  

(05-09-2011 04:47 PM)Mr.ping Wrote:  

(05-09-2011 04:42 PM)tian hv Wrote:  kasih link dong om ntah pic..
klo gini ya mana bisa omz..

misalnya ini om, bug CMS balitbang

Code:

http://www.sman2sekayu.sch.id/editor/filemanager/connectors/test.html

ane rasa ,, ente harus belajar PHP,,

iya om pengennya sih gitu, mudah2an bisa

(05-09-2011 04:59 PM)eidelweiss Wrote:  

(05-09-2011 04:47 PM)Mr.ping Wrote:  

(05-09-2011 04:42 PM)tian hv Wrote:  kasih link dong om ntah pic..
klo gini ya mana bisa omz..

misalnya ini om, bug CMS balitbang

Code:

http://www.sman2sekayu.sch.id/editor/filemanager/connectors/test.html

CMS balitbang bug nya pada fckeditor bisa di liat di sini om:

VULN CMS BALITBANG

yaitu remote file upload (shell upload or etc)

patch:

salah satu cara ngepatch nya dari saya..
pada configuration di fckeditor nya..

Code:

/editor/filemanager/connectors/php/config.php

global $Config ;

// SECURITY: You must explicitly enable this "connector". (Set it to "true").
// WARNING: don't just set "$Config['Enabled'] = true ;", you must be sure that only
//      authenticated users can access this file or use some kind of session checking.
$Config['Enabled'] = true ; // <= 1

---

// Path to user files relative to the document root.
$Config['UserFilesPath'] = 'http://localhost/webtemp/userfiles/' ;  // <= here is the path of attacker file or shell backdoor will be placed.

// following setting enabled.
$Config['ForceSingleExtension'] = true ;    // <= 2

ubah menjadi "false"

makasih om pencerahannya

[dewancc]

(05-09-2011 04:59 PM)eidelweiss Wrote:  

(05-09-2011 04:47 PM)Mr.ping Wrote:  

(05-09-2011 04:42 PM)tian hv Wrote:  kasih link dong om ntah pic..
klo gini ya mana bisa omz..

misalnya ini om, bug CMS balitbang

Code:

http://www.sman2sekayu.sch.id/editor/filemanager/connectors/test.html

CMS balitbang bug nya pada fckeditor bisa di liat di sini om:

VULN CMS BALITBANG

yaitu remote file upload (shell upload or etc)

patch:

salah satu cara ngepatch nya dari saya..
pada configuration di fckeditor nya..

Code:

/editor/filemanager/connectors/php/config.php

global $Config ;

// SECURITY: You must explicitly enable this "connector". (Set it to "true").
// WARNING: don't just set "$Config['Enabled'] = true ;", you must be sure that only
//      authenticated users can access this file or use some kind of session checking.
$Config['Enabled'] = true ; // <= 1

---

// Path to user files relative to the document root.
$Config['UserFilesPath'] = 'http://localhost/webtemp/userfiles/' ;  // <= here is the path of attacker file or shell backdoor will be placed.

// following setting enabled.
$Config['ForceSingleExtension'] = true ;    // <= 2

ubah menjadi "false"

Thanks bang...
*solusi lngsung dari pentestnya