Title: Feature Requests
rivereye - December 11, 2006 02:19 AM (GMT)
Things you would like to see in Rivereye CMS? Post about it here.
xlibman - December 11, 2006 02:40 AM (GMT)
make sure to make it secure first before adding features ;)
elfprince13 - December 11, 2006 03:04 AM (GMT)
'tis quite secure at the moment from what Ive tested.
xlibman - December 11, 2006 03:19 AM (GMT)
yeah usually this is when there is features being added that we need to be more careful
rivereye - December 11, 2006 01:38 PM (GMT)
yeah, please, whenever something gets added, test the security of it.
xlibman - December 11, 2006 01:43 PM (GMT)
how would u do that tho? o.o sorry but i don't know really how to hack :wacko: (j/k but you get the idea :D )
rivereye - December 11, 2006 04:11 PM (GMT)
yeah, that is something I should learn on how to do also. Maybe elfprince13 can go through the stuff he does for us so A. I can fight it early, and B. I can test it also, as can more of us.
KermMartian - December 11, 2006 05:52 PM (GMT)
I'll do the standard Type 0/1/2 XSS, SQLI, etc testing on it for you.
xlibman - December 12, 2006 02:10 PM (GMT)
elfprince13 - December 13, 2006 04:32 AM (GMT)
kk,
here's the routine:
JSI (pretty much impossible with the setup I explained to rivereye)
SQLI (pretty much impossible assuming he cleans properly--riv: I gave you my cleaning function right?)
XSS: pretty much impossible with what he has now, this will be the biggy to keep an eye on.
KermMartian - December 13, 2006 03:11 PM (GMT)
| QUOTE (xlibman @ 12 Dec, 2006, 9:10) |
| wtf is that kerm? :gah: |
XSS = Cross-Site Scripting
SQLI = [My]SQL Injection
JSI = Javascript Injection
xlibman - December 13, 2006 03:37 PM (GMT)
| QUOTE (KermMartian @ 13 Dec, 2006, 10:11) |
| QUOTE (xlibman @ 12 Dec, 2006, 9:10) | | wtf is that kerm? :gah: |
XSS = Cross-Site Scripting
SQLI = [My]SQL Injection
JSI = Javascript Injection
|
wtf is that kerm? :gah:
rivereye - December 13, 2006 09:49 PM (GMT)
elf, I don't think I have that stuff from you. Also, you are more than free to look at the source (and if any one else wants it, things could probably worked out in some way or another).
KermMartian - December 14, 2006 07:41 PM (GMT)
| QUOTE (xlibman @ 13 Dec, 2006, 10:37) |
| QUOTE (KermMartian @ 13 Dec, 2006, 10:11) | | QUOTE (xlibman @ 12 Dec, 2006, 9:10) | | wtf is that kerm? :gah: |
XSS = Cross-Site Scripting
SQLI = [My]SQL Injection
JSI = Javascript Injection
|
wtf is that kerm? :gah:
|
It makes bad stuff happen to the server and database. :)
elfprince13 - December 15, 2006 12:39 AM (GMT)
| QUOTE (KermMartian @ 14 Dec, 2006, 14:41) |
| QUOTE (xlibman @ 13 Dec, 2006, 10:37) | | QUOTE (KermMartian @ 13 Dec, 2006, 10:11) | | QUOTE (xlibman @ 12 Dec, 2006, 9:10) | | wtf is that kerm? :gah: |
XSS = Cross-Site Scripting
SQLI = [My]SQL Injection
JSI = Javascript Injection
|
wtf is that kerm? :gah:
|
It makes bad stuff happen to the server and database. :)
|
here's a summary of some general hacking techniques (without instructions...primarily for website defacements, but remote code execution can be a problem as well):
XSS allows hackers to insert their own code into a webpage, this comes in a huge variety of forms, forums, and any sort of messaging system tends to be vulnerable.
SQL injections allows hackers to manipulate the database at will and occasionally even execute arbitrary code on the server.
Javascript Injections are typically used for cookie stealing in conjunction with XSS, or for escalation of permissions.
other bad things that can happen:
using upload forms to overwrite files.
using download forms to view sourcecode that shouldn't be viewed.
----------------------
@rivereye: here's the code you need that will remove the risk of SQL injections entirely, you should also call strip_tags() on any data that there is any chance of ever being displayed.
| CODE |
// mysql_query() wrapper. takes two arguments. first
// is the query with '?' placeholders in it. second argument
// is an array containing the values to substitute in place
// of the placeholders (in order, of course).
// Pass NULL constant in array to get unquoted word NULL
function mysql_prepare ($query, $phs = array()) {
foreach ($phs as $ph) {
if ( isset($ph) ) {
$ph = "'" . mysql_real_escape_string($ph) . "'";
} else {
$ph = "NULL";
}
$query = substr_replace(
$query, $ph, strpos($query, '?'), 1
);
}
return mysql_query($query);
} |
using improperly permissioned upload forms to upload and run bad programs.
using poison null bytes and pipes to execute arbitrary code via Perl.
using other means along with Server parsed HTML files to execute arbitrary code.
using improper permissions to upload or delete server side files (via HTTPs PUT and DELETE commands).
rivereye - April 21, 2007 02:44 PM (GMT)
ok, I have come up with an idea for some stuff to help with bots. First of all, if there is a bot post, there could be a hidden bot trash bin (like our bot forum here), and then in the ACP, a way to search and delete masses of posts/topics by a user. Comments?
Super Speler - April 21, 2007 10:07 PM (GMT)
That sounds good, remember keep it extremely functional, but also very straitfoward and organized when you start adding advance features.
bfr - April 21, 2007 11:10 PM (GMT)
I guess that's a good idea. Your forum system is already pretty good though, maybe some more eye candy, smileys, and UBBC code? Or are you holding those off for the far future and maybe just focusing on improving what is already there?
rivereye - April 22, 2007 02:00 AM (GMT)
there is BBCode now (does anyone read the updates?)
