Hi, I am the administrator for a site running the commercial version of UBB, the problem exists there as well. The faulty code is in ubb_library.pl: if ($ThreadFile =~ /\d\d\.[m|n|ubb|cgi]/) { I don't actually know the original line number, as we hacked up our copy to use MD5 password hashes versus clear-text and added many new logging/security features to curb abuse. Since all of the modifications to the code were paid for by my client, I may not be able to release them to the public... -HD "Sergei A. Golubchik" wrote: > > Hello. > Browsing some site, I found that their forums were based not on home- > made scripts, but rather commercial software product. Hey, said I to > myself, remember those story about pcweek hack ? They use commercial > package photoads. Let's look what that Ultimate Bulletin Board by > Infopop is. > > I grabbed freeware version from http://www.ultimatebb.com and > after 10-minutes grepping found those lines: > > ubb_library.pl:901-902 > if ($ThreadFile =~ /\d\d\d\d\d\d\.ubb/) { > open (MESSAGE, "$ForumsPath/Forum$number/$ThreadFile"); > > (notice? not /^\d\d\d\d\d\d\.ubb$/. What did the author think about while > writing it ? Girls ?) > > And the $ThreadFile takes its value directly from the hidden (hmm!) > field `topic'.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:34:46 PDT