1

Topic: security hole on homepage

i found a security hole on this homepage. At least you can download every file from this forum. there are perhaps other files, but i did not test that.

i do not know any possibility to use that. Anyway users should not be able to do that. i will not post it here to avoid any use of that, so perhaps anyone who is responsible for the server could contact me.

2

Re: security hole on homepage

Why should the users not be able to do that?

if($poster["intelligence"] == $intelligence["idiot"])
        deny_post($poster);

3

Re: security hole on homepage

how would you view the page if it doesnt let the browser download it to display it?

4

Re: security hole on homepage

you can download every php source-file. and that is not necessary to display the page. i thought that it could be used somehow.

5

Re: security hole on homepage

yes punbb have some bugz..
google ur helper admin.

i sell the life..

6

Re: security hole on homepage

i don't think its a bug of punbb but a problem with the serverconfigs.

7

Re: security hole on homepage

If you download the website, that is equivalent to viewing the source of a page and copying and pasting it into a text file. The only way to get a php source file is to gain ftp access. Please research before you post.

if($poster["intelligence"] == $intelligence["idiot"])
        deny_post($poster);

8

Re: security hole on homepage

yes, it is only an illusion that i can download this stuff.

there is no server admin who interests this security hole and some people who doesn't believe me whatever i post in this thread. In other threads the developer just don't support people who want to know some details to make programs for teeworlds without modifying the source and of course don't react on some suggestions. Also those people who post so often the nice docs as an reply to everything. a nice part of the community...

so here is the possibility to download PHP-files. just click on it and you download the index.php of the forum:
http://trac.teeworlds.com/forum/index.php

9

Re: security hole on homepage

Roanoke wrote:

If you download the website, that is equivalent to viewing the source of a page and copying and pasting it into a text file. The only way to get a php source file is to gain ftp access. Please research before you post.

I think you should do some research. It's very possible that the webserver is configured to serve phpfiles as plain text instead of running them through the PHP-interpreter. And this seems to be the case here.

10

Re: security hole on homepage

A.) I do not think that possible.
B.) It is not the case, check if you don't believe me.

if($poster["intelligence"] == $intelligence["idiot"])
        deny_post($poster);

11

Re: security hole on homepage

Its easy to make the server serve plain text instead of php. But this one does not.

12

Re: security hole on homepage

Wrongly configured lighttpd. Fixed now.

13

Re: security hole on homepage

Roanoke wrote:

A.) I do not think that possible.
B.) It is not the case, check if you don't believe me.

Think about it, how do you think a webserver works? In Apache for example you need to associate the file extension with the interpreter.

And yes, this server was serving the .php files as plain text when you requested them through the trac vhost, when i clicked the link scosu supplied i could download the index.php file.

14

Re: security hole on homepage

Hm, didn't think about trac. Sorry.

if($poster["intelligence"] == $intelligence["idiot"])
        deny_post($poster);