The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

insecure phpBB scripts

Discussion in 'General Discussion' started by jroes, May 8, 2005.

  1. jroes

    jroes Member

    Joined:
    Feb 9, 2005
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Insecure phpBB scripts wreak havoc on the servers I administer, allowing users to upload malicious scripts and in general cause trouble. I am currently working to implement a solution to keeping all phpBB installations on a webserver up to date, in order to prevent attacks.

    I have written a python script that finds all old viewtopic.php scripts so far. More will come soon.

    I just wanted to post my progress here for two reasons:
    1) Share something that might be useful to others
    2) Find out if I'm reinventing the wheel

    I intend to find a way to automatically update each script encountered that is old using the patch method, however, some installations are almost certainly further back than 1 version.

    Any comments, suggestions, whatever are appreciated.

    Code:
    # phpBBscan.py: looks for old phpBB installations
    # author: jroes@sosdg.org
    # this is public domain - do whatever you want with it
    
    import os
    import string
    
    # 2.0.15
    latest_phpbb = "Id.*1\\.186\\.2\\.41"
    # 2.0.14
    # latest_phpbb = "Id.*1\\.186\\.2\\.40"
    
    # get the list of viewtopic.phps
    filenames = os.popen("slocate viewtopic.php")
    
    nobody_uid = int(os.popen("grep nobody /etc/passwd").read().split(":")[2])
    nobody_gid = int(os.popen("grep nobody /etc/passwd").read().split(":")[3])
    os.setgid(nobody_gid) # need to be nobody group too
    os.setuid(nobody_uid) # we are now nobody
    
    for filename in filenames:
            filename = filename[:-1] # remove newline from filename
            parentdir = filename.split("/")[:-1]
            parentdir = "/".join(parentdir)
            print "Found possible phpBB install at", repr(filename) + ", checking if accessible...",
            if not os.access(parentdir, os.X_OK): # we can't get to the parent directory
                    print "parent directory not accessible."
            elif not os.access(filename, os.R_OK):
                    print "file not accessible."
            else:
                    print "accessible; checking for latest version...",
                    found = os.popen("grep " + latest_phpbb + " " + filename)
                    if not found.read(): # we didn't find the correct version
                            print "INSECURE!"
                    else:
                            print "latest version"
    
     

Share This Page