The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

phpBB Upgrade - Server Wide - WHM Global Upgrade Needed!

Discussion in 'General Discussion' started by peterquast, Dec 14, 2004.

  1. peterquast

    peterquast Member

    Joined:
    Apr 19, 2002
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    1
    phpBB Upgrade - Server Wide - WHM Global Upgrade Needed!

    Ok, we have hundred accounts on a server, they ALL use phpBB...

    The OLD version that they are ALL using is NOT SECURE...

    If each client logs into their Control Panel, they will be prompted to CLICK A BUTTON to upgrade...

    WHAT we need is a function in WHM to UPGRADE ALL of them with one touch of button PLEASE :)

    Otherwise, my server is NOT SECURE until every single client goes and upgrades each board.

    HELP!!! :)
     
  2. jester.ro

    jester.ro Well-Known Member
    PartnerNOC

    Joined:
    Feb 6, 2004
    Messages:
    304
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Bucharest, Romania
    cPanel Access Level:
    DataCenter Provider
    But there is such a thing.

    It's called "addon script manager"
    Last link in the left frame of WHM

    But you have to have a new version of cpanel/WHM
    Latest STABLE has it
     
  3. easyhoster1

    easyhoster1 Well-Known Member

    Joined:
    Sep 25, 2003
    Messages:
    659
    Likes Received:
    0
    Trophy Points:
    16
    Still 404 on FREEBSD users??
     
  4. peterquast

    peterquast Member

    Joined:
    Apr 19, 2002
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    1
    i dont see it :)

    Here is what i am using, and i dont see that link ? :)

    WHM 9.9.8 cPanel 9.9.8-E142
    RedHat 9 i686 - WHM X v3.1.
     
  5. peterquast

    peterquast Member

    Joined:
    Apr 19, 2002
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    1
    sorry, ignore :)

    Sorry, ignore me :)

    Thanks for the heads up on that function... i really appreciate it.
     
  6. easyhoster1

    easyhoster1 Well-Known Member

    Joined:
    Sep 25, 2003
    Messages:
    659
    Likes Received:
    0
    Trophy Points:
    16

    Did you install the script in addon moduels?

    Name: addonupdates
    Author: cPanel Inc.
    Installed Version: 0.2
    Version: 0.2
    Description: Addon Script Manager/Updater !!BETA!!
    Price: free
     
  7. Dillard

    Dillard Well-Known Member

    Joined:
    Feb 26, 2003
    Messages:
    114
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    The Netherlands
    As it seems here we can't get this to work on FreeBSD (page not found) :(
     
  8. Stobe

    Stobe Member

    Joined:
    Sep 26, 2003
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    I've got the latest version of Cpanel installed, and I used the addon update script. But it only found 2 installations of phpbb (which I know is way off) when I click on f"Find Installations".

    Any ideas why?

    When I log into cpanel on a domain that has a phpbb installed, it will only allow me to "Click here to update to 2.0.8"

    ??

    Thanks,
    Stobe
     
  9. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    Not sure why its not showing any more users if they've installed it via cpanel. But what worries me more is that it says "Click here to upgrade to 2.0.8" when that version is vulnerable. Are you using a 3rd party installer ? Or do you have the option to install and keep updated phpBB via "addon scripts" under the cpanel menu heading in WHM ? If not, you will need to rely on whatever 3rd party you are using to get the updated scripts and perhaps provide you with a means for mass updating.

    Perhaps you might just need a good old /scripts/upcp ?
     
  10. fusioncroc

    fusioncroc Well-Known Member

    Joined:
    Sep 28, 2004
    Messages:
    261
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    U.K.
    if your planning on fixing the recent worm exploit just do the following commands

    mkdir phpbb
    cd phpbb
    pico wormfix.pl
    ---------------- paste this code --------------------------------
    #!/bin/sh
    for i in `locate viewtopic.php`
    do
    if grep "htmlspecialchars(urldecode" $i > /dev/null; then
    echo $i >> vulnerable_phpbbs
    /usr/bin/replace 'trim(htmlspecialchars(urldecode($HTTP_GET_VARS['highlight']))));' 'trim(htmlspecialchars($HTTP_GET_VARS['highlight'])));' -- $i
    fi
    done
    ----------------------------------------------------------------------
    then do perl wormfix.pl

    and it will fix the exploit that makes the worm work
    also if you upgrade to php 4.3.10 and have wget chmod'ed to 750 and run mod security
    then you will have a extra layer of security

    btw i've ran this script on 5 servers and another host has used the script to fix 15 servers +
    but use it at your own risk
     
  11. cyon

    cyon Well-Known Member
    PartnerNOC

    Joined:
    Jan 15, 2003
    Messages:
    320
    Likes Received:
    0
    Trophy Points:
    16
    Thank you very much!!
    I run it and it seems to work fine.
    But if there is a foldername with a whitespace in it this error occurs:

    grep: /home/username/public_html/folderwith: No such file or directory
    grep: whitespace/board/viewtopic.php: No such file or directory
     
    #11 cyon, Dec 22, 2004
    Last edited: Dec 22, 2004
  12. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    Hrm.. im not much of a programmer ( not at all actually )

    But, and i can't guarantee this won't do something evil or if it will work at all, however the $i in:
    Code:
    /usr/bin/replace 'trim(htmlspecialchars(urldecode($HTTP_GET_VARS['highlight']))));' 'trim(htmlspecialchars($HTTP_GET_VARS['highlight'])));' -- $i
    You might be able to rap it in ""'s so it looks like:
    Code:
    /usr/bin/replace 'trim(htmlspecialchars(urldecode($HTTP_GET_VARS['highlight']))));' 'trim(htmlspecialchars($HTTP_GET_VARS['highlight'])));' -- "$i"
    Darn those windows ppl and their white spaces!! :D
     
  13. dezignguy

    dezignguy Well-Known Member

    Joined:
    Sep 26, 2004
    Messages:
    534
    Likes Received:
    0
    Trophy Points:
    16
    FYI, That wasn't the only vulnerability fixed in phpbb 2.0.11, so while your fix might fix this worm going around now... your phpbb installs will still be vulnerable to several other possible exploits. Phpbb says it's highly recommended to just update completely to 2.0.11.
     
  14. Dillard

    Dillard Well-Known Member

    Joined:
    Feb 26, 2003
    Messages:
    114
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    The Netherlands
    We know, but since the update script doesn't work and I have tens of installations on some servers this is a nice shortcut to disable the worm.

    BTW. For FreeBSD I modified the script to this:

    Code:
    schubert# cat wormfix.pl
    #!/bin/sh
    for i in `find /home -name viewtopic.php`
    do
    if grep "htmlspecialchars(urldecode" $i > /dev/null; then
    echo $i >> vulnerable_phpbbs
    /usr/local/bin/replace 'trim(htmlspecialchars(urldecode($HTTP_GET_VARS['highlight']))));' 'trim(htmlspecialchars($HTTP_GET_VARS['highlight'])));' -- $i
    fi
    done
    
    
     
  15. premsai

    premsai Member

    Joined:
    Oct 21, 2003
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    india
    Hi fusioncroc, thank you for the script .. but it seems to have some issues with escape characters. I have made neccessory modifications.

    U may try this..
    ++++++++++++
    #!/bin/sh
    for i in `locate viewtopic.php`
    do
    if grep "htmlspecialchars(urldecode" $i > /dev/null; then
    echo $i >> vulnerable_phpbbs
    /bin/cp -p $i $i.bak.dec-`date +%d`
    replace "trim(htmlspecialchars(urldecode(\$HTTP_GET_VARS\['highlight'\]))));" "trim(htmlspecialchars(\$HTTP_GET_VARS['highlight'])));" -- $i
    fi
    rm -f /tmp/*bot* /tmp/*ssh* /tmp/*wow* /tmp/*.txt*

    ##Changing the permissions of /usr/bin/wget. This may block fantastico upgrades.
    chmod 700 /usr/bin/wget
    done
    ++++++++++++
    :) N'joy
     
  16. darksoul

    darksoul Active Member

    Joined:
    Feb 20, 2003
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    6
  17. kosmo

    kosmo Well-Known Member

    Joined:
    Aug 12, 2001
    Messages:
    403
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    All over Europe
    premsai,

    since Fantastico De Luxe 2.8.2 r7, you can use a renamed version of wget for Fantastico. If you have an older version: chmod "wget" back to 755 and update Fantastico. Then:

    whereis wget
    ## (usually /usr/bin/wget)
    cp /usr/bin/wget /usr/bin/something_long_and_strange_enough_here
    chmod 700 /usr/bin/wget
    chmod 755 /usr/bin/something_long_and_strange_enough_here

    Now go to Fantastico admin -> Settings and enter the full path to the renamed wget, i.e.: /usr/bin/something_long_and_strange_enough_here

    use something like "o41jprw86gq00cm1" for "something_long_and_strange_enough_here" (and DON'T USE THE EXAMPLES!!!)

    We have seen an increase of attacks of every possible form using "wget", the above is highly recommended in order to make your server more secure.

    kosmo
     
  18. zye

    zye Well-Known Member

    Joined:
    Dec 6, 2002
    Messages:
    96
    Likes Received:
    1
    Trophy Points:
    8
    thx premsai for the script - woked like a charm

    i had 2 server compromised :-(((

    now everything is back to naormal

    greetz
    zye
     
  19. timdorr

    timdorr Well-Known Member
    PartnerNOC

    Joined:
    Jul 9, 2002
    Messages:
    93
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Atlanta, GA
    I highly suggest blocking outgoing IRC connections. You can add it to an iptables firewall with this command:

    iptables -A OUTPUT -p TCP -s 0/0 --destination-port 6667 -j REJECT

    Port 6665 is also popular, so I would add an additional rule for that, as well.
     
Loading...

Share This Page