[geeklog-devel] Forums hack
joe at ThrowingDice.com
Mon May 21 22:29:07 EDT 2007
There's an annoying forum hack plaguing www.geeklog.net. I'm posting
here, rather than directly to Dirk, so Blaine finds out too.
Apparently no filtering is being done on the anonymous author.
Someone figured this out and put a meta-equiv command as their name
to refresh. Of course the whole refresh didn't fit in the database so
you just get an error. But every occurrence of that "name" reloads
the bad url. This includes the "last ten posts" on the home page and
on the forum page, whatever forum contains the bad name causes the
list of forums to reset. Here's the offending line. Thankfully the
refresh was set to "1;".
<a class="tooltip" style="text-decoration:none;"
style="left:50px;"><br>Started by:,<meta http-equiv="refresh"
content="1; URL=www.gre,05/21/07 18:49 PM<br>Views:7, Replies:0<br></span></a>
Dirk, you might want to update the aname field on the topic before
deleting the record. See if there's anything else interesting about
whomever posted this.
Throwing Dice Games
More information about the geeklog-devel