Previous Thread
Next Thread
Print Thread
Hop To
Joined: Nov 2021
Posts: 28
Likes: 1
I
Newbie
OP Offline
Newbie
I
Joined: Nov 2021
Posts: 28
Likes: 1
Greetings . . .

The support folks over at Ipower have taken our web-presence down because of a Phishing attack that apparently originated from our site. The details can be found over at Netcraft:
https://incident.netcraft.com/685581256719/redirect_graph.html

Based on the URL it appears to involve changepfrefs.inc.php. I was just out in the filesystem. None of the php files have been touched since our upgrade back in February. So the codebase doesn’t appear to have been compromised.

Please advise on (if you can) on how to stop the offending redirects. Ipower will not put our site back online until we can assure them that this is fixed.

Regards,
Keith
Tech Services Admin,
Inliners International

Joined: Jul 2006
Posts: 114
Likes: 2
P
Member
Offline
Member
P
Joined: Jul 2006
Posts: 114
Likes: 2
A quick workaround for this issue

Open /ubb/scripts/changeprefs.inc.php in an editor and replace the following line near at the end:
Code
header("Location: $curl");

with:
Code
	if( substr( $curl, 0, 2 ) == "//" ) {
	    header("Location: $curl");
	}

This will add an additional check for the curl parameter

Last edited by Philipp; 08/25/2022 12:45 PM. Reason: Updated code with better solution
1 member likes this: InlinersAdmin
Joined: Nov 2021
Posts: 28
Likes: 1
I
Newbie
OP Offline
Newbie
I
Joined: Nov 2021
Posts: 28
Likes: 1
Thanks for the quick turn on a patch/fix. Working with Ipower technicians to get us back online.

Joined: Jun 2006
Posts: 16,186
Likes: 102
UBB.threads Developer
Offline
UBB.threads Developer
Joined: Jun 2006
Posts: 16,186
Likes: 102
Tentative for v8 we've actually rejiggered the library /libs/html.inc.php


Prior:
Code
		// If they aren't logged in, or just logged out, give them the proper message
		if ((empty($user['USER_DISPLAY_NAME']) || !$userob->is_logged_in) || ($bypass)) {
			$sfu = "";
			if ($config['SEARCH_FRIENDLY_URLS'] == "1") {
				$sfu = "?";
			} else {
				$sfu = "&";
			}
			$ocurl = urlencode(get_current_url());
			$welcome = "<a href=\"" . make_ubb_url("ubb=login", "", true) . "$sfu" . "ocu=$ocurl\" rel=\"nofollow\"><i class=\"fas fa-sign-in-alt fa-fw\" aria-hidden=\"true\"></i> {$ubbt_lang['BUTT_LOGIN']}</a>";
		} else {
			$welcome = "{$user['USER_DISPLAY_NAME']}";
		}


New:
Code
		// If they aren't logged in, or just logged out, give them the proper message
		if ((empty($user['USER_DISPLAY_NAME']) || !$userob->is_logged_in) || ($bypass)) {
			if ($ubb != "login" && $ubb != "start_page" && $ubb != "logout") {
				$sfu = "";
				if ($config['SEARCH_FRIENDLY_URLS'] == "1") {
					$sfu = "?";
				} else {
					$sfu = "&";
				}
				$ocurl = $sfu . "ocu=" . urlencode(get_current_url());
			}
			$welcome = "<a href=\"" . make_ubb_url("ubb=login", "", true) . $ocurl . "\" rel=\"nofollow\"><i class=\"fas fa-sign-in-alt fa-fw\" aria-hidden=\"true\"></i> {$ubbt_lang['BUTT_LOGIN']}</a>";
		} else {
			$welcome = "{$user['USER_DISPLAY_NAME']}";
		}


I am a Web Development Contractor, I do not work for UBBCentral. I have provided free User to User Support since the beginning of these support forums.
Do you need Forum Install or Upgrade Services?
Forums: A Gardeners Forum, Scouters World
UBB.threads: UBBWiki, UBB Styles, UBB.Sitemaps
Longtime Supporter & Resident Post-A-Holic
VNC Web Services: Code Modifications, Upgrades, Styling, Coding Services, Disaster Recovery, and more!

Link Copied to Clipboard
ShoutChat
Comment Guidelines: Do post respectful and insightful comments. Don't flame, hate, spam.
Recent Topics
"forum introduction body" - Where is this stored.
by mmem700 - 09/24/2022 10:58 AM
Google Search Console mobile usability issue
by cegadm - 09/11/2022 4:36 PM
10 images attached - only one displayed
by Baldeagle - 09/06/2022 6:01 PM
Help! Broken UBB
by JPFolks - 06/27/2022 3:43 PM
Who's Online Now
1 members (Ruben), 83 guests, and 68 robots.
Key: Admin, Global Mod, Mod
Random Gallery Image
Latest Gallery Images
Los Angeles
Los Angeles
by isaac, August 6
3D Creations
3D Creations
by JAISP, December 30
Artistic structures
Artistic structures
by isaac, August 29
Stones
Stones
by isaac, August 19
Powered by UBB.threads™ PHP Forum Software 7.7.5