MannDude

vpsBoard downtime announcement

7 posts in this topic

There was a nasty IPB 0-day released to the wild, as such vpsBoard was taken offline as a precautionary measure. While there is no patch available yet deleting ipsconnect.php should have fixed the issue.

 

I want to thank @Francisco for alerting me of this as it came to his attention very shortly after it was released. IPBoard wasn't even aware the exploit was out there until I had ticketed them to request why they haven't warned their members on their community forums yet.

 

Anyhow, we're back. :)

7 people like this

Share this post


Link to post
Share on other sites

There was a nasty IPB 0-day released to the wild, as such vpsBoard was taken offline as a precautionary measure. While there is no patch available yet deleting ipsconnect.php should have fixed the issue.

 

I want to thank @Francisco for alerting me of this as it came to his attention very shortly after it was released. IPBoard wasn't even aware the exploit was out there until I had ticketed them to request why they haven't warned their members on their community forums yet.

 

Anyhow, we're back. :)

 

What does (did) ipsconnect.php do?

Share this post


Link to post
Share on other sites

ipsconnect allows multiple sites to share one login.  I think you can even federate to other boards.

 

Invision kind of fumbled this response though.  They say:

 

"It has been brought to our attention that certain PHP configurations allow for a potential SQL injection vulnerability. Although this exploit requires some knowledge of your configuration and for certain files to be web-readable, we felt it important to release an update."

 

However, I ran the exploit against my IPB and it injected SQL just fine - no "knowledge" was needed other than the URL.

2 people like this

Share this post


Link to post
Share on other sites

Didn't IP.Board also delete your topic? Perhaps out of concern for hatching an idea as to what/how to fix the issue, though..so in that respect I could understand them. A little.

2 people like this

Share this post


Link to post
Share on other sites

Didn't IP.Board also delete your topic? Perhaps out of concern for hatching an idea as to what/how to fix the issue, though..so in that respect I could understand them. A little.

 

Yeah they did that.

 

Boo MFers.  Waaa don't show the masses our exploited asses.

Share this post


Link to post
Share on other sites

Yeah they did that.

 

Boo MFers.  Waaa don't show the masses our exploited asses.

 

That's a good thing - at least until they work out what's wrong and an appropriate, official fix.

1 person likes this

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now