Jump to content

simpilot

Administrators
  • Posts

    2773
  • Joined

  • Last visited

  • Days Won

    3

Everything posted by simpilot

  1. The exploit is only through the one file within the open chart library, ofc_upload_image.php as far as i have been able to tell. It allows for unfiltered data to be uploaded. I have many sites now running with just that file removed without issue.
  2. SERVER ADMINS - Be sure the server you are running has the Apache symlink patch applied to it. I have found client sites on some outdated servers that have the simple defacement turn into a symlink attack which is now affecting all those that are hosted with them. Justhost and GoDaddy are two that I have found that at least have a couple of servers that are not patched for this type of attack. You can find a decent how to here -> http://whmscripts.net/misc/2013/apache-symlink-security-issue-fixpatch/
  3. I have found an item that I was missing the first time around and am again repairing sites. Be sure to look in the /home directory of your site, generally where your public_html folder is placed. Within it I have found a folder named /img - On some sites that I have found compromised they have been able to use a php.ini command - " disbale_functions=none " and elevate the folder to the home directory create a folder and in it place a file called sql.php - killer.php - f***.php among others which then searches for and downloads any file on the server that is a configuration file. Forums, blogs, phpVMS, anything that has a config file, at that point is open game for them. Everything seems to center around the site -> http://www.sellukaweb.com And the code that is being used once they gain access is by Jayalah Indonesiaku - © 2012 - http://code.google.com/p/b374k-shell - it is basically a file manager not much unlike what is in cPanel. It allows them to delete, add, edit, any file on the server. As far as IP's, I have seen hundreds of different ones from the server logs at the time of attacks, they are using proxy's and spoofing to avoid that connection.
  4. Additonally today I have found files with the names; aboutus.html shipping.html history.html shipment.html faq.html contact.html contanct.html in the root of compromised sites. They have all had advertising redirects and/or iframes in them. Just a reminder that if you find that your site has been compromised to check all files with recent change dates.
  5. The third party Open Flash Chart script that is used within phpVMS has an exploit that has been used recently and often to deface and/or alter sites using the phpVMS software. I have cleaned 11 of my client's sites in the last 36 hours. Although some sites have been obviously defaced with homepages replaced, some have had advertising scripts uploaded to redirect users to various companies. An example of a defacement today -> http://hack-db.com/787962.html The exploit is explained here -> http://www.exploit-d...exploits/10532/ WHAT TO LOOK FOR; if you have a folder in /core/lib/ that is called "tmp-upload-images" your site has been compromised. Inside that folder can be a number of files but the one that gets everything started is .wp-moon.php I have also found these in that folder 1.php e.php er.php tb.php If this folder is present start looking in the root of your site for files possibly called 0zie.html index.html - if you had one previously check the date of the last change, it may have been overwritten agg.html - an advertising script for ugg boots..... cst.html sto.html unc.html What do I do now? Delete the entire folder "tmp-upload-images" and remove any other suspicious files from the root of your site. Review ANY file that you do not recognize or has a last changed date similar to those in the "tmp-upload-images" file. Delete or rename the folder /core/lib/php-ofc-library The script(s) that are being used in this exploit are within this folder. This will cause all of the flash charts on the site to no longer function but all other functionality should remain as it was. NOTE: There is a school of thought that the only file that is being exploited is the "ofc_upload_image.php" file within the "php-ofc-library" folder. You can try to delete just this file and your charts will still function but there may still be a vulnerability and I would watch your directory tree for a while. In all the sites I have cleaned today I have not found any evidence of any database intrusion or data loss. I would still HIGHLY recommend that if you have found any of these items on your site to change all your passwords associated with the site as soon as possible. This includes the database password that phpVMS uses, emails use, and web panel admin access passwords. Nabeel has been made aware of this and is researching a patch at this time. Update 1 - http://forum.phpvms.net/topic/16288-notice-open-flash-chart-exploit/#entry82657 Upadte 2 - http://forum.phpvms....__20#entry82672
  6. I have gone ahead and built a Pilot Rewards (Points) system for phpVMS as it seemed to have cooled off some. You can find a DEMO here -> www.simpilotgroup.com/rewards <- feel free to login and browse the system. Please contact me using email or the contact form on my site if you have other items that you think should be included in the system. I still have a few things to clean up but I should have a release as payware by early this coming week.
  7. Try contacting them on their site, it looks like that is the only place it was ever posted.
  8. You could use phpVMS as your VA system using the manual PIREP submission method. I am not familiar with FlightGear much but if there is an ACARS client for it chances are it could be intergated into phpVMS to record your PIREP's.
  9. I have found this error in the past and it seems to be due to a relative path to the rank image that is included in the signature made by the system when a user registers. Try using a absolute path - ie - http://www.mysite.com/path/to/image instead of a relative path - ie - ./path/to/my/image This has solved the issue on systems I have had the issue with, although I can not say if that is the only issue within a free host environment.
  10. @Vangelis - Are you ok if I merge your extension into the github version? If so, please get me how you would like attribution to be made and I will include it as well.
  11. Need a little more information... Did you make changes to the core system, module, or template? Are your pilots using a different ACARS client, or a different version than prior? Is it all pilots, or just certain ones? Is all the expected data in the ACARS table?
  12. You do not need to do anything with the table for the tour system. In my post I offered to include a hook (or codon event as it is refered to in the docs) to report different actions within the module for you to catch and use as you wish. This would be the prefered method of building the integration as then you are not altering database tables for another module which can create unseen issues within the system. You may want to review the documentation for hooks (events) here -> http://forum.phpvms....-for-events-r28 As far as what I charge for in modules I write, that is up to me. Is this to be released as payware or freeware? If it is to be released as freeware and posted on GitHub I will try to create a listener for you.
  13. I have updated the Plugin Manager module to include the option to download a module from github directly to your site and install it, this is in addition to the original method of uploading a module from your desktop.If you have written a Plugin Manager compatable module that you would like included in the listing of available modules in the Plugin Manager, send me an email at david<at>simpilotgroup<dot>com with the link and I will get it added. The Plugin Manager module has also had recent updates from Jeff Kobus (lorathon) that make the module more adaptable to different file structures. Thank You to Jeff for this additional functionality.The latest version is available on my Github account. If you already have the plugin manager installed you should be able to simply overwrite the old files with the new without issue, but as always, make a backup just in case.
  14. I just pushed an empty skin that I use to my guthub account. You can find it here -> https://github.com/DavidJClark/phpVMS_extended/tree/master/lib/skins
  15. I think he was refering to being able to connect to the tour system and award points to the pilot based on legs flown and/or if the tour completed if I were building the module. Since you are building one at this point it does not make much sense for me to do it as well so if you need a hook built into my tour system for your module to see let me know and I will update it.
  16. Your wesite designer should be able to format the entrance exam templates to your skin. It is no different than templating any other module or default view file. The link to my site to purchase payware modules is in my signature and also the link to my GitHub account is there to download freeware modules.
  17. I have no idea what to answer to -> Great and how I made that template who know? The entrance exam module is $40.00 US You do not need an addon to limit aircraft to pilot ranks, it is built into phpVMS already. I answered the post about a point system in the other thread you started.
  18. I agree that a color itself can not be copyrighted, but a copyright (at least in the USA and Canada) can apply to arrangements of colors into a certain shape. Using your example of BMI, if you take their circular arangement of colors for their logo and put virtual on it you would have a hard time fighting a copyright claim in my opinion. I went through just this with WestJet in 2010.
  19. What part of the Entrance Exam can not customizable? You can create your own exam questions, set the time allowed to take the exam, set the percentage required to pass, set how many questions are on the exam, set how long the person has to wait after a failed exam until taking it again, the templates can be built to your skin just as any other template used in phpVMS........
  20. Not sure what you mean by -> By the flight ranking would be the actual total of point's All my modules can be customized to use your css and template, it is just a matter of editing the template files to be used in your skin, just as any of the default templates used by phpVMS.
  21. <opinion only> Unless you have an agreement in writing, not a verbal ok or casual email, there are no real options. Even using a color scheme from a real world company on a site that resembles what they do can get you shut down. With that said, there are companies that defend their copyrights right down to color choices and the use of their name within a domain name. A few that come to mind are AirTran, WestJet, and EasyJet. There are also some that seem to not be concerned about it or simply are not aware. I have an airline based on a real world counterpart that I use their schedules, fleet structure, and some other things but I do not have their name in the domain and it is not in any of the text on the site and I have not had any issues. </opinion> <fact> Many VA's have been told to shut down and threatened with legal action when logos, colors, and names have been used from real world companies. </fact>
  22. If someone, or all of you, can give me a structure of what would add/subtract points to a pilot "point bank" I would be willing to write this one and make it available as a module in my store. Unless it really got out of control as far as functions and more than just a few show interest in it, I would probably put a cost of $20.00 - $25.00 on it. I am imagining that there will be some automated points functions according to flights, landing rates, most flights in a month, most hours in a month, etc.. and a way for the admin to apply points on a case by case basis. Would the pilot start with a bank of XXX points and go from there, or zero points? Could just make this a config item too. I am also assuming that the items for purchase would be a separate listing from the native downloads. What would be things that could be purchased other than downloads of aircraft, scenery,and such? I see some comments about apparel, this would be fine as far as making an item to purchase with points in the system but building an integration to have it connect to online stores to order and ship the item would be a little beyond what could be done and keep it at a reasonable cost for everyone. I also see a request to purchase ranks, as long as the native auto ranking features are not being used on the site that could work as well.
  23. simpilot

    METAR

    If the METAR is being fed from the Vatsim server it has been down for a few days. I think parts are back up but I know a lot of the data links are still dead.
  24. Maybe look for answers from the mumble site, or an FSX forum....
  25. He will have to look at the structure of the map template and the data that is returned from the vatsim file for ATC and make some changes to allow for ATC data to be shown from what I can tell by quickly going over the files.
×
×
  • Create New...