How to configure a Secure Linux Forum (II) with phpBB2 (1)

Ii. Clear Security Vulnerabilities and upgrade Forum Versions
1. php
BB2.0.11 Security Vulnerability Analysis and Removal Methods:
PhpBB2 is a forum written in php scripting language. A serious vulnerability in versions earlier than 2.0.11 is that viewtopic. php allows remote command execution. Viewtopic. php is a script file in the phpBB2 forum for viewing the post content. Attackers can run any code on the service. Net-Worm.Perl.Santy.a is a worm that uses perl script code to write a virus, through the phpBB2 vulnerability remote execution of system commands invade into the host, once the invasion is successful and get running, began to send a request to google, search for hosts that can be intruded. If you use phpBB2 earlier than 2.0.11, you need to clear the worm.
(1) steps to clear viruses:
Open the viewtopic. php file and add a line before the following code:

$topic_id = $post_id = false;if ( isset($HTTP_GET_VARS[POST_TOPIC_URL]) ){$topic_id = intval($HTTP_GET_VARS[POST_TOPIC_URL]);}else if ( isset($HTTP_GET_VARS['topic']) ){$topic_id = intval($HTTP_GET_VARS['topic']);}

In addition, the following code is added to the viewtopic. php file:

$join_sql_table = ( !isset($post_id) ) ? '' : ", " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2 ";$join_sql = ( !isset($post_id) ) ? "t.topic_id = $topic_id" : "p.post_id = $post_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= $post_id";$count_sql = ( !isset($post_id) ) ? '' : ", COUNT(p2.post_id) AS prev_posts";$order_sql = ( !isset($post_id) ) ? '' : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments ORDER BY p.post_id ASC";

Replace:

$join_sql_table = ( empty($post_id) ) ? '' : ", " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2 ";$join_sql = ( empty($post_id) ) ? "t.topic_id = $topic_id" : "p.post_id = $post_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= $post_id";$count_sql = ( empty($post_id) ) ? '' : ", COUNT(p2.post_id) AS prev_posts";$order_sql = ( empty($post_id) ) ? '' : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments ORDER BY p.post_id ASC";

Click "start"-"Search"-"file or folder", enter "m1h020f" in the file name, and delete all files. So far, no variants have been updated for this worm. We have achieved great control.
2. phpBB2.0.12 security vulnerability analysis and solution:
PhpBB 2.0.12 has two security vulnerabilities, one of which is very serious. This vulnerability allows any user to obtain management permissions. Another vulnerability may cause server path leakage. The first vulnerability exists in schemdes/sessions. in the PHP file, there is a problem with the type and comparison operations of the $ sessiondata ['autologinid'] variable. Remote attackers can forge special variable values and use operations to determine the user's validity to always return true results, in this way, any user can successfully authenticate as an administrator without knowing the password. The second vulnerability is in the viewtopic. php file. Due to insufficient message filtering, path leakage is possible. Remote attackers can exploit this vulnerability to obtain management permissions. Solution: Upgrade the version to 2.0.14.
Steps:
1. Database Backup:
PhpBB2 can back up its own data. Click "normal management"-"database tool management: Backup"-"select overall backup option" on the forum administrator control panel of phpBB2 ", you can complete the overall backup of Forum data, as shown in figure-4.

Figure-4 data backup for the phpBB2 Forum
The backup file is phpbb_db_backup. SQL. It can be seen that it is an SQL file.