Help Center Live Community
July 24, 2014, 03:33:55 PM *
Welcome, Guest. Please login or register.

Login with username, password and session length
   Home   Help Search Login Register  
Pages: [1]   Go Down
Author Topic: bug in permissions - vulnerability  (Read 4537 times)
Not too much to say...
Offline Offline

Posts: 4

« on: March 19, 2008, 08:28:36 PM »


im trying to understand how to protected my hcl ap against users that know hcl.

i dont need to be logged to upload a file with sucess....

if i try to go direct to this urls.

or (here its possible to upload files without be logged)

or (here the display aparently shows the last conversation trasncrption)

what can i do fix this permissions bugs Huh


« Last Edit: March 19, 2008, 09:26:39 PM by alaor » Logged
Not too much to say...
Offline Offline

Posts: 12

« Reply #1 on: March 23, 2008, 07:08:58 PM »

This is a serious question that needs a fix. Our server just got hacked and they uploaded files and files filling up the disk. This shut down websites. I don't know if it was from the bug that alaor cited that is responsible for the hack.

Meanwhile, we disable this by removing the <form... name="upload" ...> elments in the templates (template/Bliss directory),
« Last Edit: March 23, 2008, 07:24:23 PM by blitzen » Logged
Not too much to say...
Offline Offline

Posts: 10

« Reply #2 on: March 24, 2008, 09:34:23 AM »

You know what, I noticed this also, and for me.. Im finding that HCL is just not right for what I want.
This is a terrible bug, and the fact that I cant even get HCL to work on a normal install just stops me from wanting to trying fixing it anymore. I'm sure a lot of other users are not having as much trouble as I am so for them HCL can be great, unfortunately I'm uninstalling it and looking for something else.
Not too much to say...
Offline Offline

Posts: 4

« Reply #3 on: March 24, 2008, 03:16:16 PM »

blitzen.. i will try do disable upload functions too, but this is not the only problem in my opinion.

i dont know if i was a to much freak about security stuff, but this bug permit anyone to list all users in hcl system...

and for me this is not good thing.... all we know, common users are not good to create and use strong passwords....

so if i was tryng to hacking something after discover all users name, i can try to break passwords from users and loged in like a real operator... this is make me really apreensive...

think about it... someone log in your system and talk with yout customers like a real operator ?!!!!!! Huh

but i?m will not quit hcl totally... its a good tool but needs to be repared.... so until we had some response from hcl dev team about this bug i suggest you to check crafty syntax testing this tool yet, but it appears a little more robust about security things....

that is it people... sorry about my poor english...


Not too much to say...
Offline Offline

Posts: 4

« Reply #4 on: March 26, 2008, 06:57:37 PM »

ok. im tryng to fix this @#$@ing bug....

im not php expert, i prefere .net/java...

but with some help i create one include that maybe fix this problem...

so here we go...

1-  with some help i create in class folder one file called valida.php with following code

//special thanks to lfcosta that helps me to understant a little bit php

if(!isset($_SESSION['hcl_username']) || $_SESSION['hcl_username'] == ""){
   header("Location: /root/mysite/hcl/admin/login.php");

2- so how i say i?m not expert in php... so this code can be ajusted... the objetive of this code is just to check one more time, if exist something in variable username ... so if exist we presume the user is logged....

3- then we put this  include in the end of all files located in hcl/live/chat folder


   // do events that need to be done at the end of the file

// lets check if exist some user logged with our new include

thats is it...

4 - now when user not logged try to acess direclty the files located in hcl/live/chat folder he was redirected to login page

aparently dont affect anything in system. but solve the problem...... if someone have a better solution please tell me here

thanks and good luck

Pages: [1]   Go Up
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.8 | SMF © 2006-2008, Simple Machines LLC Valid XHTML 1.0! Valid CSS!
Page created in 0.185 seconds with 19 queries.

Google visited last this page July 18, 2014, 11:16:19 AM