Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
[PersianHacker.NET 200502-05] WWWoard passwd
From: Andrew guess (cybercop38yahoo.com.au)
Date: Tue Feb 08 2005 - 06:44:54 CST
I know how this hole works and where it hits, also I have found a fix for it, so start applying or end up dieing....lmao
This is an example of the source code for the forum script:
Line 126:''''''''''End Add '''''''''''''''''''''
Line 128:hostInfo = Dns.GetHostByAddress(clientIp)
Line 130:if IsDBNull(hostInfo) then
and here is the fix:
[SocketException (0x2afc): The requested name is valid, but no data of the requested type was found]
System.Net.Dns.GetHostByAddress(IPAddress address) +264
System.Net.Dns.GetHostByAddress(String address) +54
ASP.WriteDeny_aspx.__Render__control1(HtmlTextWriter __output, Control parameterContainer) in D:\Inetpub\wwwroot\ProcessDeny\WriteDeny.aspx:128
System.Web.UI.Control.RenderChildren(HtmlTextWriter writer) +27
System.Web.UI.Control.Render(HtmlTextWriter writer) +7
System.Web.UI.Control.RenderControl(HtmlTextWriter writer) +243
What this does is denys access to the link (script) your trying to get into, meaning this one is passwd.txt via the wwwboard.
you will need to create a /processdeny script which ain't that hard, but I may be wrong just look into it.