MyBB Hacks

MyBB Hacks > Miscellaneous > Intrusion Detection System
Full Version: Intrusion Detection System
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2

techu

11-01-2010, 11:49 PM
Today in a thread Ryan Gordan wrote:
Quote:It was our Intrusion Detection System giving false positives. It should allow you to post it now.


If anyone knows,  what is this??
Is it a feature in mybb or is it unique for mybb.com?

RateU

11-02-2010, 04:27 AM
I think it is a "special" feature for the site, related to the rule in Requests/Services/Jobs forum.

MattR

11-02-2010, 04:48 AM
It's nothing to do with the rules in that forum, it's a general security feature for the site.

RateU

11-02-2010, 04:58 AM
Ah... I thought it has a relationship with the rules for advertiser there.
Ah yes, I think the" error" comes from the reply of PM.

ZiNgA BuRgA

11-02-2010, 12:06 PM
I believe it's a special plugin installed only on that forum to try to make attacks against it more difficult.
Ultimately, how successful it is does depend on the exploit an attacker is using and how creative they are at coding around the filters (if necessary at all).

I think it's based off PHPIDS: http://php-ids.org/

techu

11-02-2010, 12:19 PM
(11-02-2010 12:06 PM)ZiNgA BuRgA Wrote: [ -> ]I believe it's a special plugin installed only on that forum to try to make attacks against it more difficult.
Ultimately, how successful it is does depend on the exploit an attacker is using and how creative they are at coding around the filters (if necessary at all).

I think it's based off PHPIDS: http://php-ids.org/

So do your think php-ids.org actually works??

ZiNgA BuRgA

11-02-2010, 12:51 PM
Of course it does.
Probably not a good idea to rely on it however.

1master1

11-02-2010, 05:52 PM
yeah, its bad to rely on them as they block some of the basic php functionalities. i had installed injection scanner and it is working fine but not allowing members to perform some basic functionalites on the site.

mainly it is interferring with the RSS feed poster but working fine when who ever tries to run/injection commands to deface the site, it will actively refuse them.

trialnick

11-07-2010, 02:28 AM
Quote:but not allowing members to perform some basic functionalites on the site.

injection scanner is fine, I used that too. If it doesn't allow some fuctions you can simply filtered them out. In the list of exploits , some codes are missing as the list is made in 2007.

I use googleseo, and unistalled injection scanner; so I modified htaccess file -putting there many exploit codes (so far I've  mainly for sql , xss and javascript inj.), I used bulletproof + my queries (like|rlike etc)

hope it helps Jap

MasterZuFu

01-03-2011, 10:19 AM
Sorry to revive an old thread.

I'd like to see if it's possible for someone to make a plugin with this web software? It'd be really nice to have to say the least.
Pages: 1 2
MyBB Hacks > Miscellaneous > Intrusion Detection System
Reference URL's