Text only | Text with Images

TinyPortal

Development => Support => Topic started by: Rav33n on May 24, 2010, 03:26:25 AM

Title: Possibly hacked through tinyportal [fixed]
Post by: Rav33n on May 24, 2010, 03:26:25 AM
Loading my forum gives me the following message:

QuoteYou must visit hxxp://groovu.us.to and complete an offer in order to continue...

Removed the following code from my index.php
Code Select
        // TinyPortal
        TPortal_init();

        // TinyPortal
        TPortal_init();

.. and the message goes away.

I'm on SMF 1.1.11
Tinyportal 1.04b

EDIT: Just read this : http://www.tinyportal.net/index.php?topic=32364.msg262882#msg262882
by this user: http://www.tinyportal.net/index.php?action=profile;u=51115

This is the bug: http://www.tinyportal.net/index.php?topic=32280.0

Temporary fix for this is to delete the last shoutbox post.

I guess I should upgrade to latest build - is there a way I can patch the security bit only since I don't want to upgrade to 1.05b just yet?
Title: Re: Possibly hacked through tinyportal [fixed]
Post by: IchBin on May 24, 2010, 04:50:15 AM
I don't know what it is that bloc fixed. He added something small. If I were you I would run a diff on the TPShout.php in your  version and compare it to the new version. You should be able to see the difference that needs to be made. Heck, if you make a backup, you may even be able to just replace the file. You should of course, do this cautiously. :)
Text only | Text with Images