khashnan / timthumb

Automatically exported from code.google.com/p/timthumb
0 stars 0 forks source link

Code is 'matching a generic PHP injection pattern' #144

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
1. visit www.georgeprior.co.uk/wp
2. click on 'portfolio' or 'blog'
3. page fails to load or occasionally loads, but posts load without thumbnails 
- but there's no obvious error message.

What is the expected output? What do you see instead?
Should see thumbnails, instead you see nothing and whole website stops loading 
after a couple of minutes use and also locks me out of the Wordpress admin and 
FTP access to site and even my host's control panel - causes a crtical error 
basically.

What version of the product are you using? On what operating system?
Version 1.15 I think and n Wordpress 3.0.2

Please provide any additional information below.

My host has looked at the logs and describes the problem as follows:
Pattern match "(?:ogg|gopher|zlib|(?:ht|f)tps?)\\:/" at ARGS:src. [file 
"/etc/modsecurity/10_asl_rules.conf"] [line "199"] [id "340026"] [rev "19"] 
[msg "PHP Injection attempt in URI"] [severity "CRITICAL"] [hostname 
"georgeprior.co.uk"] [uri "/wp/wp-content/themes/DailyNotes/timthumb.php"] 
[unique_id "TSRkEdXlaGYAABND3dwAAAAM"]

It's matching a generic PHP injection pattern which is not good at all. Its 
very unusual for anything to match this and its down to poor scripting.

I'd appreciate any advice/ a fix if possible?

Original issue reported on code.google.com by sncaffa...@gmail.com on 5 Jan 2011 at 7:10

GoogleCodeExporter commented 8 years ago
You should update the script to the latest version and try again. Version 1.15 
is quite old.

Please update and let me know if it still happens.

Original comment by BinaryMoon on 6 Feb 2011 at 10:49

GoogleCodeExporter commented 8 years ago

Original comment by BinaryMoon on 4 Apr 2011 at 8:00