Logician
Thu 9th Jan '03, 5:25pm
Hey there,
I'm really surprised this hasn't been discovered before since it's an important bug. It should have already been exploited by malicious users too but since the bug still exists in v.2.2.9, I assume, I'm the first to report:
All 2.x.x versions have a bug in register.php and member.php which allows any user to easily bypass banned emails. For example if you banned "yahoo.com" domain in banning options, by exploiting this bug member can still register using a "yahoo.com" address. One of my users did and this is how I discovered the bug.
Bypassing is easy: [EDIT: On the second thought, I removed this section. Devs can easily understand the problem when checking the code and the fix and rest do not need to understand how it's passed. Fix is provided in my post and it should be enough.. Logician]
The fix is easy either:
In register.php, find: if ($enablebanning and $banemail!="" ) {
BEFORE that add:
// Bug Fix: Can pass banned address bug
$email = trim($email);
// Bug Fix: Can pass banned address bug
In member.php find: if (!$allowkeepbannedemail or $bbuserinfo[email]!=$email) {
AFTER that add:
// Bug Fix: Can pass banned address bug
$email = trim($email);
// Bug Fix: Can pass banned address bug
IMO this is an important bug so I strongly suggest applying the fix especially if you have banned emails or mail domains.
Speaking of the important bugs, I want to stress the importance of closing this bug forum to unlicenced users' view once more which I suggested here (http://www.vbulletin.com/forum/showthread.php?threadid=61434). Allowing everybody to read posts like these really endangers the security of our boards. The posts like these should be really for only board admins' eye, not for a pissed off/banned member who is sneaking around this forum to catch a bug which he can exploit to get his revenge from the Admin.. My 2 cents again..
Regards,
Logician
Ps. My title choice is intentional. I didn't want to get attention to this thread with a title like "Banned users can bypass the ban" for obvious reasons.
I'm really surprised this hasn't been discovered before since it's an important bug. It should have already been exploited by malicious users too but since the bug still exists in v.2.2.9, I assume, I'm the first to report:
All 2.x.x versions have a bug in register.php and member.php which allows any user to easily bypass banned emails. For example if you banned "yahoo.com" domain in banning options, by exploiting this bug member can still register using a "yahoo.com" address. One of my users did and this is how I discovered the bug.
Bypassing is easy: [EDIT: On the second thought, I removed this section. Devs can easily understand the problem when checking the code and the fix and rest do not need to understand how it's passed. Fix is provided in my post and it should be enough.. Logician]
The fix is easy either:
In register.php, find: if ($enablebanning and $banemail!="" ) {
BEFORE that add:
// Bug Fix: Can pass banned address bug
$email = trim($email);
// Bug Fix: Can pass banned address bug
In member.php find: if (!$allowkeepbannedemail or $bbuserinfo[email]!=$email) {
AFTER that add:
// Bug Fix: Can pass banned address bug
$email = trim($email);
// Bug Fix: Can pass banned address bug
IMO this is an important bug so I strongly suggest applying the fix especially if you have banned emails or mail domains.
Speaking of the important bugs, I want to stress the importance of closing this bug forum to unlicenced users' view once more which I suggested here (http://www.vbulletin.com/forum/showthread.php?threadid=61434). Allowing everybody to read posts like these really endangers the security of our boards. The posts like these should be really for only board admins' eye, not for a pissed off/banned member who is sneaking around this forum to catch a bug which he can exploit to get his revenge from the Admin.. My 2 cents again..
Regards,
Logician
Ps. My title choice is intentional. I didn't want to get attention to this thread with a title like "Banned users can bypass the ban" for obvious reasons.