Welcome to Geeklog, Anonymous Friday, March 29 2024 @ 05:08 am EDT

Geeklog Forums

Most stupid security : beaware ! beaware ! do not use GL !


Dirk and Blaine

Anonymous
is = Geeklog

Read the FAQ

do not ever use GL or this stupid forum script and do not even think of paying Blaine for the stupid stuffs full of insecure hazards.
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
So you found a bug in the forum. Congrats. How about reporting it?

And how is a bug in a plugin Geeklog's fault?

bye, Dirk
 Quote

ironmax

Anonymous
This is really puzzling!!!! Why would you say something like this? Whats seems to be the problem with the Forum Plugin? You say nothing other than not to use it without backing up your comment "Not to use this Forum" Are you mad about something that you cannot seem to resolve and perhaps it might be something on your end that is not secured? Lets have some details as to what your complaining about before goin off half-baked.

 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
He managed to post a few empty forum topics - I guess that's what he's referring to (I'm in the process of deleting them, so you may not see them any more).

I fail to see the security aspect either ...

bye, Dirk
 Quote

Status: offline

trinity

Forum User
Regular Poster
Registered: 01/30/05
Posts: 80
looks like the posting timer got him hehe but unfrtunetly his script kept running and dossed the site. hey dirk you get his ip in the logs? i would love to do some snooping

glFusion - Technology Fused with Style - www.gllabs.org
 Quote

Status: offline

Blaine

Forum User
Moderator
Registered: 07/16/02
Posts: 1232
Location:Canada
curious
Not very helpful and one could have just created these empty posts manually. I've not received any emails of anything posted on my site to make we aware of any issue.

The forum has speedlimit protection which is set to use the same number of seconds before allowing another post as stories and comments. It has the SPAMX integration to filter out spam. It also additionally checks for a min number of characters test in the usersname, and post content.

All input variables are filtered to remove javascript or other XSS and SQL injection attacks. Having said that - I can not say nor can anyone say that it is 100% secure or protected from an attack or automated script of some kind. There is always someone coming up with some new method to cause grief.

Without more information which should be sent to myself or Dirk to review and follow-up then it's either just a joke or an idle boast. We have nothing to allow us to investigate.
Geeklog components by PortalParts -- www.portalparts.com
 Quote

Status: offline

thelusiv

Forum User
Junior
Registered: 05/21/04
Posts: 23
Location:Clemson, SC
Beaware ! beaware : Most stupid English usage in parent post! Verbs will be assigned equality to pronouns. are = Skript Kitty.

Blah Blah Blah Blah ...

who could have been the spooky anonymouse poster? OMGROFL IT Was BLAINE AND DIRK AT THE SAME TIME! Obviously they are transdimensional ALIEN geeklog devs. Do not use GL or plugin stuffs or they may eat your pets!
 Quote

Status: offline

ScurvyDawg

Forum User
Full Member
Registered: 11/06/02
Posts: 523
Can you say useless dolt?
 Quote

jollymoon

Anonymous
"transdimensional ALIEN geeklog devs ... eat your pets"

Hey! Rover is m i s s i n g

Here boy, here boy
 Quote

Status: offline

vadertech

Forum User
Full Member
Registered: 05/26/03
Posts: 329
Quote by Dirk and Blaine: is = Geeklog

Read the FAQ

do not ever use GL or this stupid forum script and do not even think of paying Blaine for the stupid stuffs full of insecure hazards.


I've used GL, forum and plenty other of Blaine's scripts for over 2 1/2 yrs. without any problems or security issues.

P.S. This is what the alphabet would look like if Q and R were eliminated. -Mitch Hedberg
GeekLog Hosting, Installations and Upgrades - WWW.AWEHOST.COM - Hosting starts @ only $4.95/mo.
 Quote

Status: offline

samstone

Forum User
Full Member
Registered: 09/29/02
Posts: 820
I have at least ten geeklog sites running for 3+ years and never been hacked, some include Blaine's premium plugins.

The only time I was hacked was when I had phpBB on it.

Obviously he is trying to fool the newcomers. Must be from some competition--another CMS that is not doing well.

Sam

 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
For the record: We found the supposed "security" issue the original poster was talking about. It's not a security issue at all, he only found a way to post empty forum topics.

bye, Dirk
 Quote

Status: offline

beewee

Forum User
Full Member
Registered: 08/05/03
Posts: 969
Location:The Netherlands, where else?
Quote by Dirk: It's not a security issue at all, he only found a way to post empty forum topics.


That guy should find a way to fill his empty day instead of annying people. What a jerk!
Dutch Geeklog sites about camping/hiking:
www.kampeerzaken.nl | www.campersite.nl | www.caravans.nl | www.caravans.net
 Quote

Status: offline

clicktrader

Forum User
Newbie
Registered: 09/09/05
Posts: 12
Location:Virginia
Scurvydog - I can say USELESS DOLT! Laughing Could also say a few others!
... pay it forward ...
 Quote

All times are EDT. The time is now 05:08 am.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content