Snitz Forums 2000 - (v3.4.03) Security Related BUG+FIX: password.asp

Snitz Forums 2000

Username:	Password:
Save Password
Forgot your Password?

All Forums

Snitz Forums 2000 DEV-Group

DEV Bug Reports (Closed)

(v3.4.03) Security Related BUG+FIX: password.asp

Forum Locked

Topic Locked

Printer Friendly

Author

Topic

RichardKinser
Snitz Forums Admin

USA
16655 Posts

Posted - 16 June 2003 : 17:54:33

password.asp

around line #85 find the following:

elseif Request.Form("pwkey") <> "" and Request.Form("mode") = "UpdateIt" then
	key = chkString(Request.Form("pwkey"),"SQLString")

	'###Forum_SQL
	strSql = "SELECT M_PWKEY, MEMBER_ID, M_NAME, M_EMAIL "
	strSql = strSql & " FROM " & strMemberTablePrefix & "MEMBERS "
	strSql = strSql & " WHERE M_PWKEY = '" & key & "'"

replace the red highlighted line of code with this:

	strSql = strSql & " WHERE MEMBER_ID = " & cLng(Request.Form("MEMBER_ID"))
	strSql = strSql & " AND M_PWKEY = '" & key & "'"

around line #117 find the following:

		if Err_Msg = "" then
			strEncodedPassword = sha256("" & Request.Form("Password"))
			pwkey = ""

			'Update the user's password
			strSql = "UPDATE " & strMemberTablePrefix & "MEMBERS "
			strSql = strSql & " SET M_PASSWORD = '" & chkString(strEncodedPassword,"SQLString") & "'"
			strSql = strSql & ", M_PWKEY = '" & chkString(pwkey,"SQLString") & "'"
			strSql = strSql & " WHERE MEMBER_ID = " & cLng(Request.Form("MEMBER_ID"))

replace the red highlighted line of code with this:

			strSql = strSql & " WHERE MEMBER_ID = " & cLng(Request.Form("MEMBER_ID"))
			strSql = strSql & " AND M_PWKEY = '" & key & "'"

HuwR
Forum Admin

United Kingdom
20584 Posts

Posted - 16 June 2003 : 18:57:36

~~Will this stop it ? surely tey can just spoof the Request.Form("MEMBER_ID") as well~~

forget that, misread the second part

rasure
Junior Member

289 Posts

Posted - 18 August 2003 : 02:25:04

Hi, after applying this update, I get this message when trying to use the forgot password feature...

Your password key did not match!

Your password key did not match the one that we have in our database.
Please try submitting your UserName and E-mail Address again by clicking the Forgot your Password? link from the Main page of this forum. If this problem persists, please contact the Administrator of the forums.

Psychic & Spiritual Development Resources

HuwR
Forum Admin

United Kingdom
20584 Posts

Posted - 18 August 2003 : 04:53:35

try redoing your code, I am sure you are not the first person to try this since June, so we would presumably have found out by now if it caused a problem.

rasure
Junior Member

289 Posts

Posted - 18 August 2003 : 08:48:23

Not sure why that happened, I re downloaded the original snitz code and applied the update to password.asp in that one and all working ok now, thanks, sorry for the trouble

Psychic & Spiritual Development Resources

tinem
Junior Member

Denmark
209 Posts

Posted - 19 August 2003 : 07:35:47

I haven't made any bugfixes yet for 3.4.03 but have been told that this on is the most important but I can't see any explanation about what this do so how do I know if I have made the changes the right way?
And is there any other bugfixes that is of importance before I make my forum public?

This account was hacked by that very honest guy, Image. Better take care with your personal data, if you register to his forums or he will hack into your account here, as well.

wii
Free ASP Hosts Moderator

Denmark
2632 Posts

Posted - 19 August 2003 : 15:03:24

tinem, just edit your file according to the first post in this topic, it will work!

RichardKinser
Snitz Forums Admin

USA
16655 Posts

Posted - 05 September 2003 : 19:36:14

fixed in v3.4.04

Topic

Forum Locked

Topic Locked

Printer Friendly

Jump To:

Snitz Forums 2000

This page was generated in 0.08 seconds.