Preventing myBB Avatar To IP Address Exploit 10-07-2013, 07:28 AM
#1
This tutorial is a kind of prevention against : http://www.hackcommunity.com/Thread-Tuto...nd-Members
In the former exploiting tutorial, I'd explained how to get the IP addresses of myBB(and probably some CMS scripts too) websites protected by cloudflare through the avatar.
Now, here's a simple and extremely effective way of preventing users from doing this.
What we do is basically, instead of pinging the image url with the website's server, where the original IP address is found out, we ping it with a proxy server. PHP curl helps us with this. All we need to do is, instead of a simple surl session, use a proxy enabled curl session.
To do this, we need to change some codes in the inc/functions.php of myBB.
In the file, we need to look for this sample of code :
Within that function, there's an if block that looks like this :
Here's where we need to enable proxy.
So, we change it to :
Here, instead of "127.0.0.1", just insert your proxy server IP and instead of "8080", insert, the port of your proxy server you're using.
This technique may make things a bit slower, but a swift proxy server can help out a lot.
List of proxy servers can be found here : http://www.proxynova.com/
In the former exploiting tutorial, I'd explained how to get the IP addresses of myBB(and probably some CMS scripts too) websites protected by cloudflare through the avatar.
Now, here's a simple and extremely effective way of preventing users from doing this.
What we do is basically, instead of pinging the image url with the website's server, where the original IP address is found out, we ping it with a proxy server. PHP curl helps us with this. All we need to do is, instead of a simple surl session, use a proxy enabled curl session.
To do this, we need to change some codes in the inc/functions.php of myBB.
In the file, we need to look for this sample of code :
Code:
function fetch_remote_file($url, $post_data=array())Within that function, there's an if block that looks like this :
Code:
if(function_exists("curl_init"))
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);Here's where we need to enable proxy.
So, we change it to :
Code:
if(function_exists("curl_init"))
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1");
curl_setopt($ch, CURLOPT_PROXYPORT, "8080");
curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);Here, instead of "127.0.0.1", just insert your proxy server IP and instead of "8080", insert, the port of your proxy server you're using.
This technique may make things a bit slower, but a swift proxy server can help out a lot.
List of proxy servers can be found here : http://www.proxynova.com/
![[Image: 2YpkRjy.png]](http://i.imgur.com/2YpkRjy.png)
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)