Search found 489 matches

by Ptirhiik_
Sat Jun 16, 2007 8:39 pm
Forum: General EM Discussion
Topic: EasyMod Security
Replies: 1
Views: 2879

Re: EasyMod Security

Yes, especially with the files saved in easyMOD directories, not protected and world-wild viewable. Also, easyMOD is still a beta api, and it is strongly unrecommended to run beta software live.
by Ptirhiik_
Thu Oct 05, 2006 6:21 pm
Forum: Installing MODs with EasyMOD
Topic: Nightrider
Replies: 37
Views: 13398

Re: Nightrider

(../..)yet to my knowledge That's preciasly your problem: what you don't know you assume, and what you've been clearly informed, you simply ignore because you don't want to hear. This can be sum up in a few words: loose of time for me to discuss with you, and very dangerous advices given by you to ...
by Ptirhiik_
Thu Oct 05, 2006 9:10 am
Forum: Installing MODs with EasyMOD
Topic: Nightrider
Replies: 37
Views: 13398

Re: Nightrider

I've read what you wrote, but I have yet to see anything of any major concern. That's where you are very dangerous for the users you are advicing to run easyMOD on their live environment. Sorry for them you can't - or more exactly don't want - to see this, even if it is so obvious: I simply hope th...
by Ptirhiik_
Thu Oct 05, 2006 1:40 am
Forum: Installing MODs with EasyMOD
Topic: Nightrider
Replies: 37
Views: 13398

Re: Nightrider

Oh my, did I wrote for not being read ? Do you want me to repeat over and over though you don't read, don't want to understand or have not enough basic knowledge ? How could you pretend something is secured though I have given already proof it is not : do you want me to post publicaly all the exploi...
by Ptirhiik_
Wed Oct 04, 2006 7:56 pm
Forum: Installing MODs with EasyMOD
Topic: Nightrider
Replies: 37
Views: 13398

Re: Nightrider

Sorry, but you can not adress them (nor I can): only the easyMOD dev from the MOD team can. The issue I have quoted above is enough for you to understand one of the obvious security breach, and one is enough to make the decision till it is fixed or patched, what is not the case at this very time.
by Ptirhiik_
Wed Oct 04, 2006 1:12 pm
Forum: Installing MODs with EasyMOD
Topic: Nightrider
Replies: 37
Views: 13398

Re: Nightrider

Sorry, but I won't go further publicaly about security issues present in easyMOD. I simply quoted these ones as they are well-known and obvious, in order to make you understand how dangerous is to use easyMOD on live environment, so to make you stop advicing blidnly anybody to use it live: for what ...
by Ptirhiik_
Tue Oct 03, 2006 10:22 pm
Forum: Installing MODs with EasyMOD
Topic: Nightrider
Replies: 37
Views: 13398

Re: Nightrider

This is not this little sample mod which is dangerous, I think you didn't measure where the threat stand. For example, I've been able to check your posting.php, and determines some potential points that could be used to attack your board (mods not upgraded, security patches not applied, and so). If ...
by Ptirhiik_
Mon Oct 02, 2006 11:00 am
Forum: Installing MODs with EasyMOD
Topic: Nightrider
Replies: 37
Views: 13398

Re: Nightrider

Ok Nightrider, as you are so sure easymod is secured, just take this mod: ############################################################## ## MOD Title: security proof ## MOD Author: Ptirhiik < please_use_the_board@clanmckeen.com > (Pierre) http://ptifo.clanmckeen.com ## MOD Description: /!\ DO NOT IN...
by Ptirhiik_
Sun Oct 01, 2006 7:09 pm
Forum: Installing MODs with EasyMOD
Topic: Nightrider
Replies: 37
Views: 13398

Re: Nightrider

If your localhost is not reachable through the web (what is often the case), and if you don't upload the admin/mods/ content, nor the admin/em_includes/ & admin/admin_easymod.php, you should encounter no particular security risks. The only ennoying thing is you will have to redo the sql part of the ...
by Ptirhiik_
Sun Oct 01, 2006 4:38 pm
Forum: Installing MODs with EasyMOD
Topic: Nightrider
Replies: 37
Views: 13398

Re: Nightrider

> Nightrider: what you don't seem to get - or should I say don't want - is that the lines you provide as a "fix" are at least redundant, and in worst case wrong: you are copying many times the same files, what is not desirable at all. Then, you have been repeated a number of times now - by me and by...