XAMMP 1.7.3 - TextArea Link Inyection

Problems with the Windows version of XAMPP, questions, comments, and anything related.

XAMMP 1.7.3 - TextArea Link Inyection

Postby luisurbina_ve » 03. August 2010 22:41

Hello
I have several days breaking my head trying to resolve this, the situation is as follows:
in my computer with Windows 7, I installed 1.7.3 XAMMP.
Wordpress 3.0 download httpdocs / mysite /
Configuring Wordpress I realize that many of the screens that contain textareas, at the end of each listed links to various pages that have nothing to do with wordpress. ok,
the culprit is wordpress and delete it, start doing my project in Dreamweaver, everything perfect until I start to make my contact form. placed in a textarea, and appear again the blessed link to other pages !!!!.

I go to my website on linux, I installed wordpress from the same link apachefriends and everything works great.

The problem is my installation of XAMMP. I think one with VMWare virtual machine with Windows 2003, do a clean install of XAMMP, copy my FTP script I run my test WebSite and reappear TextArea links in my form again ...

my pages are in PHP.

the XAMMP 1.7.3 seems to have a security hole, as I can fix it??
Thanks
luisurbina_ve
 
Posts: 12
Joined: 08. September 2009 03:06

Re: XAMMP 1.7.3 - TextArea Link Inyection

Postby JonB » 04. August 2010 02:03

the 'flaw' is likely self-induced.

Where did you install xammp?

:roll:

WAFM
User avatar
JonB
AF Moderator
 
Posts: 3210
Joined: 12. April 2010 16:41
Location: Land of the Blazing Sun
Operating System: Windows XP/7 - Fedora 15 1.7.7

Re: XAMMP 1.7.3 - TextArea Link Inyection

Postby luisurbina_ve » 04. August 2010 03:00

I has installed Windows 7 Ultimate, with 4Mb Ram, in AMD Phenom II X4 940, I've 2 HardDrives
Disk one with two partitions, C:\ windows with 120Gb, E\Users with 200Gb,
Disk two with one partition, D:\ with 500Gb for all my proyects.
XAMMP is installed in D:\xammp

Thanks
luisurbina_ve
 
Posts: 12
Joined: 08. September 2009 03:06

Re: XAMMP 1.7.3 - TextArea Link Inyection

Postby JonB » 04. August 2010 14:13

I cannot understand what you mean here?
I think one with VMWare virtual machine with Windows 2003, do a clean install of XAMMP, copy my FTP script I run my test WebSite and reappear TextArea links in my form again ...


Are you trying to tell us you copied a running XAMPP environment into a clean install?

:?:
User avatar
JonB
AF Moderator
 
Posts: 3210
Joined: 12. April 2010 16:41
Location: Land of the Blazing Sun
Operating System: Windows XP/7 - Fedora 15 1.7.7

Re: XAMMP 1.7.3 - TextArea Link Inyection

Postby luisurbina_ve » 04. August 2010 15:47

Hi when I said:

Yes JonB,

The problem is my XAMMP's installed. I think one with VMWare virtual machine with Windows 2003, do a clean install of XAMMP, copy my FTP script I run my test WebSite and reappear TextArea links in my form again ...


I thought the problem was my system and why I made a VMWare virtual machine to rule that could be a virus on my computer, so I did a clean install to make sure everything was fine, but appeared to prove my page hidden links again.

thanks JonB
luisurbina_ve
 
Posts: 12
Joined: 08. September 2009 03:06

Re: XAMMP 1.7.3 - TextArea Link Inyection

Postby JonB » 04. August 2010 19:19

As far as I can tell, no one else seems to have this problem (myself included).

One thing that might be useful is to know what those "magical url's" are - perhaps one or two would suffice. Could you post and example (use the Code tag so they are not parsed and Search Engines won't index) Also what browser you are using? - maybe try it with a different one.

Beyond this, there are a few possibilities:

First and foremost - did you run the XAMPP installer as administrator?

Second - A PHP related problem caused by an unknown PHP dll error or a php.ini error. Turn on PHP error logging - it is NOT on in XAMPP by default. I would not 'tweak' or import entries into the php.ini until you solve the issue.

Third - The actual XAMPP dowmload installer file was/is corrupt.
Test: Do an MD5 Checksum.
Solution: fresh download.

Fourth - The NTFS Filesystem is corrupt - low chance if the first is not true. but still worth checking.

Fifth - Closely related to this is the possibility of a memory related issue. This could be in the form of a physical problem with memory or a logical problem.

Run the Windows Memory Scanner

Possible Logical issue - are you running the 64bit version of Windows?

My most immediate impression is that you have a memory related - like a buffer overflow or code that does not load right. (why I am thinking about corruption) and running 32 bit apps on a 64 bit OS - all lead to memory glitches.

Good luck
:roll:
User avatar
JonB
AF Moderator
 
Posts: 3210
Joined: 12. April 2010 16:41
Location: Land of the Blazing Sun
Operating System: Windows XP/7 - Fedora 15 1.7.7

Re: XAMMP 1.7.3 - TextArea Link Inyection

Postby luisurbina_ve » 04. August 2010 23:25

well, JonB
Wow now if I'm concerned ...
I have installed on my computer Windows 7 32bit, my processor is able to work to 32 or 64 bits, as far as I know!.
I suggest, make a clean installation of Windows 7 x64??, If so then get to work.
proved and see what happens

Best regards
luisurbina_ve
 
Posts: 12
Joined: 08. September 2009 03:06

Re: XAMMP 1.7.3 - TextArea Link Inyection

Postby JonB » 04. August 2010 23:39

No - Other way around my friend - the problem would only happen with a 64bit OS trying to execute a 32 bit application, so probably no need to re-install the OS. 32 bit applcations/OS's just can't use the expanded CPU registers and memory space avaiable on 64 bit machines.

What's the deal on the URL's - still showing up?

have you double-checked the XAMMP download you installed with?

Do you have a clean php.ini?

:?:
User avatar
JonB
AF Moderator
 
Posts: 3210
Joined: 12. April 2010 16:41
Location: Land of the Blazing Sun
Operating System: Windows XP/7 - Fedora 15 1.7.7

Re: XAMMP 1.7.3 - TextArea Link Inyection

Postby luisurbina_ve » 05. August 2010 03:15

JonB,
Notice that it appears that the problem is on my computer, then install Windows on my laptop and download the 7 x64 XAMMP of www.apachefriends.org / en / xampp.html, install it, I try my site and it worked perfectly.

Now, how do I resolve the problem on my computer, without having to install everything again???, At least for now??

The URL that hasbeen injected in my form TextArea field are "<a href=http://www.scriptline.net/ >open source community script</a>",
In Wordpress the links are " <a href=http://parts.avtoprom.ua/ >авторазборка</a>", "
<a href=http://www.scriptline.net/ >social network plattform</a>", "
<a href=http://www.ddl.name/ >recover deleted pictures</a>", etc.

Every link appears in every textarea in every option inside wordpress, as you know wordpress is configured in entire web enviroment and very option is saved in a MySQL DB

What do you think?...

Thanks
luisurbina_ve
 
Posts: 12
Joined: 08. September 2009 03:06

Re: XAMMP 1.7.3 - TextArea Link Inyection

Postby JonB » 05. August 2010 04:31

It does 'sound like' an SQL injection attack on Wordpress, did you have the Wordpress site on the internet with Commenting enabled or no password on root in MySQL??

I'm not expert enough on Wordpress to guess where stuff like that might be tucked away. But you could search the WordPress tables with phpMyAdmin.

But you seem to still have the problem with a non-WordPress text area, right? Do you have other PHP scripts installed? Installing a PHP script would likely give it enough rights to change things.

If you have the problem when WordPress is not running, its likely related to PHP or your browser.

Did you test with a different browser? If that fixes the problem, re-install your original browser. If its IE = MS has got a way to set the browser back to its defaults.

I don't have any other really brilliant ideas right now. :(

sorry
User avatar
JonB
AF Moderator
 
Posts: 3210
Joined: 12. April 2010 16:41
Location: Land of the Blazing Sun
Operating System: Windows XP/7 - Fedora 15 1.7.7

Re: XAMMP 1.7.3 - TextArea Link Inyection

Postby luisurbina_ve » 05. August 2010 13:43

Hi JonB

I'll aswer your questions

It does 'sound like' an SQL injection attack on Wordpress, did you have the Wordpress site on the internet with Commenting enabled or no password on root in MySQL??


No, I don't have a site on Internet know, I'm building my site right know. I've a root password for MySQL and XAMMP!!!.

But you seem to still have the problem with a non-WordPress text area, right?


Yes, I thought to my site using wordpress, but when I saw the links injected into the fields to customize wordpress, was when I decided to make my site in php by myself. Now when I get to make my form, I use a textarea for comments, I see the links listed injected again.

Ok, I am decided to reformat my computer and change windows 7 x32 to x64, so I can also mount the additional 4Gb that I have in there.

Did you test with a different browser? If that fixes the problem, re-install your original browser. If its IE = MS has got a way to set the browser back to its defaults.


Yes, I probe with Chrom and don't injected any link, with IE and Firefox and Inject the FKing links :x I reinstall Firefox again and it do the same.

I probe making a clean installation on a laptop Intel Core 2 duo, 2Gb Ram, installing Windows 7 x64 (originally come with Windows Vista), downloaded XAMMP from Apachefriend's site and copy my site from a pendrive into httpdocs folder and works fine. :D

I think that ones of the problem is when I downloaded some free themes for wordpress, that be corrupted with a some php code, that made crazy a php interpreter of the XAMMP instaled. (remember that the problem is with my desktop computer a AMD Phenom II X4 920, 4Gb ram and W7 x32.)

Ok, but in a future, How I could be safe for this???, How can implement some security to keep safe a XAMMP Instalation???, because in Ubuntu, Any can Read/Write without admin or root privilegies, but in windows if I logged and my account I've admin privilegies... :idea: May be posible?, In my account put with normal user privilegies and made another account with admin privilegies to prevent any changes without autorization????, what do you tihink?, maybe I'm thinking out loud!

Thanks
luisurbina_ve
 
Posts: 12
Joined: 08. September 2009 03:06


Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 125 guests