RegisterRegister    SearchSearch   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

AJAX upload progress bar
File sharing script
File mirror script
Newsletter script
Hacked or Bug?

 
Post new topic   Reply to topic    SibSoft Ltd Forum Index -> XFileSharing Free
View previous topic :: View next topic  
Author Message
Jing



Joined: 15 Mar 2008
Posts: 6
PostPosted: Mar 19, 2008 10:20 pm    Post subject: Hacked or Bug? Reply with quote
I recently received uploads from ip address 127.0.0.1. And that's quite impossible because that's the local ip address of the server. So I'm wondering if there is a bug or is there an exploit for the script?

Here's a screenshot.



Thanks!
Back to top
View user's profile Send private message
PilgrimX182



Joined: 22 Mar 2006
Posts: 2109
Location: UFO Lab
PostPosted: Mar 20, 2008 8:30 am    Post subject: Reply with quote
Don't think it's a hack. We use HTTP_X_FORWARDED_FOR header to get IP if available (allow to get ip behind the proxy) - I guess this dude just use local proxy on his computer.

If you would like to use standard method you can find in Session.pm
Code:
return $ENV{HTTP_X_FORWARDED_FOR} || $ENV{REMOTE_ADDR};

and replace with
Code:
return $ENV{REMOTE_ADDR};
Back to top
View user's profile Send private message Visit poster's website
Jing



Joined: 15 Mar 2008
Posts: 6
PostPosted: Mar 21, 2008 2:51 am    Post subject: Reply with quote
Oh thanks. It got me worried for a while. Smile
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    SibSoft Ltd Forum Index -> XFileSharing Free All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Powered by phpBB © 2001, 2005 phpBB Group