1. Halo Guest, pastikan Anda selalu menaati peraturan forum sebelum mengirimkan post atau thread baru.

warning buat yg pake timthumb

Discussion in 'Chit Chat' started by teguhaditya, Aug 17, 2012.

  1. teguhaditya

    teguhaditya Super Hero

    Joined:
    Jan 23, 2008
    Messages:
    7,503
    Likes Received:
    1,418
    Location:
    _ ▂ ▃ ▅ ▆ █
    buat yg pake timthumb dengan source imagenya external, hati-hati ya.
    belakangan ini makin marak hacker memanfaatkan celah thimthumb untuk menyusup ke blog kita.
     
    teguhaditya, Aug 17, 2012
    #1
  2. sathreea

    sathreea Super Hero

    Joined:
    Jun 13, 2011
    Messages:
    7,720
    Likes Received:
    1,001
    Location:
    Purwokerto, Jawa Tengah, Indonesia
    maksud dari "source imagenya external" itu apa ya ? apa yg kolom untuk upload gitu ? ntar di upload shell injection ? :pusing:
     
    sathreea, Aug 17, 2012
    #2
  3. aliasnawi

    aliasnawi Super Hero

    Joined:
    Apr 17, 2010
    Messages:
    3,334
    Likes Received:
    128
    Location:
    aliasnawi.com
    itu khan bugs lama om
     
    aliasnawi, Aug 17, 2012
    #3
  4. ArekOseng

    ArekOseng Hero

    Joined:
    Dec 10, 2011
    Messages:
    730
    Likes Received:
    994
    Location:
    Malang
    Iya nih, ane udah pernah jadi korban gara2 pake external image source thimbthumb semua artikel jd bahas viagra... heheheheTp kayknya bugs lama dewh itu...
     
    ArekOseng, Aug 17, 2012
    #4
  5. North Star

    North Star Ads.id Fan

    Joined:
    Jan 11, 2012
    Messages:
    161
    Likes Received:
    279
    Bugs Lama OM, versi terbaru setelah Update udah di Fix kok
     
    North Star, Aug 17, 2012
    #5
  6. olala

    olala Ads.id Fan

    Joined:
    Oct 29, 2010
    Messages:
    215
    Likes Received:
    10
    Location:
    Bumi Pertiwi
    yang di script timthumbnya itu om
    Code:
    $allowedSites = array (
    'flickr.com',
    'picasa.com',
    'blogger.com',
    'wordpress.com',
    'img.youtube.com',
    'upload.wikimedia.org',
    'photobucket.com',
);
    udah setahun yang lalu kan ya ditemukannya, bulan agustus juga kalau gak salah
     
    olala, Aug 17, 2012
    #6
  7. suksesjitu

    suksesjitu Super Hero

    Joined:
    Feb 6, 2010
    Messages:
    3,813
    Likes Received:
    81
    Waduh apa lagi ini timtum :pusing:
     
    suksesjitu, Aug 17, 2012
    #7
  8. ORANG

    ORANG Banned

    Joined:
    Apr 18, 2012
    Messages:
    1,021
    Likes Received:
    125
    bug lama emang masi bisa gan?
     
    ORANG, Aug 17, 2012
    #8
  9. Faddas

    Faddas Super Hero

    Joined:
    Jun 1, 2011
    Messages:
    1,204
    Likes Received:
    74
    Location:
    Surabaya
    Menyimak, ane gak tau soal timtum2-an... tapi ane sering pake theme yang ada timtumnya.
     
    Faddas, Aug 17, 2012
    #9
  10. teguhaditya

    teguhaditya Super Hero

    Joined:
    Jan 23, 2008
    Messages:
    7,503
    Likes Received:
    1,418
    Location:
    _ ▂ ▃ ▅ ▆ █
    disarankan yang pake timthumb segera replace dengan yang baru

    Code:
    http://timthumb.googlecode.com/svn/trunk/timthumb.php
     
    teguhaditya, Aug 17, 2012
    #10
  11. aditiapurba

    aditiapurba Hero

    Joined:
    Jun 7, 2012
    Messages:
    588
    Likes Received:
    16
    apa iya bugs lama? nanti bugs baru :D
     
    aditiapurba, Aug 17, 2012
    #11
  12. North Star

    North Star Ads.id Fan

    Joined:
    Jan 11, 2012
    Messages:
    161
    Likes Received:
    279
    udah pernah di bahas di sini om
    HTML:
    http://www.adsense-id.com/forums/showthread.php/88270-TimThumb-Rawan-Hacker-Zero-Day-Exploit!!?highlight=timthumb
     
    North Star, Aug 17, 2012
    #12
  13. Udeh Nans

    Udeh Nans Super Hero

    Joined:
    Jun 14, 2010
    Messages:
    1,676
    Likes Received:
    279
    Location:
    Pemalang - Depok
    untung ane simpen di server sendiri heheheh... mudah2an aman ah :semangat!:
     
    Udeh Nans, Aug 17, 2012
    #13
  14. user_name

    user_name Super Hero

    Joined:
    Nov 15, 2009
    Messages:
    1,024
    Likes Received:
    46
    Location:
    banda aceh
    Mungkin bisa pake bantuan plugin TAC buat sekedar jaga2 :D

    hddddp://wordpress.org/extend/plugins/tac/
     
    user_name, Aug 17, 2012
    #14
  15. L1Na3

    L1Na3 Banned

    Joined:
    Apr 2, 2012
    Messages:
    733
    Likes Received:
    66
    Location:
    Iwak馬齒型玉米米
    Thanks Masatah Dah Share, jadi bisa lebih waspadah...
     
    L1Na3, Aug 17, 2012
    #15
  16. nathz25

    nathz25 Dollar Hunter

    Joined:
    Oct 15, 2011
    Messages:
    95
    Likes Received:
    17
    Location:
    Yogyakarta
    timthumb ? ane taunya merk wafer :pusing:
     
    nathz25, Aug 17, 2012
    #16
  17. ojolali

    ojolali Ads.id Starter

    Joined:
    Feb 18, 2012
    Messages:
    61
    Likes Received:
    0
    bagaimana dgn theme-theme buat amazon yg sudah terintegrasi dgn timthumb apa masih aman? sy ada beli beberapa theme untuk amazon yg seperti ini, kalo termasuk bahaya gimana solusinya mas? [-( jadi was2
     
    ojolali, Aug 18, 2012
    #17
  18. khabibf

    khabibf Hero

    Joined:
    Jun 18, 2009
    Messages:
    718
    Likes Received:
    37
    Location:
    Semoga di jalan yang benar
    Saran aja. Pakai plugin "timthumb vulnerability scanner"
    nanti bisa cek dan update otomatis timthumb nya.. :)
     
    khabibf, Aug 18, 2012
    #18
  19. Pebisnisonline

    Pebisnisonline Super Hero

    Joined:
    Jun 15, 2011
    Messages:
    3,709
    Likes Received:
    520
    Location:
    Indonesia
    untung ane pake sendiri source imagenya :)
     
    Pebisnisonline, Aug 18, 2012
    #19
  20. ulilalbab

    ulilalbab Ads.id Pro

    Joined:
    Aug 23, 2012
    Messages:
    374
    Likes Received:
    39
    Location:
    Gunung Semeru
    wah wp saya pernah diacak-acak sekali nih bro gara2 nih timthumb

    skrng dah make plugin timthumb vulnerability scanner.. hehe..:D
     
    ulilalbab, Aug 23, 2012
    #20

Share This Page