THT Community

Full Version: Automatically fix perms on config.inc.php and remove install directory
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hey, I know this is mostly just something that should be integrated with THT from the start, but I'm going to post it anyway.

This mod will make it so that the install directory is automatically removed when you view the admin home page for the first time. It also sets the config.inc.php file perms to 0444. Some FTP programs won't allow you to change permissions below 0644 and as that's still writable, you'll wind up with an error on your admin page every time since you can't use FTP to correct it. FTP won't set it below that because if it gets set to 0444, then you can't overwrite the file using FTP. You can stilll delete the file and reupload it, though. It'll go back to a 644 default, so you'll need to view the admin home page again to set it. PHP can set it, but FTP can't. There are checks in place to see if it worked properly or not as well.

UPDATE: I found a security flaw. The installer leaves behind the SQL files that it imports and there isn't a warning for this either. Someone can go to http://yourdomain.com/THT/includes/sql/install.sql or http://yourdomain.com/THT/includes/sql/upgrade.sql and see all the tables it imported. This gives the attacker a working knowledge of what tables are where and makes hacking MUCH more easy if they can find a vulnerability. Yes this is open source, so a hacker could find it by downloading the code, but they could also figure out what version you're using and exploit the vulnerabilities of that version.

That being said, I updated the directory removal tool for that function. Only the install() function uses those files, so it should be removed too.

OK, so here goes.

/admin/pages/home.php

FIND:
PHP Code:
public function checkDir($dir){
            if (
is_dir($dir)) { 
                    return 
"<div class='warn'><img src='../themes/icons/cross.png' alt='' /> Warning: Your install directory still exists. Please delete it!</div>";
                }
                else{
                        return 
"";
                }
        } 

REPLACE IT WITH:
PHP Code:
public function checkDir($dir){
            if (
is_dir($dir)) {
                        
unlink($dir."index.php");
                        if(
rmdir($dir)){
                                return 
"";
                        }else{
                                return 
"<div class='warn'><img src='../themes/icons/cross.png' alt='' /> Warning: Your install directory still exists. Please delete it!</div>";
                        }
                }else{
                        
$sql_dir "../includes/sql/";
                        if(
is_dir($sql_dir)){
                                
unlink($sql_dir."index.html");
                                
unlink($sql_dir."install.sql");
                                
unlink($sql_dir."upgrade.sql");
                                if(
rmdir($sql_dir)){
                                        return 
"";
                                }else{
                                        return 
"<div class='warn'><img src='../themes/icons/cross.png' alt='' /> Warning: Your /includes/sql directory still exists. Please delete it!</div>";
                                }
                        }else{
                                return 
"";
                        }
                }
        } 

Now for setting the perms...

FIND:
PHP Code:
return "<div class='warn'><img src='../themes/icons/error.png' alt='' /> Warning: Configuration file (conf.inc.php) is still writable, please chmod it to 444!</div>"

REPLACE IT WITH:
PHP Code:
if(chmod($file0444)){
                                return 
"";
                        }else{
                                return 
"<div class='warn'><img src='../themes/icons/error.png' alt='' /> Warning: Configuration file (conf.inc.php) is still writable, please chmod it to 444!</div>";
                        } 


Enjoy! =)
Thanks for the SQL suggestion. I'll probably end up moving it to the install directory, where it should have been in the first place. The real threat here, if any, as you mentioned, is version identification. Due to permission issues, deleting the install directory automatically will probably cause a few issues, but is worth a try in the name of security.