Page 3 of 5

Re: NV Exif Data

Posted: Tue Aug 12, 2008 12:38 am
by Wookie1664
GoBieN,

Where do we put that code? And many thanks for spotting it !

Wookie

Re: NV Exif Data

Posted: Tue Aug 12, 2008 11:03 am
by GoBieN
The code block is inside includes/functions_content.php
It is 2 times present, so change it 2 times !
In the original mod it shows like this:

Code: Select all

                  $block_array += array(
                     'EXIF_DATE'         => $exif_date,
                     'EXIF_FOCAL'      => $exif_focal,
                     'EXIF_EXPOSURE'      => $exif_exposure,
                     'EXIF_APERTURE'      => $exif_aperture,
                     'EXIF_ISO'         => $exif_iso,
                     'EXIF_FLASH'      => $exif_flash,

                     'WHITEB'      => $exif_whitebalance,
                     'CAM_MODEL'      => $exif_model,
                     'S_EXIF_DATA'   => true,
change it to:

Code: Select all

                  $block_array += array(
                     'EXIF_DATE'         => htmlspecialchars($exif_date),
                     'EXIF_FOCAL'      => htmlspecialchars($exif_focal),
                     'EXIF_EXPOSURE'      => htmlspecialchars($exif_exposure),
                     'EXIF_APERTURE'      => htmlspecialchars($exif_aperture),
                     'EXIF_ISO'         => htmlspecialchars($exif_iso),
                     'EXIF_FLASH'      => htmlspecialchars($exif_flash),

                     'WHITEB'      => htmlspecialchars($exif_whitebalance),
                     'CAM_MODEL'      => htmlspecialchars($exif_model),
                     'S_EXIF_DATA'   => true,
   
I spotted this because on one of my pictures the model would'nt show, i looked inside the HTML source and saw the reason. The model was formatted like this: <Digimax V700>. I wouldn't show because the browser tought it was HTML code. If the model would have been <script>alert('NOT SAFE');</script> this would have been executed and a box stating NOT SAFE would have shown itself. Simple proof of concept, but this could be easily abused.

Re: NV Exif Data

Posted: Tue Aug 12, 2008 11:49 am
by GoBieN
I just made a proof of concept and discovered someting.
If in ACP of phpBB3 "Check attachment files" is set to YES then the upload will be denied.
The upload was rejected because the uploaded file was identified as a possible attack vector.
If set to NO then the upload is ok and my proof of concept works.
Screenshot:
http://www.camino-tuning.be/phpBB3/docs ... oncept.jpg
Mailicious image file (to test for yourself):
**** REMOVED *** until resolved by mod author/phpbb security team

EDIT: I removed the link to the image that had test code inside it, until this is resolved. I submitted an issue in the security tracker of nickvergessen and phpBB.

Re: NV Exif Data

Posted: Wed Aug 13, 2008 11:01 pm
by nickvergessen
i can't submit the update right now.
There is current already a version of your Modification in the queue, submitted at Sun 03.08.2008 08:50, and the Modification team has already looked at your Modification. To prevent you submit updates while we already did the validation you cant submit an update.
:roll:

so here is the update.xml:
http://code.bantux.de/svn/nv-exif-data/ ... update.xml

if there are more points mentioned from the MOD-DB-Team, I'll make a new version 1.0.2 which contains updates from 1.0.0 and 1.0.1.

Re: NV Exif Data

Posted: Thu Aug 14, 2008 7:40 pm
by updown
nickvergessen wrote:
updown wrote:I made an '@'-"solution" again before $timestamp :roll:
I'll change it.
but, what's your limit about mktime? It works fine for me!
I updated the newest version, but the problem still exists on one specific picture (untill now) - the rest works fine.

I think it has nothing to do with the mktime-function itself, there seems to be a wrong string given from the EXIF-time from this one picture itself. For example when no date is given, instead a string like "no date", so the mktime-function cannot work - is this theory possible? Is this fixable?

If not, I'll leave my ' @ ' - does a good job :lol:

Re: NV Exif Data

Posted: Thu Aug 14, 2008 7:46 pm
by nickvergessen
updown wrote:is this theory possible?
hm, now when you told it, this may be.
could you provide me the file?

Re: NV Exif Data

Posted: Fri Aug 15, 2008 7:27 pm
by 319
any demo-screenshots?

Re: NV Exif Data

Posted: Sat Aug 16, 2008 10:23 am
by GoBieN
If you go a page back you can find a link to a live board with an example topic.

Re: NV Exif Data

Posted: Sat Aug 16, 2008 10:43 am
by nickvergessen

Re: NV Exif Data

Posted: Sat Aug 16, 2008 11:13 am
by 319
thanx

Re: NV Exif Data

Posted: Thu Aug 21, 2008 8:20 am
by nickvergessen
Update 1.0.2 is submitted to the db. :ugeek:
If you can't wait for the MOD-Validators:
http://www.flying-bits.org/viewtopic.php?f=66&t=555

Re: NV Exif Data

Posted: Thu Aug 21, 2008 9:26 am
by Wookie1664
Whats changed in this version Nick?

Regards

Wookie

Re: NV Exif Data

Posted: Thu Aug 21, 2008 9:41 am
by nickvergessen
[Fix] WhiteBalance
[Add] Exposure bias, Exposure program & Metering mode
[Fix] Some language-errors

Re: NV Exif Data

Posted: Thu Aug 21, 2008 8:06 pm
by *Capmaster*
Nice mod. I did have to change "Focus Length" to "Focal Length" in the language php file. Focus and focal are two different animals ;)

Right now I'm looking at a way to add a radio button for the UCP display options to turn it off, for users who don't give a whit about EXIF data. Otherwise it just makes the posts too lengthy.

I'm also looking at a way to modify it to appear only in certain forums. We have a still photography forum where it would be appropriate, but not necessarily in the busy general discussion forums.

Re: NV Exif Data

Posted: Thu Aug 21, 2008 8:43 pm
by GoBieN
*Capmaster* wrote:Nice mod. I did have to change "Focus Length" to "Focal Length" in the language php file. Focus and focal are two different animals ;)

Right now I'm looking at a way to add a radio button for the UCP display options to turn it off, for users who don't give a whit about EXIF data. Otherwise it just makes the posts too lengthy.

I'm also looking at a way to modify it to appear only in certain forums. We have a still photography forum where it would be appropriate, but not necessarily in the busy general discussion forums.
The focal length has indead been mentioned in this topic.
Also i changed the template edits to a javascript hideable DiV.

Live Example: http://www.camino-tuning.be/opmerkingen ... 23687.html
Below the picture is the sentence, EXIF-Data, if you click show/hide the DIV pops up.
I like that solution, if you like it to, here you can read how i did it:
http://www.phpbb.com/community/viewtopi ... 5#p6589515