The Official GBBS Pro Repository

  • Home
  • ACOS GBBS Pro
    • Welcome to the GBBS Pro Archive
    • Apple II RoundTable – Lance Taylor-Warren
    • GBBS Pro System Software Version 2.1
    • GBBS Pro System Software 2.11 And Source Code
    • Legacy GBBS Pro System Software
    • Legacy DOS Based GBBS II Version 1.7
  • ACOS Utility Segs
    • Advanced Transfer System for GBBS
    • ACOS Boss
    • ACOS GBBS Editor Version 1.1
    • DarkFire 2000 BBS Version 2.41
    • Day of the week mod
    • SysOp Mail Dashboard – Mail Utility v4.0
    • ACOS Device list
    • Top of screen stats
    • Midnight call counter fix
    • Mail fix utility
    • E-Mail subject mod
    • Speed with HST Modems
  • ACOS Game Segs
    • Calculate Medical Age
  • Misc Utilities
    • TCPSER Package
    • Exfer 4.3b Delta13
    • Crash Proofing GBBS II Systems
    • Message Tracking Mod
    • ACOS Math
    • Email to multiple or all users
    • Preventing unauthorized access to site via malicious upload

Preventing unauthorized access to site via malicious upload

;
; This is a fix for the infamous “.x” problem that occurs when a user
; uploads a file via xmodem, and in effect, can get into your system,
; assuming the data1 file is on drive specifier “B”, and is named data1
;
; original code to detect the “.x” upload written by the Whistler….
; nasty part of the code that allows you to find out who tried to do
; the system in, suggested and modified by the Warlock Trebor…
;
; many thanks to the Whistler for his help and advice
;
;[][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]

; original code from your Msg.Seg.S segment is below:

up.xmdm
print \”Please select your Xmodem type:”
input @2 \”[P]roDos – [D]os 3.3 – [S]tandard? ” i$
z=instr(i$,”PDS”):if not z pop:return
z=z*(z<>3):print \”*** Ready to receive…..”
f$=”b:u”:use “b:x.up”,z,f$
open #1,f$:if mark(1) z=1:goto up.2 <—ADD THIS LINE TO THE CODE

; ADD the following NEW labels and code:
up.1
input #1,i$
if left$(i$,2)=”.x” z=1:goto up.2
if left$(i$,2)=”.X” z=1:goto up.2
up.2
; use this line ONLY if you just want to abort the upload
if z=1 close #1:print \”Xmodem upload aborted!”:kill f$

; BUT use this line instead, if you want to know who did it!
if z=1 close #1:print \”Xmodem upload aborted!”:kill f$:goto caught

if not eof(1) goto up.1
close #1
edit(0):copy f$,#8
print \edit(2)” bytes were received”
kill f$:edit(1):return
; end of added code and labels for just killing the file….

; add this code and label to see who tried to do it!
caught
open #1,”b:x.attempt”
if mark(1) close #1:create “b:x.attempt”:goto caught
append #1:print #1,un,” : “,a1$,” “,a2$,” : “,a3$,time$:close #1
copy “b:x.gotcha”:print
flag(0)=0 <—Set appropiate flags here to keep user off
for p=1 to 6000:next
goto link.term

; end of added code
; explanation: after the “.x” file is detected, it is killed, and things
; just resume normally….in the “who done it version” a file called
; “x.attempt” will be created, and it will show you the user # etc. of
; the uploader.
; you will have to write the appropiate file “x.gotcha” to be displayed
; to the user…I am including mine at the end of this, to give you an
; idea of what I’m using…
;
; ENJOY…and catch the little buggers!
;
;
; below is my “x.gotcha” file…just remember that you’ll have to create
; your own if you don’t like this one…
;
;
<— I embedded these control-G’s in the file to alert the user
that something was up….

==============================================================================

You have been caught attempting to breach this system’s security!

——————————————————————————

Your user number, name, time and date of this offense have been written to a
special file, and the sysop will automatically be notified of your despicable
action.

Further, your system access has been immediately revoked, and you may expect
all rights and priveleges you enjoyed here to be recinded immediately.

The sysop will also be in contact with all other sysops of systems of which
you were a known member.
Was it worth it?

Recent Posts

  • GBBS Pro 2.4 Software & Manual
  • GBBS Pro 2.3 Software & Manual
  • GBBS Pro 2.2 Beta 1 Software & Book Now Available
  • GBBS Pro System Software Version 2.14 and Source
  • GBBS Pro System Software 2.11 And Source Code

Recent Comments

    Archives

    • November 2024
    • July 2023
    • July 2019
    • February 2017
    • January 2017

    Categories

    • Bulletin Board Systems
    • GBBS System
    • General

    Meta

    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org
    (c) 2015-2025 GBBS Pro Repository