Not logged in. · Lost password · Register
Forum: General Help and Support Features and Functionality RSS
Bug: User registration without email / user can not be deleted
Avatar
tmomas #1
Member since Aug 2013 · 10 posts
Group memberships: Members
Show profile · Link to this post
Subject: Bug: User registration without email / user can not be deleted
I just noticed that a possibly malicious user has registered in our wiki which does not have an email and no user group assigned.

User: admin2:5f4dcc3b5aa765d61d8327deb882cf99:pwned
Real name: admin
email: none
Groups: none

When I try to delete the user by checking the checkbox in the user manager I get the error message back "0 users deleted, 1 failed deleting."

When I try to access the users details by clicking on the username I get back the error message "Selected user not found, the specified user name may have been deleted or changed elsewhere."

Questions:
1) How is it possible that a user can register himself in this faulty way?
2) How can this be avoided in the future?
3) How can I delete this user?
Avatar
andi (Administrator) #2
User title: splitbrain
Member since May 2006 · 3501 posts · Location: Berlin Germany
Group memberships: Administrators, Members
Show profile · Link to this post
This looks like you had a security breach. You should consider your wiki and possibly your server to be compromised.

From the info you posted it seems somebody added their own user manually (that means not by using the DokuWiki methods) to the users.auth.php file and fucked up the format a little. But someone being able to write to your users file without going to DokuWiki's own methods is a security issue.

It's impossible to say what happened exactly without more info. What version of DokuWiki are you running, what plugins are installed, what other software is installed, etc. You should try to reconstruct the exact time the breach happened and check the logs to see if you can find out more about the attacker's way in.
Read this if you don't get any useful answers.
Lies dies wenn du keine hilfreichen Antworten bekommst.
Close Smaller – Larger + Reply to this post:
Verification code: VeriCode Please enter the word from the image into the text field below. (Type the letters only, lower case is okay.)
Smileys: :-) ;-) :-D :-p :blush: :cool: :rolleyes: :huh: :-/ <_< :-( :'( :#: :scared: 8-( :nuts: :-O
Special characters:
Go to forum
Imprint
This board is powered by the Unclassified NewsBoard software, 20150713-dev, © 2003-2015 by Yves Goergen
Current time: 2019-12-08, 23:10:06 (UTC +01:00)