Login or Register  • Home • Downloads • Your Account • Forums •

Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in my sites security View next topic View previous topic   Web RavenPHPScripts (This Site)      Ravens PHP Scripts And Web Hosting Forum Index » Security - PHP Nuke Author Message gregexp The Mouse Is Extension Of Arm Joined: Feb 21, 2006 Posts: 1497 Location: In front of a screen....HELP! lol Posted: Sat Mar 18, 2006 10:24 pm heres the thing, i have learned a lot about php, i can install sentinel and do a lot more to the nuke itself. now i got no webmaster to help me and im still new at all this...i try to help where i can. my site was recently hacked and i got no clue how...ive done days of research. they dropped the whole thing...database and the public_html they also changed the user e-mail on my cpanel acount this is where im lost...how in gods name can this happen?? my server is not vulnerable to many scripts at all only the scripts that if u want php on it, u cant block em. is there a way i can lock it down so to speak to make it so my site cannot get hacked like it was....im thinkin hacked isnt the right word...perhaps exploited would be....honestly got no clue as to how this happened...plz help..ty hitwalker Sells PC To Pay For Divorce Joined: Posts: 5661 Posted: Sun Mar 19, 2006 5:08 am well if your talking about cpanel then some one had the login. cpanel also keeps logs like last visit of admin etc.. but your story sounds a bit hysterical,so maybe a well explained story would be nice starting at where and what exactly happend. Susann Moderator Joined: Dec 19, 2004 Posts: 3143 Location: Germany:Moderator German NukeSentinel Support Posted: Sun Mar 19, 2006 5:09 am Did´t you find anything in the logfiles ? I often search for the hackers name and check what they did with other sites to find out more. gregexp The Mouse Is Extension Of Arm Joined: Feb 21, 2006 Posts: 1497 Location: In front of a screen....HELP! lol Posted: Sun Mar 19, 2006 11:41 am ok heres the thing...i got no clue where to start...i search the loggs and got the ip but thats it...i also got the time it happened. problem is i got no clue how or what he did to get the cpanel username and pass...ne ideas on where to begin. and i gave no1 the username and pass to my cpanel. my server owner can get it...and my partner in hosting....but i know niether would have gotten it and given it out....im askin more because i have no clue as to how it happened and if u like to see the site or talk to me more directly..plz look at my profile...it has all my contact info on it...1 more thing....im not trojaned or keylogged...first thing i thought as a possibility. evaders99 Former Moderator in Good Standing Joined: Apr 30, 2004 Posts: 3221 Posted: Sun Mar 19, 2006 4:29 pm If they've gotten root access to your server, they can change anything they want. More likely is that you have the same passwords for FTP/Database/.. other accounts. gregexp The Mouse Is Extension Of Arm Joined: Feb 21, 2006 Posts: 1497 Location: In front of a screen....HELP! lol Posted: Mon Mar 20, 2006 2:53 pm forgive me guys and thanx for all the posts...i found out how they got in and i increased security on my site...im currently in the process of rebuilding it...i learned of quite a few file edits to secure it more proficiently. most from this site and i believe i have a grasp on how this happened...first mistake...i made the admin pass and cpanel pass 1 in the same...wont do that again 2nd mistake...sentinel was not configured correctly. mind u i said configured..it was installed correctly. but now that i have read in detail on settin sentinel up and the ways ppl can run scripts to get passwords and such...most of which apparently sentinel can stop. i have made some things on my site not so easy..but the thing is i dont really have a grasp of how these ppl run exploits and such it seems ppl can input what appear to be sql commands in for usernames and such....i went with a your account module that allows me to keep certain usernames not allows with a form of wildcard feature....i believe this will help a lot....others r that they can upload into ur site...ussually avatars...others allow uploads for downloads and such...i dont allow ne uploads from my site except avatars...was hoping to find a way to allow those and have good security still...ne ideas on that???..other then that i believe i have done as much as i can. Display posts from previous:   All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year  Oldest FirstNewest First        Ravens PHP Scripts And Web Hosting Forum Index » Security - PHP Nuke  Jump to:  Select a forum Read Me First!!!----------------Board Rules and Regulations Web Hosting Services----------------RWH GeneralRWH Pre Sale QuestionsRWH Client Center Application OnlyRWH OtherFAQ - PHP5 w/phpSuExec Conversion From PHP4PHP5 Conversion Issues From PHP4 RavenNuke(tm) Programming Standards/Approaches/Philosophy----------------RavenNuke / Raven CMS CMS WikiSecurity IssuesConverting/Creating BlocksConverting/Creating ModulesConverting/Creating ThemesConverting/Creating OtherConverting/Creating General DiscussionCertification - Submit Scripts For RavenNuke(tm) CertificationCertification - Modules, Blocks, Other Scripts/Applications Converted For RavenNuke(tm)Certification - All Discussion RavenNuke(tm) v2.5x----------------RavenNuke(tm) v2.5x RavenNuke(tm) v2.4x----------------v2.4 RN Announcementsv2.4 RN Documentationv2.4 RN Issues RavenNuke(tm) v2.3x----------------v2.3 RN Announcementsv2.3 RN Quick Fixesv2.3 RN Issuesv2.3 RN Documentationv2.3 RN Feedback/Suggestionsv2.30.01 RN Security Issuesv2.30.01 RN New Installation Issuesv2.30.01 RN Upgrade Issuesv2.30.01 RN All Other Issues RavenNuke(tm) v2.2x----------------RN v2.20.00 - AnnouncementsRN v2.20.00 - All IssuesRN v2.20.00 - Feedback RavenNuke(tm) Addons----------------FCKeditor/WYSIWYG IssuesnukeFeed/FeedCreatorForum Attachment ModnukeSEOShortLinks/TegoNukeNukePie/SimplePieeCommerce Site Specific Stuff----------------READ ME FIRSTAnnouncementsRaven's v7.0 Customized DistroHack Attempt ScriptRaven's Customized Distribution PacksBUGS/FIXES - Raven's v7.3 Customized DistroCache Lite Admin ModuleNuke Tool Box (TM)Captcha SecurityRaven's RavenNuke(tm) v1.x DistroRaven's RavenNuke(tm) v2.00.00 - v2.02.00 DistroWYSIWYG - Raven's RavenNuke(tm) v2.x DistroRaven's Collapsing Forums BlockGT - Raven's RavenNuke(tm) v2.x DistroRaven's RavenNuke(tm) v2.02.02 DistroPost Fixes - Raven's RavenNuke(tm) v2.02.02 DistroPublic Testing of RavenNuke(tm) v2.10.00HtAccesserIssues/Problems With This Site Security----------------NukeSentinel(tm) Country and IP2Country UpdatesSecurity - PHP NukeSecurity - OtherNukeSentinel(tm) v2.6.xNukeSentinel(tm) v2.5.xNukeSentinel(tm) v2.4.xNukeSentinel(tm)NukeSentinel(tm) Bug ReportsNukeSentinel(tm) Enhancement RequestsNukeSentinel(tm) AnnouncementsPHP-Nuke Patched Series By Chatserv Information About Forums----------------PHPBBBB2NukePunBB PHP-Portal Project (Not General phpnuke!)----------------AnnouncementsDesign Discussions Scripts - General----------------Bug FixesGeneral/Other StuffHow To'sInstallation HelpPost Installation HelpGT - Next Gen and StandardSeeking applications ...ThemesBlocksModulesMaking Nuke Efficientphpnuke 8.1phpnuke 8.0phpnuke 7.9phpnuke 7.8phpnuke 7.7phpnuke 7.6phpnuke 7.6 Bugs/Fixesphpnuke 7.5phpnuke 7.4phpnuke 7.3phpnuke 7.2phpnuke 7.1phpnuke 7.0phpnuke 6.9phpnuke 6.8Bug Fixes for phpnuke 6.5phpnuke 6.5Gallery/Gallery2CNB Your AccountBrowser Specific IssuesUpgrading NukeNuke Treasury NSN Scripts----------------NSN NewsNSN GroupsNSN OtherNSN Gr Downloads - a.k.a NukeDepositoryNSN NukeProject Other CMS/Portal Applications----------------Post NukeNuke PlatinumNuke Evolution PHPBB----------------Stand Alonew/Nuke 6.5w/Nuke 6.9BBtoNuke ModsBBtoNuke General Programming - Server Help----------------PHPMySQLFor HireApacheHTMLCSSJavaScriptServer Help Guestbook Application (KISGB)----------------KISGB General Support Stock Quote Application (KISSQ)----------------KISSQ General Support RavenNuke(tm) v2.10.01----------------RN v2.10.01 - All IssuesRN v2.10.01 - Feedback RavenNuke(tm) v2.10.00----------------RN AnnouncementsRN FAQRN Bug FixesRN Not BugsRN Documentation Issues/SuggestionsRN Enhancement Requests and SuggestionsRN NSN Groups IssuesRN Themes IssuesRN NukeSentinel(tm) issuesRN Installer/Setup IssuesRN Bug Reports - Other IssuesRN Conversion Issues From v2.02RN Conversion Issues From Standard phpNukeRN The Good, The Bad, The Ugly 6.5 Hacks----------------Old Articles Hack Nuke News Module Hack To Allow Ordering of Articles----------------News Module Hack - AnnouncementsNews Module Hack - BugsNews Module Hack - Enhancement RequestsNews Module Hack - Discussion Other Stuff----------------Other - DiscussionOther - Sites To VisitOther - Chit ChatOther - PoliticsOther - Movie ReviewsOther - Humor Religion----------------Religion - GeneralPrayer/Praise Requests Potpourri----------------Rants & Raves Private----------------Reading - AnnouncementsReading - Digital BooksReading - Hard/Soft cover BooksReading - Digital MagazinesReading - Printed Magazines  View next topic View previous topic You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum Forums ©

All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2011 by Raven

You can syndicate our news using the file



Website engines core code is © copyright by PHP-Nuke but has been heavily patched and modified by myself and others.
PHP-Nuke is a free software released under the GNU/GPL.


:: fisubice phpbb2 style by Daz :: PHP-Nuke theme by www.nukemods.com :::: fisubice Theme Modified by the RavenNuke™ Team ::
:: :: ::

zerosum