Ravens PHP Scripts And Web Hosting

Torrentreactor Website Compromised

Posted by Raven — 2009-07-01T15:23:37-04:00

Threat Type: Malicious Web Site / Malicious Code

Websense Security Labs� ThreatSeeker� Network has detected that Torrentreactor, one of the oldest and most reliable torrent search engines on the Web, has been compromised and injected with malicious code. The site has been injected with an IFrame leading to a site laden with exploits. The exploits on the payload site include Internet Explorer (MDAC) and Microsoft Office Snapshot Viewer, as well as Adobe Acrobat Reader and Adobe Shockwave.

If the user's browser is successfully exploited, a malicious file is downloaded and run from the exploit site. The malicious file has an extremely low AV detection rate. The file (MD5: 24bd24f8673e3985fc82edb00b24ba73) is a Trojan Downloader and connects to a Bot C&C server at IP 78.109.29.116. After connecting to the IP, the file downloads a Rootkit installer from the same IP.

Firefox 3.5 is Out - Download it Now!

Posted by Raven — 2009-06-30T18:52:07-04:00

It�s official: Firefox 3.5 has been released! Grab it from the Mozilla website before it becomes overloaded by eager Firefox aficionados!

Firefox 3.5 is the best performing browser Mozilla has ever released and delivers radically improved JavaScript performance, a new Private Browsing mode, native support for open video and audio, and Location Aware Browsing. The newest version of Firefox is more than two times faster than Firefox 3 and ten times faster than Firefox 2 on complex websites. With extensive under-the-hood work to support new technologies, Firefox 3.5 is the most powerful and complete modern browser and helps upgrade the Web experience.

Read the entire Press Release

NukePrizes(tm) now free

Posted by Raven — 2009-06-28T13:16:00-04:00

From Bob Marion:

As of 26-Jun-2009 NukePrize(tm) has gone into public downloads. No fee is required anymore, use to your hearts content.

Theme PMC-Crash For RavenNuke(tm) Released

Posted by papamike — 2009-06-28T00:41:52-04:00

I released PMC-Crash today. It is a dark theme with emphasis on high gloss graphics. Comes with a matching theme, matching download and web link graphics, custom graphics in the Your Account area and DHTML mouseover main buttons. This is a premium quality theme which members can download for free.

As always you can:
Preview it live HERE
Download it: HERE

nukeWYSIWYG� 2.6.4 released by nukeSEO.com

Posted by kguske — 2009-06-27T10:46:32-04:00

nukeSEO.com released nukeWYSIWYG� 2.6.4 featuring FCKeditor. This update includes several important new and improved features:

File manager requires Nuke admin authentication (identified by S Electric)
FCKeditor 2.6.4 with new web-based spell checker
Browser-specific and compliance fixes

Please note that the file manager has always validated uploads to prevent files that can be used to cause harm to a site (e.g. executable files like .js and .php, as well as scripts renamed to be images).

RavenNuke� users: The admin authentication change is already implemented in RavenNuke� 2.30.02 available on this site. We are considering FCKeditor 2.6.4, CKeditor and other editors for future releases of RavenNuke�

Michael Jackson Death Prompts Malicious Spam

Posted by Raven — 2009-06-26T09:33:44-04:00
::

From WebSense Security Labs

Michael Jackson Death Prompts Malicious Spam

Date:06.26.2009

Threat Type: Malicious Web Site / Malicious Code

Websense Security Labs(tm) ThreatSeeker(tm) Network has discovered spam emails offering recipients links to unpublished videos and pictures of singer Michael Jackson. According to news reports Michael Jackson's death was confirmed yesterday.
The spam email appears to offer a link to a YouTube video, but instead sends the recipient to a Trojan Downloader hosted on a compromised Web site. The file offered is called Michael.Jackson.videos.scr (MD5: 664cb28ef710e35dc5b7539eb633abca). This file is located on a legitimate Web site hosted in Australia belonging to a radio broadcasting station. Upon executing the file, a legitimate Web site at http://musica.uol.com.br/ultnot/2009/06/25/michael-jackson.jhtm is opened by the default browser in order to distract the user by presenting a news article for them to read.

In the background, three further information-stealing components are downloaded and installed by the malware. One of the downloaded files is called michael.gif, which has low AV detection rates - see VT results here. The malware then installs a malicious BHO that is registered with this file %windir%Dynamic.dll and this GUID {FCADDC14-BD46-408A-9842-CDBE1C6D37EB}. Another component is bound to startup at %windir%system32kproces.exe. Another malicious file installed by the malware is %windir%system32fotos.exe.
Translation of the email is as follows:
::

RavenNuke(tm) v2.30.02 Security Fixpack has been released

Posted by Raven — 2009-06-25T18:33:57-04:00
A minor security Fixpack has been released. Please read the forum post RavenNuke(tm) v2.30.02 Security Fixpack has been released for the details.

Note that this upgrade is for RavenNuke(tm) v2.30.01 only. If you are not using RavenNuke(tm) v2.30.01 then you need to FIRST upgrade to v2.30.01 and then apply this fix.

The FULL release downloads for v2.30.02 (v2.30.01 with the Fixpack already applied) are also available for downloading.

Zen Cart Administration Security Bypass Vulnerability

Posted by Raven — 2009-06-24T20:20:50-04:00
SECUNIA ADVISORY ID: SA35550

VERIFY ADVISORY: http://secunia.com/advisories/35550/

CRITICAL: Moderately Critical

DESCRIPTION: A vulnerability has been discovered in Zen Cart, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is confirmed in version 1.3.8a (full fileset 12112007). Other versions may also be affected.

Shockwave Player Arbitrary Code Execution Vulnerability

Posted by Raven — 2009-06-24T20:12:51-04:00
SECUNIA ADVISORY ID: SA35544

VERIFY ADVISORY: http://secunia.com/advisories/35544/

CRITICAL: Highly Critical

DESCRIPTION: A vulnerability has been reported in Shockwave Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is reported in versions prior to 11.5.0.600. The vulnerability is caused due to an unspecified error when processing Shockwave Player 10 content and can be exploited to execute arbitrary code.

SOLUTION: Uninstall versions prior to 11.5.0.600, restart the system, and install version 11.5.0.600: http://get.adobe.com/shockwave/

PROVIDED AND/OR DISCOVERED BY: The vendor credits Paul Kurczaba, reported via ZDI.

ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb09-08.html

Phpnuke SEO packages Released

Posted by webmidas — 2009-06-24T14:09:25-04:00
Outshine Solutions feels proud to announce that they have taken initiative to make php nuke CMS SEO friendly, launches SEO packages for php nuke users.

Php Nuke is a content management system that lacks certain SEO features. These packages has been launched to make any php nuke based website more search engine friendly so that they can rank well in search engines.

Featres of php nuke SEO packages: