Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
newbie
Regular
Regular


Joined: May 03, 2004
Posts: 62
Location: USA

PostPosted: Sat May 15, 2004 7:57 am Reply with quote

Raven wrote:
Glad you got it Smile. I'm on the road right now and am really behind on messages.


Guess I was a little premature in the Welcome back in the other thread Wink

'Tis good to see ya though!
 
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Sat May 15, 2004 11:13 am Reply with quote

Thank you! Would be nice to know who 'newbie' is, as we all, at one time or another, held that moniker Smile
 
View user's profile Send private message
newbie
PostPosted: Sat May 15, 2004 11:22 am Reply with quote

LOL,

Yep.... but in my case ... it's also my website ;o) Only registered users can see links on this board! Get registered or login!

I've just not been too keen on posting it in the forums anymore. I was JUST getting comfortable and really active in alot of the Nuke forums ... posting all over the place, developed a couple modules ... and WHAM!!! I started getting that, er, ummm ... UNwanted attention.

They got me good too. Defaced the nuke area 2x in 2 days with the "God Admin" hack.... then I find out they got my blog and my Guestbook! I'm just grateful I hadn't ported over all my content ... which was what I had planned to do.

All of that and now I've kind'a decided that ... (I think it was sixtonoffun who said something like) "Security through obscurity" may have some merit Wink

So it's incognito from here on out, LOL

Take care!

Darla
 
Raven
PostPosted: Sat May 15, 2004 12:03 pm Reply with quote

That has some merit, for sure. Me, I backup alot and stay ahead as much as I can, and throw caution to the wind. We post security traps here, often times ahead of some of the other 'official' this or that sites, as we peruse the exploit sites and have a pretty good network behind the scenes. Between Chat's fixes, hack alert script, and the methodology in this thread, you are about as safe as you can be right now, so post away and live vicariously, through us Laughing . Toss in the other nuts (term of endearment) like Six and some others and if you weren't paranoid you soon will be. Six will have a tendancy to drive you to the edge and then suggest you switch to version 5.5 where life was simpler. Or another CMS. That's what I really like about him - he's flexible, for sure. Must be all that time on the tractor in the sun; I don't know.
 
sixonetonoffun
Spouse Contemplates Divorce


Joined: Jan 02, 2003
Posts: 2496

PostPosted: Sat May 15, 2004 12:13 pm Reply with quote

Its the schizophrenia I swear!
 
View user's profile Send private message
newbie
PostPosted: Sat May 15, 2004 12:30 pm Reply with quote

Raven wrote:
so post away and live vicariously, through us Laughing .


I can NEVER turn down an invitation to fun!!!

Actually, I found your site in between the two hacks ... and have been loyally following it since then. The only exploit that passed through my site since then ... could have been avoided had I had your most recent update! You've got a good forum here and some great talent. And that guy Six ... he's pretty cool, too ;o)

And as far as those "other" forums ... they don't even compare. I'm glad they were there when they were, but ... the day I got hacked and needed help RIGHT now ... I couldn't get through ... and I found your site ... with solutions posted right there, in plain view, on the front page ... and the response time was/is fantastic. And this is just so much more ... personal. And that's what I am on the net for ... to learn, make friends and have some fun while helping those newer than me....

Anyway ... I'm getting long-winded ... so just let me say "Ya got my vote!"

Take care,

Darla
 
jonmcc33
Hangin' Around


Joined: May 17, 2004
Posts: 40
Location: Dayton, OH

PostPosted: Mon May 17, 2004 3:46 pm Reply with quote

Raven, you've just became my #1 friend. I've been hacked twice in the past month by that lame waraxe2 tool (or at least his code).

Today I added your anti-hack PHP script (the one that sends you an e-mail notification of any hacks), the script to deny any idiots trying to make a new Godmode account (since it happened to me), and now this.

My site is non-profit and I actually provide great downloads for people so I don't know why hackers would waste their time with me. I do enjoy that all they can do is hack SQL and not actually my real website. It's rather simple to restore an SQL database from a backup so all their changes are gone.

At least now with this HTTP authentication I will be a little more secure. One question...how do you add that e-mail reporting script? I'd rather get that then the little "Get out..." part. Sorry, I'm not really a PHP guru and had to read this entire thread page for page to get my HTTP authentication to work right.

You're the man. Expect a donation for your hard work.
 
View user's profile Send private message Visit poster's website AIM Address ICQ Number
Raven
PostPosted: Mon May 17, 2004 3:58 pm Reply with quote

Try this
Code:
if (!($HTTP_SERVER_VARS['PHP_AUTH_USER']=="$ravenAdminID" && md5($HTTP_SERVER_VARS['PHP_AUTH_PW'])==trim("$ravenAdminPASS"))) { 

   header("WWW-Authenticate: Basic realm=Protected");
   header("Location: hackattempt.php");
   die();
}


I haven't tried this so it may need some tweaking. Keep in mind that legitimate users that just forget their login/pw will get it too Shocked
 
jonmcc33
PostPosted: Mon May 17, 2004 4:14 pm Reply with quote

I'm the only admin at my site so I won't forget my password. This way I'll see anyone trying to access my admin.php.

THANKS AGAIN!

Edit- It doesn't work. It doesn't give you a chance to login and automatically takes you to the hackattempt.php file.
 
Raven
PostPosted: Mon May 17, 2004 5:52 pm Reply with quote

Let me play with it in a while and I'll get back to you Smile
 
jonmcc33
PostPosted: Mon May 17, 2004 6:18 pm Reply with quote

Thanks, it'll be a real plus if I can get it to report any ADMIN.PHP hack attempts.
 
Raven
PostPosted: Mon May 17, 2004 11:50 pm Reply with quote

jonmcc33 wrote:
I'm the only admin at my site so I won't forget my password. This way I'll see anyone trying to access my admin.php.

THANKS AGAIN!

Edit- It doesn't work. It doesn't give you a chance to login and automatically takes you to the hackattempt.php file.
Try this
Code:
if (!($HTTP_SERVER_VARS['PHP_AUTH_USER']=="$ravenAdminID" && md5($HTTP_SERVER_VARS['PHP_AUTH_PW'])==trim("$ravenAdminPASS"))) { 

   header("WWW-Authenticate: Basic realm=Protected");
   header("HTTP/1.0 401 Unauthorized");
   echo "<script>window.location='http://your_domain.com/hackattempt.php';</script>";
   die();
}
 
blith
Client


Joined: Jul 18, 2003
Posts: 977

PostPosted: Tue May 18, 2004 9:03 am Reply with quote

Raven, I just posted:
Quote:
I am sorry if this has been asked but how do you add more admin?
in the quick reply box and I got
Code:
The html tags you attempted to use are not allowed
 
View user's profile Send private message Visit poster's website
Raven
PostPosted: Tue May 18, 2004 9:39 am Reply with quote

Confused I just tried it and it worked ok. Try it again.
 
blith
PostPosted: Tue May 18, 2004 9:49 am Reply with quote

I am sorry if this has been asked but how do I add more admin?

*edit* hmmm worked this time I even tried it three times before reporting */edit*
 
Raven
PostPosted: Tue May 18, 2004 9:55 am Reply with quote

Only registered users can see links on this board! Get registered or login!
 
blith
PostPosted: Tue May 18, 2004 9:56 am Reply with quote

Raven wrote:
http://your_domain.com/admin.php?op=mod_authors

Oh Raven I am not that new Embarassed ... what I meant was your HTTP auth. Waht it does is ask for username and then password. I was wondering if I could add more to that? Thanks!
 
Raven
PostPosted: Tue May 18, 2004 10:01 am Reply with quote

Real quick, and I have not tried this, try
Code:
<? 

$ravenAdminID0   = 'secretID0';
$ravenAdminPASS0 = '8xxx3efdde1eb6cf6639a58848362bf4';
$ravenAdminID1   = 'secretID1';
$ravenAdminPASS1 = '8yyy3efdde1eb6cf6639a58848362bf4';
$ravenAdminID2   = 'secretID2';
$ravenAdminPASS2 = '8zzz3efdde1eb6cf6639a58848362bf4';
?>

if (!($HTTP_SERVER_VARS['PHP_AUTH_USER']=="$ravenAdminID0" && md5($HTTP_SERVER_VARS['PHP_AUTH_PW'])==trim("$ravenAdminPASS0")) AND !($HTTP_SERVER_VARS['PHP_AUTH_USER']=="$ravenAdminID1" && md5($HTTP_SERVER_VARS['PHP_AUTH_PW'])==trim("$ravenAdminPASS1")) AND !($HTTP_SERVER_VARS['PHP_AUTH_USER']=="$ravenAdminID2" && md5($HTTP_SERVER_VARS['PHP_AUTH_PW'])==trim("$ravenAdminPASS2")))


You should see where the code should go. There is a more efficient way but this should work for now.
 
blith
PostPosted: Tue May 18, 2004 10:06 am Reply with quote

thanks! Will do!
 
jonmcc33
PostPosted: Tue May 18, 2004 10:08 am Reply with quote

That works perfectly, Raven. Thanks again.
 
blith
PostPosted: Tue May 18, 2004 10:16 am Reply with quote

The additional code worked and the new user and password did also. thanks!
 
blith
PostPosted: Tue May 18, 2004 11:35 am Reply with quote

Actually now that I am trying it. The first set do not work now, just the second that I have added does.
 
anfer
New Member
New Member


Joined: May 18, 2004
Posts: 10

PostPosted: Tue May 18, 2004 5:47 pm Reply with quote

never mind
 
View user's profile Send private message
anfer
PostPosted: Tue May 18, 2004 5:51 pm Reply with quote

Sad im confuse
 
anfer
PostPosted: Tue May 18, 2004 5:53 pm Reply with quote

Hi....my web page just got hacked...and im looking for security....i tried this system of two passwords, everything worked propertly, execpt that when I try to get in the admin page, my pass or login is not accepted. I type the same that i used for myprivatefile.php but i cant get in. I dont know what happen...plz help me. is a good security system for admin.

PD: (sorry for my bad english)

ANFER
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©