Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
boxingscene
New Member
New Member



Joined: Nov 17, 2003
Posts: 20

PostPosted: Wed Sep 08, 2004 5:01 pm Reply with quote

some bastards hacked into my site and deleted all the admins, my question in now all of the news articles have no name or are posted under the names of the hackers, where it says "posted by"

what would be the SQL command in phpmydamin to make all the articles listed under the aid name of "hacker" to be listed under the my aid.

I have sentinel running, unsure how they got in.
 
View user's profile Send private message
Raven
Site Admin/Owner



Joined: Aug 27, 2002
Posts: 17088

PostPosted: Wed Sep 08, 2004 5:57 pm Reply with quote

Were you using the Admin Auth functionality of NukeSentinel? Do you use Coppermine? Do you have the latest security patches (v2.5) installed?
 
View user's profile Send private message
boxingscene







PostPosted: Wed Sep 08, 2004 6:25 pm Reply with quote

did not use admin auth, no coppermine
 
boxingscene







PostPosted: Wed Sep 08, 2004 6:27 pm Reply with quote

the hacker calls himself master, look like he hits a lot of nuke oriented sites
 
Raven







PostPosted: Wed Sep 08, 2004 6:29 pm Reply with quote

If you were not using Admin Auth then he got in through the admin.php exploit and added an admin. he then proceeded to destroy. Were you blocking admin and author exploits in NukeSentinal? It doesn't appear that you were as they stop that attack. But, Admin Auth stops them dead in their tracks.
 
anthonyaykut
New Member
New Member



Joined: Jun 04, 2004
Posts: 13

PostPosted: Fri Sep 10, 2004 8:05 am Reply with quote

Admin Auth:

How to use this precisely Raven, coz I cannot get it to work Sad

TIA
Anthony
 
View user's profile Send private message
Rage
Insane



Joined: Jul 30, 2004
Posts: 85

PostPosted: Sat Sep 11, 2004 7:16 am Reply with quote

Maybe it's time http auth is on by default?

_________________
It's not that I'm afraid of dying, it's just that I don't want to be there when it happens. - Woody Allen 
View user's profile Send private message
Raven







PostPosted: Sat Sep 11, 2004 8:54 am Reply with quote

What is not working? Is it Not Available or when you try to login it doesn't appear to accept your username and password. Saying something 'doesn't work' isn't much help in helping you Wink
 
anthonyaykut







PostPosted: Thu Oct 07, 2004 7:55 am Reply with quote

OK,

Let me try it this way ... it is not popping up an userid/password box to put in the details...
 
Raven







PostPosted: Thu Oct 07, 2004 8:00 am Reply with quote

Make sure it is ON in NukeSentinel Administration.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©