Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm)
Author Message
phil_001
New Member
New Member



Joined: Oct 13, 2004
Posts: 2

PostPosted: Wed Oct 13, 2004 2:49 am Reply with quote

I’am using Nuke 7.5patched (from chatserv), Sentinal 202, Admin Secure1.7 still got hacked…

The Admin user (Kernal_attack) doesn’t get activated because Admin Secure sets it to deactivated, (so that does work) but the “messages” table does get altered….

The message on the main screen says: “Kernel_Attack OwnZ Here by Dead_c0de AnD Nickvicq”.

The funny thing is when I try to deactivate the message through <<admin.php?op=messages>> I get the message “html tags not allowed”. OK so I deleted all the text and the message is gone.

But… they will return. They did it last week already, and I thought I got it fixed by using Nuke75Patched, but that didn’t work either.

Anybody knows what is going wrong?
 
View user's profile Send private message
Raven
Site Admin/Owner



Joined: Aug 27, 2002
Posts: 17088

PostPosted: Wed Oct 13, 2004 6:22 am Reply with quote

Did you have HTTP Auth (CGI or Module) activated? You need to use phpMyAdmin and delete the message.
 
View user's profile Send private message
chatserv
Member Emeritus



Joined: May 02, 2003
Posts: 1389
Location: Puerto Rico

PostPosted: Wed Oct 13, 2004 11:48 am Reply with quote

So has anyone caught this one on the server access.log? It would help knowing what it is they are using.
 
View user's profile Send private message Visit poster's website
phil_001







PostPosted: Thu Oct 14, 2004 10:50 am Reply with quote

See: [ Only registered users can see links on this board! Get registered or login! ]
 
Raven







PostPosted: Thu Oct 14, 2004 10:55 am Reply with quote

Once again - Coppermine Evil or Very Mad and if you had not have had admin secure installed, NukeSentinel would have trapped it. Admin Secure is being called before NukeSentinel.
 
chatserv







PostPosted: Thu Oct 14, 2004 1:28 pm Reply with quote

And i am forced to carry on saying use Menalto's Gallery, can't? don't use any.
 
JRSweets
Worker
Worker



Joined: Aug 06, 2004
Posts: 192

PostPosted: Thu Oct 14, 2004 9:16 pm Reply with quote

I just removed coppermine and I am using Smartor Photo Gallery mod. It was a phpbb mod ported to nuke. I got it on portedmods.com.

Do you guys think its safe?
 
View user's profile Send private message
diablo
Hangin' Around



Joined: Feb 01, 2004
Posts: 34

PostPosted: Thu Oct 14, 2004 11:44 pm Reply with quote

I'm using Galllery 1.4.1, is that ok?
 
View user's profile Send private message
izone
Involved
Involved



Joined: Sep 07, 2004
Posts: 354
Location: Sweden

PostPosted: Fri Oct 15, 2004 2:46 am Reply with quote

diablo wrote:
I'm using Galllery 1.4.1, is that ok?


If it is My eGallery, NO.

We got hacke yesterday.
 
View user's profile Send private message
sixonetonoffun
Spouse Contemplates Divorce



Joined: Jan 02, 2003
Posts: 2496

PostPosted: Fri Oct 15, 2004 6:00 am Reply with quote

Gallery 1.4.4-pl2 is the current release. There was some security fixes in between so I'd consider updating when its convenient. The worst was fixed in Gallery v1.4.1-pl1 and if that isn't your version the fixes can easily be applied to your existing files until an update is convenient.

_________________
[b][size=5]openSUSE 11.4-x86 | Linux 2.6.37.1-1.2desktop i686 | KDE: 4.6.41>=4.7 | XFCE 4.8 | AMD Athlon(tm) XP 3000+ | MSI K7N2 Delta-L | 3GB Black Diamond DDR
| GeForce 6200@433Mhz 512MB | Xorg 1.9.3 | NVIDIA 270.30[/size:2b8 
View user's profile Send private message
Themis
Worker
Worker



Joined: Nov 17, 2003
Posts: 131

PostPosted: Fri Oct 15, 2004 8:42 am Reply with quote

What is the recommended Gallery to use now then?? We use our gallery alot for game screen shots. I'm not overly fond of Coppermine, really, and would like a good alternative.

_________________
Shonierose
Shonie's Retreat [ Only registered users can see links on this board! Get registered or login! ] 
View user's profile Send private message Visit poster's website AIM Address
chatserv







PostPosted: Fri Oct 15, 2004 10:41 am Reply with quote

[ Only registered users can see links on this board! Get registered or login! ]
 
Themis







PostPosted: Fri Oct 15, 2004 1:42 pm Reply with quote

Thanks Chatserv Smile Now I have to wait for Raven to get me fixed up, so I can try it. And hopefully not break anything so soon. Razz
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm)

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©