Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™
Author Message
GJSchaller
New Member
New Member


Joined: Jan 03, 2005
Posts: 3

PostPosted: Tue Jan 11, 2005 6:03 am Reply with quote

That's a good question - what designates the "God" account as God? I changed my name (one of my Authors was raised in a Catholic school system, and I don't want to run around with "God" on my site posting...) by just changing the name "God" to my Admin Username in the DB, but now it looks like there is no more God Account in the Author Panel.

_________________
Geoffrey J. Schaller
Technical Officer
Knight Realms Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message
BobMarion
Former Admin in Good Standing


Joined: Oct 30, 2002
Posts: 1037
Location: RedNeck Land (known as Kentucky)

PostPosted: Tue Jan 11, 2005 11:03 am Reply with quote

If your getting links like /.php?op=ABxxxxx then you either have NukeSentinel for 7.6 running on a PHP-Nuke between 6.5 and 7.5 . You will need to get NukeSentinel Universal instead.

_________________
Bob Marion
Codito Ergo Sum
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Send e-mail Visit poster's website
GJSchaller
PostPosted: Tue Jan 11, 2005 12:29 pm Reply with quote

I did grab the correct version, the problem was that I had modified the God account so it didn't read "God" any more. Once I put it back, everything started working properly.

That'll teach me to mess with God... Wink
 
BobMarion
PostPosted: Thu Jan 27, 2005 9:46 am Reply with quote

There are reasons for the God account Wink
 
azism
Worker
Worker


Joined: Feb 02, 2005
Posts: 145
Location: Tucson, AZ

PostPosted: Thu Feb 03, 2005 5:50 pm Reply with quote

I tried the test using the "name=Downloads&d_op=viewdownloads&sid=-1/* */UNION/* */" code. It was blocked okay as far as I could tell, however, I did find anything in the nuke_nsnst_blocked_ips SQL table. It is totally empty.

Then I realized the stuff in the black page didn't seem accurate. It stated:
You have been blocked from entering this site.

You have attempted a Union attack on this site.

All of the following information has been gathered to assist the webmaster should this need to be report to local or federal officers.

User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Alexa Toolbar)
Remote Address: 68.225.147.125
Client IP: none
Forwarded For: none
Date Blocked: 1969-12-31 18:00:00
Block expires: Permanent


The I.P. Address is mine, no question about it. But look at that date and time. It should have been something like 2005-02-03 16:50:00.

Any ideas what happened????

_________________
Webmaster
TI99ers On-Line User Group Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Send e-mail Visit poster's website
BobMarion
PostPosted: Mon Feb 07, 2005 2:44 am Reply with quote

The reason it didn't add you to the blocked ip table is that you are a protected admin. Log out of admin and retry the attack Smile Just be sure you have phpMyAdmin so you can remove the block Wink
 
Efferri
New Member
New Member


Joined: Feb 14, 2005
Posts: 6

PostPosted: Tue Feb 15, 2005 4:02 pm Reply with quote

You are getting the Only registered users can see links on this board! Get registered or login! link because you need to ad the admin file to your config.php. Add this line to your config.php, right after your database settings:

$admin_file = "admin";

that should fix the 404 page too, Muffin.

I am having the same problem as Billthecat. Sentinel emails, but doesn't write the IP to the blocked list in my databse OR my .htaccess file. I manually can add blocked IPs, but Sentinel cannot do it by itself. ANyone have any suggestions?
 
View user's profile Send private message
uraz
New Member
New Member


Joined: Feb 12, 2005
Posts: 2

PostPosted: Wed Feb 16, 2005 6:52 am Reply with quote

What does it mean UNION attack or CLIKE attach ?
 
View user's profile Send private message
Efferri
PostPosted: Wed Feb 16, 2005 11:50 am Reply with quote

Okay, I finally fixed the BLANK PAGE error when attempting a hack test. I uploaded all new sentinel files including nsnst.php. Ran:

Quote:
http://www.yoursite.com/nsnst.php DESTALL

Then
Only registered users can see links on this board! Get registered or login! INSTALL NEW


This will remove and rebuild all of the sentinel tables in your MySQL database. After that, it should work fine. It did for me.


Last edited by Efferri on Wed Feb 16, 2005 12:47 pm; edited 1 time in total 
Efferri
PostPosted: Wed Feb 16, 2005 12:46 pm Reply with quote

Okay, I'm hoping Raven can help me out here.

I am having a non admin do some hack tests on my site. The ADMIN block works. But when I have him run some UNION or C-LIKE tests, all he gets is a blank page with no IP block.

ADMIN, BLOCK, and CLIKE are all set to the same thing. EMAIL, BLOCK & Default Page.

Heres a little more info, When I switch it from "EMAIL, BLOCK, & DEFAULT PAGE" to just "DEFAULT PAGE", he gets the Default Page. So I'm guessing the problem is either in blocking or emailing.

But, since the ADMIN block worked completely, I am steering away from the email problem. So could it be having problems accessing the database tables when using UNION and CLIKE scripts?

I am at a loss and I hope you or someone here can help me out. Thanks...
 
Efferri
PostPosted: Wed Feb 16, 2005 12:54 pm Reply with quote

AZism, Make sure you have it set to BLOCK and not just DEFAULT PAGE. My site gives me that SAME Date when I have it set to just the Default Page.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©