Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

Attacks to Database HELP!!!!
 View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
black
New Member
New Member



Joined: Dec 22, 2004
Posts: 2
PostPosted: Wed Dec 22, 2004 12:38 pm Reply with quote
Hi,
This is an urgent event and we need immediate solution. There is a program
called as D4 and it sends a huge data to the sql database and it slows down
the website in the first 2-3 seconds and then in a few seconds it shuts down
the website until s/he stops using the program. We made a huge research over
the internet, but we couldn't find any solutions for this. It can shut down
any website, that's having a sql based database.
It is also including your website, which means your forum and website also can be shut down with this program in a few seconds.
I hope you can help us with
this problem. Thank you for your attention and time.

if the site admins want to get the program, they can contact us. However, they should be aware that this is a dangerous program so it shoudn't be distrubuted.
 
View user's profile Send private message
sixonetonoffun
Spouse Contemplates Divorce



Joined: Jan 02, 2003
Posts: 2496
PostPosted: Wed Dec 22, 2004 3:44 pm Reply with quote
Uhg! I see webhosts every where scrambling to set their MAX Connects very low. Creating extra db users and adding some random code to the config.php to switch users might slow it up some but on the other hand it might make it crash faster could be very interesting.

There is an example here [ Only registered users can see links on this board! Get registered or login! ]
You could even create a blank entry that would just give the Nuke mysql failure page randomly users might find it annoying but its a twist on a tactic lycos used at one time when they were really over crowded.

_________________
[b][size=5]openSUSE 11.4-x86 | Linux 2.6.37.1-1.2desktop i686 | KDE: 4.6.41>=4.7 | XFCE 4.8 | AMD Athlon(tm) XP 3000+ | MSI K7N2 Delta-L | 3GB Black Diamond DDR
| GeForce 6200@433Mhz 512MB | Xorg 1.9.3 | NVIDIA 270.30[/size:2b8 
View user's profile Send private message
sixonetonoffun
PostPosted: Wed Dec 22, 2004 3:54 pm Reply with quote
Could even use the number of times a host hit the mysql error page over a specified time add the ip to your Nuke Sentinel ban list or even the nuke ban list for that matter. If they hit the dummy page more then twice in a minute its pretty good bet its not a normal user.
 
Raven
Site Admin/Owner



Joined: Aug 27, 2002
Posts: 17088
PostPosted: Wed Dec 22, 2004 4:53 pm Reply with quote
It's called FucKuM SQL FucKeM.exe
 
View user's profile Send private message
black
PostPosted: Thu Dec 23, 2004 3:40 pm Reply with quote
its called d4, has nobody a solution:(
 
Raven
PostPosted: Thu Dec 23, 2004 3:46 pm Reply with quote
It sounds like it's probably the same program. Before it was released and they were testing it, that's what it was called. No solution as of yet.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©