Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ Bug Reports
Author Message
64bitguy
The Mouse Is Extension Of Arm


Joined: Mar 06, 2004
Posts: 1159
Location: Sanbornton, NH USA

PostPosted: Fri Aug 06, 2004 2:10 pm Reply with quote

Hi

Got this in my latest installation of Sentinal 2.0.0 Final.
Notes:
Step 1: Uninstall (successful)
Step 2: Fresh Install (See below)

Quote:
Operation Status!

--------------------------------------------------------------------------------
- Create nuke_nsnst_admins succeded
- Import into nuke_nsnst_admins succeeded
- Create nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers failed
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers failed
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Create nuke_nsnst_ips succeded
- Create nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Adjust Order nuke_nsnst_config succeded


Any ideas on where I'm going wrong?

A closer look inside Sentinal Configuration reveals:
1) Unable to enable Union Protection (Wondering if there is something leftover in there from RavenScripts previously protecting Union... Will look into that)
2) Unable to enable Referer Blocker Protection. Not sure what is causing this.
3) Mouse-Over and Click-On help settings not working. Can't get any help to come up for some reason.
4) Not Available is what I see in the write to .htaccess file setting. Not sure why as of yet as I have checked it, but can't find any problems yet.

Thanks
Steph

_________________
Steph Benoit Only registered users can see links on this board! Get registered or login!
1CMS, 100% Section 508 and W3C XHTML/CSS Compliant (Truly) 
View user's profile Send private message Visit poster's website
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17077

PostPosted: Fri Aug 06, 2004 3:20 pm Reply with quote

Delete the old install (manually) and do a fresh install. Make sure that you do the manual updates to the javascript.php file. #4 is probably because you have a CGI PHP installation and HTTP Authentication cannot be used. But, do the fresh install first.
 
View user's profile Send private message
64bitguy
PostPosted: Fri Aug 06, 2004 3:56 pm Reply with quote

Raven wrote:
#4 is probably because you have a CGI PHP installation and HTTP Authentication cannot be used.


Yes, that is the case. I am running PHP in CGI mode.
 
64bitguy
PostPosted: Fri Aug 06, 2004 6:17 pm Reply with quote

I think I need to fix my mainfile.php.

I have this now (From also using HackAlert)

Quote:

<?php
include("includes/sentinel.php");
/************************************************************************/
/* PHP-NUKE: Advanced Content Management System */
/* ============================================ */
/* */
/* Copyright (c) 2002 by Francisco Burzi */
/* Only registered users can see links on this board! Get registered or login! */
/* */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License. */
/************************************************************************/
/* Additional security checking code 2003 by chatserv */
/* Only registered users can see links on this board! Get registered or login! -- Only registered users can see links on this board! Get registered or login! */
/************************************************************************/
if (stristr($_SERVER["QUERY_STRING"],'%20union%20')) {
$loc = $_SERVER['QUERY_STRING'];
header("Location: hackattempt.php?$loc");
die();
}
# Old statement replaced by above line if (stristr($_SERVER["QUERY_STRING"],'%20union%20')) header("Location: index.php"); #
$phpver = phpversion();


What should the new beginning of my mainfile.php look like?
 
chatserv
Member Emeritus


Joined: May 02, 2003
Posts: 1389
Location: Puerto Rico

PostPosted: Fri Aug 06, 2004 6:48 pm Reply with quote

Since the strings in the new line are filtered by Sentinel anyway you could just change that to:
Code:
<?php 

include("includes/sentinel.php");
/************************************************************************/
/* PHP-NUKE: Advanced Content Management System */
/* ============================================ */
/* */
/* Copyright (c) 2002 by Francisco Burzi */
/* http://phpnuke.org */
/* */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License. */
/************************************************************************/
/* Additional security checking code 2003 by chatserv */
/* http://www.nukefixes.com -- http://www.nukeresources.com */
/************************************************************************/
if (stristr($_SERVER["QUERY_STRING"],'c2nyaxb0')) {
header("Location: index.php");
die();
}
$phpver = phpversion();

or:
Code:
<?php 

include("includes/sentinel.php");
/************************************************************************/
/* PHP-NUKE: Advanced Content Management System */
/* ============================================ */
/* */
/* Copyright (c) 2002 by Francisco Burzi */
/* http://phpnuke.org */
/* */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License. */
/************************************************************************/
/* Additional security checking code 2003 by chatserv */
/* http://www.nukefixes.com -- http://www.nukeresources.com */
/************************************************************************/
$phpver = phpversion();
 
View user's profile Send private message Visit poster's website
64bitguy
PostPosted: Fri Aug 06, 2004 6:52 pm Reply with quote

Hi There!

I had already done the latter of your two suggestions and I then pulled everything out and reloaded. This is what I got.

Quote:

- Create nuke_nsnst_admins succeded
- Import into nuke_nsnst_admins succeeded
- Create nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers failed
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers failed
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Create nuke_nsnst_ips succeded
- Create nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Adjust Order nuke_nsnst_config succeded


by the way, I never noticed it before, but shouldn't that say "succeeded"?

I am still unable to get Union Protection working in Sentinal, so I'm going to re-enable the RavenPHPScripts HackAlert until I figure out why that is.

When I go to look at the Sentinal.php file, I've noticed that my Crimson editor doesn't like the language handling in line 222
Quote:
if (stristr($querystring,'%20union%20') OR stristr($querystring,'*/union/*')) {


Specifically, the '*/union/*' is screwing it up as it sees that as commenting out everything after the /*

Oh well.
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ Bug Reports

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©