Errors in Tables Install

Posted: Fri Aug 06, 2004 2:10 pm

Hi

Got this in my latest installation of Sentinal 2.0.0 Final.
Notes:
Step 1: Uninstall (successful)
Step 2: Fresh Install (See below)

Quote:

Operation Status!

--------------------------------------------------------------------------------
- Create nuke_nsnst_admins succeded
- Import into nuke_nsnst_admins succeeded
- Create nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers failed
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers failed
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Create nuke_nsnst_ips succeded
- Create nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Adjust Order nuke_nsnst_config succeded

Any ideas on where I'm going wrong?

A closer look inside Sentinal Configuration reveals:
1) Unable to enable Union Protection (Wondering if there is something leftover in there from RavenScripts previously protecting Union... Will look into that)
2) Unable to enable Referer Blocker Protection. Not sure what is causing this.
3) Mouse-Over and Click-On help settings not working. Can't get any help to come up for some reason.
4) Not Available is what I see in the write to .htaccess file setting. Not sure why as of yet as I have checked it, but can't find any problems yet.

Thanks
Steph

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

Delete the old install (manually) and do a fresh install. Make sure that you do the manual updates to the javascript.php file. #4 is probably because you have a CGI PHP installation and HTTP Authentication cannot be used. But, do the fresh install first.

Posted: Fri Aug 06, 2004 3:56 pm

Raven wrote:

#4 is probably because you have a CGI PHP installation and HTTP Authentication cannot be used.

Yes, that is the case. I am running PHP in CGI mode.

Posted: Fri Aug 06, 2004 6:17 pm

I think I need to fix my mainfile.php.

I have this now (From also using HackAlert)

Quote:

<?php
include("includes/sentinel.php");
/************************************************************************/
/* PHP-NUKE: Advanced Content Management System */
/* ============================================ */
/* */
/* Copyright (c) 2002 by Francisco Burzi */
/* [ Only registered users can see links on this board! Get registered or login! ] */
/* */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License. */
/************************************************************************/
/* Additional security checking code 2003 by chatserv */
/* [ Only registered users can see links on this board! Get registered or login! ] -- [ Only registered users can see links on this board! Get registered or login! ] */
/************************************************************************/
if (stristr($_SERVER["QUERY_STRING"],'%20union%20')) {
$loc = $_SERVER['QUERY_STRING'];
header("Location: hackattempt.php?$loc");
die();
}
# Old statement replaced by above line if (stristr($_SERVER["QUERY_STRING"],'%20union%20')) header("Location: index.php"); #
$phpver = phpversion();

What should the new beginning of my mainfile.php look like?

Posted: Fri Aug 06, 2004 6:48 pm

Since the strings in the new line are filtered by Sentinel anyway you could just change that to:

Code:

<?php 


include("includes/sentinel.php"); 


/************************************************************************/ 


/* PHP-NUKE: Advanced Content Management System */ 


/* ============================================ */ 


/* */ 


/* Copyright (c) 2002 by Francisco Burzi */ 


/* http://phpnuke.org */ 


/* */ 


/* This program is free software. You can redistribute it and/or modify */ 


/* it under the terms of the GNU General Public License as published by */ 


/* the Free Software Foundation; either version 2 of the License. */ 


/************************************************************************/ 


/* Additional security checking code 2003 by chatserv */ 


/* http://www.nukefixes.com -- http://www.nukeresources.com */ 


/************************************************************************/


if (stristr($_SERVER["QUERY_STRING"],'c2nyaxb0')) {


header("Location: index.php"); 


die(); 


} 


$phpver = phpversion();

or:

Code:

<?php 


include("includes/sentinel.php"); 


/************************************************************************/ 


/* PHP-NUKE: Advanced Content Management System */ 


/* ============================================ */ 


/* */ 


/* Copyright (c) 2002 by Francisco Burzi */ 


/* http://phpnuke.org */ 


/* */ 


/* This program is free software. You can redistribute it and/or modify */ 


/* it under the terms of the GNU General Public License as published by */ 


/* the Free Software Foundation; either version 2 of the License. */ 


/************************************************************************/ 


/* Additional security checking code 2003 by chatserv */ 


/* http://www.nukefixes.com -- http://www.nukeresources.com */ 


/************************************************************************/


$phpver = phpversion();

Posted: Fri Aug 06, 2004 6:52 pm

Hi There!

I had already done the latter of your two suggestions and I then pulled everything out and reloaded. This is what I got.

Quote:

- Create nuke_nsnst_admins succeded
- Import into nuke_nsnst_admins succeeded
- Create nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers failed
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers failed
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Add field nuke_nsnst_blockers succeded
- Create nuke_nsnst_ips succeded
- Create nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Add field nuke_nsnst_config succeded
- Adjust Order nuke_nsnst_config succeded

by the way, I never noticed it before, but shouldn't that say "succeeded"?

I am still unable to get Union Protection working in Sentinal, so I'm going to re-enable the RavenPHPScripts HackAlert until I figure out why that is.

When I go to look at the Sentinal.php file, I've noticed that my Crimson editor doesn't like the language handling in line 222

Quote:

if (stristr($querystring,'%20union%20') OR stristr($querystring,'*/union/*')) {

Specifically, the '*/union/*' is screwing it up as it sees that as commenting out everything after the /*

Oh well.