Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™
Author Message
oprime2001
Worker
Worker


Joined: Jun 04, 2004
Posts: 119
Location: Chicago IL USA

PostPosted: Sun Aug 08, 2004 9:44 pm Reply with quote

I was over at NukeCops reading the security forum, and I came upon the following post Only registered users can see links on this board! Get registered or login! wherein Only registered users can see links on this board! Get registered or login! posted an exploit that can supposedly bypass Sentinel.

I'm currently (and will be for the next week) on an antiquated machine on dial-up, and I cannot verify this claim. Can anyone take a look at it, and report their results back here? Thanks.
 
View user's profile Send private message
Doodle
Hangin' Around


Joined: Jan 26, 2004
Posts: 46
Location: 127.0.0.1

PostPosted: Sun Aug 08, 2004 10:39 pm Reply with quote

The script doesn't do anything on my sites, mind you I use EDL 2.1 on most of them.

_________________
Independent Network Solutions Only registered users can see links on this board! Get registered or login! Only registered users can see links on this board! Get registered or login! Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Send e-mail Visit poster's website
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Mon Aug 09, 2004 12:35 am Reply with quote

It's a totally useless script other than informative. I can see how it might bypass (I will have to try it later to know for sure) all the scripts out there but the only way it could or would be if an admin would make that script available which one never would. And, it is very easily plugged. Or, the cracker would have to be able to install that script on your site, in which case you have much bigger problems than that script! If I were still posting over there I would ask DJ to explain how he thinks a visitor to your site would ever execute that? Of course Apache wouldn't log anything! It's a form with post variables. No big secret there. Furthermore, the useless dribble at the top of that post is just that - useless dribble. All sites/servers are crackable if one tries hard enough. If these kiddies were able to crack us, trust me - they would have by now. But, they can't, at least not until a new hole is discovered. Hadjuk posts old code that waraxe posted quite a while ago. Several if not all have been patched by Chat. Full path disclosures are pretty simple to hide - just turn error display off and write to a log.
 
View user's profile Send private message
diablo
Hangin' Around


Joined: Feb 01, 2004
Posts: 34

PostPosted: Mon Aug 09, 2004 1:35 am Reply with quote

I tried a couple and they were blocked.

RavensScripts
 
View user's profile Send private message
chatserv
Member Emeritus


Joined: May 02, 2003
Posts: 1389
Location: Puerto Rico

PostPosted: Mon Aug 09, 2004 9:24 am Reply with quote

You people are still wasting your time with that site? Rolling Eyes
 
View user's profile Send private message Visit poster's website
Doodle
PostPosted: Mon Aug 09, 2004 9:40 am Reply with quote

It's good for a laugh if anything Laughing
 
Muffin
Client


Joined: Apr 10, 2004
Posts: 649
Location: UK

PostPosted: Mon Aug 09, 2004 9:45 am Reply with quote

I've been over there today complaining about Protector messing up my site still, months after I took it off and replacing it with Sentinel lol

_________________
Classic Mini rules the bends & bends the rules!
[img] 
View user's profile Send private message
Nukeum66
Life Cycles Becoming CPU Cycles


Joined: Jul 30, 2003
Posts: 551
Location: Neurotic, State, USA

PostPosted: Mon Aug 09, 2004 6:13 pm Reply with quote

chatserv wrote:
You people are still wasting your time with that site? Rolling Eyes


That's for sure!........... Laughing

_________________
Scott Johnson MIS Ubuntu/Linux 11.10 
View user's profile Send private message Visit poster's website
SmackDaddy
Involved
Involved


Joined: Jun 02, 2004
Posts: 268
Location: Englewood, OH

PostPosted: Tue Aug 10, 2004 6:58 am Reply with quote

Question (since I felt it fell under this thread and not a new one):
Only registered users can see links on this board! Get registered or login!

Supposedly there's some super-secret-spy-squirrel hack that bypasses Protector (*biting tongue*), but since I use Sentinel, is there any info about those two hacks to pass on? Or is Protector just showing their lack of updating and moving with the times?
 
View user's profile Send private message Send e-mail Visit poster's website
Raven
PostPosted: Tue Aug 10, 2004 10:11 am Reply with quote

After conferring with Chatserv, we are pretty sure what that is referring to and YES, Sentinel should be protecting you as long as you have v2.0.1. v2.0.0 also works but in a slightly different way. That's why we updated the code.
 
Raven
PostPosted: Tue Aug 10, 2004 1:03 pm Reply with quote

Bob also reminded me of this. Sentinel has protected against the Forums/Private Messages exploit since 1.0 and with 2.0.1 it also checks the base 64 it's not a new exploit but an old that has resurfaced.
 
Dauthus
Worker
Worker


Joined: Oct 07, 2003
Posts: 211

PostPosted: Tue Aug 10, 2004 5:51 pm Reply with quote

Quote:

Supposedly there's some super-secret-spy-squirrel hack that bypasses Protector (*biting tongue*), but since I use Sentinel, is there any info about those two hacks to pass on? Or is Protector just showing their lack of updating and moving with the times?


Just an FYI, Sentinel does stop the exploit they are referring to in the Protector forums. From what I can tell, Mister and Jabba are working on fixing the problem in Protector also. I don't think they are trying to be "secret-squirrel" about the issue, they just don't want to broadcast a way to bypass their protection until it is fixed. It kind of makes sense to me.
 
View user's profile Send private message Visit poster's website
Raven
PostPosted: Tue Aug 10, 2004 6:16 pm Reply with quote

Thanks for letting us know that Sentinel does stop the exploit RavensScripts
 
SmackDaddy
PostPosted: Tue Aug 10, 2004 9:43 pm Reply with quote

Dauthus wrote:
Quote:

Supposedly there's some super-secret-spy-squirrel hack that bypasses Protector (*biting tongue*), but since I use Sentinel, is there any info about those two hacks to pass on? Or is Protector just showing their lack of updating and moving with the times?


Just an FYI, Sentinel does stop the exploit they are referring to in the Protector forums. From what I can tell, Mister and Jabba are working on fixing the problem in Protector also. I don't think they are trying to be "secret-squirrel" about the issue, they just don't want to broadcast a way to bypass their protection until it is fixed. It kind of makes sense to me.


Yeah, guess you missed my sarcasm....sorry....but thanks for the info.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©