Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™
Author Message
Coldy
Hangin' Around


Joined: Apr 24, 2004
Posts: 43
Location: Austria

PostPosted: Sat Aug 07, 2004 3:09 am Reply with quote

Hi everybody! Very Happy

I've install Sentinel on 2 pages, same version, same fixes, same server!
At 1 site, Sentinel works pervectly but on the other site there is only a blank page when i test sentinel with differnt strings and codes! Shocked
No Error messages or others, only a white page!
Where can i find the mistake?

Coldy Cool
 
View user's profile Send private message
Muffin
Client


Joined: Apr 10, 2004
Posts: 649
Location: UK

PostPosted: Sat Aug 07, 2004 3:12 am Reply with quote

You need to edit modules/Your_Account/index.php manually

If you read the README file in the Sentinel download folder you'll see how to do this.

_________________
Classic Mini rules the bends & bends the rules!
[img] 
View user's profile Send private message
Coldy
PostPosted: Sat Aug 07, 2004 3:52 am Reply with quote

I've change this, but is the same!
Only a white page when i test it! Confused
 
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Sat Aug 07, 2004 9:48 am Reply with quote

Review your server error log to see what errors may be posted.
 
View user's profile Send private message
Coldy
PostPosted: Sun Aug 08, 2004 3:09 am Reply with quote

*hehe* It works now! Wave

I've deinstall all files and folders delete the database and install once more!
Now it works! Dance-Y
But i dont know why! Confused

Thanks for help! Very Happy

Coldy Cool
 
Darrell3831
Worker
Worker


Joined: Feb 18, 2004
Posts: 244

PostPosted: Thu Aug 19, 2004 6:33 pm Reply with quote

I have this same problem.

Sentinel 2.0.1
Nuke 7.4
Chatserv Patches - 2.x (I blieve it's 2.6 - preinstalled)

After testing with a known attack I get a blank page. No ban occurs, no message, no redireciton. So I tried a second different attack and got the same result. Both were Union attacks.

You may PM me a different exploit if you'd like me to try it.

It's a clean install of Nuke 7.4 with chatserv's patches preinstalled. I downloaded it from here. From what I gather there is no need to edit the Your_Account module with this version, right?

I cannot find those exact strings mentioned in the instructions.

Also, the word installation document does NOT say to add the include line to mainfile.php, but I cought that researching here in the forum. That's since been added.

I've edited javascript.php, header.php and mainfile.php.

.htaccess is chmod'ed to 666, a blank line does exist at the end of the file.

The new tables do exist in the database.

My test user is not a protected admin. Nor is it another person from my PC either. lol It's a remote user.

Any suggestions?

_________________
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
GeekyGuy
Client


Joined: Jun 03, 2004
Posts: 302
Location: Huber Heights Ohio

PostPosted: Thu Aug 19, 2004 7:09 pm Reply with quote

Darrell3831,
Thanks for pointing that out, I'll get the changes made to the User Guide tonight. Terribly sorry that I missed it.

_________________
"The Daytona 500 is ours! We won it, we won it, we won it!", Dale Earnhardt, February 15th, 1998, Daytona 500 
View user's profile Send private message Send e-mail Visit poster's website Yahoo Messenger MSN Messenger ICQ Number
Darrell3831
PostPosted: Thu Aug 19, 2004 7:13 pm Reply with quote

That's quite alright.

I knew it was an include and with a little searching on the forum I was able to find it right away.

I'm still having trouble tracking down the blank page problem though. Any ideas??

thanks,
Darrell
 
sixonetonoffun
Spouse Contemplates Divorce


Joined: Jan 02, 2003
Posts: 2496

PostPosted: Thu Aug 19, 2004 8:48 pm Reply with quote

Darrel thats one I can't say I've run into. Have you tried without the htaccess ban to see if it can write to the database alone?

_________________
[b][size=5]openSUSE 11.4-x86 | Linux 2.6.37.1-1.2desktop i686 | KDE: 4.6.41>=4.7 | XFCE 4.8 | AMD Athlon(tm) XP 3000+ | MSI K7N2 Delta-L | 3GB Black Diamond DDR
| GeForce 6200@433Mhz 512MB | Xorg 1.9.3 | NVIDIA 270.30[/size:2b8 
View user's profile Send private message
Darrell3831
PostPosted: Thu Aug 19, 2004 9:05 pm Reply with quote

I just went into the sentinel configuration and deleted the path to the htaccess file... There is nothing in that field now. To my knowledge that's all I need to do to not use the .htaccess file. Right?

My test user is offline for the night, but I tried it myself and still got the blank white page.

I'm using a UNION exploit as my test string. Under the sentinal config the union exploit is set to email, block, & forward.

There is a URl in forward..

I also telnetted into my account and tailed the error log. It is not throwing any sort of error at all.

tail -f error_log

I watch the log, try the exploit, and nothing new appears in the error log.

Other aspects of the script work. HTTPAuth works, closing the site works. Changing values in the config saves to the database.

The particular union exploit I'm using would have been cought by protector if it were still installed.

Any ideas??

thanks,
Darrell
 
Darrell3831
PostPosted: Thu Aug 19, 2004 9:14 pm Reply with quote

There must be something wrong with the exploit that I'm trying to use. Although it is directly from a protector email to me.

I just turned on the string blocker and entered nonesense... "humptydumpty" and tried it... It cought me and said it was going to block me.

Of course I'm protected though.. So it didnt.

Can someone PM me a UNION exploit that Sentinel does catch?

Thanks,
Darrell
 
Darrell3831
PostPosted: Thu Aug 19, 2004 9:21 pm Reply with quote

It's a brand new install.

I totally deleted my old site's public_html files. I kept the database though and just upgraded it from 6.9 to 7.4.

Nuke 7.4 from here, with chatserv's patches preinstalled.

I've made like one edit to the theme. I changed a background color up in the top block. LOL

That's it.

I did reupload the complete sentinel package twice already. Was careful with ASCII and Binary where appropriate.

Darrell
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©