Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™
Author Message
cprompt
Regular
Regular


Joined: Jun 08, 2004
Posts: 64

PostPosted: Thu Sep 23, 2004 8:30 pm Reply with quote

OK. I thought I had seen this in the forusm here. I tried searchign but could not find it. I apoligize in advance if this a duplicate post.

Quote:
Date & Time: 2004-09-23 18:50:22
Blocked IP: 66.209.232.136
User ID: FredJen (36)
Reason: Abuse-Filter
--------------------
User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Query String: Only registered users can see links on this board! Get registered or login!
Forwarded For: none
Client IP: none
Remote Address: 66.209.232.136
Remote Port: 3920
Request Method: GET


I use Gallery from Menalto and that query was blocked by Sentinel 2.0.2
 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Thu Sep 23, 2004 9:26 pm Reply with quote

Only registered users can see links on this board! Get registered or login! Only registered users can see links on this board! Get registered or login!

However, this was for &cmd= and you are using ?cmd= . So, I would try using this in includes/sentinel.php
Code:
  // Check for XSS attack

  if (eregi("http\:\/\/", $name) OR (eregi("cmd",$querystring) AND !eregi("&cmd",$querystring) AND !eregi("?cmd",$querystring)) OR (eregi("exec",$querystring) AND !eregi("execu",$querystring)) OR eregi("concat",$querystring)) {

Let us know if that works.
 
View user's profile Send private message
cprompt
PostPosted: Fri Sep 24, 2004 8:28 am Reply with quote

yes, this worked, thank you very much
 
Dawg
RavenNuke(tm) Development Team


Joined: Nov 07, 2003
Posts: 910

PostPosted: Sat Sep 25, 2004 12:26 pm Reply with quote

Greetings Raven and All,
I am having some problems with gallery as well.

Query String: Only registered users can see links on this board! Get registered or login!

I assumed it is the ?CMD= in the above statment. I have tried the fix above but I got a bunch of errors at the top of my site after I included it.

Parse error: parse error in /public_html/includes/sentinel.php on line 842

Warning: Cannot modify header information - headers already sent by (output started at /public_html/includes/sentinel.php:842) in /public_html/mainfile.php on line 157

Any ideas for me where to look?

Thank you for Your help.

Dawg
 
View user's profile Send private message
Dawg
PostPosted: Sat Sep 25, 2004 12:31 pm Reply with quote

?>

That is Line 842 in sentinel.php

setcookie("lang",$language,time()+31536000);

That is line 157 in mainfile.php

Thanks again for your help.

Dawg
 
Raven
PostPosted: Sat Sep 25, 2004 12:47 pm Reply with quote

Only registered users can see links on this board! Get registered or login!
 
spankee
New Member
New Member


Joined: Oct 22, 2004
Posts: 3

PostPosted: Thu Oct 21, 2004 11:54 pm Reply with quote

Hi, I am using 2.1 and I am getting this
Code:
Date & Time: 2004-10-22 00:39:48

Blocked IP: 67.50.121.92
User ID: patrick (2)
Reason: Abuse-Filter
--------------------
User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.3) Gecko/20041021 Firefox/1.0 (MOOX M3)
Query String: craigkin.com/modules.php?cmd=hide&index=1&set_albumName=album01&op=modload&name=Gallery&file=
index&include=do_command.php
Forwarded For: none
Client IP: none
Remote Address: 67.50.121.92
Remote Port: 1899
Request Method: GET

I tried the code from above but it did not work, I also got an error on the popup while trying the code;
Code:
Warning: eregi(): REG_BADRPT in /home/spankee/public_html/includes/sentinel.php on line 198

lne 198 is the new code.
and also the popup has a date of Date Blocked: 1969-12-31 18:00:00
Thanks
 
View user's profile Send private message Visit poster's website
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©