Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
Achaean
Regular
Regular


Joined: Mar 22, 2004
Posts: 64
Location: Missouri, USA

PostPosted: Sat Oct 16, 2004 10:05 pm Reply with quote

Hey guys,
I currently got hacked this morning while I was editing some files on my site, all of a sudden I noticed that parts of my site were starting to disappear and then my admin access all of a sudden failed. Next thing I do is refresh the page and theres a bit Fu*k you message on it lol. Well before all of this I did hop on my protector system I had installed and copied down his IP Laughing . So now I know his name, address, and phone number after a quick trace. But Ill leave the torture up to my friends. Since I saw him doing it, I quickly got in contact with my hosting company who did a great job helpin me out, they shut it down within 3 min of the intrustion, Only registered users can see links on this board! Get registered or login! Anyway I reset the stuff and gave myself access again. I proceeded to install admin secure and nuke sentinel. So all together I have protector, nuke sentinel, and admin secure. Is there any other way I can help reduce my site gettin hacked, or better protect it? This is the second time its happened lol. Thats the big question, is there anything else I can do to prevent it?
Sam

_________________
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Sat Oct 16, 2004 10:19 pm Reply with quote

First of all, identify the cause. Do you use Coppermine? Chances are, unless you are up2date, that's how they got in. Feel free to email me the hack and I can tell you if NukeSentinel would have caught it. I can guarantee you beyond a shadow of a doubt, if they hacked your admin, NukeSentinel stops them dead in their tracks.

Secondly, by using all 3 you risk the chance of one not working correctly, it's overkill, and your site will be slower. At the risk of sounding vain, NukeSentinel is all you need. Otherwise, I would not be using it only, as well as many, many, others.
 
View user's profile Send private message
Achaean
PostPosted: Sat Oct 16, 2004 11:03 pm Reply with quote

Well I dont know exactly how he did it, but Ill tell you the symptoms, One of my datatables was erased, my shout box, kinda weird, but other than that Im guessing he either got in through admin or he went in by mysql, and created himself an admin account. I dont notice any speed difference in the site, so im too lazy to uninstall them. Im glad sentinel will stop them, Im gettin real tired of this hacking crap. I dont think I use coppermine, but it might be. lol I dont even really know what it is Wink
Sam RavensScripts
 
Achaean
PostPosted: Sun Oct 17, 2004 9:37 pm Reply with quote

ok BIG problem, just this moment, a new admin account was created and somehow got past admin secure, it is a god admin that I surely did not create. WTF do I do lol? Its night here so ill post what happens to my site in the mornin.
Frantz
 
Raven
PostPosted: Sun Oct 17, 2004 9:41 pm Reply with quote

As I told you already, dump those other systems and use NukeSentinel's HTTP Auth system. It is 100% foolproof.
 
Achaean
PostPosted: Sun Oct 17, 2004 9:52 pm Reply with quote

but will it protect my admin? he somehow created an admin god account on my site, he does not have the pw im sure of it. I have nukesentinel installed. and working
 
Raven
PostPosted: Sun Oct 17, 2004 10:07 pm Reply with quote

Yes - It protects it 100% - Activate HTTP Auth
 
Achaean
PostPosted: Sun Oct 17, 2004 10:39 pm Reply with quote

lol guess what I did that hehe, but knowing my luck it completely locked me out, none of my admins can log in and it says "leave this site now"
its doin a great job of protecting lol, no one can get in hehe
 
Achaean
PostPosted: Sun Oct 17, 2004 11:00 pm Reply with quote

ok i went back into my table and disabled auth, everytime i disable it, it locks me out, how can i fix this?
 
sixonetonoffun
Spouse Contemplates Divorce


Joined: Jan 02, 2003
Posts: 2496

PostPosted: Mon Oct 18, 2004 8:41 am Reply with quote

Are you using your username and pass case sensitive?

_________________
[b][size=5]openSUSE 11.4-x86 | Linux 2.6.37.1-1.2desktop i686 | KDE: 4.6.41>=4.7 | XFCE 4.8 | AMD Athlon(tm) XP 3000+ | MSI K7N2 Delta-L | 3GB Black Diamond DDR
| GeForce 6200@433Mhz 512MB | Xorg 1.9.3 | NVIDIA 270.30[/size:2b8 
View user's profile Send private message
Achaean
PostPosted: Mon Oct 18, 2004 4:33 pm Reply with quote

certainly, tried it through all the admins.
 
Achaean
PostPosted: Wed Oct 20, 2004 7:21 pm Reply with quote

bump. lol
 
Tizwit
Involved
Involved


Joined: Aug 29, 2004
Posts: 324
Location: New Mexico

PostPosted: Sat Oct 23, 2004 10:31 am Reply with quote

I found that if you are using the newest sentinel and after the install and everything when the management area comes up I have to click on "Admin Auth List" and set my primary Admin first before logging out. if you do anything before doing this it will ask you to log in and your screwed. or atleast that is how it is for me.

Great program. No Hacker trouble since then

_________________
Brian Only registered users can see links on this board! Get registered or login!
Helping the Children in the NM Children's Hospital 
View user's profile Send private message Visit poster's website
mxb
New Member
New Member


Joined: Jun 17, 2004
Posts: 8

PostPosted: Tue Oct 26, 2004 5:08 am Reply with quote

I got hacked, they used Coppermine to attack the server. I nearly got kicked off.
Is there a nuke gallery that is more secure? With Sentinal 2.02, have upgraded to 2.1
 
View user's profile Send private message
elrayjones
Regular
Regular


Joined: Oct 08, 2004
Posts: 55
Location: Texas

PostPosted: Tue Oct 26, 2004 7:28 am Reply with quote

This link might help Cheers

Regaining Control of a Hacked PHP Nuke Website
Only registered users can see links on this board! Get registered or login!

_________________
Shopping Mall at Only registered users can see links on this board! Get registered or login! We have Video Games,Toys,DVD,Camera,Magazine Subscriptions,Music,Apparel,Inkjet,Food,Garden,Electronics,Kitchen,Cell Phones, Tapestry and much more 
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger
djmaze
Subject Matter Expert


Joined: May 15, 2004
Posts: 719
Location: http://tinyurl.com/5z8dmv

PostPosted: Tue Oct 26, 2004 8:45 am Reply with quote

mxb wrote:
I got hacked, they used Coppermine to attack the server. I nearly got kicked off.
Is there a nuke gallery that is more secure? With Sentinal 2.02, have upgraded to 2.1


The security exploit in Coppermine was mentioned since february 2004 and it's now the end of oktober.

If you still didn't update your website and didn't read the instructions iy's your own fault and not that from coppermine.
 
View user's profile Send private message Visit poster's website
mxb
PostPosted: Tue Oct 26, 2004 4:01 pm Reply with quote

So you think Coppermine is secure? What version should I look for?
DJMaze, Im not bagging the program, I love the program and want it back. I looked for an update but the nuke module version is discontinued as far as I could tell.
 
djmaze
PostPosted: Tue Oct 26, 2004 11:01 pm Reply with quote

Correct the development has stopped.
And a new version will only be made if someone starts it again.

I can give you the fixed versions OR the complete CVS on sourceforge so you can play with it.
It's up to you or someone else.
 
mxb
PostPosted: Thu Oct 28, 2004 6:36 am Reply with quote

Thanks DJMaze I do want to get the gallery up and running again so the fixed version would be good. I don't know much about security but would be interested in a play.
 
mangaman
New Member
New Member


Joined: Sep 13, 2004
Posts: 16

PostPosted: Thu Oct 28, 2004 8:29 pm Reply with quote

Have you tried Only registered users can see links on this board! Get registered or login!? I like it better than Coppermine and I haven't had any problems with it... yet Very Happy, but I do use NukeSentinel with HTTP Auth too. Also Gallery can be standalone and PHP-Nuke module so it is always up to date when a new version comes out.

_________________
"Technological progress is like an axe in the hands of a pathological criminal." -- Albert Einstein
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Send e-mail Visit poster's website
djmaze
PostPosted: Fri Oct 29, 2004 11:45 pm Reply with quote

yep Gallery is another good option.
The layout and features are different.

Just pick the one you like most and when you have chosen i will give you an url when necesary
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©