Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) Bug Reports
Author Message
elrayjones
Regular
Regular



Joined: Oct 08, 2004
Posts: 55
Location: Texas

PostPosted: Sun Nov 21, 2004 1:10 am Reply with quote

i am tring out some exploits but ip donot get post to the database
or .htaccess. i have turn off admin protection and i totaly logout of my site.

i use the exploits that someone gave me from the PM here at Raven site.

the exploits work... the screen comes up and tells me


"You have been blocked from entering this site.

You have attempted a Union attack on this site."

but nothing get loged anywhere?

EJ

_________________
Shopping Mall at godotshop We have Video Games,Toys,DVD,Camera,Magazine Subscriptions,Music,Apparel,Inkjet,Food,Garden,Electronics,Kitchen,Cell Phones, Tapestry and much more 
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger
Raven
Site Admin/Owner



Joined: Aug 27, 2002
Posts: 17088

PostPosted: Sun Nov 21, 2004 2:50 am Reply with quote

Does your .htaccess have 666 or 777 permissions? Also make sure that you are not still logged in as admin.
 
View user's profile Send private message
elrayjones







PostPosted: Sun Nov 21, 2004 3:03 am Reply with quote

Raven wrote:
Does your .htaccess have 666 or 777 permissions? Also make sure that you are not still logged in as admin.


.htaccess is set to 666

here is my .htaccess file

RewriteEngine on
RewriteRule ^signature.gif /signature.php
RewriteRule ^signature.jpg /signature.php

<Files ana.php>
AuthType Basic
AuthName "Restricted Area"
AuthUserFile "/home/godotsho/.htpasswds/..................../................."
require valid-user
</Files>

do i need to place a "deny from" somewhere?

but, also the MySQL table "nuke_nsnst_ips" does not get updated, nothing gets posted... and yes i totaly logout and kill my cookies.


Last edited by elrayjones on Sun Nov 21, 2004 3:49 am; edited 2 times in total 
elrayjones







PostPosted: Sun Nov 21, 2004 3:46 am Reply with quote

you know what? i think i'm just going to bed! i found out what was happening, i guess it would help if i TURN ON BLOCKING! Bang Head
 
Raven







PostPosted: Sun Nov 21, 2004 9:59 am Reply with quote

ROTFL
 
chicago
New Member
New Member



Joined: Apr 24, 2005
Posts: 6

PostPosted: Sun Apr 24, 2005 8:20 pm Reply with quote

I haveing the same problem.

how do I trun on blocking ?

Seems to be configured correct
I get emails such as

Quote:

Date & Time: 2005-04-24 20:32:02 CDT GMT -0500
Blocked IP: 64.246.165.150
User ID: Anonymous (1)
Reason: Abuse-Referer
String Match: whois.sc
--------------------
User Agent: SurveyBot/2.3 (Whois Source)
Query String: [ Only registered users can see links on this board! Get registered or login! ]
Get String: [ Only registered users can see links on this board! Get registered or login! ]
Post String: [ Only registered users can see links on this board! Get registered or login! ]
Forwarded For: none
Client IP: none
Remote Address: 64.246.165.150
Remote Port: 65363
Request Method: GET
--------------------
WHOIS Data
WHOIS results for 64.246.165.150
Generated by [ Only registered users can see links on this board! Get registered or login! ]
Date & Time: 2005-04-24 20:32:02 CDT GMT -0500
Blocked IP: 64.246.165.150
User ID: Anonymous (1)
Reason: Abuse-Referer
String Match: whois.sc
--------------------
User Agent: SurveyBot/2.3 (Whois Source)
Query String: [ Only registered users can see links on this board! Get registered or login! ]
Get String: [ Only registered users can see links on this board! Get registered or login! ]
Post String: [ Only registered users can see links on this board! Get registered or login! ]
Forwarded For: none
Client IP: none
Remote Address: 64.246.165.150
Remote Port: 65363
Request Method: GET
--------------------
WHOIS Data
WHOIS results for 64.246.165.150
Generated by [ Only registered users can see links on this board! Get registered or login! ]
 
View user's profile Send private message
Raven







PostPosted: Sun Apr 24, 2005 9:01 pm Reply with quote

Under NukeSentinel Configuration, for each type of block there are 2 settings:

Activate and Write to .htaccess. Make sure that the Activate option includes the 'Block' and that write to .htaccess is set to 'Yes'. Make sure the .htaccess permissions are 666 or 777.
 
chicago







PostPosted: Sun Apr 24, 2005 11:04 pm Reply with quote

Doh!

ok now I get it..
 
Spectral
New Member
New Member



Joined: Nov 15, 2005
Posts: 15

PostPosted: Tue Nov 15, 2005 6:37 pm Reply with quote

I have mine set to blocking/email/default and i get the black page that gathers the users info and says they have been perm banned but their ip doesnt get written to the database. I dont have the .htaccess file on my server because i want to use the database. Anyone know whats going on? And also for some union exploits it says its an unkown exploit but still says its a perm ban. Anyway to change the unknown exploit time lengths? If not no worries i just want to be able to write th bans to the database.
 
View user's profile Send private message
Raven







PostPosted: Tue Nov 15, 2005 7:13 pm Reply with quote

The advantage to .htaccess is that the IP gets banned BEFORE it reaches your site, whereas with only the DB, the bad guy is actually on your site. I strongly recommend that you use both for the most safety. You need to post the email you get for the unknown exploit so I can see what's going on.
 
Spectral







PostPosted: Tue Nov 15, 2005 7:45 pm Reply with quote

so what file does it save the bans to .htaccess? and will .htaccess sync with the database? so if i block or unblock an ip it will remove it from both?
 
Raven







PostPosted: Tue Nov 15, 2005 7:54 pm Reply with quote

It will save it to the file .htaccess and the table nsnst_blocked_ips. yes, when you remove it from the table it updates .htaccess.
 
Spectral







PostPosted: Tue Nov 15, 2005 8:14 pm Reply with quote

ok one last question, it seems i wasnt logging out so it wasnt blocking me so i got the blocking working fine, is there an already made script to make a block so the banned ip's and reason will scroll in a block in my phpnuke site? Or do i need to make one? Didnt want to waste my time making one when there is one made.
 
Raven







PostPosted: Tue Nov 15, 2005 11:22 pm Reply with quote

It comes with the download.
 
Spectral







PostPosted: Tue Nov 15, 2005 11:23 pm Reply with quote

yea i saw it but i want to change it a bit so i think i will just go ahead and create one. ty
 
Spectral







PostPosted: Wed Nov 16, 2005 9:00 pm Reply with quote

i just noticed a block but it didnt save to the .htaccess file it was like chmod 663 or something how it became a 3 i dont know but i changed it to 777 could this be why? Do i need to chmod anymore of my files?
 
Raven







PostPosted: Wed Nov 16, 2005 9:13 pm Reply with quote

The instructions explain all the permissions settings Smile
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) Bug Reports

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©