Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
dean
Worker
Worker


Joined: Apr 14, 2004
Posts: 193

PostPosted: Fri Mar 04, 2005 1:59 pm Reply with quote

Our site was hacked this morning by an unknown individual/group who deleted and replaced files that look like this: Only registered users can see links on this board! Get registered or login!. I am wondering if anyone else has been defaced in the same way as I have not figured out how they got in to do their nasty work.

Since the content of my sites is primarily related to dogs and dog activities, I was surprised my site would be targeted with this type of propaganda.

I was using patched nuke 7.3 and latest Sentinel and no warnings were provided. I am fairly unsophisticated at programming and realize there are many different ways of accessing a sites underlying files but have no idea how to find out. I am working with the abuse department of my host (Ipowerweb) to ascertain what I can, restore and secure my site. Any thoughts or suggestions would be appreciated.......
 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Fri Mar 04, 2005 2:39 pm Reply with quote

Using Coppermine or My_eGallery? If so, you can bet dollars to doughnuts that's your problem. It's not the content for the idiots. It's the ease of copy-n-paste Evil or Very Mad
 
View user's profile Send private message
dean
PostPosted: Fri Mar 04, 2005 3:37 pm Reply with quote

Using neither - menalto gallery, latest version.
 
sharlein
Member Emeritus


Joined: Nov 19, 2002
Posts: 322
Location: On the Road

PostPosted: Fri Mar 04, 2005 3:47 pm Reply with quote

Did you check your log for any postings?

_________________
Give Me Ambiguity Or Give Me Something Else! 
View user's profile Send private message
Raven
PostPosted: Fri Mar 04, 2005 3:49 pm Reply with quote

Since they modified your files, they have gained upload access. Check the upload/download exploits at like Only registered users can see links on this board! Get registered or login! . Of course NukeSentinel does not and can not defend against programming holes in 3rd party applications, unfortunately.
 
djmaze
Subject Matter Expert


Joined: May 15, 2004
Posts: 719
Location: http://tinyurl.com/5z8dmv

PostPosted: Fri Mar 04, 2005 4:07 pm Reply with quote

A week ago someone provided me a upload script for the downloads module, and the question if it would work in CPG-Nuke.
The script was such a huge hole i deleted it from our forums instantly.

It seems these days there are so much crappy scripts, that you can't keep saying that it's the fault of coppermine and my_egallery who have fixed their scripts more then a year ago.
This constant accusation to the 2 modules is making me sick, the people who still use the old scripts should be slapped.

There are more then 1001 unsecure scripts available for php-nuke so can someone list them all ?

Coppermine 1.2.x (themes XSS when register_globals=on)
My_eGallery 3.1.1.f and prior (XSS)
download_upload_nuke v.1c (terrible upload system without any checks)
etc.
 
View user's profile Send private message Visit poster's website
Raven
PostPosted: Fri Mar 04, 2005 4:18 pm Reply with quote

DJM,

I agree it's the fault of the users who don't upgrade. Didn't mean to come across otherwise. However, those 2 are #2 and #3, right behind FB himself, that are the cause of most exploits like this one described. That's why I always ask the question. Especially on a 7.3 installation.
 
djmaze
PostPosted: Sat Mar 05, 2005 4:59 am Reply with quote

So true Raven, but wouldn't it a good idea to list them somewhere ?
 
Raven
PostPosted: Sat Mar 05, 2005 8:12 am Reply with quote

DJMaze wrote:
So true Raven, but wouldn't it a good idea to list them somewhere ?
What do you mean?
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©