Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ v2.4.x
Author Message
digitalpimp
Client


Joined: Aug 11, 2005
Posts: 32

PostPosted: Thu Aug 11, 2005 7:40 pm Reply with quote

Hello all. I have read everywhere that Sentinel is a must when running a phpnuke site so I got the newest release (2.4.0) and tried to install it.

Everything was going smooth untill I got to edits for core files. Most of the changes to be made in the mainfile7.8 could not be done because alot of the code referenced to be changed was not there. I am at a loss at this point since mose of the edits I need to do I cannot seem to do? Not sure where to go from here...
 
View user's profile Send private message
CurtisH
Life Cycles Becoming CPU Cycles


Joined: Mar 15, 2004
Posts: 638
Location: West Branch, MI

PostPosted: Thu Aug 11, 2005 8:49 pm Reply with quote

Step one...start over using 7.6

It has been said time and time again that 7.7 and 7.8 are security NIGHTMARES with or without Sentinel. In fact, we currently do not offer support for it due to this security issue.

_________________
Those who dream by day are cognizant of many things which escape those who dream only by night. ~Poe 
View user's profile Send private message Visit poster's website Yahoo Messenger
digitalpimp
PostPosted: Thu Aug 11, 2005 8:55 pm Reply with quote

Little too late LoL... Unfortunately I found out after I purchased and installed nuke 7.8 and all my original website content arghhhh

There has to be a way to install it anyways right? I mean the newest sentinel release says 7.1-7.8?? Is there no way for me to get sentinel running on 7.8? I would revert to 7.6 if I could but that isn't really an option for me at this point....
 
CurtisH
PostPosted: Thu Aug 11, 2005 8:58 pm Reply with quote

You can downgrade to 7.6 using this nifty utility and then don't have to worry about the 7.7/7.8 exploits. Be sure to install Sentinel of course.
Only registered users can see links on this board! Get registered or login!

If you are determined to use the unstable 7.8 maybe one of the other moderators can offer suggestions on getting Sentinel installed. I personally don't want to risk exposing my server to hackers so I cannot install it to see what needs modding. Sorry. Sad
 
digitalpimp
PostPosted: Thu Aug 11, 2005 9:01 pm Reply with quote

Thank you immensly for your help. I will take a look at the script and see about downgrading. Info on getting Sentinel to work with 7.8 would also still be most appreciated...
 
digitalpimp
PostPosted: Thu Aug 11, 2005 9:03 pm Reply with quote

I looked at the script, so it will downgrade the database for me but I still need to upload the original 7.6 source files? Just a straight ftp of the 7.6 files or do I need to configure or change any code?

Thanks for helping a n00b!
 
CurtisH
PostPosted: Thu Aug 11, 2005 9:06 pm Reply with quote

I am almost 100 percent sure you delete all and upload 7.6, but be sure to copy your database details from config.php so that you can edit the one that comes with 7.6 so that it can connect to the database. The instructions should detail what to do as well.
 
digitalpimp
PostPosted: Thu Aug 11, 2005 9:13 pm Reply with quote

d***, that would mean I would have to re-install all blocks and modules etc?
 
CurtisH
PostPosted: Thu Aug 11, 2005 9:14 pm Reply with quote

No....just the core nuke modules and blocks.
 
digitalpimp
PostPosted: Thu Aug 11, 2005 9:27 pm Reply with quote

Ok I have some time to stay up late tonight so I am contemplating just scratching my current install and starting all over fresh with 7.6. Once I do this I should have no problems installing Sentinel? WHat version of Sentinal do i wann install?
 
CurtisH
PostPosted: Thu Aug 11, 2005 10:02 pm Reply with quote

I cannot imagine you experiencing any problems as long as you follow the instructions. I haven't installed the newest yet so I don't know if there are any issues but I do know that 2.3.2 is stable
 
digitalpimp
PostPosted: Thu Aug 11, 2005 10:21 pm Reply with quote

Thanks alot for your help! Once I finish I will make a donation. Thanks for your fast replies and help!
 
CurtisH
PostPosted: Thu Aug 11, 2005 10:22 pm Reply with quote

Wave
 
digitalpimp
PostPosted: Thu Aug 11, 2005 11:53 pm Reply with quote

Ok so check this out. I installed 7.6 fresh, tried to install Sentinel 2.3.2 and when I get to edits for core files I still have a snag.

for example I cannot find the code in admin.php that I should be able to find?

Code:
/************************************************************************/

/* This file is for instructional use.                                  */
/* By: NukeScripts Network (webmaster@nukescripts.net)                  */
/* http://www.nukescripts.net                                           */
/* Modifications Copyright © 2000-2005 by NukeScripts Network           */
/************************************************************************/

#
#-----[ OPEN ]------------------------------------------
#
admin.php

#
#-----[ FIND ]------------------------------------------
#
$checkurl = $_SERVER['REQUEST_URI'];
if((stripos_clone($_SERVER["QUERY_STRING"],'AddAuthor')) || (stripos_clone($_SERVER["QUERY_STRING"],'VXBkYXRlQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'QWRkQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'UpdateAuthor')) || (preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
die("Illegal Operation");
}

#
#-----[ COMMENT OUT ]------------------------------------------
#
//$checkurl = $_SERVER['REQUEST_URI'];
//if((stripos_clone($_SERVER["QUERY_STRING"],'AddAuthor')) || (stripos_clone($_SERVER["QUERY_STRING"],'VXBkYXRlQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'QWRkQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'UpdateAuthor')) || (preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
//die("Illegal Operation");
//}


How can I install Sentinel if I cannot find the code I am suppose to edit? Most of the code I cannot find??
 
digitalpimp
PostPosted: Fri Aug 12, 2005 8:03 pm Reply with quote

Got Sentinel installed!! W00t!!!!

For the other noobs out there a word of advice. Make sure to download your phpnuke files ALREADY patched!!!! LoL

Thanks for your help CurtisH, off to paypal now. =)
 
CurtisH
PostPosted: Sat Aug 13, 2005 8:24 am Reply with quote

Glad you got it sorted! Thank you also for supporting Raven monetarily. This helps keep things going here as well as showing true gratitude. Smile
 
pinkbeef
Client


Joined: Jul 19, 2005
Posts: 68

PostPosted: Fri Sep 02, 2005 10:35 pm Reply with quote

where did you get your patched Nuke from becouse the one i got still does not have the right code.

admin.php

#
#-----[ FIND ]------------------------------------------
#
$checkurl = $_SERVER['REQUEST_URI'];
if((stripos_clone($_SERVER["QUERY_STRING"],'AddAuthor')) || (stripos_clone($_SERVER["QUERY_STRING"],'VXBkYXRlQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'QWRkQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'UpdateAuthor')) || (preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
die("Illegal Operation");
}

#
#-----[ COMMENT OUT ]------------------------------------------
#
//$checkurl = $_SERVER['REQUEST_URI'];
//if((stripos_clone($_SERVER["QUERY_STRING"],'AddAuthor')) || (stripos_clone($_SERVER["QUERY_STRING"],'VXBkYXRlQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'QWRkQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'UpdateAuthor')) || (preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
//die("Illegal Operation");
//}



$checkurl = $_SERVER['REQUEST_URI'];
if((stripos_clone($checkurl,'AddAuthor')) OR (stripos_clone($checkurl,'VXBkYXRlQXV0aG9y')) OR (stripos_clone($checkurl,'QWRkQXV0aG9y')) OR (stripos_clone($checkurl,'UpdateAuthor')) OR (stripos_clone($checkurl, "?admin")) OR (stripos_clone($checkurl, "&admin"))) {
die("Illegal Operation");
}

and that is the first edit, i give up.
 
View user's profile Send private message
Dacubz
Worker
Worker


Joined: Apr 27, 2004
Posts: 156
Location: Homer Glen, Illinois

PostPosted: Sat Sep 03, 2005 8:42 am Reply with quote

Same problem here. The comment out is wrong, and I can't get it right. It starts with one of the ")" in (stripos_clone($checkurl, "&admin"))) { and I can't correct the code from there. Unexpected character, can't parse.
 
View user's profile Send private message Visit poster's website
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Sun Sep 04, 2005 11:39 pm Reply with quote

Please post what your code looks like, uncommented, and we'll correct it for you.
 
View user's profile Send private message
Dacubz
PostPosted: Sat Sep 10, 2005 11:48 am Reply with quote

Here's the idit that doesn't work.

#
#-----[ OPEN ]------------------------------------------
#
admin.php

#
#-----[ FIND ]------------------------------------------
#
$checkurl = $_SERVER['REQUEST_URI'];
if((stripos_clone($_SERVER["QUERY_STRING"],'AddAuthor')) || (stripos_clone($_SERVER["QUERY_STRING"],'VXBkYXRlQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'QWRkQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'UpdateAuthor')) || (preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
die("Illegal Operation");
}

#
#-----[ COMMENT OUT ]------------------------------------------
#
//$checkurl = $_SERVER['REQUEST_URI'];
//if((stripos_clone($_SERVER["QUERY_STRING"],'AddAuthor')) || (stripos_clone($_SERVER["QUERY_STRING"],'VXBkYXRlQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'QWRkQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'UpdateAuthor')) || (preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
//die("Illegal Operation");
//}
 
Raven
PostPosted: Sat Sep 10, 2005 12:39 pm Reply with quote

I mean post your code that you aren't able to comment out.
 
Dacubz
PostPosted: Sun Sep 11, 2005 8:31 am Reply with quote

That's just it. When I comment out as instructed here, the code won't parse, and states that there's an extra ")" on this line: \&admin/", "$checkurl"))) { . I remove that, and more errors begin to pop up.
 
Raven
PostPosted: Sun Sep 11, 2005 9:49 am Reply with quote

Just remove all that code completely. It isn't needed.
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ v2.4.x

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©