I was Hacked...used Ravens Script -- get "appears to be

New Member Joined: Dec 19, 2003 Posts: 4

I had my site hacked and the admin name and password was changed because I cant log in.

Raven very graciously pointed me to his REsetpassword script but the I am getting the "appears to be an invalid user name" error.

So does this mean they changed my admin user name also??? and if so what can i do about that???

--- Sad

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

Use phpmyadmin and go directly into the authors table and delete all admin accounts. Then, immediately log back into nuke/admin.php and it will request you to make a new admin account.

Or, edit the authors table and delete all account except God and just correct it back to what it should be.

Posted: Mon Feb 23, 2004 2:11 pm

okay this is what I am looking at.....UNDER NUKE_AUTHORS

(please forgive my ignorance, but I am just not sure what I need to get rid of....) --

But can you tell me, are you saying I should delete ALL these tables??? And I do that using the trash can (DROP) right?

And then I can log back in and redo my account? -- I dont see anything with GOD on it so I dont know how to use that option that you speak of....

sorry.
t

Posted: Mon Feb 23, 2004 2:48 pm

No no! Click the Go button at the bottom of that screen and it will pull up all the records in the table.

Posted: Mon Feb 23, 2004 3:12 pm

Oh wow....thank you thank you thank you!!!! You are the NUKE MEISTER!!!!! Thanks so much!
t

Posted: Mon Feb 23, 2004 3:16 pm

Be sure to patch your site now Wink

Posted: Mon Feb 23, 2004 7:08 pm

patriot,
I'm offended! Laughing

I thought we were a team! Wink

Look at you going elsewhere for help ! Shocked

Posted: Thu Feb 26, 2004 8:49 am

OH NO!!! HE found me.....here I was thinking Nukeem wasnt looking and now I've been found out....sorry dude. -- I feel so ashamed. Embarassed

BUT...why I am at it...RAVEN: Can you tell me where to get the patch to prevent this from happening again?

Posted: Thu Feb 26, 2004 9:16 am

http://www.ravenphpscripts.com/index.php
Just above the recent post center block Wink

registered · Posted: Wed Mar 24, 2004 12:29 pm

so which is security patch for admin hack ?
is it PHP-Nuke Patched Series By Chatserv ver 2.2?
or
Admin.php vulnerability - posted by chatserv in index page ?

Posted: Wed Mar 24, 2004 12:33 pm

The index page. Use either method depending on whether you use my hackattempt script.

Regular Joined: Sep 13, 2003 Posts: 56 Location: Virginia

Raven wrote:

Use phpmyadmin and go directly into the authors table and delete all admin accounts. Then, immediately log back into nuke/admin.php and it will request you to make a new admin account.

Or, edit the authors table and delete all account except God and just correct it back to what it should be.

Hey Raven - I screwed up my Amin account today, and checked on this site and found this thread. Laughing

I followed your above advice and edit my GOD account (I have NO other Authors listed yet), after changing the name and password and saving it.

I keep getting begone message in my admin login. Embarassed

Also, I can't log out of USER account on my NUKE site either since this has happend. Welcome my name is at top of website mainpage and I can't access my account or any registered restricted areas of my site.

Is this to do with my previously having a user name and Admin name as the same?

Posted: Wed Mar 24, 2004 8:25 pm

Sounds like a cookie issue. Clear your cache and delete your cookies. Now what happens?

Posted: Thu Mar 25, 2004 8:12 am

Raven wrote:

Sounds like a cookie issue. Clear your cache and delete your cookies. Now what happens?

Well, I jumped the gun and after trying several different things (not thinking about a possible "cookie" problem), I used your SQL install program...cleaned up my database and system is back-up.

Now back to rebuilding.... Embarassed

Thanks for the feedback Raven, always thankful for your support Laughing