Hacked by www.blue-security.net

Hangin' Around Joined: May 19, 2006 Posts: 39

note I did se;ect MD5 frpm function after those

Posted: Sun Jun 25, 2006 12:41 am

looks like the attack the hacker used deleted that field.

You can do this one of 2 ways...either remake the field or you can redo the whole table but it must be there.

Posted: Sun Jun 25, 2006 12:51 am

See this thread [ Only registered users can see links on this board! Get registered or login! ]

Posted: Mon Jun 26, 2006 8:35 pm

guardian I tryed the thread and script and it works, but my superuser dont work anyway with out the god account which I am unable to remake right now. So I can change there password but they have no admin rights

Darklord is it pretty easy to make a new field or table? How do I do this?

Posted: Tue Jun 27, 2006 5:47 am

Run this through phpmyadmin:

Code:

ALTER TABLE `nuke_authors` ADD `radminsuper` TINYINT( 1 ) NOT NULL DEFAULT '1' AFTER `counter` ;

This will set all admins as super user.

Now go through your table(browse it) and set it to 0 for all the admins you dont want to have superuser status, 1 to all those who you want to have superuser status.

Your site was attacked with somethin that allowed sql injections, check ur error loggs and upgrade to the latest sentinel.

Posted: Thu Jun 29, 2006 12:33 am

How do I run this thourgh?

This is above the level I normally mess with I am pretty new to this stuff SQL databases and phpmyadmin that is.

Posted: Thu Jun 29, 2006 4:32 pm

In PhpMyAdmin you'll find a tab called SQL.

That will take you to a page with an input that will allow you to insert sql commands to be run on the database you have selected(before you hit the tab).

Put the code of my previous post in that input field and you should have no problems.

Input field aka text box.

Posted: Thu Jun 29, 2006 8:29 pm

Ok I tryed it on my nuke data base here is what i got

Error

SQL query:

ALTER TABLE `nuke_authors` ADD `radminsuper` TINYINT( 1 ) NOT NULL DEFAULT '1' AFTER `counter` ;

MySQL said: Documentation
#1146 - Table 'rdinfan_nuke2.nuke_authors' doesn't exist

Posted: Thu Jun 29, 2006 8:41 pm

You have pnc_authors, not nuke authors.
My apologies but change it from nuke to pnc

like this:

ALTER TABLE `pnc_authors` ADD `radminsuper` TINYINT( 1 ) NOT NULL DEFAULT '1' AFTER `counter` ;

Posted: Fri Jun 30, 2006 12:35 am

Your SQL query has been executed successfully (Query took 0.1180 sec)
SQL query: ALTER TABLE `pnc_authors` ADD `radminsuper` TINYINT( 1 ) NOT NULL DEFAULT '1' AFTER `counter` ;

Does this look correct?

Posted: Fri Jun 30, 2006 12:46 am

Seems to work fine wow your a life saver thanks darklord!

Posted: Fri Jun 30, 2006 3:18 pm

No problem and yes it ran correctly.

Posted: Fri Jun 30, 2006 3:21 pm

by the way I just wanted to add I deleted vwar and I havent had any problems this week... I was having weekly attacks

Posted: Sat Jul 08, 2006 11:07 am

sorry for little offtopic,but i need a question answered,look at this:
[ Only registered users can see links on this board! Get registered or login! ]

well,is this what i think it is?

also,may i add that that was a Nuke-Evolution site....

so u may understand what im asking here Wink

registered · Worker Joined: Aug 05, 2005 Posts: 139

you been hacked via your ftp account, they got hold of your server logins, why its always good idear to hide config somewhere else Smile

Site Admin Joined: Jun 04, 2004 Posts: 6433

...and to use a different database login than the cpanel login for your Nuke config file.

Posted: Tue Jul 11, 2006 8:48 am

Amen.

Worker Joined: Jun 01, 2005 Posts: 178

Just adding my 2 cents.........if you read through phpnuke-clans forums.....you will see people who use PNC get hacked on a regular bassis. It uses platinum, which is new, and very unstable. This is what I was going to use, untill I found ravennuke. I now have 3 different CMS's and so far, i think im going to stick with raven, as soon as I get my survey block to stop showing the donations.

Posted: Fri Jul 28, 2006 11:25 am

Platinum and Raven Nuke are both based on phnuke.
The *problem* with Platinum is that because it has so many add-ons it is near impossible to keep up to date with security fixes and some of the modules themselves are still unsecure.