Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Hack Attempt Script
Author Message
3rdschulz
Hangin' Around


Joined: May 19, 2006
Posts: 39

PostPosted: Sun Jun 25, 2006 12:28 am Reply with quote

note I did se;ect MD5 frpm function after those
 
View user's profile Send private message
gregexp
The Mouse Is Extension Of Arm


Joined: Feb 21, 2006
Posts: 1497
Location: In front of a screen....HELP! lol

PostPosted: Sun Jun 25, 2006 12:41 am Reply with quote

looks like the attack the hacker used deleted that field.

You can do this one of 2 ways...either remake the field or you can redo the whole table but it must be there.

_________________
For those who stand shall NEVER fall and those who fall shall RISE once more!! 
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number
Guardian2003
Site Admin


Joined: Aug 28, 2003
Posts: 6793
Location: Ha Noi, Viet Nam

PostPosted: Sun Jun 25, 2006 12:51 am Reply with quote

See this thread Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message Send e-mail
3rdschulz
PostPosted: Mon Jun 26, 2006 8:35 pm Reply with quote

guardian I tryed the thread and script and it works, but my superuser dont work anyway with out the god account which I am unable to remake right now. So I can change there password but they have no admin rights

Darklord is it pretty easy to make a new field or table? How do I do this?
 
gregexp
PostPosted: Tue Jun 27, 2006 5:47 am Reply with quote

Run this through phpmyadmin:

Code:
ALTER TABLE `nuke_authors` ADD `radminsuper` TINYINT( 1 ) NOT NULL DEFAULT '1' AFTER `counter` ;

This will set all admins as super user.

Now go through your table(browse it) and set it to 0 for all the admins you dont want to have superuser status, 1 to all those who you want to have superuser status.

Your site was attacked with somethin that allowed sql injections, check ur error loggs and upgrade to the latest sentinel.
 
3rdschulz
PostPosted: Thu Jun 29, 2006 12:33 am Reply with quote

How do I run this thourgh?

This is above the level I normally mess with I am pretty new to this stuff SQL databases and phpmyadmin that is.
 
gregexp
PostPosted: Thu Jun 29, 2006 4:32 pm Reply with quote

In PhpMyAdmin you'll find a tab called SQL.

That will take you to a page with an input that will allow you to insert sql commands to be run on the database you have selected(before you hit the tab).

Put the code of my previous post in that input field and you should have no problems.

Input field aka text box.
 
3rdschulz
PostPosted: Thu Jun 29, 2006 8:29 pm Reply with quote

Ok I tryed it on my nuke data base here is what i got

Error

SQL query:

ALTER TABLE `nuke_authors` ADD `radminsuper` TINYINT( 1 ) NOT NULL DEFAULT '1' AFTER `counter` ;

MySQL said: Documentation
#1146 - Table 'rdinfan_nuke2.nuke_authors' doesn't exist
 
gregexp
PostPosted: Thu Jun 29, 2006 8:41 pm Reply with quote

You have pnc_authors, not nuke authors.
My apologies but change it from nuke to pnc

like this:

ALTER TABLE `pnc_authors` ADD `radminsuper` TINYINT( 1 ) NOT NULL DEFAULT '1' AFTER `counter` ;
 
3rdschulz
PostPosted: Fri Jun 30, 2006 12:35 am Reply with quote

Your SQL query has been executed successfully (Query took 0.1180 sec)
SQL query: ALTER TABLE `pnc_authors` ADD `radminsuper` TINYINT( 1 ) NOT NULL DEFAULT '1' AFTER `counter` ;


Does this look correct?
 
3rdschulz
PostPosted: Fri Jun 30, 2006 12:46 am Reply with quote

Seems to work fine wow your a life saver thanks darklord!
 
gregexp
PostPosted: Fri Jun 30, 2006 3:18 pm Reply with quote

No problem and yes it ran correctly.
 
3rdschulz
PostPosted: Fri Jun 30, 2006 3:21 pm Reply with quote

by the way I just wanted to add I deleted vwar and I havent had any problems this week... I was having weekly attacks
 
DarK_Gamers
New Member
New Member


Joined: Jun 19, 2006
Posts: 11
Location: Portugal and Holland :)

PostPosted: Sat Jul 08, 2006 11:07 am Reply with quote

sorry for little offtopic,but i need a question answered,look at this:
Only registered users can see links on this board! Get registered or login!

well,is this what i think it is?

also,may i add that that was a Nuke-Evolution site....

so u may understand what im asking here Wink
 
View user's profile Send private message
phoenix-cms
Worker
Worker


Joined: Aug 05, 2005
Posts: 139

PostPosted: Mon Jul 10, 2006 7:35 pm Reply with quote

you been hacked via your ftp account, they got hold of your server logins, why its always good idear to hide config somewhere else Smile

_________________
Evo 3.0 Developer & nukecops.com Admin
Image
coming soon Only registered users can see links on this board! Get registered or login! Smile 
View user's profile Send private message Send e-mail
kguske
Site Admin


Joined: Jun 04, 2004
Posts: 6383

PostPosted: Tue Jul 11, 2006 4:27 am Reply with quote

...and to use a different database login than the cpanel login for your Nuke config file.

_________________
I google, therefore I exist...
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
Guardian2003
PostPosted: Tue Jul 11, 2006 8:48 am Reply with quote

Amen.
 
ciph3r
Worker
Worker


Joined: Jun 01, 2005
Posts: 178

PostPosted: Fri Jul 28, 2006 11:16 am Reply with quote

Just adding my 2 cents.........if you read through phpnuke-clans forums.....you will see people who use PNC get hacked on a regular bassis. It uses platinum, which is new, and very unstable. This is what I was going to use, untill I found ravennuke. I now have 3 different CMS's and so far, i think im going to stick with raven, as soon as I get my survey block to stop showing the donations.
 
View user's profile Send private message Visit poster's website
Guardian2003
PostPosted: Fri Jul 28, 2006 11:25 am Reply with quote

Platinum and Raven Nuke are both based on phnuke.
The *problem* with Platinum is that because it has so many add-ons it is near impossible to keep up to date with security fixes and some of the modules themselves are still unsecure.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Hack Attempt Script

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©