Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
badkemo
Worker
Worker


Joined: Mar 31, 2004
Posts: 111

PostPosted: Wed Mar 31, 2004 4:16 pm Reply with quote

heloo i have download that modul and now it's not working

it says this in the install file


- Edit your mainfile.php by adding this code as your first code AFTER the opening

<? tag.

if (stristr($_SERVER["QUERY_STRING"],'%20union%20')) {
$loc = $_SERVER['QUERY_STRING'];
header("Location: hackattempt.php?$loc");
die();
}


but when I edit that this is what my page looks like

Parse error: parse error in /home/bosanci/public_html/mainfile.php on line 14

Fatal error: Call to a member function on a non-object in /home/bosanci/public_html/index.php on line 18


Im runinh this version of MySQL MySQL Version 4.0.18-standard

can anybody tell me what's wrong Smile

thank you
 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Wed Mar 31, 2004 4:24 pm Reply with quote

Have you placed the hackattempt.php script in the same folder as mainfile.php?
 
View user's profile Send private message
badkemo
PostPosted: Wed Mar 31, 2004 8:12 pm Reply with quote

yes I have it is in public_html with other files such as

header.php
mainfile.php
config.php
and others Smile
 
Raven
PostPosted: Wed Mar 31, 2004 9:25 pm Reply with quote

Please post lines 1 to 20. Thanks.
 
badkemo
PostPosted: Wed Mar 31, 2004 9:51 pm Reply with quote

what do you mean?
 
Raven
PostPosted: Wed Mar 31, 2004 9:53 pm Reply with quote

Please post lines 1-20 of mainfile.php and lin 18 of index.php.
 
badkemo
PostPosted: Wed Mar 31, 2004 9:59 pm Reply with quote

<?php

<? tag.

if (stristr($_SERVER["QUERY_STRING"],'%20union%20')) {
$loc = $_SERVER['QUERY_STRING'];
header("Location: hackattempt.php?$loc");
die();
}


$phpver = phpversion();
if ($phpver >= '4.0.4pl1' && strstr($HTTP_USER_AGENT,'compatible')) {
if (extension_loaded('zlib')) {
ob_end_clean();
ob_start('ob_gzhandler');
}

that what is in bold is from the Install file wich says

- Edit your mainfile.php by adding this code as your first code AFTER the opening <? tag.

if (stristr($_SERVER["QUERY_STRING"],'%20union%20')) {
$loc = $_SERVER['QUERY_STRING'];
header("Location: hackattempt.php?$loc");
die();
}


and this is index.php

$result = $db->sql_query($sql);
 
Raven
PostPosted: Wed Mar 31, 2004 10:03 pm Reply with quote

What is this : <? tag.

If that is really in your code remove it. Your code should start with <?php and then your code.
 
badkemo
PostPosted: Wed Mar 31, 2004 10:04 pm Reply with quote

like this

<?php


if (stristr($_SERVER["QUERY_STRING"],'%20union%20')) {
$loc = $_SERVER['QUERY_STRING'];
header("Location: hackattempt.php?$loc");
die();
}

$phpver = phpversion();
if ($phpver >= '4.0.4pl1' && strstr($HTTP_USER_AGENT,'compatible')) {
if (extension_loaded('zlib')) {
ob_end_clean();
ob_start('ob_gzhandler');
}
 
Raven
PostPosted: Wed Mar 31, 2004 10:07 pm Reply with quote

Yes
 
badkemo
PostPosted: Wed Mar 31, 2004 10:08 pm Reply with quote

ok thank you so much now it works good so how does this work it can actually track hackers down for real?
 
Raven
PostPosted: Wed Mar 31, 2004 10:11 pm Reply with quote

Have you tried the test hack script on my site? You will get an email informing you of the attack. What is your url? I will "attack" you and we'll see what happens Smile
 
badkemo
PostPosted: Wed Mar 31, 2004 10:12 pm Reply with quote

Only registered users can see links on this board! Get registered or login!
 
badkemo
PostPosted: Wed Mar 31, 2004 10:13 pm Reply with quote

bnut dont destroy me Smile
 
Raven
PostPosted: Wed Mar 31, 2004 10:19 pm Reply with quote

Done and it caught me! You should be receiving an email telling you all about it, assuming you set this in the hacattempt script
Code:
$eMailTo           = "YOUR_EMAIL_ADDY";
 
badkemo
PostPosted: Wed Mar 31, 2004 10:21 pm Reply with quote

I did i hace set it to the e-mail

$eMailTo = "webmaster@bosanci.net";
$eMailSubject = "Hack Attempt";
$eMailExtraHeaders = "From: $eMailTo\n";
$sendAdminEmail = TRUE;

where can i test that on your page you said
 
Raven
PostPosted: Wed Mar 31, 2004 10:22 pm Reply with quote

Did you get the email?
 
badkemo
PostPosted: Wed Mar 31, 2004 10:29 pm Reply with quote

very cool i have receved e-mail with some names and stuff like that

where can I test the script on your site ? you said something about it hehe
 
Raven
PostPosted: Wed Mar 31, 2004 10:33 pm Reply with quote

It's the same script. It will show you what the USER will see Only registered users can see links on this board! Get registered or login!
 
badkemo
PostPosted: Wed Mar 31, 2004 10:36 pm Reply with quote

very cool Smile thznk you Smile
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©