Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Hack Attempt Script
Author Message
tassieanna
New Member
New Member


Joined: Mar 25, 2007
Posts: 2

PostPosted: Sun Mar 25, 2007 7:00 pm Reply with quote

I assume the image found at the url below is a result of your "hack attempt script"

Only registered users can see links on this board! Get registered or login!

This is the lovely greeting I got when I tried to register here a few minutes ago.

I am posting, so I must have been able to register?????? I used a very simple, and publicly available proxy to eventually register.

Reading through this forum, I also not that a similar message I received at another site regarding my supposed attempt to perform a "Union Attack" on another site (visited after following a link from Nuke Cops), was also a result of your script.

This was not a very nice greeting at all.

The strange part of this is that I have been able to download scripts from this site without a problem, I am also logged in now from my normal IP address. So why did your script abuse me, defame and slander me when I simply tried to register?

I do not find this humourous at all, and I think that any script that returns even one false positive that threatens the user with FBI action should be withdrawn from use immediately!
 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17077

PostPosted: Sun Mar 25, 2007 10:24 pm Reply with quote

Quote:
abuse me, defame and slander


Rather melodramatic, wouldn't you say? I would suggest that you look up the 3 terms you used in the dictionary and you will discover that none of the definitions apply. You have not had any of those things done to you.

The items that set that script off are very specific. If you will supply me with your IP address I will try to find out why this happened. If you came to the site through a link in a search engine, that may have triggered it depending on what was in the link.

It is unfortunate that it happened but stuff happens. I, too, have been a victim at other sites. Rather than get my shorts in a knot, though, I laughed it off and contacted the webmaster and let it go. I really suggest that you do the same as it may have been a false positive or maybe not. I need more information to make that determination.

As to what happens at nukecops, that is none of my concern. You need to take that up with them.
 
View user's profile Send private message
kguske
Site Admin


Joined: Jun 04, 2004
Posts: 6383

PostPosted: Sun Mar 25, 2007 10:29 pm Reply with quote

I'm not sure what caused this message and will point Raven to it for additional research. Please understand that Raven definitely wouldn't want users attempting to register legitmately to see something like this. Please also understand that there is a LONG history of attacks against PHP-Nuke site, along with a history of ambivalence towards this issue from the author, which led to the need for scripts like NukeSentinel (not sure if NukeCops uses NukeSentinel, though, as it was the original home of another security script). If you use a dynamic IP address, it's possible that someone else tarnished the IP address before you used it. Were you able to access the site before seeing this message?

I'm a little confused. Most (if not all) downloads require registration. Were you attempting to register again, or were you able to download scripts before registering?

Please bear with us while we look into this further.

_________________
I google, therefore I exist...
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
tassieanna
PostPosted: Mon Mar 26, 2007 2:21 am Reply with quote

Raven wrote:
Quote:
abuse me, defame and slander


Rather melodramatic, wouldn't you say? I would suggest that you look up the 3 terms you used in the dictionary and you will discover that none of the definitions apply. You have not had any of those things done to you.



OK defame and slander are taking it a bit far, but I was rather upset by the fact that I was referred to as a "scum-bucket" which I most certainly would call abuse.

Later in the lovely message are the words "Die Sucker!!!" Againg, I would call that rather abusive.
 
jjh221
Worker
Worker


Joined: Dec 05, 2006
Posts: 178

PostPosted: Mon Mar 26, 2007 3:19 am Reply with quote

I got blocked from a site the other day from a google link. I was called a few names as well, although not upsetting me because I know that they were not meant for me. I would have to agree this is rather melodramatic.
 
View user's profile Send private message
FireATST
RavenNuke(tm) Development Team


Joined: Jun 12, 2004
Posts: 637
Location: Ohio

PostPosted: Mon Mar 26, 2007 6:19 am Reply with quote

I find it kind of humorous that you take it as abusive after the name you gave the .jpg you posted. (WTF)...... Smile As it has been pointed out, things such as this happen, the best thing to do is contact the admin of the site so that they can look into it and see if they can find what caused it. If your attempted was indeed not an attempt it will be proven out and corrected I am sure. Very Happy
 
View user's profile Send private message Visit poster's website MSN Messenger ICQ Number
Raven
PostPosted: Mon Mar 26, 2007 8:45 am Reply with quote

tassieanna wrote:
Raven wrote:
Quote:
abuse me, defame and slander


Rather melodramatic, wouldn't you say? I would suggest that you look up the 3 terms you used in the dictionary and you will discover that none of the definitions apply. You have not had any of those things done to you.



OK defame and slander are taking it a bit far, but I was rather upset by the fact that I was referred to as a "scum-bucket" which I most certainly would call abuse.

Later in the lovely message are the words "Die Sucker!!!" Againg, I would call that rather abusive.


You were not referred to by name. It was your IP and/or link that caused the issue, somehow. It's a generic screen because it is not usually wrong. I want to try to help you but I need to verify the IP and the link that were used. You also seem to be putting on 2 different faces with this. One in "public" and one in "private". That isn't helping. I will add the other response to make this whole thing clearer.

tassieanna wrote:
Strange that you should be asking for my IP address when I am certain that your script would have captured, recorded, and sent it to you.

I doubt very much that I will be returning to this site anyway.


Not strange at all. I have 124.168.237.244.dyn.iinet.net.au recorded but just wanted to verify that was the only IP you used. Whether you return or not is your prerogative. One look at the traffic to this site, over 1,000,000 hits per month and over 15,000 registered users, along with the amount of donations that come in every month, should tell you that what happened to you is not the usual "experience". I am trying to figure out what happened but since you have no desire to return to the site and you do not wish to help me resolve the issue then I will stop trying.

As I said before, it is unfortunate that it happened but stuff happens. I would think that if you really want to help yourself and others in the future, you would contribute towards helping us to figure out what caused it.
 
JTD
Hangin' Around


Joined: Nov 21, 2005
Posts: 47
Location: Minnisota

PostPosted: Fri Mar 30, 2007 4:33 pm Reply with quote

Be very luck that is all you got tassieanna. At my site if you had triggered my security you would be pulling the plug on your pc now just to stop the nasty little surprise i have waiting.
 
View user's profile Send private message Yahoo Messenger MSN Messenger
fkelly
Former Moderator in Good Standing


Joined: Aug 30, 2005
Posts: 3312
Location: near Albany NY

PostPosted: Fri Mar 30, 2007 6:25 pm Reply with quote

For what it's worth and since I just finished editing some of these files for my site, there are two places (that I know of) where these messages/warnings come from. If Sentinel generates them the messages are in *.tpl files in the /abuse folder. This is open source and you are free to edit any of them to make them friendlier or more specific.

The other is, if you are a banned IP in the site's .htaccess or you hit a not found or some other type of error, then you will get sent to one of the error documents. You can use a htaccess directive to send the users to a customized document. A line like this in htaccess will do this trick:

ErrorDocument 403 /rn/errdocs/403.html

Then edit the 403.html file to make it say what you want. I have text like this in mine:

Quote:
<h3>403 forbidden</h3>
<p>You are trying to access a bicycle club web page for a bike club located in the Albany NY area. Most likely your IP address has been banned from accessing this page because of some form of hacking or harvesting activity. If you have a legitimate reason for accessing this page, you can email Only registered users can see links on this board! Get registered or login!. We recognize that our security software may occasionally create a "false positive" finding and need to be adjusted and we will be happy to unban you if this is the case. We wish that we did not need such tight security but hackers have left us no choice.</p>

<p>If you are a hacker, please go away: there is nothing on this page of value or interest to idiots like you and you are just creating a pain in the ass for the site administrators. Maybe that is your goal in life, it's hard to see what other motivation you might have.</p>


We all need to recognize the possibility of false positives, indeed the certainty that we will encounter some. Each web admin might take a different approach and that's their choice. If you find a web site that seems to take a "harsh" approach you can always email the admin and if they don't want to adjust it then it's your choice whether to keep using it. Most admins are willing to investigate and adjust if approached politely and intelligently.
 
View user's profile Send private message Visit poster's website
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Hack Attempt Script

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©