Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
micah
Hangin' Around


Joined: May 25, 2006
Posts: 40

PostPosted: Wed Dec 05, 2007 11:13 pm Reply with quote

Hi there.

I have ravennuke 2.20.01 installed on my site wowhockey.com

Since installing it on November 25 my site has been hacked a few times and new folders have been created in which phishing sites have been set up. I do have Sentinel installed. Any help would be very, very appreciated.

Could anyone please advise help or test to ensure that sentinel is working properly.

Thanks,
micah
 
View user's profile Send private message
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Wed Dec 05, 2007 11:51 pm Reply with quote

First thing to check is access logs to determine how they got in. If you know the date and time of the incident, it should be quick to find. If Sentinel isn't going off, then your settings may be down or not working correctly. They could have gotten into other scripts that aren't phpNuke related.

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
micah
PostPosted: Thu Dec 06, 2007 8:37 am Reply with quote

I will check the access logs to see if I can figure out how they got in. Can you please test to see that sentinel is working ok on my site. It wold be appreciated.

Thansk againAQ
Micah
 
montego
Site Admin


Joined: Aug 29, 2004
Posts: 9449
Location: Arizona

PostPosted: Thu Dec 06, 2007 10:02 am Reply with quote

micah, although it is good to think of NukeSentinel as it can, at times, be the only protection that you may have for third-party scripts that you add to your site. However, THE most important thing to keep in mind is your site is only as good as its weakest link.

The usual culprits of hacks these days are really anything that allows file uploading, such as:

> Gallery / photo album
> Forum attachment mods
> Some chat programs
> and other file upload tools

I would first look for references to those scripts.

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
slackervaara
Worker
Worker


Joined: Aug 26, 2007
Posts: 236

PostPosted: Thu Dec 06, 2007 10:14 am Reply with quote

You can look on your site the date and time the new folders have been created. Then look in the access logs for that time to see how they made it.
 
View user's profile Send private message
micah
PostPosted: Thu Dec 06, 2007 12:50 pm Reply with quote

Thanks for the tips.
Micah
 
evaders99
PostPosted: Thu Dec 06, 2007 6:36 pm Reply with quote

Have a link to your site?
 
micah
PostPosted: Thu Dec 06, 2007 8:39 pm Reply with quote

Hey yes ... my site is Only registered users can see links on this board! Get registered or login!

Thanks
 
micah
PostPosted: Thu Dec 06, 2007 8:50 pm Reply with quote

This is one of the files that i pull ed from my log
Only registered users can see links on this board! Get registered or login!

hmmmm.
Micah
 
evaders99
PostPosted: Thu Dec 06, 2007 11:07 pm Reply with quote

I see your Forums admin is secured. It should not be affected (if you had this protection on during the time of the attack)

I don't see any obvious vulnerability, but I haven't tried many attacks. One did set off Sentinel and send me to cnn.com, banning me from the server in the process.
 
micah
PostPosted: Fri Dec 07, 2007 8:13 am Reply with quote

Thanks for having a test/look evaders99

Again everyones help is appreciated.

Micah
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©