Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Hack Attempt Script
Author Message
Panthera
Hangin' Around


Joined: May 16, 2004
Posts: 28
Location: Northern California, USA

PostPosted: Sun May 16, 2004 11:28 pm Reply with quote

Hello!

I am just recovering from my first hack and my head is still spinning. I installed the Hack Alert but when I test it I get my own 404 Error page.

Here is what I inserted:

Code:
// Raven http://ravenphpscripts.com

$queryString = strtolower($HTTP_SERVER_VARS['QUERY_STRING']);
if (strstr($queryString,'%20union%20') OR strstr($queryString,'/*')) {
   header("Location: hackattempt.php?$queryString");
   die();
}



Admittedly, I'm a phpNuke newbie (running 7.1) but I cannot find the $LOC in the coding. Am I missing something??

Quote:
- NOTE: SOME SETUPS REQUIRE THE TRAILING SLASH AFTER THE $LOC AND SOME WILL NOT WORK IF THE TRAILING SLASH IS PRESENT. IF YOU ARE EXPERIENCING PROBLEMS THEN TRY ADDING/REMOVING THE TRAILING SLASH AS NEEDED.


Only registered users can see links on this board! Get registered or login!

What am I doing wrong?

Panthera
 
View user's profile Send private message Yahoo Messenger
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Mon May 17, 2004 12:05 am Reply with quote

First of all, make sure that you have the hackattempt.php file in the same directory as mainfile.php. Now, the $LOC has been changed to $queryString and I forgot to update the statement in the INSTALL file - sorry (it's fixed now)! So, try this
Code:
// Raven http://ravenphpscripts.com 

$queryString = strtolower($HTTP_SERVER_VARS['QUERY_STRING']);
if (strstr($queryString,'%20union%20') OR strstr($queryString,'/*')) {
   header("Location: hackattempt.php?$queryString/");
   die();
}
 
View user's profile Send private message
Panthera
PostPosted: Mon May 17, 2004 12:47 am Reply with quote

Raven wrote:
First of all, make sure that you have the hackattempt.php file in the same directory as mainfile.php.


Hi Raven,

Thanks for the quick reply. They are in the same directory and I updated the code to the above you included. I still get my own 404 Error page.

Should I replace the code that is there currently? Or just place it above it? [I replaced it]

Code:
$queryString = strtolower($_SERVER['QUERY_STRING']); 

if (strstr($queryString,'%20union%20') OR strstr($queryString,'/*')) {
header("Location: index.php");
die();
}


Thanks!
 
Raven
PostPosted: Mon May 17, 2004 12:53 am Reply with quote

Replace it. Make sure you don't have a typo in the script name. Review the error message to see what path it is attempting to goto. That should give an indication as to the pathing error. Try this if nothing else works
Code:
header("Location: http://yourdomain.com/hackattempt.php?$queryString");
Of course adjust the url to point to the script.
 
Panthera
PostPosted: Mon May 17, 2004 1:17 am Reply with quote

Well, it doesn't look as if there are any typos ... i tried expanding the path location as you suggested and then back again.
Code:
// Raven http://ravenphpscripts.com 

$queryString = strtolower($HTTP_SERVER_VARS['QUERY_STRING']);
if (strstr($queryString,'%20union%20') OR strstr($queryString,'/*')) {
   header("Location: hackattempt.php?$queryString/");
   die();
}


I still get my own 404 page. Crying or Very sad

Here is what shows at the bottom of that page:
Code:
http://ravenphpscripts.com/modules.php?name=Forums&file=viewtopic&p=10457 69.104.2.35 /modules.php?name=Web_Links&l_op=viewlink&cid=1%20union%20select Only registered users can see links on this board! Get registered or login! Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; AT&T CSM6.0; yie6) 404 


I'm at a loss. It should be so simple ...

Panthera
 
Panthera
PostPosted: Mon May 17, 2004 1:21 am Reply with quote

Oh, and I have tried it with and without the trailing slash / at the end of the location string. Confused
 
bones
Hangin' Around


Joined: Sep 18, 2003
Posts: 36

PostPosted: Mon May 17, 2004 1:54 am Reply with quote

no wonder you have the wrong url which is Only registered users can see links on this board! Get registered or login! change that to your url.
 
View user's profile Send private message Visit poster's website
Panthera
PostPosted: Mon May 17, 2004 7:32 am Reply with quote

hey bones,

that bit with raven's url just is showing i ran that link from this site. same thing happens when i run Only registered users can see links on this board! Get registered or login! from my site.
 
Raven
PostPosted: Mon May 17, 2004 8:58 am Reply with quote

Is your site url in Admin Preferences Only registered users can see links on this board! Get registered or login! ? That's what your site shows for your main page. If you type Only registered users can see links on this board! Get registered or login! , does that work?
 
Panthera
PostPosted: Mon May 17, 2004 12:58 pm Reply with quote

Raven wrote:
If you type Only registered users can see links on this board! Get registered or login! , does that work?


Bless you Raven!!! Mr. Green

And I am BLIND!!!!!!! and feeling stupid for missing such a simple thing Embarassed

Yes, it works beautifully now!

Hugs, Panthera
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Hack Attempt Script

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©