RavenNuke(tm) 2.30.01 translate to dutch

Posted: Mon Apr 27, 2009 7:33 am

Hello users, my name is sebastian from the netherlands im working for McAfee SECURE ig go translate the complete script ( RavenNuke(tm) 2.30.01 ) to the dutch lang Yes also all modules blocks etc,
only it will cost me a few weeks then is it ready.

I dint find te right topic please replace this msg to the right topic thank u.

Sebastian
McAfee SECURE

P.s i will fix also the pci security bugs for FREE!!! Smile

Posted: Mon Apr 27, 2009 9:24 am

Well thank you Sebastiaan. I'm sure Raven's Team will appreciate this.

Do you plan on using RN for your company?

Posted: Mon Apr 27, 2009 9:32 am

eldorado wrote:

Well thank you Sebastiaan. I'm sure Raven's Team will appreciate this.

Do you plan on using RN for your company?

Yes , before i use phpnuke 7.6 only google cant index that script good thats the reason that i transfer to raver...

Warning!!! phpnuke 8.0 and 8.1 have to many sql injections and xxs problems i dnt use that any more i have also a scan rapport from that script i can upload it when the rave team that likes
then u see how manny security problems phpnuke 7.6 - 8.1 have the patch dnt fix all the sql injections. the problem is read below:

Code:




config.php%26userfile_name%3Dscanalert.txt


Content-Type=application%2Fx-www-form-urlencoded





Confidential - McAfee Security Audit Report Page 21


Affects: 2.0.40, 2.0.39, 2.0.37, 2.0.36, 2.0.35


Version less than Apache httpd 2.0.40


Important: Path vulnerability ---> CVE-2002-0661


Affects: 2.0.39, 2.0.37, 2.0.36, 2.0.35


Low: Path revealing exposures ---> CVE-2002-0654


Affects: 2.0.39, 2.0.37?, 2.0.36?, 2.0.35?


Version less than Apache httpd 2.0.37


Critical: Apache Chunked encoding vulnerability ---> CVE-2002-0392


Affects: 2.0.36, 2.0.35


Version less than Apache httpd 2.0.36


Low: Warning messages could be displayed to users ---> CVE-2002-1592


Affects: 2.0.35


CVSS


7.5


Solution


Upgrade to newer version


Detail


Apache/2.0.58 ---> Verify that you are running the Latest version of Apache.


Links


httpd.apache.org


Related


None


Web Application Cross Site Scripting


Port First Detected Category


80 22/04/2009 20:50 Web Application


Protocol Fix Difficulty Impact


HTTP Medium Cross Site Scripting (XSS)


Description


The remote web application appears to be vulnerable to cross-site scripting (XSS).


The cross-site scripting attack is one of the most common, yet overlooked, security problems facing web developers today. A web


site is vulnerable if it displays user-submitted content without sanitizing user input.


The target of cross-site scripting attacks is not the server itself, but the users of the server. By finding a page that does not


properly sanitize user input the attacker submits client-side code to the server that will then be rendered by the client. It is


important to note that websites that use SSL are just as vulnerable as websites that do not encrypt browser sessions.


The damage caused by such an attack can range from stealing session and cookie data from your customers to loading a virus


payload onto their computer via browser.


The pages listed in the vulnerability output will display embedded javascript with no filtering back to the user.


CVSS


5.8


Solution


When accepting user input ensure that you are HTML encoding potentially malicious characters if you ever display the data back


Confidential - McAfee Security Audit Report Page 22


to the client.


Ensure that parameters and user input are sanitized by doing the following:


Remove < input and replace with &lt;


Remove > input and replace with &gt;


Remove ' input and replace with &apos;


Remove " input and replace with &#x22;


Remove ) input and replace with &#x29;


Remove ( input and replace with &#x28;


Detail


Protocol http Port 80Read Timeout10000Method POST


Path /modules.php


Que


ry


name=Web_Links


l_op=search


query=


Hea


ders


Referer=http%3A%2F%2Fwww.YOURDOMAIN.COM%3A80%2Fmodules.php%3Fname%3DWeb_Links%26l_op


%3Dviewlinkdetails%26lid%3D1%26ttitle%3D..%252F..%252F..%252F..%252F..%252F..%252Fetc%252F


passwd%2500_Home_Of_PHP-Nuke_Special_Edition


Content-Type=application%2Fx-www-form-urlencoded


Bodyquery=>"></title></iframe></script></form></td></tr><br><iFraMe src=http://www.HackerSafe.com


width=900 height=1100></IfRamE>


Protocol http Port 80Read Timeout10000Method POST


Path /modules.php


Query


name=Downloads


op=search


query=


Heade


rs


Referer=http%3A%2F%2Fwww.YOURDOMAIN.COM%3A80%2Fmodules.php%3Fname%3DDownloads


Content-Type=application%2Fx-www-form-urlencoded


Body query=>"></title></iframe></script></form></td></tr><br><iFraMe src=http://www.HackerSafe.com


width=900 height=1100></IfRamE>


Protocol http Port 80Read Timeout10000Method POST


Path /modules.php


Query name=Feedback


Heade


rs


Referer=http%3A%2F%2Fwww.YOURDOMAIN.COM%3A80%2Fmodules.php%3Fname%3DFeedback


Content-Type=application%2Fx-www-form-urlencoded


Body


sender_name=>"></title></iframe></script></form></td></tr><br><iFraMe


src=http://www.HackerSafe.com width=900 height=1100></IfRamE>


sender_email=0


message=0


opi=ds


submit=Verzenden


Protocol http Port 80Read Timeout10000Method POST


Path /modules.php


Query name=Feedback


Heade


rs


Referer=http%3A%2F%2Fwww.YOURDOMAIN.COM%3A80%2Fmodules.php%3Fname%3DFeedback


Content-Type=application%2Fx-www-form-urlencoded


Body


sender_name=0


sender_email=>"></title></iframe></script></form></td></tr><br><iFraMe


src=http://www.HackerSafe.com width=900 height=1100></IfRamE>


message=0


opi=ds


submit=send

I hope i have helping the team whit this rapport.
this rapport is based on phpnuke not on RavenNuke(tm)

Posted: Mon Apr 27, 2009 2:48 pm

I've moved this to a more appropriate forum. Wink

Posted: Mon Apr 27, 2009 2:50 pm

thanks that is also my qeustion only my english is sh...

Posted: Mon Apr 27, 2009 3:30 pm

I would suggest work with the other dutch translators together in a team so you can share the work.
[ Only registered users can see links on this board! Get registered or login! ]

Posted: Mon Apr 27, 2009 4:31 pm

Yes it is why most of us here are running on RN , because most of the security holes has been patched.
Thanks for the input on these security issues as I'm sure it'll help current phpnuke users to solve their hacking problems.

Posted: Tue Apr 28, 2009 5:01 pm

@ eldorado ,

No problem i will helping so far i can ask me and i will scan it for free

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

sebastiaan,

I was not aware that you were working on the translation but thanks for letting us know Smile

. Please be sure to use the v2.30.01 English language files as your master.

Also, thank you for the audit information. I have seen at least 2 posts where you include it and I'd prefer to not keep the database cluttered with phpnuke logs Wink

.

Btw, those audits could be run against RN and probably several others and you would find exploit possibilities too. We are aware of some and are patching them in a severity order. Some of those messages are really mentioning possible vectors. But that doesn't always mean there actually IS a way to use them. Nonetheless, we do take all audits very seriously and try to prioritize them by severity. Thanks again for everything!

Posted: Thu Apr 30, 2009 4:42 am

hello raven, no problem here the dutch translate lang for the mod submit_news have fun

Posted: Thu Apr 30, 2009 4:43 am

Code:

<?php





/**************************************************************************/


/* PHP-NUKE: Advanced Content Management System                           */


/* ============================================                           */


/*                                                                        */


/* This is the language module with all the system messages               */


/*                                                                        */


/* If you made a translation, please go to the site and send to me        */


/* the translated file. Please keep the original text order by modules,   */


/* and just one message per line, also double check your translation!     */


/*                                                                        */


/* You need to change the second quoted phrase, not the capital one!      */


/*                                                                        */


/* If you need to use double quotes (') remember to add a backslash (\),  */


/* so your entry will look like: This is \'double quoted\' text.          */


/* And, if you use HTML code, please double check it.                     */


/**************************************************************************/





define("_PRINTER","Printervriendelijke pagina");


define("_FRIEND","Stuur dit verhaal naar een kennis");


define("_YOURNAME","Uw naam");


define("_OK","Ok!");


define("_ALLOWEDHTML","Toegestane HTML:");


define("_EXTRANS","Extrans (HTML-tags naar tekst)");


define("_HTMLFORMATED","HTML Geformatteerd");


define("_PLAINTEXT","Alleen tekst");


define("_ARTICLES","Artikelen");


define("_SUBMITNEWS","Nieuws inzenden");


define("_SUBMITADVICE","Vul het volgende formulier en controleer uw inzending goed.<br>Wij wijzen u erop dat niet alle inzendingen kunnen worden geplaatst.<br>Uw inzending wordt gecontroleerd op grammatica en kan bewerkt of ingekort worden.");


define("_SUBTITLE","Titel");


define("_BEDESCRIPTIVE","Gebruik korte, samengevatte tekst");


define("_BADTITLES","geen titels als: 'Check This Out!' of 'Zie Dit!' e.d.");


define("_HTMLISFINE","HTML is toegstaan, maar controleer goed evt. URLs en HTML-tags!");


define("_AREYOUSURE","Heeft u de goede URL ingevuld, zonder tikfouten?");


define("_SUBPREVIEW","U moet het artikel één keer controleren (voorbeeld), voordat U het kunt inzenden");


define("_SELECTTOPIC","Selecteer onderwerp");


define("_NEWSUBPREVIEW","Nieuws inzending voorbeeld");


define("_STORYLOOK","Uw inzending zal er zo uitzien:");


define("_CHECKSTORY","Controleer tekst, links, enz. voordat u uw verhaal verzendt!");


define("_THANKSSUB","Bedankt voor uw inzending!");


define("_SUBSENT","Uw inzending is ontvangen.");


define("_SUBTEXT","Uw inzending zal worden bekeken. Incorrecte en beledigende bewoordingen worden niet gepubliceerd.");


define("_WEHAVESUB","Op dit ogenblik hebben wij");


define("_WAITING","inzendingen die op publicatie wachten.");


define("_PREVIEW","Voorbeeld");


define("_NEWUSER","Nieuwe gebruiker");


define("_USCORE","Score");


define("_DATE","Datum");


define("_STORYTEXT","Verhaaltekst");


define("_EXTENDEDTEXT","Verlengde tekst");


define("_LANGUAGE","Taal");


define("_SELECTMONTH2VIEW","Kies de maand dat u wenst te bekijken:");


define("_SHOWALLSTORIES","Toon ALLES");


define("_STORIESARCHIVE","Archief");


define("_ACTIONS","Acties");


define("_ARCHIVESINDEX","Archief Index");


define("_ALLSTORIESARCH","Alles");


define("_NEXTPAGE","Volgende Pagina");


define("_PREVIOUSPAGE","Vorige Pagina");





?>

Posted: Thu Apr 30, 2009 7:31 am

Thank you Sebastiaan Smile

. Just so I understand, you are going to translate all of the language files? I have some already translated and could send you those so you could use them to help you along. Also, to help keep us organized as much as possible, instead of posting them, please archive the file(s) and send them to

languages
@
ravenphpscripts
.
com

Posted: Thu Apr 30, 2009 7:44 am

ok will do , yes im translate the full script

Posted: Thu Jul 16, 2009 1:18 pm

Raven, iwill send it when i have done the last 5 modules,

then the complete script has been translate to dutch

Posted: Thu Jul 16, 2009 1:50 pm

Thanks!

Posted: Thu Oct 01, 2009 1:06 pm

@sebastiaan

don´t know what the current status of the translation for the dutch files is but just to inform you there is a new topic:
[ Only registered users can see links on this board! Get registered or login! ]