Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
AYK
Hangin' Around


Joined: Apr 03, 2004
Posts: 32

PostPosted: Thu Jul 15, 2004 5:33 pm Reply with quote

AAH ! Evil or Very Mad

I've been running my NUKE 7.2 site on my own APACHE/WINXP machine for some time now. Everything's great.

Untill yesterday : some Turkish guy, who calls himself the 'WanXpy For LynXMaster' or whatever, hacked my site.

What he does is he changes the footer text to a redirect code, that redirects users to his matrix-lookalike webpage where he displays hacked by bla bla bla ....

For those of you who want to look at it : it's Only registered users can see links on this board! Get registered or login!

Thanks to phpmyadmin I fixed to problem. Today - he does it again.

You guys think Sentinel will stop this from happening ? Or do I have to change some code to disable this exploit ?

Thanks in advance for the advice !
 
View user's profile Send private message Visit poster's website
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17077

PostPosted: Thu Jul 15, 2004 5:44 pm Reply with quote

Sentinel stops it dead. Why in the world haven't you installed it before now? Bang Head
 
View user's profile Send private message
AYK
PostPosted: Fri Jul 16, 2004 2:55 am Reply with quote

Well yeah - I'm wondering why i didn't do that too now.
I'm getting on it right now !

THANKS !
 
AYK
PostPosted: Fri Jul 16, 2004 3:08 am Reply with quote

I didn't install it because I always thought - they will never try something like this on me ( because I have this really tiny site, only intended to share my photos with my friends ).

One thing that I found out is - I get this error now when trying to use coppermine :
Code:
Fatal error: Cannot redeclare class sql_db in D:\WEBSITE\modules\coppermine\include\oldnuke.php on line 0


I know this is more for another part of the forum, but I thought maybe the history of the problem could be relevant.
 
stephen2417
Worker
Worker


Joined: Jan 18, 2004
Posts: 244
Location: Bristolville, OH

PostPosted: Fri Jul 16, 2004 5:15 am Reply with quote

That oldnuke.php is for when your nuke version is less than 6.5.. Make sure your version number in the nuke_config table is reading above 6.5 and then it wont even use that file.

But if your site is running below 6.5, upgrade!
I know I had problems with that when I removed the version number from the table. Rolling Eyes

And dont think hackers wont find your site, bc they will!
Enjoy RavensScripts
 
View user's profile Send private message Visit poster's website
AYK
PostPosted: Fri Jul 16, 2004 5:48 am Reply with quote

thanks ! that did it !
 
stephen2417
PostPosted: Fri Jul 16, 2004 6:03 am Reply with quote

Mr. Green Your most welcome!
 
Raven
PostPosted: Fri Jul 16, 2004 6:43 am Reply with quote

Sentinel uses the new db layer that was introduced after 6.5, so you would need to make some changes to make it work on 6.5. I have installed it on 6.5 and I will have to try to remember the steps. I know you have to copy the db folder from 6.9 (or higher) to you 6.5 folder. There may be a couple more things but they escape me right now.
 
digibeet
Regular
Regular


Joined: Jul 08, 2004
Posts: 96
Location: Amsterdam, the Netherlands

PostPosted: Sat Jul 17, 2004 4:12 pm Reply with quote

BTW, this person comes from Ankara and uses this hostingprovider Twisted Evil

Twisted Evil Only registered users can see links on this board! Get registered or login!

Maybe... Twisted Evil his site is already offline.. Twisted Evil

Probably no more hacks from him I hope. Wink

greetzz,


Fred

Uhhmm... I trust Sentinel because it WORKS!

_________________
"Grasp the subject, the words will follow."
Cato the Elder (234 BC - 149 BC)
Roman orator & politician. 
View user's profile Send private message Visit poster's website
lynxmaster
New Member
New Member


Joined: Sep 13, 2005
Posts: 3

PostPosted: Tue Sep 13, 2005 11:33 am Reply with quote

Hey, Be carefuL Wink


Contact me: Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
Raven
PostPosted: Tue Sep 13, 2005 11:40 am Reply with quote

lynxmaster wrote:
Hey, Be carefuL Wink


Contact me: Only registered users can see links on this board! Get registered or login!
Of what?
 
CurtisH
Life Cycles Becoming CPU Cycles


Joined: Mar 15, 2004
Posts: 638
Location: West Branch, MI

PostPosted: Tue Sep 13, 2005 1:24 pm Reply with quote

I'm not sure but I think he is saying he is still online and ready to hack.

_________________
Those who dream by day are cognizant of many things which escape those who dream only by night. ~Poe 
View user's profile Send private message Visit poster's website Yahoo Messenger
hitwalker
Sells PC To Pay For Divorce


Joined:
Posts: 5661

PostPosted: Wed Sep 14, 2005 8:45 am Reply with quote

what a bull realy,any idiot can signup and call himself LynXMaSTeR or whatever...
hacking days for nuke sites are over,meaning if you take care of security..
 
View user's profile Send private message
lynxmaster
PostPosted: Thu Sep 15, 2005 7:19 am Reply with quote

Zoru başarmak koLaydır, imkansız ise zaman aLır.

or

To be succesfuLL in hard things is easy but, impossibiLity takes time Wink
 
hitwalker
PostPosted: Thu Sep 15, 2005 7:22 am Reply with quote

getting caught takes time also... Twisted Evil
 
lynxmaster
PostPosted: Thu Sep 15, 2005 7:52 am Reply with quote

: )
 
VinDSL
Life Cycles Becoming CPU Cycles


Joined: Jul 11, 2004
Posts: 614
Location: Arizona (USA) Admin: NukeCops.com Admin: Disipal Designs Admin: Lenon.com

PostPosted: Thu Sep 15, 2005 3:17 pm Reply with quote

Heh! Reminds me of the Netflix commercial...
Quote:
"A cat chokes to death on a dead mouse," says the faux game show announcer. "Who killed who?" he asks as the timer loudly ticks off the seconds.

"Freud!" answers the contestant, in decided victory.

ROTFL

~Locked

_________________
.:: "The further in you go, the bigger it gets!" ::.
.:: Only registered users can see links on this board! Get registered or login! | Only registered users can see links on this board! Get registered or login! ::. 
View user's profile Send private message Visit poster's website ICQ Number
Display posts from previous:       
Post new topic   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©