Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Hack Attempt Script
Author Message
Overseer
New Member
New Member


Joined: Apr 01, 2005
Posts: 3

PostPosted: Fri May 20, 2005 9:56 am Reply with quote

hi i been using sentinal for few weeks now but i having one problem i think sential not even working,

before i use to use protector but decided to go for sentinal this on a new site i build.

with sentinal activate i managed to do 3 hacks a search module, downloads module and weblinks and none of the hacks i did blocked me where protector did,

i even managed to get in admin through the weblinks module on patch 7.6 3.0b

any idears how i could test this out guys or something i may of setup wrong

project overseer productions
 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17077

PostPosted: Fri May 20, 2005 10:41 am Reply with quote

In General, NukeSentinel(tm) is not designed to replace nor fix bad code. Chatserv has issued patches for the three modules that you mention and that is not a function of NukeSentinel(tm). NukeSentinel(tm) is designed and written to protect against admin hacking, XXS, and other exploits like UNION, CLIKE, etc. I would remove all of your NukeSentinel files and tables and get the latest and install it. If you are able to hack those 3 modules with Chatserv's 3.0 patches applied, then we need to see the exploits you used because to our knowledge, all known exploits are fixed in Chat's patch level series.
 
View user's profile Send private message
Overseer
PostPosted: Fri May 20, 2005 1:31 pm Reply with quote

i do have latest version of sentinal and nuke 7.7 from nsnscripts.com with chatserv patch 3.0b i not going to post any code here but who would be the best person to tell on how to do this, any why does not sentinal block me with union or sql hack attempts where protector did.

the reason i used sentinal is becuase it was easy to install and i not sure if protector would work with 7.7

thanks
 
Raven
PostPosted: Fri May 20, 2005 3:59 pm Reply with quote

It does block those if installed correctly, no offense. Thousands are using it, including this site, and I get several blocks every day. Please go over the installation instructions very carefully. There's got to be something that you have missed.
 
Overseer
PostPosted: Fri May 20, 2005 5:15 pm Reply with quote

i have installed it how it says i even turn on all the different hacker protect settings ,

how i do i know if its working how it should as with protector i use to run test hack scripts that i do myself but these dont seem to block me link i can insert weblinks etc without admin approvel with the hack

any idears would be greatfull?
 
Raven
PostPosted: Fri May 20, 2005 5:34 pm Reply with quote

The inserting web links w/o admin approval is not governed by NukeSentinel(tm). Comment out the NukeSentinel(tm) code in mainfile.php and see if you can add web links w/o admin approval. If you can, NukeSentinel(tm) is not the issue. PM me the code you are using to bypass your admin approval and I will test it. Make sure you surround the code in bbcode tags.
 
greenday2k
New Member
New Member


Joined: May 20, 2005
Posts: 1

PostPosted: Fri May 20, 2005 6:52 pm Reply with quote

Nuke sentinel has been working a lot fot the security of my site.
thousands of attacks were block by sentinel.. the santy worm for example.
(that one that attacks php-sites or forums).
SQl injections... is not the only security add on (and a lot of pathces!) hat i have installed, but sentinel stopped a lot!
 
View user's profile Send private message
cheeseorama
New Member
New Member


Joined: Mar 25, 2005
Posts: 3

PostPosted: Sat Aug 13, 2005 9:06 am Reply with quote

Hey Overseer, if you really want to know if Sentinal is doing its job, get one of your admins to enter a wrong password in the admin login a few times. If Sentinal is working he/she will have their IP banned.

Of course, make sure the admin you pick has a dynamic IP address and that they are only a casual admin who can wait for their ip to change.

I've had more bans as a result of my admin's then with any kind of attack..lol.
 
View user's profile Send private message
square1
New Member
New Member


Joined: Jul 20, 2006
Posts: 7

PostPosted: Thu Jul 20, 2006 2:41 pm Reply with quote

Sentinel seems to be working a little too well for us. It's blocked us from a site we're setting up and developing. But we are kind of noobs to the whole PHP Nuke ring. Bang Head
 
View user's profile Send private message
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Hack Attempt Script

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©