Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™
Author Message
xee
New Member
New Member


Joined: Aug 03, 2005
Posts: 3

PostPosted: Wed Aug 03, 2005 2:34 pm Reply with quote

The readme says to comment out:

Code:
//Union Tap

//Copyright Zhen-Xjell 2004 http://nukecops.com
//Beta 3 Code to prevent UNION SQL Injections
//unset($matches);
//unset($loc);
//if (preg_match("/([OdWo5NIbpuU4V2iJT0n]{5}) /", rawurldecode($loc=$_SERVER["QUERY_STRING"]), $matches)) {
//   die();
//}


My mainfile.php file has an extra line:

Code:
unset($matches);

unset($loc);
if(isset($_SERVER['QUERY_STRING'])) {
if (preg_match("/([OdWo5NIbpuU4V2iJT0n]{5}) /", rawurldecode($loc=$_SERVER['QUERY_STRING']), $matches)) {
    die('Illegal Operation');
  }
}


Should I comment it out anyway??

Also, where it says to comment out:

Code:
//$queryString = strtolower($_SERVER['QUERY_STRING']);

//if (stripos_clone($queryString,'%20union%20') OR stripos_clone($queryString,'/*') OR stripos_clone($queryString,'*/union/*') OR stripos_clone($queryString,'c2nyaxb0')) {
//header("Location: index.php");
//die();
//}


My code says:

Code:
if(!file_exists('includes/nukesentinel.php')) {

  if(isset($_SERVER['QUERY_STRING']) && (!stripos_clone($_SERVER['QUERY_STRING'], "ad_click") || !stripos_clone($_SERVER['QUERY_STRING'], "url"))) {
    $queryString = $_SERVER['QUERY_STRING'];
    if (stripos_clone($queryString,'%20union%20') OR stripos_clone($queryString,'/*') OR stripos_clone($queryString,'*/union/*') OR stripos_clone($queryString,'c2nyaxb0') OR stripos_clone($queryString,'+union+') OR stripos_clone($queryString,'http://') OR (stripos_clone($queryString,'cmd=') AND !stripos_clone($queryString,'&cmd')) OR (stripos_clone($queryString,'exec') AND !stripos_clone($queryString,'execu')) OR stripos_clone($queryString,'concat')) {
      die('Illegal Operation');
    }
  }
}


Same question; still comment it out?
 
View user's profile Send private message
hitwalker
Sells PC To Pay For Divorce


Joined:
Posts: 5661

PostPosted: Wed Aug 03, 2005 3:07 pm Reply with quote

what nuke version do you use ?
 
View user's profile Send private message
xee
PostPosted: Wed Aug 03, 2005 3:31 pm Reply with quote

hitwalker wrote:
what nuke version do you use ?


7.7 with the latest 3.1 patch.
 
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17077

PostPosted: Wed Aug 03, 2005 3:33 pm Reply with quote

Comment it all out.
 
View user's profile Send private message
xee
PostPosted: Wed Aug 03, 2005 3:46 pm Reply with quote

Raven wrote:
Comment it all out.


Done and done. Thanks.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©