Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ Bug Reports
Author Message
Divvy
Hangin' Around


Joined: Mar 06, 2006
Posts: 31

PostPosted: Mon Mar 06, 2006 4:59 pm Reply with quote

Can someone help me?
I have PHP-Nuke 7.9 with 3.2 patch and I cant modify this files:

ADMIN.PHP

In admin.txt I have this:
Code:
# 

#-----[ OPEN ]------------------------------------------
#
admin.php

#
#-----[ FIND ]------------------------------------------
#
$checkurl = $_SERVER['REQUEST_URI'];
if((stripos_clone($_SERVER["QUERY_STRING"],'AddAuthor')) || (stripos_clone($_SERVER["QUERY_STRING"],'VXBkYXRlQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'QWRkQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'UpdateAuthor')) || (preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
die("Illegal Operation");
}

#
#-----[ COMMENT OUT ]------------------------------------------
#
//$checkurl = $_SERVER['REQUEST_URI'];
//if((stripos_clone($_SERVER["QUERY_STRING"],'AddAuthor')) || (stripos_clone($_SERVER["QUERY_STRING"],'VXBkYXRlQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'QWRkQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'UpdateAuthor')) || (preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
//die("Illegal Operation");
//}


HOWEVER, the best I can find near that in my admin.php is:
Code:
$checkurl = $_SERVER['REQUEST_URI'];

if((stripos_clone($checkurl,'AddAuthor')) OR (stripos_clone($checkurl,'VXBkYXRlQXV0aG9y')) OR (stripos_clone($checkurl,'QWRkQXV0aG9y')) OR (stripos_clone($checkurl,'UpdateAuthor')) OR (stripos_clone($checkurl, "?admin")) OR (stripos_clone($checkurl, "&admin"))) {
  die("Illegal Operation");
}



MAINFILE.PHP

In mainfile7.9.txt I have this:
Code:
#

#-----[ OPEN ]------------------------------------------
#
mainfile.php

#
#-----[ FIND ]------------------------------------------
#
if (defined('FORUM_ADMIN')) {
   @require_once("../../../config.php");
   @require_once("../../../db/db.php");
   @require_once("../../../includes/sql_layer.php");
   if (file_exists("../../../includes/custom_files/custom_mainfile.php")) { @include_once("../../../includes/custom_files/custom_mainfile.php"); }
   @require_once("../../../includes/ipban.php");
   if (defined('NUKE_HEADER') && file_exists("../../../includes/custom_files/custom_head.php")) { @include_once("../../../includes/custom_files/custom_head.php"); }
   if (defined('NUKE_HEADER') && file_exists("../../../includes/custom_files/custom_header.php")) { @include_once("../../../includes/custom_files/custom_header.php"); }
} elseif (defined('INSIDE_MOD')) {
   @require_once("../../config.php");
   @require_once("../../db/db.php");
   @require_once("../../includes/sql_layer.php");
   if (file_exists("../../includes/custom_files/custom_mainfile.php")) { @include_once("../../includes/custom_files/custom_mainfile.php"); }
   @require_once("../../includes/ipban.php");
   if (defined('NUKE_HEADER') && file_exists("../../includes/custom_files/custom_head.php")) { @include_once("../../includes/custom_files/custom_head.php"); }
   if (defined('NUKE_HEADER') && file_exists("../../includes/custom_files/custom_header.php")) { @include_once("../../includes/custom_files/custom_header.php"); }
} else {
   @require_once("config.php");
   @require_once("db/db.php");
   @require_once("includes/sql_layer.php");
   if (file_exists("includes/custom_files/custom_mainfile.php")) { @include_once("includes/custom_files/custom_mainfile.php"); }
   @require_once("includes/ipban.php");
   if (defined('NUKE_HEADER') && file_exists("includes/custom_files/custom_head.php")) { @include_once("includes/custom_files/custom_head.php"); }
   if (defined('NUKE_HEADER') && file_exists("includes/custom_files/custom_header.php")) { @include_once("includes/custom_files/custom_header.php"); }
}

#
#-----[ CHANGE TO ]------------------------------------------
#
if (defined('FORUM_ADMIN')) {
   @require_once("../../../config.php");
   @require_once("../../../db/db.php");
   @require_once("../../../includes/sql_layer.php");
   if (file_exists("../../../includes/custom_files/custom_mainfile.php")) { @include_once("../../../includes/custom_files/custom_mainfile.php"); }
   //@require_once("../../../includes/ipban.php");
   @include_once("../../../includes/nukesentinel.php");
   if (defined('NUKE_HEADER') && file_exists("../../../includes/custom_files/custom_head.php")) { @include_once("../../../includes/custom_files/custom_head.php"); }
   if (defined('NUKE_HEADER') && file_exists("../../../includes/custom_files/custom_header.php")) { @include_once("../../../includes/custom_files/custom_header.php"); }
} elseif (defined('INSIDE_MOD')) {
   @require_once("../../config.php");
   @require_once("../../db/db.php");
   @require_once("../../includes/sql_layer.php");
   if (file_exists("../../includes/custom_files/custom_mainfile.php")) { @include_once("../../includes/custom_files/custom_mainfile.php"); }
   //@require_once("../../includes/ipban.php");
   @include_once("../../includes/nukesentinel.php");
   if (defined('NUKE_HEADER') && file_exists("../../includes/custom_files/custom_head.php")) { @include_once("../../includes/custom_files/custom_head.php"); }
   if (defined('NUKE_HEADER') && file_exists("../../includes/custom_files/custom_header.php")) { @include_once("../../includes/custom_files/custom_header.php"); }
} else {
   @require_once("config.php");
   @require_once("db/db.php");
   @require_once("includes/sql_layer.php");
   if (file_exists("includes/custom_files/custom_mainfile.php")) { @include_once("includes/custom_files/custom_mainfile.php"); }
   //@require_once("includes/ipban.php");
   @include_once("includes/nukesentinel.php");
   if (defined('NUKE_HEADER') && file_exists("includes/custom_files/custom_head.php")) { @include_once("includes/custom_files/custom_head.php"); }
   if (defined('NUKE_HEADER') && file_exists("includes/custom_files/custom_header.php")) { @include_once("includes/custom_files/custom_header.php"); }
}


HOWEVER, the best I can find near that in my mainfile.php is:
Code:
if(defined('FORUM_ADMIN')) {

  define('INCLUDE_PATH', '../../../');
} elseif(defined('INSIDE_MOD')) {
  define('INCLUDE_PATH', '../../');
} else {
  define('INCLUDE_PATH', './');
}

@require_once(INCLUDE_PATH."config.php");
@require_once(INCLUDE_PATH."db/db.php");
@require_once(INCLUDE_PATH."includes/sql_layer.php");
@require_once(INCLUDE_PATH."includes/ipban.php");
if (file_exists(INCLUDE_PATH."includes/custom_files/custom_mainfile.php")) {
  @include_once(INCLUDE_PATH."includes/custom_files/custom_mainfile.php");
}

if (!defined('FORUM_ADMIN')) {
  if(empty($admin_file)) {
    die ("You must set a value for admin_file in config.php");
  } elseif (!empty($admin_file) && !file_exists($admin_file.".php")) {
    die ("The admin_file you defined in config.php does not exist");
  }
}


In mainfile7.9.txt I have this:
Code:
# In Patched 3.1 this step has already been done

#
#-----[ FIND ]------------------------------------------
#
$queryString = strtolower($_SERVER['QUERY_STRING']);
if (stripos_clone($queryString,'%20union%20') OR stripos_clone($queryString,'/*') OR stripos_clone($queryString,'*/union/*') OR stripos_clone($queryString,'c2nyaxb0')) {
header("Location: index.php");
die();
}

#
#-----[ CHANGE TO ]------------------------------------------
#
if(!file_exists('includes/nukesentinel.php')) {
  if(isset($_SERVER['QUERY_STRING']) && (!stripos_clone($_SERVER['QUERY_STRING'], "ad_click") || !stripos_clone($_SERVER['QUERY_STRING'], "url"))) {
    $queryString = $_SERVER['QUERY_STRING'];
    if (stripos_clone($queryString,'%20union%20') OR stripos_clone($queryString,'/*') OR stripos_clone($queryString,'*/union/*') OR stripos_clone($queryString,'c2nyaxb0') OR stripos_clone($queryString,'+union+') OR stripos_clone($queryString,'http://') OR (stripos_clone($queryString,'cmd=') AND !stripos_clone($queryString,'&cmd')) OR (stripos_clone($queryString,'exec') AND !stripos_clone($queryString,'execu')) OR stripos_clone($queryString,'concat')) {
      die('Illegal Operation');
    }
  }
}

in function function online() {


HOWEVER, the best I can find near that in my mainfile.php is:
Code:
    $queryString = $_SERVER['QUERY_STRING'];

    if ((stristr($queryString,'%20union%20')) OR (stristr($queryString,'/*')) OR (stristr($queryString,'*/union/*')) OR (stristr($queryString,'c2nyaxb0')) OR (stristr($queryString,'+union+')) OR (stristr($queryString,'http://')) OR ((stristr($queryString,'cmd=')) AND (!stristr($queryString,'&cmd'))) OR ((stristr($queryString,'exec')) AND (!stristr($queryString,'execu'))) OR (stristr($queryString,'concat'))) {
      die('Illegal Operation');
    }


Can someone help me?
Another thing... the icone of Sentinel dont appears in my admin menu... but I dont have instaled the new tables in db... is because that or somethings wrong? Or is because I dont edit this files yet?
 
View user's profile Send private message
Divvy
PostPosted: Mon Mar 06, 2006 7:07 pm Reply with quote

please anyone? is urgent.... Sad
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ Bug Reports

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©