Login or Register  • Home • Downloads • Your Account • Forums •

Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in Problem with DestineThemes (account suspended error on load) View next topic View previous topic   Web RavenPHPScripts (This Site)      Ravens PHP Scripts And Web Hosting Forum Index » RN v2.20.00 - All Issues Author Message triple7 Hangin' Around Joined: Jul 28, 2008 Posts: 25 Posted: Mon Mar 23, 2009 8:17 pm It is now forwarding to Only registered users can see links on this board! Get registered or login to the forums! I have no idea of how the achieved this hack, I see no updated files, only updated direcotires. I have replced my index.php and my mainfile.php and also the WHOISWHERE directory in modules (and the corresponding Table) Can anyone lend some insight? Thanks Last edited by triple7 on Tue Mar 31, 2009 7:45 am; edited 1 time in total nuken RavenNuke(tm) Development Team Joined: Mar 11, 2007 Posts: 773 Location: North Carolina Posted: Mon Mar 23, 2009 8:23 pm It looks like your hosting company suspended your account. triple7 Hangin' Around Joined: Jul 28, 2008 Posts: 25 Posted: Mon Mar 23, 2009 8:38 pm nuken wrote: It looks like your hosting company suspended your account. No, the host is 1and1.com They have not suspended our account, that is just a redirect to that suspended page. nuken RavenNuke(tm) Development Team Joined: Mar 11, 2007 Posts: 773 Location: North Carolina Posted: Mon Mar 23, 2009 9:01 pm Have you looked in your CPanel or what ever control panel 1and1 uses to see if a foward has been put in? triple7 Hangin' Around Joined: Jul 28, 2008 Posts: 25 Posted: Mon Mar 23, 2009 9:09 pm nuken wrote: Have you looked in your CPanel or what ever control panel 1and1 uses to see if a foward has been put in? It hasn't, it's definately one of the includes or something. I re-created an index.php with just phpinfo (); in it, and it comes up when we go to our URL. evaders99 Moderator Joined: Apr 30, 2004 Posts: 3221 Posted: Mon Mar 23, 2009 10:24 pm And your site URL is? (We need to see whether its a Javascript or a server-level redirect) triple7 Hangin' Around Joined: Jul 28, 2008 Posts: 25 Posted: Tue Mar 24, 2009 5:42 am evaders99 wrote: And your site URL is? (We need to see whether its a Javascript or a server-level redirect) Additionally, the person shelled in, and left this in .bash_history: cat * | grep freedom.highqualityhost.net cat *.php | grep freedom.highqualityhost.net dir ls -al more .htaccess ls -al cd esaw dir cd sigs/ ls cd .. ls -al more .htaccess cd .. ls dir vi index.php vi -o index.php mainfile.php vi modules/RWS_WhoIsWhere/includes/RWS_wiw.inc.php And this in file called viminfo: # This viminfo file was generated by Vim 7.0. # You may edit it if you're careful! # Value of 'encoding' when this file was written *encoding=latin1 # hlsearch on (H) or off (h): ~H # Command Line History (newest to oldest): :q! # Search String History (newest to oldest): # Expression History (newest to oldest): # Input Line History (newest to oldest): # Input Line History (newest to oldest): # Registers: # File marks: '0 81 0 ~/modules/RWS_WhoIsWhere/includes/RWS_wiw.inc.php '1 179 0 ~/mainfile.php '2 29 48 ~/index.php # Jumplist (newest first): -' 81 0 ~/modules/RWS_WhoIsWhere/includes/RWS_wiw.inc.php -' 1 0 ~/modules/RWS_WhoIsWhere/includes/RWS_wiw.inc.php -' 179 0 ~/mainfile.php -' 29 48 ~/index.php -' 1 0 ~/index.php -' 179 0 ~/mainfile.php -' 29 48 ~/index.php -' 1 0 ~/index.php # History of marks within files (newest to oldest): > ~/modules/RWS_WhoIsWhere/includes/RWS_wiw.inc.php " 81 0 > ~/index.php " 44 0 > ~/mainfile.php " 179 0 Last edited by triple7 on Tue Mar 31, 2009 8:06 am; edited 1 time in total jakec Site Admin Joined: Feb 06, 2006 Posts: 2878 Location: United Kingdom Posted: Tue Mar 24, 2009 6:38 am If you are using RN 2.20.00 you should really upgrade, or at least patch the files. There was a security annoucement recently and this needs to be addressed ASAP! I would wipe your site and upload a backup of your database and files. Then you can patch the files. evaders99 Moderator Joined: Apr 30, 2004 Posts: 3221 Posted: Tue Mar 24, 2009 7:16 pm It does seem to be a server-level redirect. I would suggest do thorough cleaning, ask your host to format their server, rebuild from clean files. triple7 Hangin' Around Joined: Jul 28, 2008 Posts: 25 Posted: Tue Mar 24, 2009 7:48 pm evaders99 wrote: It does seem to be a server-level redirect. I would suggest do thorough cleaning, ask your host to format their server, rebuild from clean files. Yeah, we're getting our latest backup from the host currently, and we'll update to 2.3 I have a question, does ravennuke run on PHP5? Also, thanks all for your responses. jakec Site Admin Joined: Feb 06, 2006 Posts: 2878 Location: United Kingdom Posted: Wed Mar 25, 2009 12:57 am Yes RN does run on php5. montego Site Admin Joined: Aug 29, 2004 Posts: 8625 Location: Arizona Posted: Wed Mar 25, 2009 9:25 am But that is not a guarantee that what you ADD to it does... just keep that in mind. The core distro works just fine on PHP5. triple7 Hangin' Around Joined: Jul 28, 2008 Posts: 25 Posted: Mon Mar 30, 2009 7:43 am OK, just an update: The good news: Our site was NOT hacked. The bad news: I feel like a giant jackass. OK, so here's the real scoop. We had apparently been using a theme we bought from Only registered users can see links on this board! Get registered or login to the forums! AT the time of loading, the script goes through an authentication process making a call to, you guessed it, Only registered users can see links on this board! Get registered or login to the forums! Uh, go ahead and click that link, and you'll see where the problem arose. There had been a perfect storm of coincidences, which led to our site being down for 4 days, our host threating us with a TOS violation, and many, many angry hours spent on hold with our host (in the attempt to get a backup) Anyway, just in case anyone else may be using a theme from those guys, and has the same issue, I figured that I'd post the answer and save them the headache. montego Site Admin Joined: Aug 29, 2004 Posts: 8625 Location: Arizona Posted: Tue Mar 31, 2009 6:43 am I am sure you are glad to have that one behind you. EDIT: Please update your thread title to something other than the "hacked" part as it leaves a false impression. Thanks. Display posts from previous:   All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year  Oldest FirstNewest First        Ravens PHP Scripts And Web Hosting Forum Index » RN v2.20.00 - All Issues  Jump to:  Select a forum Read Me First!!!----------------Board Rules and Regulations Web Hosting Services----------------RWH GeneralRWH Pre Sale QuestionsRWH Client Center Application OnlyRWH OtherFAQ - PHP5 w/phpSuExec Conversion From PHP4PHP5 Conversion Issues From PHP4 RavenNuke(tm) Programming Standards/Approaches/Philosophy----------------RavenNuke / Raven CMS CMS WikiSecurity IssuesConverting/Creating BlocksConverting/Creating ModulesConverting/Creating ThemesConverting/Creating OtherConverting/Creating General DiscussionCertification - Submit Scripts For RavenNuke(tm) CertificationCertification - Modules, Blocks, Other Scripts/Applications Converted For RavenNuke(tm)Certification - All Discussion RavenNuke(tm) v2.4x----------------v2.4 RN Announcementsv2.4 RN Documentationv2.4 RN Issues RavenNuke(tm) v2.3x----------------v2.3 RN Announcementsv2.3 RN Quick Fixesv2.3 RN Issuesv2.3 RN Documentationv2.3 RN Feedback/Suggestionsv2.30.01 RN Security Issuesv2.30.01 RN New Installation Issuesv2.30.01 RN Upgrade Issuesv2.30.01 RN All Other Issues RavenNuke(tm) v2.2x----------------RN v2.20.00 - AnnouncementsRN v2.20.00 - All IssuesRN v2.20.00 - Feedback RavenNuke(tm) Addons----------------FCKeditor/WYSIWYG IssuesnukeFeed/FeedCreatorForum Attachment ModnukeSEOShortLinks/TegoNukeNukePie/SimplePieeCommerce Recommended Reading----------------Reading - AnnouncementsReading - Digital BooksReading - Hard/Soft cover BooksReading - Digital MagazinesReading - Printed Magazines Site Specific Stuff----------------READ ME FIRSTAnnouncementsRaven's v7.0 Customized DistroHack Attempt ScriptRaven's Customized Distribution PacksBUGS/FIXES - Raven's v7.3 Customized DistroCache Lite Admin ModuleNuke Tool Box (TM)Captcha SecurityRaven's RavenNuke(tm) v1.x DistroRaven's RavenNuke(tm) v2.00.00 - v2.02.00 DistroWYSIWYG - Raven's RavenNuke(tm) v2.x DistroRaven's Collapsing Forums BlockGT - Raven's RavenNuke(tm) v2.x DistroRaven's RavenNuke(tm) v2.02.02 DistroPost Fixes - Raven's RavenNuke(tm) v2.02.02 DistroPublic Testing of RavenNuke(tm) v2.10.00HtAccesserIssues/Problems With This Site Security----------------NukeSentinel(tm) Country and IP2Country UpdatesSecurity - PHP NukeSecurity - OtherNukeSentinel(tm) v2.6.xNukeSentinel(tm) v2.5.xNukeSentinel(tm) v2.4.xNukeSentinel(tm)NukeSentinel(tm) Bug ReportsNukeSentinel(tm) Enhancement RequestsNukeSentinel(tm) AnnouncementsPHP-Nuke Patched Series By Chatserv Information About Forums----------------PHPBBBB2NukePunBB PHP-Portal Project (Not General phpnuke!)----------------AnnouncementsDesign Discussions Scripts - General----------------Bug FixesGeneral/Other StuffHow To'sInstallation HelpPost Installation HelpGT - Next Gen and StandardSeeking applications ...ThemesBlocksModulesMaking Nuke Efficientphpnuke 8.1phpnuke 8.0phpnuke 7.9phpnuke 7.8phpnuke 7.7phpnuke 7.6phpnuke 7.6 Bugs/Fixesphpnuke 7.5phpnuke 7.4phpnuke 7.3phpnuke 7.2phpnuke 7.1phpnuke 7.0phpnuke 6.9phpnuke 6.8Bug Fixes for phpnuke 6.5phpnuke 6.5Gallery/Gallery2CNB Your AccountBrowser Specific IssuesUpgrading NukeNuke Treasury NSN Scripts----------------NSN NewsNSN GroupsNSN OtherNSN Gr Downloads - a.k.a NukeDepositoryNSN NukeProject Other CMS/Portal Applications----------------Post NukeNuke PlatinumNuke Evolution PHPBB----------------Stand Alonew/Nuke 6.5w/Nuke 6.9BBtoNuke ModsBBtoNuke General Programming - Server Help----------------PHPMySQLFor HireApacheHTMLCSSJavaScriptServer Help Guestbook Application (KISGB)----------------KISGB General Support Stock Quote Application (KISSQ)----------------KISSQ General Support RavenNuke(tm) v2.10.01----------------RN v2.10.01 - All IssuesRN v2.10.01 - Feedback RavenNuke(tm) v2.10.00----------------RN AnnouncementsRN FAQRN Bug FixesRN Not BugsRN Documentation Issues/SuggestionsRN Enhancement Requests and SuggestionsRN NSN Groups IssuesRN Themes IssuesRN NukeSentinel(tm) issuesRN Installer/Setup IssuesRN Bug Reports - Other IssuesRN Conversion Issues From v2.02RN Conversion Issues From Standard phpNukeRN The Good, The Bad, The Ugly 6.5 Hacks----------------Old Articles Hack Nuke News Module Hack To Allow Ordering of Articles----------------News Module Hack - AnnouncementsNews Module Hack - BugsNews Module Hack - Enhancement RequestsNews Module Hack - Discussion Other Stuff----------------Other - DiscussionOther - Sites To VisitOther - Chit ChatOther - PoliticsOther - Movie ReviewsOther - Humor Religion----------------Religion - GeneralPrayer/Praise Requests Potpourri----------------Rants & Raves  View next topic View previous topic You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum Forums ©

All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2010 by Raven

You can syndicate our news using the file



Website engines core code is © copyright by PHP-Nuke but has been heavily patched and modified by myself and others.
PHP-Nuke is a free software released under the GNU/GPL.


:: fisubice phpbb2 style by Daz :: PHP-Nuke theme by www.nukemods.com :::: fisubice Theme Modified by the RavenNuke™ Team ::
:: :: ::

zerosum