You are missing our premiere tool bar navigation system! Register and use it for FREE!


Author: spottedhogPostPosted: Mon May 22, 2006 2:53 am    Post subject:

Something simple you could do is to change the name of the admin.php file....

Author: whitemaxPostPosted: Sun May 28, 2006 2:21 pm    Post subject:

This is not simple. I try change name, change admin name in config and repleace name in admin file security code.
In admin menu any option is "Acces denied".
Any idea??



Nuke Cops -> Nuke Security

All times are GMT - 8 Hours

Page 1 of 1

Powered by phpBB © 2001,2002 phpBB Group
NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 

Author: perfect-gamesPostPosted: Sat Apr 29, 2006 7:51 am    Post subject:

what version of phpnuke are you running, seems you are not using current patches and sentinal either not done right or using an old version.

thanks

steve

Author: PropagandaPostPosted: Sat Apr 29, 2006 7:57 am    Post subject:

I am running 7.8 with the latest patches and as far as I know sentinel is set up properly. I got this from sentinel:

Date & Time: 2006-04-29 12:36:27 EDT GMT -0400
Blocked IP: 85.96.125.137
User ID: Anonymous (1)
Reason: Abuse-Author

Author: perfect-gamesPostPosted: Sat Apr 29, 2006 9:57 am    Post subject:

well thats normal someone attempted a hack and they were banned and its in your sentinal log and probley emailed to you as well.

you have nothing to worry about this is normal

thanks

steve

Author: PropagandaPostPosted: Sat Apr 29, 2006 5:09 pm    Post subject:

It still created the user, and IP block doesn't mean much if someone is using a proxy. I set sentinel to http auth, maybe that will help.

Author: sahoLocation: TurkeyPostPosted: Sun May 21, 2006 10:30 pm    Post subject:

admin.php open
require_once("mainfile.php");
later add

Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 209 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Nuke Cops :: View topic - Hack added admin Hack added admin

Nuke Cops -> Nuke Security

Author: Propaganda PostPosted: Sat Apr 29, 2006 7:46 am    Post subject: Hack added admin

I had an alert from nuke sentinel, someone ran the admin.php to add a superuser.

www.justfungaming.com//admin.php?add_aid=hacker&add_name=hacker&add_pwd=123456&add_email=birxx@yahoo.com&admin=(code edited to prevent more abuse)

And it worked and added a superuser. Anyone know how to prevent this?
Code:
$checkurl = $_SERVER['REQUEST_URI'];
if((stripos_clone($_SERVER["QUERY_STRING"],'AddAuthor')) || (stripos_clone($_SERVER["QUERY_STRING"],'VXBkYXRlQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'QWRkQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'UpdateAuthor')) || (preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
   die("Illegal Operation");
}
Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.131 Seconds - 137 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
added by Evaders - DO NOT REMOVE
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::