And they are just injecting some text, img links and an easy META refresh tag into the News mod.
Author: corto11, Posted: Sun Jun 25, 2006 12:53 pm Post subject: Thank You
Thanks for the tip on the .htaccess file for zone-h.org. I've made that change. And you're right this was not the source of the attack, just a mirroring of it.
Can I make a change to the news module that will prevent the defacement?
Author: jakec06, Location: Surrey, UKPosted: Sun Jun 25, 2006 1:02 pm Post subject:
What version are you using?
Have you got NukeSentinel and using the latest patches?
Author: corto11, Posted: Sun Jun 25, 2006 1:24 pm Post subject:
nuke_config says a start date of 10/17/2004 and a version of 7.4. Does that version jibe with that date?
I surprised myself when I checked the version. I thought I was in the 6.5-6.7 range but I may not be as bad off as I thought I was.
I am not using NukeSentinel and am behind in patching as well.
Author: yameth, Posted: Tue Jun 27, 2006 12:04 pm Post subject:
Well... this is very funny..
A totally indifferent discussion is carried below my post, that has nothing to do with it! I suppose a split would be appropriate.
Getting back to it, any ideas on my issue? Thanks.
Author: jakec06, Location: Surrey, UKPosted: Tue Jun 27, 2006 12:23 pm Post subject:
Sorry about that, saw the 2nd post and thought it was about the same thing.
I don't think the message module is the problem, they probably just use it once they have got in.
They are probably getting in from somewhere else, do you have any logs, or does anything show up in NukeSentinel?
I've never use 6.5, so I could be wrong. What other modules/MODS etc are you using?
Author: yameth, Posted: Wed Jul 12, 2006 4:38 am Post subject:
Enhanced search 2.0, which recently I've found it has security issues, Sommaire, Nuke C 2.1, Jinzora.
Author: perfect-games, Posted: Wed Jul 12, 2006 4:47 am Post subject:
many modules do have security issues with there addons, with the 6.5 i would upgrade to latest patch files.
even if your unable overwrite your current files update maunally by checking nukefixes.com.
and 3rd party addons there not much support as many projects have stopped support by there developer like nukestyles search module and downloads module.
if any of these sites still are active you should contact the developer they may be able to help you.
we at nukecops will soon start upgrading some popular scripts where development has stopped.
like nukestyles and bring them upto date with phpnuke 7 & 8 releases.
along with our own addons where full support will be provided by our team.