| Author |
Message |
MarKeR
Nuke Cadet
Joined: Jun 21, 2003
Posts: 3
|
 Posted:
Sun Jun 29, 2003 12:53 pm |
  |
|
   |
|
chatserv
General
Joined: Jan 12, 2003
Posts: 3128
Location: Puerto Rico
|
| Posted:
Sun Jun 29, 2003 1:18 pm |
|
Most likely the site has been abandoned, they are still using 5.5 and i recall they were selling the name/site as a package awhile back. |
_________________
Feed a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime.
ScriptHeaven | NukeResources |
|
 |
|
ferrari4ever
Corporal
Joined: May 30, 2003
Posts: 63
Location: The Netherlands
|
| Posted:
Sun Jun 29, 2003 1:30 pm |
|
this scares me... realy...
I've been hacked too,,, some weeks ago with nuke 6.0
but, how do they do that?
I mean,,, even if the admin.php is protected ? and only from fixed ip can be reached??? |
Last edited by ferrari4ever on Sun Jun 29, 2003 1:35 pm; edited 1 time in total |
|
|
|
chatserv
General
Joined: Jan 12, 2003
Posts: 3128
Location: Puerto Rico
|
| Posted:
Sun Jun 29, 2003 1:34 pm |
|
As long as the News module has been patched the lame script being used for that will not work. |
_________________
Feed a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime.
ScriptHeaven | NukeResources |
|
|
|
ferrari4ever
Corporal
Joined: May 30, 2003
Posts: 63
Location: The Netherlands
|
| Posted:
Sun Jun 29, 2003 1:57 pm |
|
So, you wanna say that nuke6.7 is safe?
but, how do they do that stuff???
I just wondering....
how do they putt that code there......... |
|
|
|
|
chatserv
General
Joined: Jan 12, 2003
Posts: 3128
Location: Puerto Rico
|
| Posted:
Sun Jun 29, 2003 2:05 pm |
|
Nuke 6.5 and up are safe from this particular hack, not wanting to say more than needed, they use a vulnerability in the News module's rating section to hack articles posted in the homepage. |
_________________
Feed a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime.
ScriptHeaven | NukeResources |
|
|
|
ferrari4ever
Corporal
Joined: May 30, 2003
Posts: 63
Location: The Netherlands
|
| Posted:
Sun Jun 29, 2003 2:23 pm |
|
So, if I remove the whole rating thing,,, would not have such as this attacks? |
|
|
|
|
chatserv
General
Joined: Jan 12, 2003
Posts: 3128
Location: Puerto Rico
|
| Posted:
Sun Jun 29, 2003 2:31 pm |
|
No need to remove it, pre-6.5 versions can be patched, 6.5 and up already are. |
_________________
Feed a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime.
ScriptHeaven | NukeResources |
|
|
|
Mickp
Corporal
Joined: Mar 02, 2003
Posts: 53
Location: Australia
|
| Posted:
Sun Jun 29, 2003 4:49 pm |
|
where could I find this patch, my 5.6 site has just been attacked with many of the news on the front page being changed. I am currently trying to convert it to 6.5, but i have many many customised modules (just about all of them actually) and it is/will take lots more time. The patch would be good for a temp measure.
Many thanks in advance
Mick |
|
|
|
|
chatserv
General
Joined: Jan 12, 2003
Posts: 3128
Location: Puerto Rico
|
| Posted:
Sun Jun 29, 2003 4:54 pm |
|
| Code: |
File: /modules/News/index.php
Replace:
function rate_article($sid, $score) {
global $prefix, $dbi, $ratecookie, $sitename, $r_options;
if ($score) {
if (isset($ratecookie)) {
$rcookie = base64_decode($ratecookie);
$r_cookie = explode(":", $rcookie);
}
for ($i=0; $i < sizeof($r_cookie); $i++) {
if ($r_cookie[$i] == $sid) {
$a = 1;
}
}
if ($a == 1) {
Header("Location: modules.php?name=News&op=rate_complete&sid=$sid&rated=1");
} else {
$result = sql_query("update ".$prefix."_stories set score=score+$score, ratings=ratings+1 where sid='$sid'", $dbi);
$info = base64_encode("$rcookie$sid:");
setcookie("ratecookie","$info",time()+3600);
Header("Location: modules.php?name=News&op=rate_complete&sid=$sid$r_options");
}
} else {
include("header.php");
title("$sitename: "._ARTICLERATING."");
OpenTable();
echo "<center>"._DIDNTRATE."<br><br>"
.""._GOBACK."</center>";
CloseTable();
include("footer.php");
}
}
With:
function rate_article($sid, $score) {
global $prefix, $dbi, $ratecookie, $sitename, $r_options;
$score = intval($score);
if ($score) {
if ($score > 5) { $score = 5; }
if ($score < 1) { $score = 1; }
if ($score != 1 AND $score != 2 AND $score != 3 AND $score != 4 AND $score != 5) {
Header("Location: index.php");
die();
}
if (isset($ratecookie)) {
$rcookie = base64_decode($ratecookie);
$r_cookie = explode(":", $rcookie);
}
for ($i=0; $i < sizeof($r_cookie); $i++) {
if ($r_cookie[$i] == $sid) {
$a = 1;
}
}
if ($a == 1) {
Header("Location: modules.php?name=News&op=rate_complete&sid=$sid&rated=1");
} else {
$result = sql_query("update ".$prefix."_stories set score=score+$score, ratings=ratings+1 where sid='$sid'", $dbi);
$info = base64_encode("$rcookie$sid:");
setcookie("ratecookie","$info",time()+3600);
Header("Location: modules.php?name=News&op=rate_complete&sid=$sid$r_options");
}
} else {
include("header.php");
title("$sitename: "._ARTICLERATING."");
OpenTable();
echo "<center>"._DIDNTRATE."<br><br>"
.""._GOBACK."</center>";
CloseTable();
include("footer.php");
}
} |
|
_________________
Feed a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime.
ScriptHeaven | NukeResources |
|
|
|
allevon
Site Mod
Joined: Nov 22, 2002
Posts: 716
Location: New Jersey
|
| Posted:
Sun Jun 29, 2003 5:49 pm |
|
Nuke methods has been re-altered to piss off Brazilian hackerz. Warning, not recommended for under 18 or if your a politically correct/easily offended or just not capable of handling whats written to piss off Brazilian hackers to finally end this crap. Again, Under 18 NOT ALLOWED to visit. |
_________________
"Give Me Liberty, Or Give Hackerz Death!!!"
Patrick Henry Revised for 21st century.
Let The Bodies Hit The Floor! Let The Bodies Hit The Floor! |
|
|
|
Mickp
Corporal
Joined: Mar 02, 2003
Posts: 53
Location: Australia
|
| Posted:
Sun Jun 29, 2003 5:53 pm |
|
Many thanks, I will add this once I have restored the server, it now appears that the hard drive has crashed according to the owners,  so lots of work to do. |
|
|
|
|
ulissesnelson
Lieutenant
Joined: Apr 09, 2003
Posts: 188
|
| Posted:
Wed Jul 02, 2003 9:26 am |
|
| allevon wrote: |
| Nuke methods has been re-altered to piss off Brazilian hackerz. Warning, not recommended for under 18 or if your a politically correct/easily offended or just not capable of handling whats written to piss off Brazilian hackers to finally end this crap. Again, Under 18 NOT ALLOWED to visit. |
Now you tell that?? ho my god my eyes,i need go to church  lol
Mickp Get a Sugestion from someone u hade a site Hacked(Changed)by the brazilian Kids UPGRATE the way the Nuke its today ,i can afirm that you ill have all your modules up in date and mucth more stuff |
|
|
|
|
|
|
