You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 44 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Nuke Cops :: View topic - Am I Being Hacked? [ ]
 Forum FAQ  •  Search  •   •  Memberlist  •  Usergroups   •  Register  •  Profile •    •  Log in to check your private messages  •  Log in

Am I Being Hacked?
 
This forum is locked: you cannot post, reply to, or edit topics.  This topic is locked: you cannot edit posts or make replies.printer-friendly view Nuke Cops Forum Index » Admin Secure
View previous topic Log in to check your private messages View next topic
Author Message
mphare
Corporal
Corporal


Joined: Jul 06, 2004
Posts: 52
PostPosted: Sun Nov 28, 2004 3:30 pm Reply with quoteBack to top
For the past two days, Protector has sent me these emails:

Quote:
Admin Secure detecting invalid file inclusion passed to index.php or modules.php files. This could be possible cross-site scripting (XSS) hack attempt to your site. For security reason, this attempt has been blocked by Admin Secure to protect your website. Admin Secure has been collecting these following information:

Date: 28 November 2004, 11:30
IP Address: 82.127.37.112
Host: Laubervilliers-151_13-2-112.w82-127.abo.wanadoo.fr
User-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows 9Cool
Request: /Portal/html/modules.php?name=Forums&file=modules&name=Forums&file=modules/Forums/faq&sid=85b9a033e621d2786b1d39f301e263b4
Variable: $file = modules/Forums/faq

Quote:
Request: /Portal/html/modules.php?name=Forums&file=modules&name=Forums&file=modules/Forums/index&sid=85b9a033e621d2786b1d39f301e263b4
Variable: $file = modules/Forums/index

Quote:
Request: /Portal/html/modules.php?name=Forums&file=modules&name=Forums&file=modules/Forums/search&sid=85b9a033e621d2786b1d39f301e263b4
Variable: $file = modules/Forums/search

and

Quote:
Date: 27 November 2004, 06:58
IP Address: 80.37.84.111
Host: 111.Red-80-37-84.pooles.rima-tde.net
User-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
Request: /Portal/html/modules.php?name=Forums&file=modules&name=Forums&file=modules/Forums/faq&sid=0abed7c3f1474f3159db6560115b9128
Variable: $file = modules/Forums/faq

Quote:
Request: /Portal/html/modules.php?name=Forums&file=modules&name=Forums&file=modules/Forums/index&sid=0abed7c3f1474f3159db6560115b9128
Variable: $file = modules/Forums/index

Quote:
Request: /Portal/html/modules.php?name=Forums&file=modules&name=Forums&file=modules/Forums/search&sid=0abed7c3f1474f3159db6560115b9128
Variable: $file = modules/Forums/search


Should I be worried? Have I already been Hacked? Did Protector protect me? What are they trying to do?

Thanks,

_________________
- - - - - - - - - - - - -
- me
GnuPG Key fingerprint = 1AD4 726D E359 A31D 05BF ACE5 CA93 7AD5 D8E3 A876
Find all posts by mphareView user's profileSend private message
madman
Support Mod
Support Mod


Joined: Feb 15, 2004
Posts: 806
PostPosted: Mon Nov 29, 2004 8:25 am Reply with quoteBack to top
Those are false alarm due of bug in bb2nuke.
May I know what bb2nuke (nuke forums) version currently used?

_________________
I'm Image
Find all posts by madmanView user's profileSend private messageVisit poster's websiteYahoo MessengerMSN Messenger
mphare
Corporal
Corporal


Joined: Jul 06, 2004
Posts: 52
PostPosted: Mon Nov 29, 2004 9:58 am Reply with quoteBack to top
That's good to know.

This is what is says at the bottom of the forum screen:
Quote:
Powered by phpBB 2.0.10 © 2001 phpBB Group
phpBB port v2.1 based on Tom Nitzschner's phpbb2.0.6 upgraded to phpBB 2.0.4 standalone was developed and tested by:
ArtificialIntel, ChatServ, mikem, sixonetonoffun and Paul Laudanski (aka Zhen-Xjell).

Version 2.1 by Nuke Cops © 2003 http://www.nukecops.com


I'm running nuke 7.4 and used the patches to upgrade bb2nuke to 2.0.10

Thanks madman.

_________________
- - - - - - - - - - - - -
- me
GnuPG Key fingerprint = 1AD4 726D E359 A31D 05BF ACE5 CA93 7AD5 D8E3 A876
Find all posts by mphareView user's profileSend private message
Evaders99
Site Admin
Site Admin


Joined: Aug 17, 2003
Posts: 12372
PostPosted: Mon Nov 29, 2004 10:28 am Reply with quoteBack to top
A lot of header redirect code has been changed in 2.0.11 - I hope they will eliminate this problem finally. Will test and find out Smile

_________________
Helping those that help themselves
Read FIRST or DIE!

"Fighting is terrible, but not as terrible as losing the will to fight."
Star Wars Rebellion Network - Need Help? Evaders Squadron Coding
Find all posts by Evaders99View user's profileSend private messageVisit poster's websiteAIM Address
Display posts from previous:      
This forum is locked: you cannot post, reply to, or edit topics.  This topic is locked: you cannot edit posts or make replies.printer-friendly view Nuke Cops Forum Index » Admin Secure
View previous topic Log in to check your private messages View next topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group

Ported by Nuke Cops © 2003 www.nukecops.com
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::
Powered by · TOGETHER TEAM srl ITALY http://www.togetherteam.it · DONDELEO E-COMMERCE http://www.DonDeLeo.com
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.188 Seconds - 343 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::