Some one sent me a script and said they can use it to hack into my Site.
Now I tried the scriped to see what it does, and I have my Sentinal to Ban and Redirect on Union Scrips, But Sentinal did Nither. The script is
O.K. New Problem, Sentinal not working, now someone has found a way to change Members Passwords, Then log into there account. Not exacty sure how it is done but Sentinel gave me this code
Quote:
/modules.php?realname=account Name&user_email=email&femail=@hotmail.com&user_website=http://www.evoelite.tk&user_icq=&user_aim=&user_yim=bainsey123&user_msnm=&user_from=England, UK&user_occ=PC Engineer&user_interests=Rugby League, Manchester United&newsletter=1&user_viewemail=0&user_allow_viewonline=1&user_notify=0&user_notify_pm=0&user_popup_pm=0&user_attachsig=0&user_allowbbcode=1&user_allowhtml=1&user_allowsmile=1&user_timezone=0&user_dateformat=Y-m-d, H:i:s&user_sig=The CHAMP is HERE!&bio=&user_password=password&vpass=passwordt&username=Account&user_id=4&op=saveuser 2005-07-07 @ 17:39:59
I am using php nuke 7.7
CNB Your Account 4.4.2
Anyone have any clues on how to stop this from Happening again.
Sentinal isn't stopting the attacs
tjjr615 Nuke Cadet
Joined: Jul 05, 2005
Posts: 8
Posted:
Thu Jul 07, 2005 3:05 pm
Forgot to Add, This is what the Hacker told me how he did it.
Hacker: you know when u get into an account
Hacker: and u press the Submit for profile change?
Hacker: thats a simulation of pressing submit
Hacker: The only way to stop that code i gave yo
Hacker: is to **** up the entire your account module
Hacker: and as i said
Hacker: How i got there, was an exploit
Hacker: and It is my own code
Hacker: and i will not release it to any ****ing body, not a fix, not a single byte of concept
Yes it is as far as I can see, No I learned the the hackers had databases to 2 Of my Sites, is there a way they could have gotten password from them?
I was trying to mess around with some of the scripts they tried and I did get banned, Don't realy know how I did it. but I was Banned, but the hacker wasn't
Evaders99 Site Admin
Joined: Aug 17, 2003
Posts: 12383
Posted:
Fri Jul 08, 2005 3:34 am
You may need to talk to the Sentinel guys about this. Perhaps with your access logs, you may be able to see how they bypassed Sentinel, if that's what they did
Found some more info on what happed. It looks like my One site was not hacked. A Admin gave someone access to the admin area and they stole the Database from nuke.
Now the question is, with the Database, they have all the User info, and the Incripted passwords, is there a way they can send that info to nuke and login using someone's account. That is what it is starting to look like,
I asked him (Hacker) To prove to me he knows how to hack, I told him to access my Account, (I did change Password) and post a message in my fourums under my name. And I asked him to log into the Admin area.
No he is giving me the run around saying he don't want to mess up my Site again. and things like that. so No I am Questioning if he was able to get the info to get in from the database they downloaded.
Evaders99 Site Admin
Joined: Aug 17, 2003
Posts: 12383
Posted:
Fri Jul 08, 2005 5:07 pm
Well basically they can craft a cookie with those encoded passwords to try and login. I'm not a hacker, so I don't know how succesful that would be.
Given the compromise, I would notify all your users to change their passwords ASAP.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
