| Author |
Message |
mvillamizar
Nuke Cadet
Joined: Jan 26, 2005
Posts: 2
|
 Posted:
Wed Jul 12, 2006 3:50 pm |
  |
Hi,
I've got a web site running on PHPNUKE, 3 month ago a hacker called 'CRACKER CHILD' deleted all folders and files from the modules folder.
A few days ago; I don't know if the same hacker, someone upload a folder with some files inside the modules folder. I checked those files and it was a login web page from bank of America.
Very scary....  .
First question, how on earth some one can upload or delete files from a server, without knowing the FTP user and password?
Second, it is a security issue on PHPNUKE? has anyone heard something similar.
I really appreciate if some one answer this post.
Thanks |
|
|
   |
|
Colorteck
Corporal
Joined: Dec 26, 2003
Posts: 73
|
| Posted:
Wed Jul 12, 2006 7:47 pm |
|
Yes heard of it as it happens all the time if you do not keep your software up to date. I do not know what version of Nuke you are running but you need to find out.
Also make sure your phpbb forums are up to date as I think it is at 2.021 now. If you do a nuke upgrade you still will need to upgrade your phpbb forums as well. Apparently you are running a version of phpnuke that has issues.
They do not need your login info to get scripts into your account. Maybe you should also run some security features with Nuke as they are all listed here. |
|
|
 |
|
gsicard
Sergeant
Joined: Feb 08, 2003
Posts: 105
Location: Virginia, USA
|
| Posted:
Thu Jul 13, 2006 5:42 am |
|
Create and .htaccess file and upload it to your modules directory with this code in it.
| Quote: |
<filesmatch "\.php$">
deny from all
</filesmatch>
|
I had to use quote because the code function seems to be disabled.
your modules copyright and forums admin will not work while this file is active but it should give you some protection. |
|
|
  |
|
mvillamizar
Nuke Cadet
Joined: Jan 26, 2005
Posts: 2
|
| Posted:
Thu Jul 13, 2006 3:04 pm |
|
Thanks for your answer,
the phpnuke version is 7.6
I don't have any forum install on my web site.
My hosting does not let me create .htaccess file.
What can I do in this case?
I think i found the problem, it is a security hole in My_eGallery, I did found a c99shell.php and with that script you could deleat, create, modify a file, also create and deleat folders.
Does any one know how to secure My_eGallery?
Thanks |
|
|
|
|
Colorteck
Corporal
Joined: Dec 26, 2003
Posts: 73
|
| Posted:
Thu Jul 13, 2006 7:37 pm |
|
Most likely you will need to run the latest version of gallery. Check their website and see what the latest version is. E-Gallery the same thing as
http://www.nukedgallery.net/ ?
If not maybe you want to use this one.  |
|
|
|
|
HalJordan
Support Staff
Joined: Aug 07, 2004
Posts: 1117
Location: Somewhere around Hunan, China
|
| Posted:
Sat Jul 15, 2006 7:57 pm |
|
Get and install the chatserv patched files for 7.4.
Get and install Nuke Sentinel.
Check all your permissions on files and folders. Files should be 644 and folders 755 (only authorised ftp user can write to folders and files.
I second the motions about upgrading the forums and eGallery. I have used menalto's Gallery with no probs. |
_________________
Obedezco, pero no cumplo.
Proprietor, www.computernewbie.info
Support staff, www.nukecops.com |
|
 |
|
|
|
