on my webpage I had 2 users "Admin." when I logged out as admin, I tried to log back in as "admin" but the two conflicting passwords wouldnt allow me to log back in, therefore i got an error message.
Now, I'm using PHP Nuke, version 7.
I have Protector installed, as well as PHPMyAdmin, and Admin Secure.
Is there a way through PHP MyAdmin to create a God user?
Second, even though it says I Emptyed the nuke_authors folder in PHPMyAdmin (which would delete all admins) there are still files within the nuke_authors folder, should they be altered?
Any help would be GREATLY appreciated...
I was hacked two days ago, got all this security installed, low and behold now it is keeping me out of my own site
BrainSmashR Support Mod
Joined: Jan 05, 2004
Posts: 1390
Location: Louisiana, USA
Posted:
Sun May 30, 2004 4:52 pm
After you "successfully" empty the nuke_authors table. Go to admin.php and it will default to the admin account setup. There you will create your new admin account.
BTW, making multiple posts in various spots won't get you help any faster.....it will just annoy the admin's and us regulars.
_________________
USE THE FORUM. If you contact me via messenger for support I will add you to my ignore list.
drujr Nuke Soldier
Joined: May 30, 2004
Posts: 12
Posted:
Sun May 30, 2004 4:57 pm
My apologies but I couldnt move the post, I thought it would be more appropriate in this forum as it was specific to Admin Secure. Sorry.
Now, how can I confirm that i've emptied the nuke_authors table, should EVERYTHING within the table be deleted? Because right now there are still fields within it.
Also, earlier I attempted what you said, I went through that process: added a name, webpage, email, password etc, then it shot me over to the default Administrator Login page, upon entering any information it would send me back to the create Administrator page ("No administrators have been registered...")
BrainSmashR Support Mod
Joined: Jan 05, 2004
Posts: 1390
Location: Louisiana, USA
Posted:
Sun May 30, 2004 5:04 pm
right, you should still see the fields in the table, but no entries.
It guess it's possible that they changed some of the fields when you were hacked in order to prevent you from re-gaining access.......but I'm no expert.
You can drop the following code into your database via phpMyAdmin and see if it helps. This is from a SQL back-up of my old phpNuke 7.3 site. This will totally drop your nuke_authors table, then re-create it.
Then you could try going to your admin.php and try creating a new admin account.
I'm not 100% sure that will work.......but I don't see any other suggestions at the moment either, so.....
Code:
DROP TABLE IF EXISTS `nuke_authors`;
CREATE TABLE `nuke_authors` (
`aid` varchar(25) NOT NULL default '',
`name` varchar(50) default NULL,
`url` varchar(255) NOT NULL default '',
`email` varchar(255) NOT NULL default '',
`pwd` varchar(40) default NULL,
`counter` int(11) NOT NULL default '0',
`radminarticle` tinyint(2) NOT NULL default '0',
`radmintopic` tinyint(2) NOT NULL default '0',
`radminuser` tinyint(2) NOT NULL default '0',
`radminsurvey` tinyint(2) NOT NULL default '0',
`radminsection` tinyint(2) NOT NULL default '0',
`radminlink` tinyint(2) NOT NULL default '0',
`radminephem` tinyint(2) NOT NULL default '0',
`radminfaq` tinyint(2) NOT NULL default '0',
`radmindownload` tinyint(2) NOT NULL default '0',
`radminreviews` tinyint(2) NOT NULL default '0',
`radminnewsletter` tinyint(2) NOT NULL default '0',
`radminforum` tinyint(2) NOT NULL default '0',
`radmincontent` tinyint(2) NOT NULL default '0',
`radminency` tinyint(2) NOT NULL default '0',
`radminsuper` tinyint(2) NOT NULL default '1',
`admlanguage` varchar(30) NOT NULL default '',
`radminblocker` tinyint(2) NOT NULL default '0',
PRIMARY KEY (`aid`),
KEY `aid` (`aid`)
) TYPE=MyISAM;
_________________
USE THE FORUM. If you contact me via messenger for support I will add you to my ignore list.
drujr Nuke Soldier
Joined: May 30, 2004
Posts: 12
Posted:
Sun May 30, 2004 5:48 pm
Ive tried what you said... but I'm not too optimistic about this one....
I just dont understand... If all of the authors have been cleared out - why wont it let me create a Super User? Is it because of the extra protection I have on the site, such as Protector and AdminSecure? Should I try to disable these externally?
drujr Nuke Soldier
Joined: May 30, 2004
Posts: 12
Posted:
Sun May 30, 2004 6:54 pm
still nothing...
when i'm trying to access AdminSecure through the "emergency panel" this is the error i get, probably unrelated to whats going on above:
Database Error!
An error was encountered while approving god admin account.
Error Message:
(Code: 0)
It strongly recommended that you stop this process now. Make sure your PHP-Nuke is properly installed and configured, and your site has no database problems.
any ideas...... or should i just throw in the towel altogether..
tix Lieutenant
Joined: Feb 05, 2004
Posts: 170
Posted:
Sun May 30, 2004 7:50 pm
So if admin Secure doesnt let you make an admin unintall it make the admin and re-install it
Ok drujr Lets try reading this, This same thing happened on a friends site, It got fixed by reinstalling Nuke because he could'nt wait for me to find a fix (Pushy - yes, Can't Wait for anything in his life - You got what i'm saying ) Anyways give that a read, If your site isn't that large, you should consider reinstalling, though there has to be some kinda fix out there to this, your not writing to the database for some reason, and the Hackers may have something to do with this, The Admin Secure error is probably coming up due to when you dropped the Admin table, you dropped the fields it needed to operate, (If it created any fields in the authors table) I haven't used AS but i plan on it, My fix to the hacks is to move the admin.php every night, works well However i am gonna install the 'Army' i call it, (Fortess, Admin Secure and so on) and i bet the hacking will hault. Back on topic, read that link and if i find anything else on it i will post back.
Mitch
hue Support Mod
Joined: Apr 18, 2003
Posts: 368
Location: Ohio
Posted:
Mon May 31, 2004 5:38 am
drujr,
I have sent you a pm about this!
drujr Nuke Soldier
Joined: May 30, 2004
Posts: 12
Posted:
Mon May 31, 2004 6:23 am
A full reinstall looks good at this point, but the Rainbow Brite of the thing is readding all the articles/news on my site back in there, especially how it'll all be on the same day/hour when I re-post them..
I checked my config.php, this is what it looked like:
i changed the "$gfx_chk = 7;" to "$gfx_chk = 0;" thinkin that may have been the problem, but no luck..
Tank863 Lieutenant
Joined: Feb 21, 2003
Posts: 195
Location: Philadelphia
Posted:
Mon May 31, 2004 6:24 am
Okay.. if you have not got it fioxed try this solution.
BrainSmasheR was on about what he was tellng you to do. However, one of the features of Amdin Secure is that it duplictaes your nuke_authors table into its own table and that table will be called what ever you named it using the admin secure in the includes/asconfig.php file.
More likely than not you will have to empty this table also using phpmyadmin.. or you may have to uninstall Admin Secure to successfully complete what you need to do.
madman Support Mod
Joined: Feb 15, 2004
Posts: 806
Posted:
Mon May 31, 2004 11:34 am
drujr wrote:
on my webpage I had 2 users "Admin." when I logged out as admin, I tried to log back in as "admin" but the two conflicting passwords wouldnt allow me to log back in, therefore i got an error message.
How come two different admin accounts with identical password can refuse you to logged in?
drujr wrote:
Is there a way through PHP MyAdmin to create a God user?
You can do this from PHP-Nuke "edit admin" function.
Create a new admin with "name" as God and nickname can be anything.
drujr wrote:
Second, even though it says I Emptyed the nuke_authors folder in PHPMyAdmin (which would delete all admins) there are still files within the nuke_authors folder, should they be altered?
If you are using Admin Secure, you can revert back your admin accounts using emergency menu. Logout as admin and run asec.php (or whatever filename you used). Enter two security codes that was given at first installation and lick on "Recovery Progress" option. This will restore all admin accounts to last known good and remove unwanted admin accounts.
_________________ I'm
drujr Nuke Soldier
Joined: May 30, 2004
Posts: 12
Posted:
Mon May 31, 2004 3:10 pm
Quote:
How come two different admin accounts with identical password can refuse you to logged in?
That was only my assumption, I dont know why I couldnt log back in once I logged out.
Quote:
If you are using Admin Secure, you can revert back your admin accounts using emergency menu. Logout as admin and run asec.php (or whatever filename you used). Enter two security codes that was given at first installation and lick on "Recovery Progress" option. This will restore all admin accounts to last known good and remove unwanted admin accounts.
Yeah, this didn't work for me either.
drujr Nuke Soldier
Joined: May 30, 2004
Posts: 12
Posted:
Mon May 31, 2004 5:20 pm
Problem solved thanks to the one and only "hue" from cheap-solutions.com
Great guy, I dont even use his service but he invited me onto Teamspeak and helped me for over two hours to fix the problems on my website.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
) Anyways give that a read, If your site isn't that large, you should consider reinstalling, though there has to be some kinda fix out there to this, your not writing to the database for some reason, and the Hackers may have something to do with this, The Admin Secure error is probably coming up due to when you dropped the Admin table, you dropped the fields it needed to operate, (If it created any fields in the authors table) I haven't used AS but i plan on it, My fix to the hacks is to move the admin.php every night, works well 
