 |
|
 |
|
- Readme First! -
Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 155 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
|
 Security Alert 7/20/2003!
[Note:Copied from Message post to keep in archives]
I've been helping a user today. He couldn't login as Admin and upon investigation it just looked like a case of a forgotten password. Once I got him up and running, he said he knew he had never entered that author name in the God record. He inspected the nuke.sql file from his v6.8 distro and the INSERT statement to nuke_authors came preinstalled (thank you very much ) with a user 'aaa' and a password that of course was MD5'd! He said he got the v6.8 from a link on nukephp.org.
I won't bother preaching about using versions that aren't public and aren't from reliable sources. Be warned, however, to make sure you know your sources!
Read this post for more on this.
|
|
Posted on Sunday, July 27 @ 12:17:49 CEST by [RETIRED]Raven |
|
|
|
|
| |
|
Average Score: 1
Votes: 2
|
|
|
|
|
|
|
| | The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
| No Comments Allowed for Anonymous, please register | | | | |
Re: Security Alert (Score: 1)
by stmpeters on Sunday, July 27 @ 14:14:36 CEST
(User Info | Send a Message) | | Unfortunately, no new versions of PHP-Nuke have been released to the public since 6.5. If they were released to the public, then there would not be any problems similar to this one. |
| | | | |
Re: Security Alert (Score: 1)
by Azmeen on Monday, July 28 @ 21:32:35 CEST
(User Info | Send a Message) | | If someone is idiotic enough to not give a quick check on something as simple as an SQL file, then that person deserved to have his/her web site backdoored. |
| | | | | |
|
