Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

I had a server change and now pl3 not blocking union queries
 View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.4.x
Author Message
j_felosi
Regular
Regular



Joined: Oct 17, 2005
Posts: 51
PostPosted: Fri Jan 13, 2006 1:05 am Reply with quote
UNI0N SELECTselect s.sid, s.aid, s.informant, s.title, s.time, s.hometext, s.bodytext, a.url, s.comments, s.topic from nuke_stories s, nuke_authors a where s.aid=a.aid AND (s.title LIKE '%s%') UNI0N SELECT 0,pwd,name,aid,0,0,0,0,0,0 FROM nuke_authors/*%' OR s.hometext LIKE '%s%') UNI0N SELECT 0,pwd,name,aid,0,0,0,0,0,0 FROM nuke_authors/*%' OR s.bodytext LIKE '%s%') UNI0N SELECT 0,pwd,name,aid,0,0,0,0,0,0 FROM nuke_authors/*%' OR s.notes LIKE '%s%') UNI0N SELECT 0,pwd,name,aid,0,0,0,0,0,0 FROM nuke_authors/*%') ORDER BY s.time DESC LIMIT 0,10

I been getting hit with that all night and other old union exploits and the sentinel is not banning, should I go back to the pl2?
 
View user's profile Send private message
j_felosi
PostPosted: Fri Jan 13, 2006 1:32 am Reply with quote
sorry its something on my server they have everything disabled, I know register globals is, would that cause it not to fire on union and other strings? The string blocker does work but nothing else. and They think they will get hacked with it on, but with it off Ill probably get hacked or make for a good test site where no one gets banned..
I need your php expertise raven.
 
Raven
Site Admin/Owner



Joined: Aug 27, 2002
Posts: 17088
PostPosted: Fri Jan 13, 2006 2:30 am Reply with quote
No. register_globals should only impact the admin.php ultra protection. Make sure the Union blocker is set to On and is set to email, block and write to .htaccess.
 
View user's profile Send private message
j_felosi
PostPosted: Fri Jan 13, 2006 2:48 am Reply with quote
Well They turned some stuff back on and I optimized the db and it started firing on them again. The strangest thing but I belive it was something I failed to upload or upload got corrupted. Anyway the pl3 is up and in action but it doesnt fire on the new exploits people are entering directly into search box, well at least not for me. These,
Code:
s%') UNION SELECT 0,user_id,username,user_password,0,0,0,0,0,0 FROM nuke_users/* -> users passwords and logins




Code:
s%') UNION SELECT 0,pwd,name,aid,0,0,0,0,0,0 FROM nuke_authors/* -> nuke_authors passwords and logins

The site is not vuln anyway but you know, could just be my site though because I had tested this on my friends regular nuke site and it banned for union. I entered union into my string blockers and it does fine.
Sorry for freaking yet again. Everything seems fine now.
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.4.x


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©