| Author |
Message |
3rdschulz
Hangin' Around
Joined: May 19, 2006
Posts: 39
|
 Posted:
Tue Jun 13, 2006 5:24 pm |
 
|
Hey, my website was hacked AGAIN for the 3rd time in past couple months! can anyone help me out with this? I am not sure if this is right section or not but I seen another guy post here with same kind of issue.
I am pretty much a phpnuke noob.
running PNC 3.0.1
which came with nuke sentinal but I guess they got past it. |
|
|
|
|
persona_non_grata
Joined:
Posts: 0
|
| Posted:
Tue Jun 13, 2006 5:29 pm |
|
well its easy to point at sentinel....but im pretty sure they used a backdoor provided by some addon....
But PNC...whats that? |
|
|
|
|
|
kguske
Site Admin
Joined: Jun 04, 2004
Posts: 4887
|
| Posted:
Tue Jun 13, 2006 6:24 pm |
|
Sorry to jump in persona_non_grata, but some additional questions that might help:
Are you running any addons that allow uploads (e.g. a photo gallery)?
Is your NukeSentinel current? |
|
|
|
|
|
3rdschulz
Hangin' Around
Joined: May 19, 2006
Posts: 39
|
| Posted:
Tue Jun 13, 2006 9:47 pm |
|
As far as I know sentinel is current. PNC is another nuke prog kinda like raven nuke and platnum nuke. I had vwar, latest version installed. Any ideas as to how to go about fixing this?
pnc info can be found here
|
|
|
|
|
|
persona_non_grata
Joined:
Posts: 0
|
| Posted:
Wed Jun 14, 2006 4:35 am |
|
well vwar is very vunerable....
to help you its for the best if you tell us what kind of mods you have installed that might be opening doors....like kguske says...any gallery? |
|
|
|
|
|
3rdschulz
Hangin' Around
Joined: May 19, 2006
Posts: 39
|
| Posted:
Wed Jun 14, 2006 9:10 am |
|
well I had v3 arcade, vwar with members roster, applications to join, and all other standard vwar features, I had a up and running ventrilo status block, a bf2 stat tracking block that got its info from bf2tracker.com I had phpbb forums, Nuke sentinal, paypal donations block, and really thats all I can think of. Other than that you can apply to be a member of the site and upload your own avatars and things I believe for the forum. Most of that is pretty standard stuff for gaming clan to have on there nuke site and no one elses is getting hit as much as mine. |
|
|
|
|
|
persona_non_grata
Joined:
Posts: 0
|
| Posted:
Wed Jun 14, 2006 9:21 am |
|
the vwar is mentioned before as it has vunerabilities.as far as i know of ...sentinel never lost any battle of hack attempts...
so these things are mostly caused by the website owners self..
and you should have dived into your stats,logs whatever to track down how they did it or from where...
if you dont fix this then you can only wait till the next time.. |
|
|
|
|
|
technocrat
Involved
Joined: Jul 07, 2005
Posts: 492
|
| Posted:
Wed Jun 14, 2006 12:18 pm |
|
If you did not install sentinel pl6 then you most likely got hacked by the phpbb admin exploit that has been going around. |
|
|
|
|
|
3rdschulz
Hangin' Around
Joined: May 19, 2006
Posts: 39
|
| Posted:
Wed Jun 14, 2006 4:56 pm |
|
Its possible I did not have the latest sentinel since I was running the version that came with PNC. everything in my cpanel appears to be fine.... |
|
|
|
|
|
3rdschulz
Hangin' Around
Joined: May 19, 2006
Posts: 39
|
| Posted:
Fri Jun 23, 2006 12:36 pm |
|
iVE BEEN HACKED YET AGAIN..... |
|
|
|
|
|
3rdschulz
Hangin' Around
Joined: May 19, 2006
Posts: 39
|
| Posted:
Fri Jun 23, 2006 12:58 pm |
|
only now my sentinel wont even allow me to acsess anything in the admin phpnuke area |
|
|
|
|
|
Guardian2003
Site Admin
Joined: Aug 28, 2003
Posts: 4868
|
| Posted:
Sat Jun 24, 2006 6:44 am |
|
Please be more specific.
You can see the site as a normal user?
Can you actually log in as an admin (and not see any of the admin icons) or can you not log in at all as an admin?
If you cannot access the site all, compare the htaccess and config.php files on your site with those in your last back up to see if there are any obvious anomolies. |
|
|
 
|
|
3rdschulz
Hangin' Around
Joined: May 19, 2006
Posts: 39
|
| Posted:
Sat Jun 24, 2006 11:57 am |
|
ok well while working on this I delted the god account in phpmyadmin. How do I create a new god account? I tryed logging in under other super user accounts and I see no phpnuke admin icons, just th elog out button.
I have tryed this with no luck so far
Does anyone know how to create a new "god" account in phpmyadmin? |
|
|
|
|
|
Guardian2003
Site Admin
Joined: Aug 28, 2003
Posts: 4868
|
| Posted:
Sat Jun 24, 2006 12:21 pm |
|
|
|
|
|
kguske
Site Admin
Joined: Jun 04, 2004
Posts: 4887
|
| Posted:
Sat Jun 24, 2006 4:58 pm |
|
What happened when you tried that? |
|
|
|
|
|
3rdschulz
Hangin' Around
Joined: May 19, 2006
Posts: 39
|
| Posted:
Sat Jun 24, 2006 5:49 pm |
|
|
|
|
|
kguske
Site Admin
Joined: Jun 04, 2004
Posts: 4887
|
| Posted:
Sat Jun 24, 2006 7:15 pm |
|
Tried to access your admin... |
|
|
|
|
|
3rdschulz
Hangin' Around
Joined: May 19, 2006
Posts: 39
|
| Posted:
Sat Jun 24, 2006 8:22 pm |
|
The account has been deleted in phpmyadmin It wont allow me to login to access my admin because god admin hsa been deleted. My superusers no longer work for access since then either |
|
|
|
|
|
gregexp
The Mouse Is Extension Of Arm
Joined: Feb 21, 2006
Posts: 1472
Location: In front of a screen....HELP! lol
|
| Posted:
Sat Jun 24, 2006 11:41 pm |
|
go into phpmyadmin..then click insert...and itll bring u to a page...fill all the info out
the only thing extra is to make it set ur password function to md5 before u hit save
easiest thing would be a screenshot...heres one for u:
MAKE aid God
then name ur username.
fill out all info:
Set your password function to MD5:
Remember your password as you will not know what it is through phpmyadmin.
Now hit go or save.
this will make a new god admin account. |
|
|
 
  |
|
3rdschulz
Hangin' Around
Joined: May 19, 2006
Posts: 39
|
| Posted:
Sat Jun 24, 2006 11:56 pm |
|
ok followed your example exactly exceptI did not have a radminsuper box to enter the value one. when i try to login to ........admin.php I enter my username and password along with my number code and it dosent work |
|
|
|
|
|
gregexp
The Mouse Is Extension Of Arm
Joined: Feb 21, 2006
Posts: 1472
Location: In front of a screen....HELP! lol
|
| Posted:
Sun Jun 25, 2006 12:04 am |
|
ok this is probably due to the fact that u dont have the radminsuperuser...u sure u saved ur password in md5?
also this is not right to have no radminsuper in any authors table ive ever seen.
I maybe wrong here but it should be there and if it isnt then we may need to remake the table.
what version of nuke are you currently running? |
|
|
|
|
|
3rdschulz
Hangin' Around
Joined: May 19, 2006
Posts: 39
|
| Posted:
Sun Jun 25, 2006 12:08 am |
|
PNC 3.0.1
u want me to take a screenie? |
|
|
|
|
|
gregexp
The Mouse Is Extension Of Arm
Joined: Feb 21, 2006
Posts: 1472
Location: In front of a screen....HELP! lol
|
| Posted:
Sun Jun 25, 2006 12:08 am |
|
also try this one more time but dont put anything into the fields of counter radminsuper and adminlanguage. |
|
|
|
|
|
gregexp
The Mouse Is Extension Of Arm
Joined: Feb 21, 2006
Posts: 1472
Location: In front of a screen....HELP! lol
|
| Posted:
Sun Jun 25, 2006 12:23 am |
|
CREATE TABLE nuke_authors` (
`aid` varchar(25) NOT NULL default '',
`name` varchar(50) default NULL,
`url` varchar(255) NOT NULL default '',
`email` varchar(255) NOT NULL default '',
`pwd` varchar(40) default NULL,
`counter` int(11) NOT NULL default '0',
`radminsuper` tinyint(1) NOT NULL default '1',
`admlanguage` varchar(30) NOT NULL default '',
`radminblocker` tinyint(2) NOT NULL default '0',
PRIMARY KEY (`aid`),
KEY `aid` (`aid`)
) TYPE=MyISAM;");
this is the mysql query u need to run to rebuild ur authors table...as u can see its got radminsuper in it
This is from the pnc 3.0.1 installer.
change the nuke_authors to whatever prefix u uselike test_authors or whatever it may be. |
|
|
|
|
|
3rdschulz
Hangin' Around
Joined: May 19, 2006
Posts: 39
|
| Posted:
Sun Jun 25, 2006 12:26 am |
|
then I tryed tp change the pass tp md5 hash for Password still no luck
|
|
|
|
|
|
|
|
|
|
![[Valid RSS]](http://ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::
