For those who use the Protector, you need to be aware of [waraxe-2004-SA#025 - Multiple vulnerabilities in Protector System 1.15b1 for PhpNuke] latest Security Focus alert.
Related
Re: Protector System Multiple Vulnerabilities (Score: 1) |  | I had a strange hack attempt this morning. The offender was not logged by Protector, MSAnalysis or IP tracker, but was caught by Raven's script. The IP and hacker alert are available by request. Is this an example of this particular hole? |
| Re: Protector System Multiple Vulnerabilities (Score: 1) by Raven on Sunday, April 25, 2004 @ 09:15:40 CDT (User Info | Send a Message) | |
Send it along Steve via email. It could be real or a false positive. I'll check it out. |
| Re: Protector System Multiple Vulnerabilities (Score: 1) by Raven on Sunday, April 25, 2004 @ 09:27:20 CDT (User Info | Send a Message) | |
That was an a hack attempt on your admin.php. My script didn't actually trap it. You are using my script for notification after Chatserv's code caught it. Something like this, I imagine if(stristr($_SERVER["QUERY_STRING"],'AddAuthor') || stristr($_SERVER["QUERY_STRING"],'UpdateAuthor')) { $loc = $_SERVER['QUERY_STRING']; header("Location: hackattempt.php?$loc"); die(); } |
| Re: Protector System Multiple Vulnerabilities (Score: 1) by sharlein on Sunday, April 25, 2004 @ 19:31:53 CDT (User Info | Send a Message) | |
Yes, that is correct. Thank you. Do you have thoughts as to why none of my other logging programs recorded the IP address? |
| Re: Protector System Multiple Vulnerabilities (Score: 1) by Raven on Sunday, April 25, 2004 @ 20:02:31 CDT (User Info | Send a Message) | |
I can only speak concerning my hackattempt script. As I said earlier, my script can be used as a redirect from any other script that is out there. I also supply a snippet of code that is placed in the mainfile.php file that is strictly for the UNION exploit. I would not want to be foolish and comment on someone else's code having not examined it myself. |
| Re: Protector System Multiple Vulnerabilities (Score: 1) by sharlein on Sunday, April 25, 2004 @ 23:29:39 CDT (User Info | Send a Message) | |
I was wondering about IP Tracker and MSanalysis. Is there a way for a hacker to erase his tracks? |
Re: Protector System Multiple Vulnerabilities (Score: 1) | | Here are my thoughts on the Protector System, I think it is a system that needs a great deal of work. Sure it looks GOOD , but that's it. And the developer seems to be as lost on these latest Vulnerabilities. The only feature worth anything is IP2Country, other than that it's a 'PANT LOAD' I'll stick with NSN-IP Ban and IPTracking mods..... :) |
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
