NukeSentinel banned people trying to download

Posted: Thu Aug 12, 2004 3:55 pm

Hello,

I just installed NukeSentinel 2.01 on one of my clients sites. He claims that he updated his downloads section with a new download, a download linked from another one of his servers it was a .rar file, and when he tried to download it, he got banned by Sentinel and it said he attempted a Scripting Attack? Someone help me, because i'm tried of his rude self yelling at something that isn't my fault.....I should take it off and let the hackers have fun with his site

Mitch

Posted: Thu Aug 12, 2004 4:22 pm

He most likely has filenames with like (newage)music.mp3 the () will have to be removed from the filenames and edited in the database.

Posted: Mon Aug 16, 2004 10:12 am

Hey sixonetonoffun,

Thanks for your reply, I have been busy and unable to get back to my post, I figured it out right after i posted, and it was the reason you posted. But my question now is, why does it have a issue with the ()? (And no i won't figure this one out after i hit Submit lol)

Mitch RavensScripts

Posted: Mon Aug 16, 2004 10:31 am

Because there is no way to discriminate against attacks that use system(command) exec(cmd) or (select blah blah) and an innocent url request. Those are pretty generic examples but you should get the idea.