| Author |
Message |
HauntedWebby
Involved
Joined: May 19, 2004
Posts: 363
Location: Ogden, UT
|
 Posted:
Thu Aug 26, 2004 11:23 am |
|
I was online doing some updates and noticed my title for my site had changed.
I was hit by 'hacked set by StatiC www.sanaldarbe.com'
Is this the one that gets in through the Coppermine???? I disabled that module yesterday after reading Raven's warning.
The only other thing I can think of is I added OScommerce yesterday.
Well a good streak comes to an end ... I haven't had any problems since April. |
_________________
--Webby-- |
|
 
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Thu Aug 26, 2004 11:33 am |
|
I sent you a PM to call me |
| |
|
|
|
|
HauntedWebby
|
| Posted:
Thu Aug 26, 2004 11:42 am |
|
Found 2 authorized authors in my DB
waraxe2 God foo@bar.com 66ad52318087f29b3bafc774c0166478 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1
StatiC God hah@mail.com 827ccb0eea8a706c4c34a16891f84e7b 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1
Looks like the only things they changed were Preferences and messages.
I'm looking through the logs right now to see what's up |
| |
|
|
|
|
Raven
|
| Posted:
Thu Aug 26, 2004 11:49 am |
|
Just so everyone can breathe easy, for some reason or another, it looks like NukeSentinel did not get installed correctly and the Admin Auth was NOT activated. |
| |
|
|
|
|
HauntedWebby
|
| Posted:
Thu Aug 26, 2004 12:03 pm |
|
{raising hand} MY FAULT!!! I messed up my install about a week ago and never re-tested it.
But Raven ... I now remember why I didn't have the ADMIN AUTH turned on. If I turn it on I can't access my admin section. I don't know why but it doesn't like my password. |
| |
|
|
|
|
Raven
|
| Posted:
Thu Aug 26, 2004 12:34 pm |
|
I reinstalled Sentinel and I can now login using the HTTP Auth. Try it now and then set up all your blockers immediately  |
| |
|
|
|
|
HauntedWebby
|
| Posted:
Thu Aug 26, 2004 12:44 pm |
|
I've set things back up. Thanks for fixing sentinel for me Raven . I can get into my admin section ... WAHOO!
One module was really messed up. 4ndvddb, which is a DVD collection script based on the Review module. I wonder if that's how they got in? Hmmm |
| |
|
|
|
|
Raven
|
| Posted:
Thu Aug 26, 2004 12:48 pm |
|
Without the HTTP Auth on, they just hacked into authors with one of the old exploits, probably downloads or something. Or even the authors hack. Make sure that you are up-to-date with Chat's patches. |
| |
|
|
|
|
HauntedWebby
|
| Posted:
Thu Aug 26, 2004 12:51 pm |
|
Well .. I do have Chat's patches installed for most modules ... but I have the enhanced downloads and I don't know if Chat's patches will work with that since it's not the normal download. |
| |
|
|
|
|
HauntedWebby
|
| Posted:
Thu Aug 26, 2004 3:07 pm |
|
Teehhee ... I just noticed that the hackers came back ... and was blocked. LOL Those dummies!
THANKS RAVEN .. Hugs and Kisses and hope you start to feel better!!! |
| |
|
|
|
|
Raven
|
| Posted:
Thu Aug 26, 2004 3:09 pm |
|
Hope you blasted them with PC Killer  |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
