problem with the hackalert on php nuke 7.1

Worker Joined: Mar 31, 2004 Posts: 111

heloo i have download that modul and now it's not working

it says this in the install file

- Edit your mainfile.php by adding this code as your first code AFTER the opening

<? tag.

if (stristr($_SERVER["QUERY_STRING"],'%20union%20')) {
$loc = $_SERVER['QUERY_STRING'];
header("Location: hackattempt.php?$loc");
die();
}

but when I edit that this is what my page looks like

Parse error: parse error in /home/bosanci/public_html/mainfile.php on line 14

Fatal error: Call to a member function on a non-object in /home/bosanci/public_html/index.php on line 18

Im runinh this version of MySQL MySQL Version 4.0.18-standard

can anybody tell me what's wrong Smile

thank you

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

Have you placed the hackattempt.php script in the same folder as mainfile.php?

Posted: Wed Mar 31, 2004 8:12 pm

yes I have it is in public_html with other files such as

header.php
mainfile.php
config.php
and others Smile

Posted: Wed Mar 31, 2004 9:25 pm

Please post lines 1 to 20. Thanks.

Posted: Wed Mar 31, 2004 9:51 pm

what do you mean?

Posted: Wed Mar 31, 2004 9:53 pm

Please post lines 1-20 of mainfile.php and lin 18 of index.php.

Posted: Wed Mar 31, 2004 9:59 pm

<?php

<? tag.

if (stristr($_SERVER["QUERY_STRING"],'%20union%20')) {
$loc = $_SERVER['QUERY_STRING'];
header("Location: hackattempt.php?$loc");
die();
}

$phpver = phpversion();
if ($phpver >= '4.0.4pl1' && strstr($HTTP_USER_AGENT,'compatible')) {
if (extension_loaded('zlib')) {
ob_end_clean();
ob_start('ob_gzhandler');
}

that what is in bold is from the Install file wich says

- Edit your mainfile.php by adding this code as your first code AFTER the opening <? tag.

if (stristr($_SERVER["QUERY_STRING"],'%20union%20')) {
$loc = $_SERVER['QUERY_STRING'];
header("Location: hackattempt.php?$loc");
die();
}

and this is index.php

$result = $db->sql_query($sql);

Posted: Wed Mar 31, 2004 10:03 pm

What is this : <? tag.

If that is really in your code remove it. Your code should start with <?php and then your code.

Posted: Wed Mar 31, 2004 10:04 pm

like this

<?php

if (stristr($_SERVER["QUERY_STRING"],'%20union%20')) {
$loc = $_SERVER['QUERY_STRING'];
header("Location: hackattempt.php?$loc");
die();
}

$phpver = phpversion();
if ($phpver >= '4.0.4pl1' && strstr($HTTP_USER_AGENT,'compatible')) {
if (extension_loaded('zlib')) {
ob_end_clean();
ob_start('ob_gzhandler');
}

Posted: Wed Mar 31, 2004 10:07 pm

Yes

Posted: Wed Mar 31, 2004 10:08 pm

ok thank you so much now it works good so how does this work it can actually track hackers down for real?

Posted: Wed Mar 31, 2004 10:11 pm

Have you tried the test hack script on my site? You will get an email informing you of the attack. What is your url? I will "attack" you and we'll see what happens Smile

Posted: Wed Mar 31, 2004 10:12 pm

www.bosanci.net

Posted: Wed Mar 31, 2004 10:13 pm

bnut dont destroy me Smile

Posted: Wed Mar 31, 2004 10:19 pm

Done and it caught me! You should be receiving an email telling you all about it, assuming you set this in the hacattempt script

Code:

$eMailTo           = "YOUR_EMAIL_ADDY";

Posted: Wed Mar 31, 2004 10:21 pm

I did i hace set it to the e-mail

$eMailTo = "webmaster@bosanci.net";
$eMailSubject = "Hack Attempt";
$eMailExtraHeaders = "From: $eMailTo\n";
$sendAdminEmail = TRUE;

where can i test that on your page you said

Posted: Wed Mar 31, 2004 10:22 pm

Did you get the email?

Posted: Wed Mar 31, 2004 10:29 pm

very cool i have receved e-mail with some names and stuff like that

where can I test the script on your site ? you said something about it hehe

Posted: Wed Mar 31, 2004 10:33 pm

It's the same script. It will show you what the USER will see http://www.ravenphpscripts.com/demohack.php

Posted: Wed Mar 31, 2004 10:36 pm

very cool

thznk you