Waraxe IT Security Portal
Login or Register
November 24, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 70
Members: 0
Total: 70
Full disclosure
APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1
Local Privilege Escalations in needrestart
APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2
APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1
APPLE-SA-11-19-2024-2 visionOS 2.1.1
APPLE-SA-11-19-2024-1 Safari 18.1.1
Reflected XSS - fronsetiav1.1
XXE OOB - fronsetiav1.1
St. Poelten UAS | Path Traversal in Korenix JetPort 5601
St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro
Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionO S/watchOS)
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> General discussion -> PHP-Nuke Exposed.
Post new topicReply to topic View previous topic :: View next topic
PHP-Nuke Exposed.
PostPosted: Mon Jun 14, 2004 3:22 am Reply with quote
Kliber
Beginner
Beginner
Joined: Jun 14, 2004
Posts: 2
Location: Venezuela




That should be the name for your papers collection Cool

As a Nuke user afther reading some of them I got filled with a mix of disturbing and mesmerizing "stuff"; the "Exploit Explained" its one of the bests ways to understand security problems in order to fix them, and I enjoyed a lot the way you write them; as a full disclosure believer I must congratulate your work, BUT, would be REALLY nice to make public aviable the fix for each paper you wrote (I see your efforts on this, keep the good work) , so, web owners can test exploits and fix them at the same time. =)

PHP-Nuke its an open source (yet) software and that allow people like Waraxe to read the code and find those details that can compromise the code, ring the bell (releasing exploits and (or) proof of concept) so they can be fixed, hope in time; if evolution its right, this mean that the code should improve its security within the time, making, at least, not so easy to broke it.

Fulldisclosure its a double sided knife, too much or too less could be, er... bad? I just hope you guys keep a good level in the site, I see it like another approach to nuke security (and I know the site wont focus exclusive in Nuke) but the papers showing not only PHP nuke core problems, but also add onns and other scripts-nuke-related failures maked the site , IMHO, a must see for nuke owners (and lovers) Wink ; would be a shame to come back and see the forums full of "teach me how to deface a web" for script-kiddies wannabes Rolling Eyes

Regards and Good Luck!, once again, thanks for the papers!!! Very Happy
View user's profile Send private message Visit poster's website
PostPosted: Mon Jun 14, 2004 6:32 am Reply with quote
LINUX
Moderator
Moderator
Joined: May 24, 2004
Posts: 404
Location: Caiman




Waraxe is full disclosure RLZ Idea
View user's profile Send private message Visit poster's website
PostPosted: Mon Jun 14, 2004 9:10 am Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




Thanks for good words, Kliber. By the way - i will use PhpNuke 7.3 as web site engine for my own new website in near future. So all nuke fans can be sure - i WILL beat out from phpnuke MOST of the bugs, still left there from ages ago, so stay tuned and wait for new advisories (which are coming out soon) Wink
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Wed Jun 16, 2004 2:11 pm Reply with quote
dotcomBOT
Regular user
Regular user
Joined: Jun 11, 2004
Posts: 12




wow

gr8 4 da nukers Smile

wht abt making out ur own package like nule cops? [ bNC bundle ]
or protection sys like "protector" and "fortress"
View user's profile Send private message Visit poster's website
PostPosted: Wed Jun 16, 2004 3:45 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




I will publish from time to time some phpnuke modifications and improvements (from security side), but just dont have time to make new phpnuke derivate or bundle. Besides, there are allready enough phpnuke versions.
View user's profile Send private message Send e-mail Visit poster's website
hey
PostPosted: Wed Jun 30, 2004 7:23 pm Reply with quote
ernad
Regular user
Regular user
Joined: Jun 01, 2004
Posts: 13
Location: Serbia




waraxe i want to talk with you about this site this site cant be so big because there are exploits only i will give you my hosting so you will dont need to pay it:

everything is unlimited bandwith and mysqls and others stuffs so we can upload big files and bandwith si no problem my hosting is like rocket plz if you have msn i want to talk with you :d
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
PHP-Nuke Exposed.
www.waraxe.us Forum Index -> General discussion
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.034 Seconds