Waraxe IT Security Portal
Login or Register
November 23, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 74
Members: 0
Total: 74
Full disclosure
APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1
Local Privilege Escalations in needrestart
APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2
APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1
APPLE-SA-11-19-2024-2 visionOS 2.1.1
APPLE-SA-11-19-2024-1 Safari 18.1.1
Reflected XSS - fronsetiav1.1
XXE OOB - fronsetiav1.1
St. Poelten UAS | Path Traversal in Korenix JetPort 5601
St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro
Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionO S/watchOS)
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> PhpNuke -> Ways to protect ones Php-Nuke Site.
Post new topicReply to topic View previous topic :: View next topic
Ways to protect ones Php-Nuke Site.
PostPosted: Tue Jun 29, 2004 3:58 am Reply with quote
Emerica
Beginner
Beginner
Joined: Jun 28, 2004
Posts: 1




Two days after loading a newer 6.9 -> 7.2 My nuke site starts to get slammed from Sk's. I had a look at the logs, and sure enough.
Looks like one person started, passed info to another then he deleted the first and took over, posting some text via stories admin and was into the Forums stuff. I fixed the admins table and started looking around things to help.

After a bunch of reading at other sites and then alot of here it seems the best nuke install is either no nuke install, or a very very slim one. That is untill FB or someone nice comes along and wants to patch it all.

What i have done is slim it down. And i would like your ideas on what other areas would be avaliable to exploits.

Currently ive removed almost every module except for:
News
Your Account

Now i realize that alot of you would have use for more modules. but on this install i dont. I guess the idea is remove what you dont use, its just gonna get exploted. Surprised

So i did the same thing with the admin stuff as well, ie Backup DB? Um ya thats fun. Gone. There are good tools for this purpose Smile
Pretty much anything that had to do with the modules i deleted before was removed. This is mainly just incase someone does manages to get a admin cookie going and manages to get by the server (below).

The next thing i did was do a little bit of searching on .htaccess and have a look about permissions for single files. Then i blocked access to my admin.php to only my ip. You could password this too.

<Files admin.php>
deny from all
allow from xxx.xxx.xxx.xxx
</Files>

Im thinking the htaccess stuff would have its flaws too
(someone else here might be of better information there)

But restriting it to my ip seems to work great, if my ip changes i can ftp in and fix it up.


Id like to know what areas may be affected. Ill be seeing how this works out over the next few days i guess Smile
View user's profile Send private message
hrmm
PostPosted: Tue Jun 29, 2004 5:48 am Reply with quote
icenix
Advanced user
Advanced user
Joined: May 13, 2004
Posts: 106
Location: Australia




interesting,
best way is to not let them get to you,
if you show that you have dissabled such things, its them winning Wink
why not just patch your site completley?

Install maybe some "protector" or somthing similar?

restricting you IP to Admin Login would seem quite logical and effective, although multiple administrators would soon become a pain in the ass,
not to mention Dynamic IP addresses (if you have one / if one of your administrators had one)

currently Waraxe, the crew and I are designing our www.waraxe.us nuke site and Waraxe the almighty PHPNuker himself is in the progress of making sure all the coding is perfect,
No Doubt if they are severley harming your site then their using an Administrator exploit or something there-of,

Patch your site so that these people(s) can-not access it,
with every exploit that waraxe publishes there is a solution present / workaround / patch available.

Just do alittle Research Wink

Will be interesting to see how you overcome your problem!

_________________
=[WWW.WARAXE.US]=
-Forum Rules
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
Ways to protect ones Php-Nuke Site.
www.waraxe.us Forum Index -> PhpNuke
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.035 Seconds