Development Articles
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me
Go Back   Dev Shed ForumsOtherDevelopment Articles
Reload this Page

Article Discussion: Regaining Control of a Hacked PHP-Nuke Site

Discuss Article Discussion: Regaining Control of a Hacked PHP-Nuke Site in the Development Articles forum on Dev Shed.
Article Discussion: Regaining Control of a Hacked PHP-Nuke Site Development Articles forum discussing articles and tutorials located at http://www.devshed.com. See what our authors have created for your viewing pleasure.

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
« Previous Thread | Next Thread »  
Thread Tools Search this Thread Rate Thread Display Modes
 
Unread Dev Shed Forums Sponsor:
  #1  
Old May 18th, 2004, 08:40 AM
Admin Admin is offline
Developer Shed
Dev Shed Novice (500 - 999 posts)
  
Join Date: Jan 2004
Posts: 961 Admin User rank is Sergeant Major (2000 - 5000 Reputation Level)Admin User rank is Sergeant Major (2000 - 5000 Reputation Level)Admin User rank is Sergeant Major (2000 - 5000 Reputation Level)Admin User rank is Sergeant Major (2000 - 5000 Reputation Level)Admin User rank is Sergeant Major (2000 - 5000 Reputation Level)Admin User rank is Sergeant Major (2000 - 5000 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 0
Article Discussion: Regaining Control of a Hacked PHP-Nuke Site
PHP-Nuke is spreading over the Internet as a popular CMS system. If you have a PHP-Nuke installation which has been hacked into, read on to find out how regain control of your site. If your site hasn't been hacked, read on to learn how to secure your installation.


Read the full article here: Regaining Control of a Hacked PHP-Nuke Site
Reply With Quote
  #2  
Old May 19th, 2004, 03:21 AM
webmorpheus webmorpheus is offline
Director of Business Developme
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Jan 2004
Location: www.zenfour.com
Posts: 18 webmorpheus User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 6 m 19 sec
Reputation Power: 0
Send a message via ICQ to webmorpheus Send a message via AIM to webmorpheus Send a message via MSN to webmorpheus Send a message via Yahoo to webmorpheus
Has PHPNuke.org included or patched the security breaches in the main downloads sections?

if so, around what date? I downloaded a nuke6.5 about half a week ago, should I still patch that CMS?
Reply With Quote
  #3  
Old May 20th, 2004, 01:57 AM
vinuthomas's Avatar
vinuthomas vinuthomas is offline
--=**=--
Dev Shed Newbie (0 - 499 posts)
  
Join Date: May 2004
Location: Online Somewhere
Posts: 2 vinuthomas User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 0
Send a message via ICQ to vinuthomas Send a message via Yahoo to vinuthomas
Patches
The last set of patches came up on May 13th. So if you downloaded PHP Nuke 6.5 around that time, it'd be safer to download the patch and verify that the patches are in place.

According to the announcement on the PHP Nuke site, this will be the last set of patches for 6.0 and some 6.x versions.
Patch Annoucement
Reply With Quote
  #4  
Old May 23rd, 2004, 03:56 AM
vinuthomas's Avatar
vinuthomas vinuthomas is offline
--=**=--
Dev Shed Newbie (0 - 499 posts)
  
Join Date: May 2004
Location: Online Somewhere
Posts: 2 vinuthomas User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 0
Send a message via ICQ to vinuthomas Send a message via Yahoo to vinuthomas
Download Patch
Webmorpheus, the patch for the download module is quite simple,
Open modules/Downloads/index.php and got to the function viewdownload and add the line
Code:
 $cid = intval($cid);

just after the global line.
Reply With Quote
  #5  
Old May 23rd, 2004, 03:59 AM
webmorpheus webmorpheus is offline
Director of Business Developme
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Jan 2004
Location: www.zenfour.com
Posts: 18 webmorpheus User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 6 m 19 sec
Reputation Power: 0
Send a message via ICQ to webmorpheus Send a message via AIM to webmorpheus Send a message via MSN to webmorpheus Send a message via Yahoo to webmorpheus
wow, looks too short to protect against "sql injection".

Thanks for making it simple!
Reply With Quote
  #6  
Old May 24th, 2004, 03:32 AM
a.koepke's Avatar
a.koepke a.koepke is offline
Second highest poster :p
Dev Shed God 5th Plane (7000 - 7499 posts)
  
Join Date: Jul 2001
Posts: 7,323 a.koepke User rank is Sergeant (500 - 2000 Reputation Level)a.koepke User rank is Sergeant (500 - 2000 Reputation Level)a.koepke User rank is Sergeant (500 - 2000 Reputation Level)a.koepke User rank is Sergeant (500 - 2000 Reputation Level)a.koepke User rank is Sergeant (500 - 2000 Reputation Level) 
Time spent in forums: 8 h 13 m 55 sec
Reputation Power: 27
How about not using phpNuke and getting a real cms solution. Anything is better than phpNuke. The security (or lack of) of their code make Microsoft look good and the quality of the code is shocking (syntax errors, depricated coding standards etc).

Do yourself a favour and look at some of the other packages available.

Drupal: http://drupal.org
PostNuke: http://www.postnuke.com
XOOPS: http://www.xoops.org
__________________
- Andreas Koepke

Koepke Photography

Reply With Quote
  #7  
Old May 24th, 2004, 04:21 AM
webmorpheus webmorpheus is offline
Director of Business Developme
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Jan 2004
Location: www.zenfour.com
Posts: 18 webmorpheus User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 6 m 19 sec
Reputation Power: 0
Send a message via ICQ to webmorpheus Send a message via AIM to webmorpheus Send a message via MSN to webmorpheus Send a message via Yahoo to webmorpheus
lol..PHPNUKE also markets itself better than a PostNUKE, pretty eerie how the best isnt always the biggest
Reply With Quote
  #8  
Old May 24th, 2004, 04:50 AM
a.koepke's Avatar
a.koepke a.koepke is offline
Second highest poster :p
Dev Shed God 5th Plane (7000 - 7499 posts)
  
Join Date: Jul 2001
Posts: 7,323 a.koepke User rank is Sergeant (500 - 2000 Reputation Level)a.koepke User rank is Sergeant (500 - 2000 Reputation Level)a.koepke User rank is Sergeant (500 - 2000 Reputation Level)a.koepke User rank is Sergeant (500 - 2000 Reputation Level)a.koepke User rank is Sergeant (500 - 2000 Reputation Level) 
Time spent in forums: 8 h 13 m 55 sec
Reputation Power: 27
Just downloaded the latest public available version of phpNuke 7.2.

Modules.php

PHP Code:
 $name trim($name);

if (isset($name)) { 
They set $name and then check if it is set? Also $name is a variable passed from the query string so it should be $_GET['name'].

PHP Code:
 $mod_active $row[active]; 
this is invalid sytax, should be $row['active']. It would generate a notice if they are enabled in the php.ini file.

PHP Code:
 $view $row[view]; 
as above.


auth.php

PHP Code:
if (eregi("auth.php",$_SERVER['PHP_SELF'])) {
    Header("Location: index.php");
    die();


eregi is not the function to use there, strpos would be much more efficient, don't need the power of regular expressions. To make it case-insensitive use something like strtolower().

PHP Code:
 $aid substr("$aid"0,25);
$pwd substr("$pwd"0,18); 
"$aid" is better written as $aid.

PHP Code:
 $rcode hexdec(md5($_SERVER[HTTP_USER_AGENT] . $sitekey $_POST[random_num] . $datekey)); 
invalid syntax for the array keys again.

PHP Code:
 $admin base64_encode("$aid:$pwd:$row[admlanguage]"); 
That is seriously wrong. You should not reference an array like that in a string.

PHP Code:
 $aid "$admin[0]";
  $pwd "$admin[1]";
  $admlanguage "$admin[2]"
That is downright scary. $aid=$admin[0]; is how it should be written.

PHP Code:
if ($aid=="" || $pwd=="") { 
The empty function was made for a reason: www.php.net/empty

I could go on through-out their code base but its not going to get any better.
Reply With Quote
Reply

Viewing: Dev Shed ForumsOtherDevelopment Articles > Article Discussion: Regaining Control of a Hacked PHP-Nuke Site

« Previous Thread | Next Thread »

Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Linear Mode Linear Mode
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump



 Free IT White Papers!
 
How to Present Effectively Online
This white paper offers practical and actionable advice on the key steps that any presenter should consider as they plan and execute a Webinar or online meeting.
 
Open Source Security Myths
Open Source Software (OSS) is computer software whose source code is available to the general public with relaxed or non-existent intellectual property restrictions (or arrangement such as the public domain), and is usually developed with the input of many contributors.
 
Power and Cooling Capacity Management for Data Centers
This paper describes the principles for achieving power and cooling capacity management.
 
Scalable, Fault-Tolerant NAS for Oracle - The Next Generation
For several years NAS has been evolving as a storage alternative for Oracle databases, and for good reason: NAS is quite often the simplest, most cost-effective storage approach for Oracle. Learn about the benefits that HP's approach to scalable NAS brings to Oracle environments in this comprehensive white paper.
 
Understanding Web Application Security Challenges
This white paper discusses many common threats and preventive measures for Web application security, and explains what you can do to help protect your organization.
 

Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 





© 2003-2009 by Developer Shed. All rights reserved. DS Cluster 4 hosted by Hostway
Stay green...Green IT