phpnuke.org has been compromised !  (731 Reads)

websense.com is reporting that phpnuke.org has been compromised by hackers, and indeed it has. They have successfully managed to insert an IFrame script into the source code redirecting the browser to a trojan site. The injected iframe hijacks the browser to a malicious site, where through several steps of iframe redirections the user finally ends up on a highly obfuscated malicious page. After de-obfuscating the code, we can see three different exploits, two of them targeting Inte...

 Nuke Sentinel Development  (2,004 Reads) (3 Comments)

Mother-FREAKING-wow, Effective March 22, 2009 - NukeSentinel(tm): All future Development and Ownership of NukeSentinel(tm) has been transferred to Raven at http://ravenphpscripts.com . For personal reasons, Bob Marion has requested that I (Raven) take the reigns for any/all future development of NukeSentinel(tm). The support has always been at http://ravenphpscripts.com so nothing changes there. I have always worked closely with Bob on the both the development and support of NukeSentinel(...

 **SECURITY WARNING** Ravens Nuke Exploit Found  (1,627 Reads) (1 Comment)

Raven has released an immidiate security fix for Ravens Nuke, Im presuming that this is for Ravens v2.30 but just to be on the safe side please download and add this fix now ! Taken from Ravens Site Unfortunately, there is a major security hole that has been found and released to the public. I have made available the fixed file for download at PATCHED FILE FIX . After you download it you need to unzip it and use the unzipped downloaded file to replace the same named file, captcha...

 Phpnuke PhpInfo for Admins Only  (1,082 Reads) (2 Comments)

For those that don't know, read up Outputs a large amount of information about the current state of PHP. This includes information about PHP compilation options and extensions, the PHP version, server information and environment (if compiled as a module), the PHP environment, OS version information, paths, master and local values of configuration options, HTTP headers, and the PHP License. Because every system is setup differently, phpinfo() is commonly used to check configuration settin...

 Beating PhpNuke Captcha, is it Possible?  (2,427 Reads) (7 Comments)

In my travels across the web today, I stumbled across a cool post about beating various captcha security types.  One of the methods referred to PhpNuke and SMF. My attack against PHP-Nuke is taking advantage of the fact that there are only 10^6 or a 1,000,000 possible combinations of this captcha. It only takes a few minuets to calculate all possibilities. I am storing the results in as a md5 hash in a SQL database for speed. The entire SQL table needed to crack this captcha with 100% acc...

 NukeSentinel(tm) 2.5.18 Released  (1,778 Reads)

2.5.18 CHANGES (2008-05-23) · Includes IP2Country 2008-05-19 updated imports. · Not in upgrade package. · XHTML compliance updates. (99% compliant) · Updated graphics. · Updated many of the admin scripts. · Renamed many files to better fit naming scheme. · Improved paging in admin pages. · Updated DB Maintaince functions. · Added DB Backup function. · Replaced <marquee> tags with javascripting for XHTML comp...

 **IMPORTANT** PHPNuke Platinum 7.6.B.5 Exploit  (2,666 Reads) (7 Comments)

This is a very important update/fix for all users using Nuke Platinum 7.6.B.5 an exploit has been found in the Dynamic Titles Mod Download the fix here Also if you didn't know 7.6.B.5 has been withdrawn until further notice and they recommend you revert back to 7.6.B.4v2 as the new team want to work on a more stable version. Ped

 ** Gallery 2 Security Vunrability **  (3,096 Reads) (16 Comments)

Multiple vulnerabilities have been found in Gallery 2,  The advice is to upgrade now to version 2.2.4. Quoted from the Gallery 2 Team Just in time for the holidays, Gallery 2.2.4 is now available for download. This release fixes critical security issues, no new features have been added. Due to the severity of these issues users of all previous Gallery 2 versions are strongly encouraged to upgrade to version 2.2.4 as soon as possible! All issues add...

 **IMPORTANT** PHPNuke Platinum Exploit  (2,914 Reads) (5 Comments)

ATTENTION ALL PLATINUM USERS There has been a exploit that has been found and DOES affect all PHPNuke Platinum sites. It is extremely important that you immediately replace the modules/Forums/favorites.php file with this one. http://www.futurenuke.com/security/favorites.zip Thanks

 Critical Update NukeSentinel(tm) 2.5.13  (2,181 Reads) (1 Comment)

2.5.13 CHANGES (2007-09-28): · Includes IP2Country 2007-09-28 updated imports. · Not in upgrade package. · Serious security hole patched. It is HIGHLY recommended you update. Note: Please Note: The sec hole is/was a NukeSentinel(tm) issue. Prior versions have the same issue so PLEASE upgrade.