|
CrawlTrack, webmaster dashboard.
Web analytic, SEO and protection CrawlProtect, your website safety. Reinforced protection Two php/MySQL scripts, free and easy to install
The tools you need to manage and keep control of your site.
|
|
CrawlTrack and CrawlProtect support forum
You are not logged in.
#1 02-03-2011 01:44:57
- rick
- Nouveau membre
- Registered: 01-03-2011
- Posts: 3
Shell hacking attempt
Hi,
I just installed CrawlProtect 2.0.0 a few days ago, and it immediately started intercepting hacking attempts :-). However, it is also intercepting certain admin functions like editing a portal head block or splitting SMF topics as the shell hacking attempt. One of the functions is:
forum/index.php?action=splittopics;sa=execute;topic
Is there an easy fix? I'd not like to comment out the shell section, but as it is I can't perform several important admin functions.
Thanks for any advice you can give
Offline
#2 02-03-2011 08:35:45
- Jidébé
- Administrateur
- Registered: 30-10-2005
- Posts: 2553
Re: Shell hacking attempt
Hi,
In the createhtaccess.php file (content folder) at the replace the line 581 with this one:
Code:
$crawlprotect.="RewriteCond %{QUERY_STRING} ^(.*)(wget|shell_exec|passthru|system|popen|proc_open)(.*)$\n";Once it's done, recreate your httaccess file.
Jean-Denis
CrawlTrack & CrawlProtect developer
Offline
#3 02-03-2011 17:23:36
- rick
- Nouveau membre
- Registered: 01-03-2011
- Posts: 3
Re: Shell hacking attempt
Thank you for your quick reply :-),
Just to be sure I don't do the wrong line, here are a few lines in the original createhtaccess.php file:
580 $crawlprotect.="RewriteCond %{QUERY_STRING} ^(.*)(wget|shell_exec|passthru|system|exec|popen|proc_open)(.*)$\n";
581 if($yourip==1)
582 {
583 $crawlprotect.="#Avoid any blocage for yourself (for admin access)\n";
Although you instructed to replace line 581, I replaced 580 because that looked the closest to your change - did I do wrong?
Then when I recreated the .htaccess file, and then I tried to change the head block, the error was still present:
Shell type hacking attempt:
/index.php?action=admin;area=pmx_blocks;sa=head;c6eb249f3ec=15fea639556faaeb32454a4
93d8e5182
Sorry if I am not understanding, but thank you for replying
Offline
#4 02-03-2011 19:37:02
- Jidébé
- Administrateur
- Registered: 30-10-2005
- Posts: 2553
Re: Shell hacking attempt
Hi,
You have done the right thing (sometime raw number can be different from one text editor to an other).
I need to have a deeper look for your second issue but as I'm travelling now, I will have limited time in the coming days.
Jean-Denis
CrawlTrack & CrawlProtect developer
Offline
Use the CrawlProtect and CrawlTrack developper expertise:
 | PHP scripting I can help you for all sort of installation, customization or creation of php script. |  | Cleaning after hacking I can help you to clean your website and fix eventual security issue. |
For more informations have a look here
CrawlTrack sponsors:
|
|
| |||
|
|
Online Shopping with Worldwide Free Shipping
| |||
