Submit News Hack?

Hangin' Around Joined: Jul 06, 2004 Posts: 43

Hello, Im not sure if this is the right area, but please move it if not, thanks.

I have been wondering if there is or have been
bugs or security holes in the Submit News Area
with any version of phpnuke.

The reason I ask this, is becuase I run 7.0 on my site,
and have noticed a large amount of
non-registered users, always going
t0 the submit news link, but never submitted anything.
(and yes, I know they are not just search engines going there)

Then today, Sentinel banned a guest
using the

Query String:
www.theshizatnetwork.us/modules.php?name=Submit_News

Any ideas if the Submit News Area could have security holes?

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

The query string does not tell the story. What was the reason Sentinel banned the user? My guess would be Agent.

Posted: Sun Jul 11, 2004 11:32 pm

Yes the reason was Agent----what does that mean?

Im not questioning Sentinel banning a person for it,

I had noticed a high amount of traffic in the submit news area, and
it caused me to wonder why.
then when Sentinel did ban today, it makes me wonder even more
now lol.

btw, Raven, thanks for such fast replies Smile

Posted: Mon Jul 12, 2004 4:18 am

Certain browser Agents "harvest" files from websites. Look in your Sentinel configiuration and you will see a list of known Harvesters. Compare the list with the one that got blocked. If you want to allow all Agents, just turn the setting off. If you want to allow some and not others, then remove the ones that you want to be able to access your site.

Posted: Tue Jul 13, 2004 3:02 pm

all of that is great info, but still has nothing to do with
the reason i posted to begin with.

Lets just put it this way,

in the past 7 days, there have been 234 hits to the Submit News,
all by non-members. with no submissions being made.

I just found that very odd. and caused me to wonder
if people are trying to somehow hack site through that way.