Page 2 of 14 FirstFirst 123412 ... LastLast
Results 11 to 20 of 138

Thread: AAAA website

  1. #11
    Client Beta Testers Appelpitje's Avatar
    Join Date
    Jan 2012
    Location
    Belgium
    Posts
    571

    Default

    At the MOHUE project, we are going to use Nodejs with MongoDB. It should deliver faster results than a php with mysql setup. Maybe we can look into it if its easy to export the mysql db to mongodb.

  2. #12
    Administrator James's Avatar
    Join Date
    May 2010
    Location
    on the intraweb
    Posts
    3,180

    Default

    Alright, Had a chance to take a look at the server. I'm not sure why, but your site doesn't load for me at all. the xampp CP was throwing all sorts of errors at me. Basically there were multiple apps that were using the same port that xampp was trying to use.

    I reconfigured xampp to use a different port for Apache and it doesn't seem to be erroring anymore, however the site isn't launching at all for me and I'm not sure why. :S

    EDIT: Think I figured it out. You might need to update something with your domain registration. I'll PM you more info.

  3. #13
    Client Beta Testers Appelpitje's Avatar
    Join Date
    Jan 2012
    Location
    Belgium
    Posts
    571

    Default

    - Logging was disabled on apache, enabled it to check whenever something happens again.
    - Removed the JS injections which were injected into the vBulletin forums index.php (no xss or sql injection, but seems like remote code execution made it possible to edit the index.php).
    - Removed multiple Remote Code Execution php files.

  4. #14
    Developer Todesengel's Avatar
    Join Date
    Dec 2013
    Location
    St. Louis, Missouri, USA
    Posts
    276

    Default

    Removing the hacks will only be temporary unless the code for the hosting stack is all updated most likely. Otherwise they'll just use the same exploits again.

    Is there anything I can do to help? Hosting? Database repository? I still run a public hosting company so if (vm) space is needed, that's easy. No charge for mohaa related stuff

    Todesengel

  5. #15
    Administrator James's Avatar
    Join Date
    May 2010
    Location
    on the intraweb
    Posts
    3,180

    Default

    Tode, HSB just needs assistance setting up his server securely. I don't have too much experience with xampp outside of just playing around with it on HSB's server. If you have any experience in securing a windows server, then I'll check with HSB to see if he can give you access so you can take a look.
    Last edited by James; November 5th, 2018 at 07:22 PM. Reason: TYPO, I meant HSB's server not own3mall's. lol

  6. #16

    Default

    Doesn't fix the exploits (which should be fixed if you can pinpoint them), but I recommend using PeerBlock on your server to stop known abusers from ever connecting to your server.

    https://www.softpedia.com/get/Intern...eerBlock.shtml

    You'll need some anti-spam, anti-hack, and other lists from www.iblocklist.com (yes, I actually pay for a yearly subscription to access all of the lists).

    I also create some custom lists from a web management interface I built since my servers are always under attack too. Integrated it with https://www.abuseipdb.com/, a good tool for finding out if IP addresses have been flagged as bad (and perhaps why).

    Also some good lists here (that need to be converted into PeerBlock format before you can use them in PeerBlock):

    https://www.blocklist.de/en/export.html

    My servers run PeerGuardian Linux (which is the same thing, but for Linux). It's not perfect and can lead to false positives, but I think it's most definitely worth it.
    Browse MOHAA Servers Post GameSpy Era

    VISIT MOHREBORN.COM FOR LATEST INFORMATION



    Medal of Honor: Game Server Browser Fixer - Patches your MOHAA, MOHSH, and MOHBT game binaries to allow you to retrieve a list of game servers within the multi-player menu in-game even after GameSpy ceases operation!

    Medal of Honor: Query Launcher - Find, browse, organize, join, get your ping, and get more information regarding all Medal of Honor (AA, SH, & BT) servers from your PC at any time!
    Medal of Honor: Web Server Master List - Find and browse all Medal of Honor servers online using your browser!
    Add your Medal of Honor Server to the Master List
    YouTube Video for Medal of Honor: Query Launcher and MOHAASERVERS.TK!



    MOHAA Mods and Utilities
    OwN-3m-All's Mods
    Make Me Stock - A program that allows you to easily move-in and move-out non-stock mods and other files at the click of a button. Automates adding / removing mods without having to copy / move files manually.



    Quality Game Servers

    Rent dedicated Dallas Texas, Kansas City, Las Vegas Nevada, Chicago, Pennsylvania, and Sofia Bulgaria MOHAA and other game servers from We Be HostiN starting at $10 a month.


  7. #17

    Default

    Also, I'd be willing to apply the same fixes we did on this version of VBulletin to heatsinks... just have to remember what we did, but I did customly patch a bad exploit that was used to do similar things to what Heatsink is running into... so this could be the exploit they're using.
    Browse MOHAA Servers Post GameSpy Era

    VISIT MOHREBORN.COM FOR LATEST INFORMATION



    Medal of Honor: Game Server Browser Fixer - Patches your MOHAA, MOHSH, and MOHBT game binaries to allow you to retrieve a list of game servers within the multi-player menu in-game even after GameSpy ceases operation!

    Medal of Honor: Query Launcher - Find, browse, organize, join, get your ping, and get more information regarding all Medal of Honor (AA, SH, & BT) servers from your PC at any time!
    Medal of Honor: Web Server Master List - Find and browse all Medal of Honor servers online using your browser!
    Add your Medal of Honor Server to the Master List
    YouTube Video for Medal of Honor: Query Launcher and MOHAASERVERS.TK!



    MOHAA Mods and Utilities
    OwN-3m-All's Mods
    Make Me Stock - A program that allows you to easily move-in and move-out non-stock mods and other files at the click of a button. Automates adding / removing mods without having to copy / move files manually.



    Quality Game Servers

    Rent dedicated Dallas Texas, Kansas City, Las Vegas Nevada, Chicago, Pennsylvania, and Sofia Bulgaria MOHAA and other game servers from We Be HostiN starting at $10 a month.


  8. #18

    Default

    Hi all thanks for time and support on this greatly appreciate !!

    Own3mall thanks for your offer of help will PM you

  9. #19
    Administrator James's Avatar
    Join Date
    May 2010
    Location
    on the intraweb
    Posts
    3,180

    Default

    HSB, in terms of security, Here is what I use: https://www.webroot.com/us/en/home/a...dium=affiliate

    They have a sale going on now.

    Here are some benchmarks/comparisons:
    https://www.pcmag.com/roundup/354226...otection-tools
    https://www.techradar.com/best/best-antivirus

    I'm not sure how much you currently pay, but with all the malicious stuff going on these days, you require more than protection against viruses.
    You need a firewall, AV protection (trojans, worms, typical viruses, etc), malware protection, spyware, ransomeware protection... just to name a few. Another reason I like Webroot is it's not very expensive. You can protect multiple devices. And it uses VERY little resources on your computer unlike many other scanners.

    Anyway, that's just my opinion.

    Webroot:
    https://www.pcmag.com/article2/0,2817,2470312,00.asp

    Vipre:
    https://www.pcmag.com/article2/0,2817,2471672,00.asp

  10. #20

    Default

    Hacker is exploiting files in folders besides VBulletin:

    Code:
    \mohaa\news_pics\Malencourt3.php
    /xnull/web/tablesorter/jquery.tablesorter.php
    Logs show (this is the call modifying the site's index files):

    Code:
    45.195.91.39 - - [20/Nov/2018:04:17:23 +0000] "POST /xnull/web/tablesorter/jquery.tablesorter.php HTTP/1.1" 200 16063 "http://www.mohaaaa.co.uk/xnull/web/tablesorter/jquery.tablesorter.php" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3554.0 Safari/537.36"
    Cleaning it up. I moved PHP files used for exploits to c:\bad_http_files directory. This problem should be solved permanently soon. I don't know what piece of software the hacker is exploiting to get those files created on the server in the first place unfortunately. My recommendation is to move anything not in use out of the HTTP home directory so that bots and malicious clients can't scan or find exploits.
    Browse MOHAA Servers Post GameSpy Era

    VISIT MOHREBORN.COM FOR LATEST INFORMATION



    Medal of Honor: Game Server Browser Fixer - Patches your MOHAA, MOHSH, and MOHBT game binaries to allow you to retrieve a list of game servers within the multi-player menu in-game even after GameSpy ceases operation!

    Medal of Honor: Query Launcher - Find, browse, organize, join, get your ping, and get more information regarding all Medal of Honor (AA, SH, & BT) servers from your PC at any time!
    Medal of Honor: Web Server Master List - Find and browse all Medal of Honor servers online using your browser!
    Add your Medal of Honor Server to the Master List
    YouTube Video for Medal of Honor: Query Launcher and MOHAASERVERS.TK!



    MOHAA Mods and Utilities
    OwN-3m-All's Mods
    Make Me Stock - A program that allows you to easily move-in and move-out non-stock mods and other files at the click of a button. Automates adding / removing mods without having to copy / move files manually.



    Quality Game Servers

    Rent dedicated Dallas Texas, Kansas City, Las Vegas Nevada, Chicago, Pennsylvania, and Sofia Bulgaria MOHAA and other game servers from We Be HostiN starting at $10 a month.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •