>>
Site Map
>>
Forums
>>
Patched 7.6.0.3.x
Forum module - topics in forum:
Patched 7.6.0.3.x - Questions, Comments and Bug Reports for nCo Patches
nCo Ultra 7.6.0.3.5 Patched
Welcome to nCo Ultra 7.6.0.3.5 Patched, before getting started there are a few things you, the user, should know.
1. This is only a patch if you want the full version of nCo Ultra 7.6.0 Then you should visit
http://nukecode.com/modules.php?name=Downloads&op=getit&lid=805 to download your copy.
2. This version of nCo Ultra 7.6.0.3.5 Patched Does not contain any forum updates. Reasons are simple. You could have already patched your forums which would break your site if we included the patches. Secondly there are too many patches to make it possible to include them all in this patch and still work properly (I hope that makes sense).
3. The QShoutbox has been removed from this version of nCo Ultra 7.6.0.3.5 Patched. It is old and does not function properly on many servers running php 5x. That lead to the decision to drop the QShoutbox from Ultra. Do not fret we have replaced it with Shoutbox 8.52 all you need to do is remove the following files and folders from your server:
admin/case/case.ShoutBlock.php <-----file
admin/links/links.ShoutBlock.php <----file
admin/modules/ShoutBlock.php <----file
blocks/block-ShoutBlock.php <----file
modules/Qshoutblock <----folder
4. Make sure you know which version of NukeSentinel you are running. You can get this information by clicking on the NukeSentinel(tm) icon in your websites Administration Panel
http://yoursite.com/admin.php
Installation:
Before you begin patching it is highly advisable (we insist) that you backup your Website and Database (we will not be responsible for damages that arise should you make an error or should something fail during the upgrade process. This patch has been tested relentlessly for over a month with no known issues).
By now you should have extracted the nCo Ultra 7.6.0.3.5 Patch to a local folder. How could you be reading this if you have not?
Open the conf folder and you will see a file called "settings.php.new" Rename this file "settings.php" and enter the settings from your old "settings.php file". Save and close.
On your FTP or site file manager (which ever you use) find and delete the following:
admin/case/case.ShoutBlock.php <-----file
admin/links/links.ShoutBlock.php <----file
admin/modules/ShoutBlock.php <----file
blocks/block-ShoutBlock.php <----file
modules/Qshoutblock <----folder
Do not delete any other files , but the ones listed!
Upload all files from your local folder to your FTP
Once uploading has completed, login to
http://yoursite.com/admin.php as admin
Then run the following files in the order given:
/UPgradeUltra.php
==== This will upgrade the core nuke tables, drop the QShoutbox tables and add the Tables for Shoutbox 8.52 ====
/nsnst.php
==== This is so you can upgrade NukeSentinel(tm) If you are already running NukeSentinel 2.5.16 then you do not need to run nsnst.php ====
All available NukeSentinel(tm) documentation has been included with nCo Ultra Patched 7.6.0.3.5
For security reasons, remember to remove all these updaters from your FTP before continuing.
This patch was developed using nuke-patched 7.6.0.3.5 as a base
http://nukeresources.com
This patch contains NSN NukeSentinel(tm)
http://nnukescripts.net
Download nCo Ultra 7.6.0.3.5 Patched Below
http://nukecode.com/modules.php?name=Downloads&op=getit&lid=1459
Is there any progress being made on the version with NO shoutbox?
Or, if I decide to update can you give simple instructions as to remove it?
I figure there haven't been any requests, so I'm not pushing it...
Thanks
Well NC has had alot of issues the last several months. Including the loss of his servers and workstations Basically it was a total loss. So it could be a bit of time before that version of the patch is released. Well have to wait for NC to answer the second part of your ?
Sorry to reopen this once again, but, I need suggestions.
My problem is simple. I want to start over. I have everything backed up, but decided to test security.
Anyways, using a script I found I was easily able to inject into the db and created a hole into which now all bots can post comments through injection. Good thing I tested it out...
So is this version secure against the search injection or do I still need to apply a patch. What other patches are needed and reccomended?
I figure I'll just download and apply all patches and hopefully run all the sql at once or replace existing entries in the install with thepatched ones etc.
Let me know what you think, Thanks
A Couple problems with your post make it really hard to answer.
What version of nuke are we talking about
Secondly which exploit... there's several of them, some no longer work others do
if you want you can email me the thing...
FYI none of the ones I have worked on ultra, but.....
Good thing you asked.
Version was 7.6.3.1 or .2.9 either way I applied the .3.5 patch and started upgrading sentinal, but stopped for now.
First exploit I ran into that I ran myself was found on youtube.
Either way, I'm betting that hole is still there after patching.
I decided to do a search and I found my site was indeed exploited and was listed on a few spammer domains.
The links are for opening a forum new topic and don't make sense, but I'll send you the link as theres definatley a problem somewhere in the forums. Ill email the forums link to you along with the youtube exploit if I can find it.
Not sure how or why the forum problem occured but I have noticed google bot and yahoo crawl the link...
So far I've disable all anonymous posting and comments on all modules and I might have to go as far as disabling the search modules, but if it's an injection I doubt that would block much.
I also ran into an error using the upgrade script nsnst.php which I'll include.
I also need to start a topic about certain modules I wish to use, some of the smaller ones, to make sure theyre all secure enough to run, such as the EDL 2.1 which contains some errors I've noticed.
