IntegraMOD

Posted: **Fri Apr 01, 2011 9:44 pm**

I am having problems with cracker tracker going off on different occasions. I have been reading the bug fixes, and to be totally honest I can't find anything that everyone talks about changing in those post. Debug is on, I can't find the c tracker engines, I can't find anything you all talk about modifying. No one can register on my site right now. I go in to the admin panel to look at stuff and the dang cracker tracker goes off. I'm lost I don't have a clue and I'm frustrated/pissed off. I need a step by step by step guide and I can't find anything. I just need a guide that explains things better so I can learn it.

Posted: **Fri Apr 01, 2011 10:03 pm**

"Texas-Racer" wrote:I am having problems with cracker tracker going off on different occasions. I have been reading the bug fixes, and to be totally honest I can't find anything that everyone talks about changing in those post. Debug is on, I can't find the c tracker engines, I can't find anything you all talk about modifying. No one can register on my site right now. I go in to the admin panel to look at stuff and the dang cracker tracker goes off. I'm lost I don't have a clue and I'm frustrated/pissed off. I need a step by step by step guide and I can't find anything. I just need a guide that explains things better so I can learn it.

You have to manually edit the file code on the server.

You open the ofending files and edit the code as show in the false pos thread or give by debug.

Posted: **Fri Apr 01, 2011 10:09 pm**

it is a file in your forums root. Youll need either an FTP client program such as filezilla or your CPanel/Plesk file manager to edit the files.
To turn on the ctracker debug function,
OPEN
forum root/ctracker/engines/ct_security.php

FIND

Code: Select all: define('CT_DEBUG_MODE', false);

REPLACE WITH

Code: Select all: define('CT_DEBUG_MODE', true);

SAVE FILE

now repeat the steps you took to set off ctracker. After ctracker blocks you with its warning, it will write your code to the debug file. to find your debug info,

OPEN
forum root/ctracker/logfiles/logfile_debug_mode.txt

it will give you code that looks something like this (it will vary depending on what set it off)

Code: Select all: # #-----[ OPEN ]------------------------------------------ # /forum/admin/admin_forums_extend.php # #-----[ FIND ]------------------------------------------ # include($phpbb_root_path . 'common.'.$phpEx); # #-----[ BEFORE, ADD ]------------------------------------------ # define('CT_SECLEVEL', 'MEDIUM'); $ct_ignorepvar = array('desc'); # #-----[ SAVE/CLOSE ALL FILES ]------------------------------------------ # # EoM

Do the edit that it tells you to, but change

Code: Select all: define('CT_SECLEVEL', 'MEDIUM');

to

Code: Select all: define('CT_SECLEVEL', 'LOW');

then go back to forum root/ctracker/engines/ct_security.php
and change it back to

Code: Select all: define('CT_DEBUG_MODE', false);

save it and you should now be able to do the function that was blocked.
If you have to edit a file twice for two different functions, do not add the full code twice, just add the function, separated by a comma.
So your first edit may look like this

Code: Select all: define('CT_SECLEVEL', 'LOW'); $ct_ignorepvar = array('desc');

and your second edit might look like this
define('CT_SECLEVEL', 'LOW');
$ct_ignorepvar = array('desc','delete');

here is the code for forums_extend.php
this will save you some time
OPEN
forum root/admin/forums_extend.php
FIND

Code: Select all: define('IN_PHPBB', 1);

AFTER, ADD

Code: Select all: define('CT_SECLEVEL', 'LOW'); $ct_ignorepvar = array('create','delete','name','icon','desc');

Posted: **Sat Apr 02, 2011 2:39 pm**

Code: Select all: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Script-Filename: /admin/admin_phpbbmyadmin.php ---------------- Attack-Time: 02.04.2011 8:10 am ------------ Request-Method: GET Matching rule: _php In variable: tablename Possible solution: ------------------ # #-----[ OPEN ]------------------------------------------ # /admin/admin_phpbbmyadmin.php # #-----[ FIND ]------------------------------------------ # require('./pagestart.' . $phpEx); # #-----[ BEFORE, ADD ]------------------------------------------ # define('CT_SECLEVEL', 'MEDIUM'); $ct_ignoregvar = array('tablename'); # #-----[ SAVE/CLOSE ALL FILES ]------------------------------------------ # # EoM ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Script-Filename: /profile.php ---------------- Attack-Time: 02.04.2011 8:16 am ------------ Request-Method: POST Matching rule: ' In variable: phpBBSecurity_answer Possible solution: ------------------ # #-----[ OPEN ]------------------------------------------ # /profile.php # #-----[ FIND ]------------------------------------------ # include($phpbb_root_path . 'common.'.$phpEx); # #-----[ BEFORE, ADD ]------------------------------------------ # define('CT_SECLEVEL', 'MEDIUM'); $ct_ignorepvar = array('phpBBSecurity_answer'); # #-----[ SAVE/CLOSE ALL FILES ]------------------------------------------ # # EoM ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Script-Filename: /profile.php ---------------- Attack-Time: 02.04.2011 8:16 am ------------ Request-Method: POST Matching rule: ' In variable: phpBBSecurity_answer Possible solution: ------------------ # #-----[ OPEN ]------------------------------------------ # /profile.php # #-----[ FIND ]------------------------------------------ # include($phpbb_root_path . 'common.'.$phpEx); # #-----[ BEFORE, ADD ]------------------------------------------ # define('CT_SECLEVEL', 'MEDIUM'); $ct_ignorepvar = array('phpBBSecurity_answer'); # #-----[ SAVE/CLOSE ALL FILES ]------------------------------------------ # # EoM

I'm still searching for the places to edit.

Posted: **Sat Apr 02, 2011 3:01 pm**

I'm confused..what it says to add, is already there

Code: Select all: <?php /*************************************************************************** * profile.php * ----------- * begin : 08/05/2003 * copyright : Ptirhiik * email : <a>admin@rpgnet-fr.com</a> * * version : 1.0.9 - 17/10/2003 * ***************************************************************************/ define('IN_PHPBB', true); define('CT_SECLEVEL', 'MEDIUM'); $ct_ignorepvar = array('helpbox','delete','deleteall','phpBBSecurity_question','user_interests'); if ( (isset($HTTP_GET_VARS['mode']) && ($HTTP_GET_VARS['mode'] == 'viewprofile')) || (isset($HTTP_POST_VARS['mode']) && ($HTTP_POST_VARS['mode'] == 'viewprofile')) ) { define('IN_CASHMOD', true); define('CM_VIEWPROFILE',true); } $phpbb_root_path = './'; include($phpbb_root_path . 'extension.inc'); include($phpbb_root_path . 'common.'.$phpEx); include($phpbb_root_path . 'profilcp/functions_profile.'.$phpEx); include($phpbb_root_path . 'includes/functions_selects.'.$phpEx); include($phpbb_root_path . 'includes/functions_validate.'.$phpEx); include($phpbb_root_path . 'includes/functions_post.'.$phpEx); include($phpbb_root_path . 'includes/bbcode.'.$phpEx); include($phpbb_root_path . 'includes/emailer.'.$phpEx); include_once($phpbb_root_path . 'includes/functions_topics_list.' . $phpEx);

Posted: **Sat Apr 02, 2011 3:20 pm**

Code: Select all: <?php /*************************************************************************** * admin_phpbbmyadmin.php * ------------------- * copyright : (C) 2003, 2004 Armin Altorffer * email : [url=http://www.phpmyadmin.net]http://www.phpmyadmin.net[/url]) * Nor does the author of this product offer support for phpMyAdmin. * For support on phpMyAdmin or for phpMyAdmin itself, visit [url=http://www.phpmyadmin.net]http://www.phpmyadmin.net[/url] * ***************************************************************************/ define('IN_PHPBB', 1); define('CT_SECLEVEL', 'LOW'); if (!empty($setmodules)) { $file = append_sid(basename(__FILE__)); $module['General'][' phpBBMyAdmin'] = $file; return; } // // Let's set the root dir for phpBB // $phpbb_root_path = "./../"; require($phpbb_root_path . 'extension.inc'); require('./pagestart.' . $phpEx); include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_phpbbmyadmin.' . $phpEx); // Main Admin or not? if ($userdata['user_id'] != 200) { exit(); } // Going the powerful way here, using $file in links and not a literal text: $file = append_sid(basename(__FILE__)); // Define the template file to use: $template->set_filenames(array( 'body' => 'admin/phpbbmyadmin.tpl') );

Posted: **Sat Apr 02, 2011 3:23 pm**

So I add
$ct_ignoregvar = array('tablename');
right under
define('CT_SECLEVEL', 'MEDIUM');

?

Posted: **Sat Apr 02, 2011 5:04 pm**

in profile.php you have this

Code: Select all: $ct_ignorepvar = array('helpbox','delete','deleteall','phpBBSecurity_question','user_interests');

notice it has "phpBBSecurity_question".
It wants you to add "phpBBSecurity_answer".

after you add it, it should look like this

Code: Select all: $ct_ignorepvar = array('helpbox','delete','deleteall','phpBBSecurity_question','user_interests','phpBBSecurity_answer');

You should also change the MEDIUM to LOW if it is not working after editing the files.

In admin_phpbbmyadmin.php it should go after

Code: Select all: define('CT_SECLEVEL', 'MEDIUM');

WARNING. make a complete database backup from your CPanel BEFORE messing with the IM141's phpmyadmin. It is not the same as your CPanel phpmyadmin and if your not careful you will kill your database.

Posted: **Sun Apr 03, 2011 8:49 am**

Problems... I did the switches, now when I go to phpBBMyAdmin from the forum I get this
Content Encoding Error
The page you are trying to view cannot be shown because it uses an invalid or unsupported form of compression.
Please contact the website owners to inform them of this problem.
I switched everything back exactly like it was and I still get the same message

Posted: **Sun Apr 03, 2011 1:36 pm**

I would not use the phpmyadmin in the forum software like Helter says, to easy to mess up. access it through your hosting account CP.

Then use a FTP client and manually edit the files on your computer and upload.

real easy to swap back if you goof.

been there.

Posted: **Sun Apr 03, 2011 2:31 pm**

I used FileZilla to make the changes, went to the forum and checked it out, saw what happened and changed the files back to original 10 minutes later. I put everything back exactly like it was and I still have the problem. I saved copies of them unedited so I could change them back in case I goofed up, they are identical to what they was.

Posted: **Sun Apr 03, 2011 3:59 pm**

"Texas-Racer" wrote:I used FileZilla to make the changes, went to the forum and checked it out, saw what happened and changed the files back to original 10 minutes later. I put everything back exactly like it was and I still have the problem. I saved copies of them unedited so I could change them back in case I goofed up, they are identical to what they was.

Did you back up your DB like Helter said???

might need to go back to before you goofed it.

Posted: **Sun Apr 03, 2011 10:14 pm**

unzip this and upload to your forum root. save your original backups.

Posted: **Mon Apr 04, 2011 5:09 am**

I did do a back up. I am trying to figure out what I did wrong so I do not do it again in the future, the only stuff I touched was the files mentioned. I made them exactly like I was told. I did copy and paste the changes when I inserted them. Is that a mistake?

Posted: **Mon Apr 04, 2011 9:35 am**

that is correct depending on what program you used to edit the file.

a good program to use for file editing is the free notepad++
http://notepad-plus-plus.org/

The files I attached in my last post included the correct edits, so if it was just the files that cause your problem, you should be able to use them.

IntegraMOD

I'm a newbie idiot

I'm a newbie idiot

Re: I'm a newbie idiot

Re: I'm a newbie idiot

Re: I'm a newbie idiot

Re: I'm a newbie idiot

Re: I'm a newbie idiot

Re: I'm a newbie idiot

Re: I'm a newbie idiot

Re: I'm a newbie idiot

Re: I'm a newbie idiot

Re: I'm a newbie idiot

Re: I'm a newbie idiot

Re: I'm a newbie idiot

Re: I'm a newbie idiot

Re: I'm a newbie idiot