null nuke 1.2.5

p0rt · 4th March 2012, 06:47

uploaded a new version of the null.. if all "modules" etc are enabled it kind of looks like http://nullnuke.netai.net/ depending on how you set up side blocks etc, or index blocks in the theme

it has a full shoutcast 2 manager module to run a fully automated station all integrated into the site :

uses user accounts as DNAS DSP login and password and listed dj`s,
autogenerated transcoder calandar when sc_trans is started,
generate playlists from uploaded MP3,
start/stop and monitor multiple DNAS and transcoders and manage and setup multiple streams
sever status side block and on radio stream page + showing a public schedule
install sc_serv and sc_trans as a windows service/linux deamon with a click of a link, stopping deamons needs to be tweaked and store the pid in db

this release has schedule added to remote servers, and dj`s linked to user accounts

you can download the null from https://sourceforge.net/projects/nullnuke/

p0rt · 12th March 2012, 13:03

heres a patch if anyone wants it... you can use it on any of the 1.2.5 releases on sourceforge

fixes administration gallery media edit pages
fixes file type extension display classes
fixes image/displayclass resizing

adds custom module bbcode tag arrays, with 2 new arrays for chat and signature : ./core/sanitizer/core_BBCodeConvert.tag_array.php
adds audioplay_0.9.9 mp3 player to file type display classes
adds flayr flv player to file type display classes
adds ajax chat room, type /cmds for cmd list

to use display classes, you need to add .mp3 or .flv mime to
modules you want to allow then filetypes to be uploaded.. todo :

1>login as super admin, and select from the configuration droplist. [ Filetypes ]

2>use the file form field to select a mp3 or flv file, and then click on [ Get Mime Type ] button, the mime and extension fields will be filled in for you. then select the displayclass from the drop list you wish to use to display the file on the page

3>select the checkboxes of the modules you wish to allow the file type to be allowed, when uploading, and then click [ Add Mime To Selected Module ] button

http://nullnuke.netai.net/download.php?op=getit&lid=20

p0rt · 13th March 2012, 00:56

patch is now defunkt. i uploaded another repack to source, which also fixes database insert errors when form fields are protected through an array.. so the whole thing is now usable as a site if you make a custom theme or not and run your shoutcast community

you can now put as much code in posts with or without bbcode code tags and all will be good and formatted correctly

p0rt · 21st March 2012, 01:05

a whole new null for anyone.. most of the security and been recoded, and now has full dynamic modules, to just upload the files and click on install on the modules admin page,. many other changes and tweaks, and now more of a framework then ever before

https://sourceforge.net/projects/nul...n%201.3%20dev/

there is a module template included if you obviously get 006

dimajahiz · 8th November 2014, 15:53

i try to find NULL NUKE CMS v2.2 to download i got the info

=======================================================
=======================================================
=======================================================
Title: NULL NUKE CMS v2.2 Multiple Vulnerabilities
Advisory ID: ZSL-2014-5185
Type: Local/Remote
Impact: Spoofing, Exposure of System Information, Exposure of Sensitive Information, Manipulation of Data, Cross-Site Scripting, System Access
Risk: (4/5)
Release Date: 28.04.2014

Summary
NULL-8x3-NUKE is a fast, powerful and secure cross platform CMS for windows and Linux using base or full drive paths.

Description
NULL NUKE CMS suffers from multiple remote vulnerabilities including Stored/Reflected XSS, SQL Injection, Arbitrary File Upload, RCE, Arbitrary File Deletion, Arbitrary File Access using absolute path and/or traversal, Open Redirection, Parameter Traversal, and Cross-Site Request Forgery.

Vendor
nullwanton - http://sourceforge.net/projects/nullnuke/

Affected Version
2.2 and 2.1 rc3

Tested On
Apache/2.4.7 (Win32)
PHP/5.5.6
MySQL 5.6.14

Vendor Status
N/A

PoC
nullnuke_mv.txt
Credits

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>
=======================================================
=======================================================
=======================================================

Please Update and fix the Multiple Vulnerabilities

Thanks.

p0rt · 14th November 2014, 12:10

most are found using a worm, no exploits do anything in the real world, they have never looked at the code, just ran a worm

even if the few exploits do anything, i could`nt care, i removed it from sourceforge and will probably never be put up the current version is running http://subhertz-radio.com/ and is always having script kiddies trying them, and they all do nothing

http://www.mediafire.com/download/j5...-NUKE_v2.2.zip

its got nuke in the name and 100% nothing todo with phpnuke or any other coded CMS/portal

p0rt · 15th November 2014, 14:29

4th March 2012, 06:47	#1
p0rt Senior Member Join Date: Nov 2010 Posts: 152	null nuke 1.2.5 uploaded a new version of the null.. if all "modules" etc are enabled it kind of looks like http://nullnuke.netai.net/ depending on how you set up side blocks etc, or index blocks in the theme it has a full shoutcast 2 manager module to run a fully automated station all integrated into the site : uses user accounts as DNAS DSP login and password and listed dj`s, autogenerated transcoder calandar when sc_trans is started, generate playlists from uploaded MP3, start/stop and monitor multiple DNAS and transcoders and manage and setup multiple streams sever status side block and on radio stream page + showing a public schedule install sc_serv and sc_trans as a windows service/linux deamon with a click of a link, stopping deamons needs to be tweaked and store the pid in db this release has schedule added to remote servers, and dj`s linked to user accounts you can download the null from https://sourceforge.net/projects/nullnuke/

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

12th March 2012, 13:03	#2
p0rt Senior Member Join Date: Nov 2010 Posts: 152	heres a patch if anyone wants it... you can use it on any of the 1.2.5 releases on sourceforge fixes administration gallery media edit pages fixes file type extension display classes fixes image/displayclass resizing adds custom module bbcode tag arrays, with 2 new arrays for chat and signature : ./core/sanitizer/core_BBCodeConvert.tag_array.php adds audioplay_0.9.9 mp3 player to file type display classes adds flayr flv player to file type display classes adds ajax chat room, type /cmds for cmd list to use display classes, you need to add .mp3 or .flv mime to modules you want to allow then filetypes to be uploaded.. todo : 1>login as super admin, and select from the configuration droplist. [ Filetypes ] 2>use the file form field to select a mp3 or flv file, and then click on [ Get Mime Type ] button, the mime and extension fields will be filled in for you. then select the displayclass from the drop list you wish to use to display the file on the page 3>select the checkboxes of the modules you wish to allow the file type to be allowed, when uploading, and then click [ Add Mime To Selected Module ] button http://nullnuke.netai.net/download.php?op=getit&lid=20

13th March 2012, 00:56	#3
p0rt Senior Member Join Date: Nov 2010 Posts: 152	patch is now defunkt. i uploaded another repack to source, which also fixes database insert errors when form fields are protected through an array.. so the whole thing is now usable as a site if you make a custom theme or not and run your shoutcast community you can now put as much code in posts with or without bbcode code tags and all will be good and formatted correctly

21st March 2012, 01:05	#4
p0rt Senior Member Join Date: Nov 2010 Posts: 152	a whole new null for anyone.. most of the security and been recoded, and now has full dynamic modules, to just upload the files and click on install on the modules admin page,. many other changes and tweaks, and now more of a framework then ever before https://sourceforge.net/projects/nul...n%201.3%20dev/ there is a module template included if you obviously get 006

8th November 2014, 15:53	#5
dimajahiz Junior Member Join Date: Nov 2014 Posts: 3	i try to find NULL NUKE CMS v2.2 to download i got the info ======================================================= ======================================================= ======================================================= Title: NULL NUKE CMS v2.2 Multiple Vulnerabilities Advisory ID: ZSL-2014-5185 Type: Local/Remote Impact: Spoofing, Exposure of System Information, Exposure of Sensitive Information, Manipulation of Data, Cross-Site Scripting, System Access Risk: (4/5) Release Date: 28.04.2014 Summary NULL-8x3-NUKE is a fast, powerful and secure cross platform CMS for windows and Linux using base or full drive paths. Description NULL NUKE CMS suffers from multiple remote vulnerabilities including Stored/Reflected XSS, SQL Injection, Arbitrary File Upload, RCE, Arbitrary File Deletion, Arbitrary File Access using absolute path and/or traversal, Open Redirection, Parameter Traversal, and Cross-Site Request Forgery. Vendor nullwanton - http://sourceforge.net/projects/nullnuke/ Affected Version 2.2 and 2.1 rc3 Tested On Apache/2.4.7 (Win32) PHP/5.5.6 MySQL 5.6.14 Vendor Status N/A PoC nullnuke_mv.txt Credits Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk> ======================================================= ======================================================= ======================================================= Please Update and fix the Multiple Vulnerabilities Thanks.

14th November 2014, 12:10	#6
p0rt Senior Member Join Date: Nov 2010 Posts: 152	most are found using a worm, no exploits do anything in the real world, they have never looked at the code, just ran a worm even if the few exploits do anything, i could`nt care, i removed it from sourceforge and will probably never be put up the current version is running http://subhertz-radio.com/ and is always having script kiddies trying them, and they all do nothing http://www.mediafire.com/download/j5...-NUKE_v2.2.zip its got nuke in the name and 100% nothing todo with phpnuke or any other coded CMS/portal

15th November 2014, 14:29	#7
p0rt Senior Member Join Date: Nov 2010 Posts: 152