povedijah
Member
- Joined
- Jan 11, 2010
- Messages
- 93
- Reaction score
- 6
error?
CAN create this monster xDD
Gesior : how i can put, player no contain in name ( - , ',",Etc¿ ) i need remove this ..
error?
Why? Do you like to hack otses with bugged 'gesior'?for me worst gesior
1. Give link to your ots site + what version of acc. maker do you use, what TFS distro.I Was using Gesior 2012+Uniform server.
10 minutes ago, some player loged on my ot.
07:34 Adivinaa [8]: I have a nice bug on your website
07:34 Adivinaa [8]: folder classes
07:34 Adivinaa [8]: I have infinite premium points.
07:34 Adivinaa [8]: pay me 30€ or i will close your ot.
07:34 Adivinaa [8]: okay, as you like, check now the accounts, All have 9999999 premium points.
wtf??
$config['site']['generate_new_reckey_price'] = XXX
$account->set('premium_points', ($account->getCustomField('premium_points')+$number_of_points));
$account->set('premium_points', ($account->getCustomField('premium_points')+$number_of_points));
$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
...
$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
$account->setPremiumPoints($account->getPremiumPoints() + $pay['premium_points']);
1. Give link to your ots site + what version of acc. maker do you use, what TFS distro.
2. Never trust hackers, if you find bug in buypoints.php and want from hoster 30 euro you tell him that bug is in buypoints.php or in classes?
EDIT:
3. Never negotiate with terrorists.
Do you host on windows? I can try to hack database of your OTS with some scripts.
I know problems in acc. maker that can let someone hack database/DDoS OTS if it's hosted on bad configured web server + bad configured mysql (= XAMPP or other easy-to-run windows packet), but acc. maker can't be responsible for stupidity of hosters.
EDIT 2:
Codes in acc. maker that 'edit' number of points:
---------------------
folder 'classes' - NONE, hmm.. no comment.
---------------------
config/config.php
(value under 0 adds points!)PHP:$config['site']['generate_new_reckey_price'] = XXX
---------------------
pages/buypoints.php
(gives points after you enter code from SMS [system Dotpay.pl])PHP:$account->set('premium_points', ($account->getCustomField('premium_points')+$number_of_points));
---------------------
pages/zaypay_report.php
(gives points after report of valid payment from zaypay.com)PHP:$account->set('premium_points', ($account->getCustomField('premium_points')+$number_of_points));
---------------------
pages/shopsystem.php
(removes points after you buy item or container, if price for item is below 0 it GIVES points)PHP:$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']); ... $account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
---------------------
paypal_report.php
(add points after report from paypal.com IPN system)PHP:$account->setPremiumPoints($account->getPremiumPoints() + $pay['premium_points']);
---------------------
If someone can manipulate 'all' accounts at once, it means that he found something that I did not find in last years or he just use phpmyadmin/connect from remote PC to database (host mysql on localhost only!!! not global IP!)
EDIT 3:
If you have access.log of www server. Send it to me. I will analyse it and try to find what did 'hacker'.
Sorry, but it made me soooo angry.I will send you a private msg
$name=$_GET['name'];
...
$sql = "UPDATE accounts SET premium_points = premium_points + $puntos WHERE name = '$name'";
<?php
error_reporting (1);
include('sms_conf.php');
$dbc = mysql_connect($host,$user,$pass) or die("DB conection error");
mysql_select_db($db,$dbc);
$name=$_GET['name'];
$codigo=$_POST['codigo'];
if(isset($_POST['formcodigo']))
{
$name=$_POST['name'];
$QueryString = "LinkUrl=".urlencode((($_SERVER['HTTPS']=='on')?'https://':'http://').$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
$QueryString .= "&codigo=" .urlencode($codigo);
$QueryString .= "&idservicio=" .$idservicio;
if(intval(get_cfg_var('allow_url_fopen')) && function_exists('file_get_contents'))
{
$result=@file_get_contents("http://contenidopago.com/codigoval.php?".$QueryString);
}
elseif(intval(get_cfg_var('allow_url_fopen')) && function_exists('file'))
{
if($content = @file("http://contenidopago.com/codigoval.php?".$QueryString))
$result=@join('', $content);
}
else
{
print "It appears that your web host has disabled all functions for handling remote pages and as a result the BackLinks software will not function on your web page. Please contact your web host for more information.";
}
if ($result=='ok')
{
$dbc = mysql_connect($host,$user,$pass) or die("DB conection error");
mysql_select_db($db,$dbc);
if(!(empty($name)))
{
$sql = "UPDATE `accounts` SET `premium_points` = `premium_points` + $puntos WHERE `name` = '" . mysql_real_escape_string($name) . "'";
$res = mysql_query($sql,$dbc);
if(mysql_affected_rows() == 0)
{
die('This username does not exist: <font color="blue">'.htmlspecialchars($name).'</font>');
}
die("Codigo : $codigo ok , Points added to your account");
}
else
{
die('You did not set the user!');
}
}
if ($result=='no')
{
die ('This code is already in used');
}
}
$puntos = (int) $_GET['puntos'];
$hf = fopen('http://www.contenidopago.com/validate.php',r);
$line = fgets($hf);
$restringidas = explode('|',$line);
$ip=$_SERVER['REMOTE_ADDR'];
if(!in_array($ip,$restringidas))
die("You are not able to use this system!");
if($_GET['check']==1)
{
if($name!='')
{
$sql="SELECT * FROM `accounts` WHERE `name`='" . mysql_real_escape_string($name) . "'";
$result=mysql_query($sql);
if (mysql_num_rows($result) == 0 )
{
die ("No existe el usuario " . htmlspecialchars($name));
}
else
{
die('ok');
}
}
}
if($_GET['paypal']==0)
{
if(!(empty($name)))
{
$sql = "UPDATE `accounts` SET `premium_points` = `premium_points` + $puntos WHERE `name` = '" . mysql_real_escape_string($name) . "'";
$res = mysql_query($sql,$dbc);
if(mysql_affected_rows() == 0)
die('This username does not exist: '.$name.'');
}
else
die('You did not set the user!');
die ('ok');
}
if(!(empty($name)))
{
$sql = "UPDATE `accounts` SET `premium_points` = `premium_points` + $puntos WHERE `name` = '" . mysql_real_escape_string($name) . "'";
$res = mysql_query($sql,$dbc);
if(mysql_affected_rows() == 0)
die('This username does not exist: '. htmlspecialchars($name));
}
else
die('You did not set the user!');
die ('ok');
?>
Sorry, but it made me soooo angry.
UNINSTALL
YOUR
FUCKING
contenidopago.com
SYSTEM
Buypoint - Farlia
part of sms.php file you added to acc. maker:
What will happen if you type valid SMS code on Buypoint - Farlia and in place of account name: Gesior' OR 1 = 1 OR `name` = 'HaxPHP:$name=$_GET['name']; ... $sql = "UPDATE accounts SET premium_points = premium_points + $puntos WHERE name = '$name'";
give points to all accounts? really?
I did public that acc. maker, because I wanted to stop listening about hax of OTSes and my acc. maker and what you did? YOU INSTALLED SCRIPT MADE BY SOME IDIOT!
EDIT:
Replace sms.php code with:
and your page will be safe.PHP:<?php error_reporting (1); include('sms_conf.php'); $dbc = mysql_connect($host,$user,$pass) or die("DB conection error"); mysql_select_db($db,$dbc); $name=$_GET['name']; $codigo=$_POST['codigo']; if(isset($_POST['formcodigo'])) { $name=$_POST['name']; $QueryString = "LinkUrl=".urlencode((($_SERVER['HTTPS']=='on')?'https://':'http://').$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']); $QueryString .= "&codigo=" .urlencode($codigo); $QueryString .= "&idservicio=" .$idservicio; if(intval(get_cfg_var('allow_url_fopen')) && function_exists('file_get_contents')) { $result=@file_get_contents("http://contenidopago.com/codigoval.php?".$QueryString); } elseif(intval(get_cfg_var('allow_url_fopen')) && function_exists('file')) { if($content = @file("http://contenidopago.com/codigoval.php?".$QueryString)) $result=@join('', $content); } else { print "It appears that your web host has disabled all functions for handling remote pages and as a result the BackLinks software will not function on your web page. Please contact your web host for more information."; } if ($result=='ok') { $dbc = mysql_connect($host,$user,$pass) or die("DB conection error"); mysql_select_db($db,$dbc); if(!(empty($name))) { $sql = "UPDATE `accounts` SET `premium_points` = `premium_points` + $puntos WHERE `name` = '" . mysql_real_escape_string($name) . "'"; $res = mysql_query($sql,$dbc); if(mysql_affected_rows() == 0) { die('This username does not exist: <font color="blue">'.htmlspecialchars($name).'</font>'); } die("Codigo : $codigo ok , Points added to your account"); } else { die('You did not set the user!'); } } if ($result=='no') { die ('This code is already in used'); } } $puntos = (int) $_GET['puntos']; $hf = fopen('http://www.contenidopago.com/validate.php',r); $line = fgets($hf); $restringidas = explode('|',$line); $ip=$_SERVER['REMOTE_ADDR']; if(!in_array($ip,$restringidas)) die("You are not able to use this system!"); if($_GET['check']==1) { if($name!='') { $sql="SELECT * FROM `accounts` WHERE `name`='" . mysql_real_escape_string($name) . "'"; $result=mysql_query($sql); if (mysql_num_rows($result) == 0 ) { die ("No existe el usuario " . htmlspecialchars($name)); } else { die('ok'); } } } if($_GET['paypal']==0) { if(!(empty($name))) { $sql = "UPDATE `accounts` SET `premium_points` = `premium_points` + $puntos WHERE `name` = '" . mysql_real_escape_string($name) . "'"; $res = mysql_query($sql,$dbc); if(mysql_affected_rows() == 0) die('This username does not exist: '.$name.''); } else die('You did not set the user!'); die ('ok'); } if(!(empty($name))) { $sql = "UPDATE `accounts` SET `premium_points` = `premium_points` + $puntos WHERE `name` = '" . mysql_real_escape_string($name) . "'"; $res = mysql_query($sql,$dbc); if(mysql_affected_rows() == 0) die('This username does not exist: '. htmlspecialchars($name)); } else die('You did not set the user!'); die ('ok'); ?>
No can added all this names of monster in invalid names..
$names_blocked = array('gm','cm', 'god', 'tutor');
$names_blocked = array('gm','cm', 'god', 'tutor', 'dragon lord', 'orc warlord');
$temp = strspn("$name", "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM- '");
$temp = strspn("$name", "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM ");
Hi !
This bug is more than three years ago, if you use the latest version of "sms.php" is totally safe.
We provide integration for micro payments,you cah use any script to manage it, if you use the pre-created one is important to use the latest version.
Regards,,,
Do not lie!Hi !
This bug is more than three years ago, if you use the latest version of "sms.php" is totally safe.
We provide integration for micro payments,you cah use any script to manage it, if you use the pre-created one is important to use the latest version.
Regards,,,