Xampy
PHP | SQL | LUA | C++
- Joined
- Jun 22, 2008
- Messages
- 1,109
- Reaction score
- 17
Hello!
Some days ago I saw a BIG BUG in Gesior's AAC. This bug allows you to know every password of every server that use Gesior's AAC.
I won't explain how to know the passwords of databases, I will tell you how to prevent hack attacks in your server:
MySQL Users
Go to C:\xampp\htdocs\pot and open the file OTS_DB_MySQL.php. Go to line 96~ and:
change:
with:
And save the file.
SQLite Users
Go to C:\xampp\htdocs\pot and open the file OTS_DB_SQLite.php. Go to line 54~ and:
change:
with:
And save the file.
Regards.
Some days ago I saw a BIG BUG in Gesior's AAC. This bug allows you to know every password of every server that use Gesior's AAC.
I won't explain how to know the passwords of databases, I will tell you how to prevent hack attacks in your server:
MySQL Users
Go to C:\xampp\htdocs\pot and open the file OTS_DB_MySQL.php. Go to line 96~ and:
change:
Code:
// PDO constructor
parent::__construct('mysql:' . implode(';', $dns), $user, $password);
}
Code:
// PDO constructor
try
{
parent::__construct('mysql:' . implode(';', $dns), $user, $password);
}
catch(PDOException $error)
{
echo 'Can\'t connect to MySQL database.';
exit;
}
}
SQLite Users
Go to C:\xampp\htdocs\pot and open the file OTS_DB_SQLite.php. Go to line 54~ and:
change:
Code:
// PDO constructor
parent::__construct('sqlite:' . $params['database']);
Code:
// PDO constructor
try
{
parent::__construct('sqlite:' . $params['database']);
}
catch(PDOException $error)
{
echo 'Can\'t connect to SQLite database.';
exit;
}
Regards.
Last edited by a moderator: