Nicholas Posted April 7, 2010 Posted April 7, 2010 hi everyone, i done this attack logs about 2-5 days ago. _____________________________________________________________ first add this to the database... You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. _____________________________________________________________ then find in attacktake.php You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. under it put this You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. then find You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. replace it with this You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. _____________________________________________________________ then find in attackbeat.php You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. under it put this You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. then find You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. replace it with this You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. _____________________________________________________________ then find in attackwon.php You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. under it put this You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. then find You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. replace it with this You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. _____________________________________________________________ then in attacklost.php find You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. under it put You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. then find You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. and replace it with You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. _____________________________________________________________ finally here is the code, called it "attacklogs.php". You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Quote
Zero-Affect Posted April 9, 2010 Posted April 9, 2010 You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Quote
Nicholas Posted April 9, 2010 Author Posted April 9, 2010 err... thanks i guess but what was the security issue? also what happened to the rest of it? lol. Quote
Zero-Affect Posted April 9, 2010 Posted April 9, 2010 ah my mistake i edited a version for someone lately and assumed it wasn't edited but it was so disregard what i previously said. Quote
Nicholas Posted April 9, 2010 Author Posted April 9, 2010 i think that was my old one. lol. i completely forgot about that i posted that one up... otherwise i would of just edited it... and i see what you done lol, you change the $_GET['log_id'] == abs(@intval($_GET['log_id'])); into a longer but i guess more secure way $_GET['log_id'] = ( isset($_GET['log_id']) AND ctype_digit($_GET['log_id']) ) ? $_GET['log_id'] : 0 ; Quote
Djkanna Posted April 9, 2010 Posted April 9, 2010 $_GET['log_id'] = ( isset($_GET['log_id']) AND ctype_digit($_GET['log_id']) ) ? $_GET['log_id'] : 0 ; isset($_GET['log_id']): if it's set ctype_digit($_GET['log_id']): if it's a digit. ? $_GET['log_id']: Then go ahead and use it. : 0 ; : Or set it to 0; Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.