stop session stealing on lava scripts

Collapse
X
Collapse
 
  • Page of 3
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
    #1

    stop session stealing on lava scripts

    i dont know why u fools havent thought of this befor lol
    add this to core
    PHP Code:
    function isblocked2($str,$sender)
    {
      if(    ismod($sender))
      {
        return     false;
      }
          $str str_replace(" ","",$str);
          $code[0] = ".php";
          $code[1] = ".php4";
          $code[2] = ".php5";

      for(    $i=0;$i<count($codes);$i++)
      {
                $nosf substr_count($str,$codes[$i]);
        if(    $nosf>0)
        {
          return     true;
        }
      }
      return     false;

    and some of you will be shaking your heads on how easy this simple code is lol
    as all it will do is report the message being sent then ban the person for it
    Last edited by ozziemale31; 14.11.09, 08:40.









    Dont Ask Me Dumb Questions.Or you'l get a Dumb Answer..
    Want A Profesional Logo or Theme For Your wap site Pm Me.If I Have The Time Ill Make It For Free

    Tags: None
    #2
    We have different ways to prevent it..anyway, that's good and helpful for the others.,tnx
    My Blog: http://jhommark.blogspot.com
    My Facebook: http://www.facebook.com/jhommark
    My Official Site: http://www.undergroundweb.tk
    My Community Site: http://undergroundwap.xtreemhost.com

    Comment

      #3
      Originally posted by kiLLeR-eyEd_14 View Post
      We have different ways to prevent it..anyway, that's good and helpful for the others.,tnx
      also help against sql injection ban the users who try inserting these symbols ${}
      etc

      PHP Code:
      $code[3] = "$";
      $code[4] = "{";
      $code[4] = "}"









      Dont Ask Me Dumb Questions.Or you'l get a Dumb Answer..
      Want A Profesional Logo or Theme For Your wap site Pm Me.If I Have The Time Ill Make It For Free

      Comment

        #4
        Great guys,
        http://myfacepals.com
        MYFACEPALS SOCIAL NETWORKsigpic

        Comment

          #5
          Originally posted by ozziemale31 View Post
          i dont know why u fools havent thought of this befor lol
          add this to core
          PHP Code:
          function isblocked2($str,$sender)
          {
            if(          ismod($sender))
            {
              return           false;
            }
                      $str str_replace(" ","",$str);
                      $code[0] = ".php";
                      $code[1] = ".php4";
                      $code[2] = ".php5";

            for(          $i=0;$i<count($codes);$i++)
            {
                            $nosf substr_count($str,$codes[$i]);
              if(          $nosf>0)
              {
                return           true;
              }
            }
            return           false;

          and some of you will be shaking your heads on how easy this simple code is lol
          as all it will do is report the message being sent then ban the person for it
          hmmm...just add this in core.php???
          http://www.youtube.com/watch?v=vsLkpcFKbOk

          Comment

            #6
            yea rap just add this in core then it should work

            Comment

              #7
              Originally posted by ozziemale31 View Post
              i dont know why u fools havent thought of this befor lol
              add this to core
              PHP Code:
              function isblocked2($str,$sender)
              {
                if(              ismod($sender))
                {
                  return               false;
                }
                              $str str_replace(" ","",$str);
                              $code[0] = ".php";
                              $code[1] = ".php4";
                              $code[2] = ".php5";

                for(              $i=0;$i<count($codes);$i++)
                {
                                    $nosf substr_count($str,$codes[$i]);
                  if(              $nosf>0)
                  {
                    return               true;
                  }
                }
                return               false;

              and some of you will be shaking your heads on how easy this simple code is lol
              as all it will do is report the message being sent then ban the person for it
              yeah cool idea that would help at least lol ....
              still leaves u a little vulnerable cos of mod rewrite but every little helps

              Comment

                #8
                Originally posted by something else View Post
                yeah cool idea that would help at least lol ....
                still leaves u a little vulnerable cos of mod rewrite but every little helps
                wouldnt just:
                $str = str_replace(".php","",$str);
                do the same job?

                Comment

                  #9
                  Originally posted by ozziemale31 View Post
                  i dont know why u fools havent thought of this befor lol
                  add this to core
                  PHP Code:
                  function isblocked2($str,$sender)
                  {
                    if(                  ismod($sender))
                    {
                      return                   false;
                    }
                                      $str str_replace(" ","",$str);
                                      $code[0] = ".php";
                                      $code[1] = ".php4";
                                      $code[2] = ".php5";


                    for(                  $i=0;$i<count($codes);$i++)
                    {
                                            $nosf substr_count($str,$codes[$i]);
                      if(                  $nosf>0)
                      {
                        return                   true;
                      }
                    }
                    return                   false;
                  and some of you will be shaking your heads on how easy this simple code is lol
                  as all it will do is report the message being sent then ban the person for it
                  Your missing something... php3

                  Comment

                    #10
                    lol i know plus u need to block extensions like html htm wml xml etc and so forth
                    $str = str_replace(".php","",$str);
                    do the same job?
                    no it just replaces the extension u want the person who posts that extension to be auto banned saves u time going thru your database searchn for how yr hacker got in









                    Dont Ask Me Dumb Questions.Or you'l get a Dumb Answer..
                    Want A Profesional Logo or Theme For Your wap site Pm Me.If I Have The Time Ill Make It For Free

                    Comment

                      #11
                      sorry for noob question for what is this? i mean what will the script do if condition is = yes?
                      Did I help you?
                      You can help me too
                      Your donations will help me finance my studies.

                      Comment

                        #12
                        it just secure ur script from session hack

                        Comment

                          #13
                          was just thinking .php3 .php4 etc is a waste when .php would pick them up
                          PHP Code:
                          function isblocked2($str,$sender)
                          {
                          if((                          substr_count($str,".php")>0)&&(!ismod($sender))){
                          //ban
                          }

                          Comment

                            #14
                            let me know how u guys go i havent got a LAVA edit script up anywhere atm but i think that will help a lot of u guys









                            Dont Ask Me Dumb Questions.Or you'l get a Dumb Answer..
                            Want A Profesional Logo or Theme For Your wap site Pm Me.If I Have The Time Ill Make It For Free

                            Comment

                              #15
                              frustrated by SId hacking

                              ok thanks if my site will not hack again within 10 days..... lol
                              JUST JOIN FOR FUN !
                              http://wapmaster2.com

                              Comment

                              Previous 1 2 3 template Next
                              Working...
                              X