r57 shell script

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    r57 shell script

    The shell script allows someone to access your operating system to list, create and remove files and directories as well as execute code on your server. how to prevent it?
    our lfe is simple words....
    http://mygenkz.net
    ewanz06@yahoo.com
    PHP Code:
    $output="i am NOoob....";
    $newfile="ewanz.txt";
    $file fopen ($newfile"w");
    fwrite($file$output);
    fclose ($file); 

    #2
    dont host a uploader......

    or

    rename file and let MySql name it
    Visit: Chat4u.mobi - The New Lay Of being a site of your dreams!
    Visit: WapMasterz Coming Back Soon!
    _______
    SCRIPTS FOR SALE BY SUBZERO
    Chat4u Script : coding-talk.com/f28/chat4u-mobi-script-only-150-a-17677/ - > Best Script for your site no other can be hacked by sql or uploaders.
    FileShare Script : coding-talk.com/f28/file-wap-share-6596/ -> Uploader you will never regret buying yeah it mite be old now but it still seems to own others...
    _______
    Info & Tips
    php.net
    w3schools.com

    Comment


      #3
      but what about the site that use lavalair script.. there must be uploader on it.. any tips for it?
      our lfe is simple words....
      http://mygenkz.net
      ewanz06@yahoo.com
      PHP Code:
      $output="i am NOoob....";
      $newfile="ewanz.txt";
      $file fopen ($newfile"w");
      fwrite($file$output);
      fclose ($file); 

      Comment


        #4
        when i got time i will code my uploader for lavalair this will be in xhtml

        also it be icecube coded
        Visit: Chat4u.mobi - The New Lay Of being a site of your dreams!
        Visit: WapMasterz Coming Back Soon!
        _______
        SCRIPTS FOR SALE BY SUBZERO
        Chat4u Script : coding-talk.com/f28/chat4u-mobi-script-only-150-a-17677/ - > Best Script for your site no other can be hacked by sql or uploaders.
        FileShare Script : coding-talk.com/f28/file-wap-share-6596/ -> Uploader you will never regret buying yeah it mite be old now but it still seems to own others...
        _______
        Info & Tips
        php.net
        w3schools.com

        Comment


          #5
          thanks zero... i also use the url for user avatar.. Is it safety?
          our lfe is simple words....
          http://mygenkz.net
          ewanz06@yahoo.com
          PHP Code:
          $output="i am NOoob....";
          $newfile="ewanz.txt";
          $file fopen ($newfile"w");
          fwrite($file$output);
          fclose ($file); 

          Comment


            #6
            edit your bbcode to this

            $text = preg_replace("/\[img\=(.*?)\](.*?)\[\/img\]/is","<img src=\"thumb.php?pic=$1&w_max=50&h_max=50\" alt=\"$2\"/>",$text);

            $text=preg_replace("/\[img\](.*?)\[\/img\]/i","<img src=\"thumb.php?pic=$1&w_max=50&h_max=50\" alt=\"FAST IMAGE\"/>", $text);

            Make page called

            thumb.php

            Code:
            <?php 
            $pic = $_GET['pic'];
            
            $taille = getimagesize("$pic");  
            $h_i = $taille[1];  
            $w_i = $taille[0];  
            if($h_i >$h_max)  
            {  
            $convert=$h_max/$h_i;  
            $h_i=$h_max;  
            $w_i=ceil($w_i*$convert);  
            }  
            if($w_i >$w_max)  
            {  
            $convert=$w_max/$w_i;  
            $w_i=$w_max;  
            $h_i=ceil($h_i*$convert);  
            };  
            
            $largeur = "$w_i"; 
            $hauteur ="$h_i"; 
            
            header("Content-Type: image/jpeg"); 
            list($width, $height, $type, $attr) = getimagesize("$pic"); 
            
            if($type == "1") 
            { 
            $img_in = imagecreatefromgif($pic); 
            } 
            
            if($type == "2") 
            { 
            $img_in = imagecreatefromjpeg($pic); 
            } 
            
            if($type == "3") 
            { 
            $img_in = imagecreatefrompng($pic); 
            } 
            
            $img_out = imagecreatetruecolor($largeur, $hauteur); 
            imagecopyresampled($img_out, $img_in, 0, 0, 0, 0, imagesx($img_out), imagesy($img_out), imagesx($img_in), imagesy($img_in)); 
            $t = imagejpeg($img_out); 
            echo $t; 
            ?>
            Visit: Chat4u.mobi - The New Lay Of being a site of your dreams!
            Visit: WapMasterz Coming Back Soon!
            _______
            SCRIPTS FOR SALE BY SUBZERO
            Chat4u Script : coding-talk.com/f28/chat4u-mobi-script-only-150-a-17677/ - > Best Script for your site no other can be hacked by sql or uploaders.
            FileShare Script : coding-talk.com/f28/file-wap-share-6596/ -> Uploader you will never regret buying yeah it mite be old now but it still seems to own others...
            _______
            Info & Tips
            php.net
            w3schools.com

            Comment


              #7
              okay i'll try... what the usage of that file? i mean how to use that.. i just put in web folder..is it right?
              our lfe is simple words....
              http://mygenkz.net
              ewanz06@yahoo.com
              PHP Code:
              $output="i am NOoob....";
              $newfile="ewanz.txt";
              $file fopen ($newfile"w");
              fwrite($file$output);
              fclose ($file); 

              Comment


                #8
                in main folder.
                Visit: Chat4u.mobi - The New Lay Of being a site of your dreams!
                Visit: WapMasterz Coming Back Soon!
                _______
                SCRIPTS FOR SALE BY SUBZERO
                Chat4u Script : coding-talk.com/f28/chat4u-mobi-script-only-150-a-17677/ - > Best Script for your site no other can be hacked by sql or uploaders.
                FileShare Script : coding-talk.com/f28/file-wap-share-6596/ -> Uploader you will never regret buying yeah it mite be old now but it still seems to own others...
                _______
                Info & Tips
                php.net
                w3schools.com

                Comment


                  #9
                  i had put in public html/thump.php.. then what must i do?
                  our lfe is simple words....
                  http://mygenkz.net
                  ewanz06@yahoo.com
                  PHP Code:
                  $output="i am NOoob....";
                  $newfile="ewanz.txt";
                  $file fopen ($newfile"w");
                  fwrite($file$output);
                  fclose ($file); 

                  Comment


                    #10
                    i understand.. now <img src=\"thumb.php?pic=$1&w_max=50&h_max=50\" alt=\"FAST IMAGE\"/> insert to avatar...
                    our lfe is simple words....
                    http://mygenkz.net
                    ewanz06@yahoo.com
                    PHP Code:
                    $output="i am NOoob....";
                    $newfile="ewanz.txt";
                    $file fopen ($newfile"w");
                    fwrite($file$output);
                    fclose ($file); 

                    Comment


                      #11
                      Yes that right
                      Visit: Chat4u.mobi - The New Lay Of being a site of your dreams!
                      Visit: WapMasterz Coming Back Soon!
                      _______
                      SCRIPTS FOR SALE BY SUBZERO
                      Chat4u Script : coding-talk.com/f28/chat4u-mobi-script-only-150-a-17677/ - > Best Script for your site no other can be hacked by sql or uploaders.
                      FileShare Script : coding-talk.com/f28/file-wap-share-6596/ -> Uploader you will never regret buying yeah it mite be old now but it still seems to own others...
                      _______
                      Info & Tips
                      php.net
                      w3schools.com

                      Comment


                        #12
                        i start to make it now.. thanks zero
                        our lfe is simple words....
                        http://mygenkz.net
                        ewanz06@yahoo.com
                        PHP Code:
                        $output="i am NOoob....";
                        $newfile="ewanz.txt";
                        $file fopen ($newfile"w");
                        fwrite($file$output);
                        fclose ($file); 

                        Comment


                          #13
                          my lava edit that i have aer secure for uploader ozziemale have posted a code to put in ur uploader folders so it make it more secure

                          Comment


                            #14
                            where is that code?i tried search button but could not find it?

                            Comment


                              #15
                              yeah...give the link.. it could be hard to search..
                              our lfe is simple words....
                              http://mygenkz.net
                              ewanz06@yahoo.com
                              PHP Code:
                              $output="i am NOoob....";
                              $newfile="ewanz.txt";
                              $file fopen ($newfile"w");
                              fwrite($file$output);
                              fclose ($file); 

                              Comment

                              Working...
                              X