[Release] VSRO Website Coded By Me (Template From Internet)

Thread is Deleted Not going to Help anymore Thank you :)

Amazing Job bro

Quote:

Originally Posted by CrystalCoder Amazing Job bro

thank you brazzer :D

if you have problems with the website post your problem here and i will tell you what todo :) hope someone will test and tell me if it worked without problems

Hello everyone, don't use this website, I detected 2 fails in 2 secs ^^, use this website and byebye your DB. (This is just an advice)

Quote:

Originally Posted by gigola123 Hello everyone, don't use this website, I detected 2 fails in 2 secs ^^, use this website and byebye your DB. (This is just an advice)

okay i laughed, a Developer atleast will post where the exploit or in which file but you're just saying and byebye your db sorry words means nothing :) :) :)

give me a proof of the exploit and i'll remove the download link :)

Quote:

Originally Posted by DeaDeployment okay i laughed, a Developer atleast will post where the exploit or in which file but you're just saying and byebye your db sorry words means nothing :) :) :) give me a proof of the exploit and i'll remove the download link :)

Well I'm a developper and here we go, 1 found in 1 sec in profile page, you can do a really simple sql injection :
[Only registered and activated users can see links. Click Here To Register...] DROP TABLE SRO_VT_SHARD; --

Here we go, didn't test but sure 100% that work. GL and HF

[Only registered and activated users can see links. Click Here To Register...]

If you want some advice in php for secure or other thing contact me skype

Quote:

Originally Posted by gigola123 Well I'm a developper and here we go, 1 found in 1 sec in profile page, you can do a really simple sql injection : [Only registered and activated users can see links. Click Here To Register...] DROP TABLE SRO_VT_SHARD; -- Here we go, didn't test but sure 100% that work. GL and HF

it doesn't work here :)

Quote:

Originally Posted by DeaDeployment it doesn't work here :)

Enjoy [Only registered and activated users can see links. Click Here To Register...] ;)

Quote:

Originally Posted by gigola123 Well I'm a developper and here we go, 1 found in 1 sec in profile page, you can do a really simple sql injection : [Only registered and activated users can see links. Click Here To Register...] DROP TABLE SRO_VT_SHARD; -- Here we go, didn't test but sure 100% that work. GL and HF [Only registered and activated users can see links. Click Here To Register...] If you want some advice in php for secure or other thing contact me skype

no thanks i dont want advices it doesn't work with me

if it worked with anyone add this code

$charname = mssql_real_espace_string($_GET['name']);

Quote:

Originally Posted by gigola123 Enjoy [Only registered and activated users can see links. Click Here To Register...] ;)

i will never enjoy seeing people losing their time in making their db's that was a little mistake and it's easy to fix even beginners knows how to avoid SQL Injection :) recoding this template took me 2 hours so not everything is done i'll update it later thanks for reporting this exploit

Pride is a default my friend ;)
Like you said, recording this template took you 2 hours, but if it make destroy work of people who spent 2 days for their server (Yeah sro community) and destroy it because of your mistake isn't really nice.
Btw mssql_real_espace_string doesn't avoid all kind of fail. Use PDO with the driver Sql Server, GL and HF for your "life developpement" in web world.

Quote:

Originally Posted by gigola123 Pride is a default my friend ;) Like you said, recording this template took you 2 hours, but if it make destroy work of people who spent 2 days for their server (Yeah sro community) and destroy it because of your mistake isn't really nice. Btw mssql_real_espace_string doesn't avoid all kind of fail. Use PDO with the driver Sql Server, GL and HF for your "life developpement" in web world.

nope iam not using PDO msqsl_real_escape_string will escape special characters wich used to execute the query you can do the same in SMC :) thanks anyway

Wrong section.
next time post it here [Only registered and activated users can see links. Click Here To Register...]

WTF is this?

I checked your first post for 4 seconds. NONE of your shit is going to work on CURRENT or LAST YEARS php version.

Grow up.

#2: The website can EASILY be hacked. VERY EASILY.

You must be arab. Just wow.

I'm not even a web application developer, but if I know this shit, it means its at least 3-4 years old.

Quote:

Originally Posted by Royalblade* WTF is this? I checked your first post for 4 seconds. NONE of your shit is going to work on CURRENT or LAST YEARS php version. Grow up. #2: The website can EASILY be hacked. VERY EASILY. You must be arab. Just wow. I'm not even a web application developer, but if I know this shit, it means its at least 3-4 years old.

it works on php ver 5.4

if you can hack the website very easily do it and post your results here

and yeah iam arab also those 3 Thanked your comment are arabs :)

Quote:

Originally Posted by Spidy. Wrong section. next time post it here [Only registered and activated users can see links. Click Here To Register...]

Try Hard no MOD now QQ

Quote:

Originally Posted by DeaDeployment Thread is Deleted Not going to Help anymore Thank you :)

no no no it doesn't work like that .. yea there is a way to inject just write that on the start of thread so there is some new guys searching for simply php for register or whatever they can us it, dont 'DELETE' your 2 hours works !