[Release] VSRO Website Coded By Me (Template From Internet)

~~DeaDeployment~~ · 03/29/2015, 18:58

Thread is Deleted Not going to Help anymore Thank you

CrystalCoder · 03/29/2015, 19:42

Amazing Job bro

~~DeaDeployment~~ · 03/29/2015, 19:52

Quote:

Originally Posted by CrystalCoder

Amazing Job bro

thank you brazzer

if you have problems with the website post your problem here and i will tell you what todo

hope someone will test and tell me if it worked without problems

gigola123 · 03/29/2015, 20:36

Hello everyone, don't use this website, I detected 2 fails in 2 secs ^^, use this website and byebye your DB. (This is just an advice)

~~DeaDeployment~~ · 03/29/2015, 20:43

Quote:

Originally Posted by gigola123

Hello everyone, don't use this website, I detected 2 fails in 2 secs ^^, use this website and byebye your DB. (This is just an advice)

okay i laughed, a Developer atleast will post where the exploit or in which file but you're just saying and byebye your db sorry words means nothing

give me a proof of the exploit and i'll remove the download link

gigola123 · 03/29/2015, 20:47

Quote:

Originally Posted by DeaDeployment

okay i laughed, a Developer atleast will post where the exploit or in which file but you're just saying and byebye your db sorry words means nothing

give me a proof of the exploit and i'll remove the download link

Well I'm a developper and here we go, 1 found in 1 sec in profile page, you can do a really simple sql injection :

DROP TABLE SRO_VT_SHARD; --

Here we go, didn't test but sure 100% that work. GL and HF

If you want some advice in php for secure or other thing contact me skype

~~DeaDeployment~~ · 03/29/2015, 20:50

Quote:

Originally Posted by gigola123

Well I'm a developper and here we go, 1 found in 1 sec in profile page, you can do a really simple sql injection :
DROP TABLE SRO_VT_SHARD; --

Here we go, didn't test but sure 100% that work. GL and HF

it doesn't work here

gigola123 · 03/29/2015, 20:56

Quote:

Originally Posted by DeaDeployment

it doesn't work here

Enjoy

~~DeaDeployment~~ · 03/29/2015, 20:58

Quote:

Originally Posted by gigola123

Well I'm a developper and here we go, 1 found in 1 sec in profile page, you can do a really simple sql injection :
DROP TABLE SRO_VT_SHARD; --

Here we go, didn't test but sure 100% that work. GL and HF

If you want some advice in php for secure or other thing contact me skype

no thanks i dont want advices it doesn't work with me

if it worked with anyone add this code

$charname = mssql_real_espace_string($_GET['name']);

Quote:

Originally Posted by gigola123

Enjoy

i will never enjoy seeing people losing their time in making their db's that was a little mistake and it's easy to fix even beginners knows how to avoid SQL Injection

recoding this template took me 2 hours so not everything is done i'll update it later thanks for reporting this exploit

gigola123 · 03/29/2015, 21:03

Pride is a default my friend

Like you said, recording this template took you 2 hours, but if it make destroy work of people who spent 2 days for their server (Yeah sro community) and destroy it because of your mistake isn't really nice.
Btw mssql_real_espace_string doesn't avoid all kind of fail. Use PDO with the driver Sql Server, GL and HF for your "life developpement" in web world.

~~DeaDeployment~~ · 03/29/2015, 21:06

Quote:

Originally Posted by gigola123

Pride is a default my friend
Like you said, recording this template took you 2 hours, but if it make destroy work of people who spent 2 days for their server (Yeah sro community) and destroy it because of your mistake isn't really nice.
Btw mssql_real_espace_string doesn't avoid all kind of fail. Use PDO with the driver Sql Server, GL and HF for your "life developpement" in web world.

nope iam not using PDO msqsl_real_escape_string will escape special characters wich used to execute the query you can do the same in SMC

thanks anyway

Spidy. · 03/29/2015, 22:50

Wrong section.
next time post it here

Royalblade* · 03/29/2015, 22:56

WTF is this?

I checked your first post for 4 seconds. NONE of your **** is going to work on CURRENT or LAST YEARS php version.

Grow up.

#2: The website can EASILY be hacked. VERY EASILY.

You must be arab. Just wow.

I'm not even a web application developer, but if I know this ****, it means its at least 3-4 years old.

~~DeaDeployment~~ · 03/30/2015, 06:56

Quote:

Originally Posted by Royalblade*

WTF is this?

I checked your first post for 4 seconds. NONE of your **** is going to work on CURRENT or LAST YEARS php version.

Grow up.

#2: The website can EASILY be hacked. VERY EASILY.

You must be arab. Just wow.

I'm not even a web application developer, but if I know this ****, it means its at least 3-4 years old.

it works on php ver 5.4

if you can hack the website very easily do it and post your results here

and yeah iam arab also those 3 Thanked your comment are arabs

Quote:

Originally Posted by Spidy.

Wrong section.
next time post it here

Try Hard no MOD now QQ

Eslam Galull · 03/30/2015, 08:05

Quote:

Originally Posted by DeaDeployment

Thread is Deleted Not going to Help anymore Thank you

no no no it doesn't work like that .. yea there is a way to inject just write that on the start of thread so there is some new guys searching for simply php for register or whatever they can us it, dont 'DELETE' your 2 hours works !