View Full Version : How secure is my hack
harmor19
01-27-2006, 09:03 PM
Can someone do a quick scan of my hack and report any vulnabilities.
http://vbtest.iconrate.net/vb_hack/hosting.phps
Andreas
01-27-2006, 09:18 PM
'" . $hp['title'] . "',
This could cause SQL errors.
$db->query_write("
UPDATE " . TABLE_PREFIX . "temp_host_request
SET userid = '" . $user['userid'] . "',
subdomain = '" . $user['subdomain'] . "',
host_username = '" . $user['host_username'] . "',
host_password = '$pass',
planid = '" . $hp['planid'] . "',
title = '" . $hp['title'] ."'
WHERE userid = '".$vbulletin->userinfo['userid']."'
");
Depending on the data, this might also cause SQL errors.
$db->query_write("
UPDATE " . TABLE_PREFIX . "user
SET hosting_plan = '" . $hp['title'] . "',
subdomain = '" . $hp['subdomain'] . "',
host_username = '" . $hp['host_username'] . "',
host_password = '" . $hp['host_password'] . "',
planid = '" . $hp['planid'] . "'
WHERE userid = '" . $user['postuserid'] . "'
");
$db->query_write("
UPDATE " . TABLE_PREFIX . "thread
SET title = '".$hpost['title']."\n\n[Accepted]'
WHERE firstpostid = '" . $hpost['firstpostid'] . "'
");
This as well.
$db->query_write("
UPDATE " . TABLE_PREFIX . "thread
SET title = '".$hpost['title']."\n\n[Declined]'
WHERE firstpostid = '" . $hpost['firstpostid'] . "'
");
And here too.
You should not call do_set() directly!
harmor19
01-27-2006, 09:32 PM
I chnaged all the do_set()'s to set() and setr() but they don't work.
Only do_set() works.
Andreas
01-27-2006, 10:25 PM
Then you're doing smth. wrong - set/setr is the correct way.
vBulletin® v3.8.12 by vBS, Copyright ©2000-2025, vBulletin Solutions Inc.