xc0n

yea but sometimes the most basic way is best, usb security is bad think off all the n00bs getting a usb not recognised msg n not being able to view there data, an ip is like a finger print u can spoof it but u cant make it a number u desire! untill then my system is ok, i did post a demo link to a login that knowbody even saw, i got logs of over 7 people trying to get in since i last posed on here, now considering this is a big forum with alot of tallent i think i done well nobody cracked my hash! didnt even see a ss of my login page let alone a hack of any kind these guys would have just seen red so give me a lil credit ey?

psycho a user above said its bad to create your own hash & that his buddy could easily crack it, not me i know a hash cant be undone hence my attitude to n00bs that try diss me i guess i was very over reactive and should settle down i have just been working on this for a while and take offense easily my bad. id love to gather some files together of the previous version so you can all have a look? maby then u can give me some tips on improvement

i dont know why i bother... why would i post my source here lol its real smart to build a hash an then give the source :/ im not trying to market anything lol forget the website guys the link i posted was to a demo see demo.php so tell ur ####%#%%% to brake it u have the link i wan see a screenshot of my login page lets see how good u guys are??? or r u all jus full of it? also did use get time to crack the above hash??? thought it would be easy ??? only 5 letters ?? lmfao id love to show my code but not when i get this reaction for wanting to try sumfin new & yea im a s#it speller im truely sorry for this lol sorry for over reacting to the crap thats been posted here i just cant stand f#ckheads that try diss ppl that wana share new ideas, nothing is impossible my system is secure and u can all get f#cked use are all like sheep anyway weather any1 agrees wif me of not they wont say it cause all the douchb@gs would diss them, hahahaha lmao at the w@nkers with quotes in there sig's from a site mod or admin hahahahahaha sucking up much?? lol ehhhhh maby i should visit this forum when i need a spell check done or marketing tips & tips on how to suck up to admin accounts i could really learn alot !!

jeez did i ask u to look at my about page ? this place is full of ####heads seriously ppl come to try expand tere knowlegde n learn more get help with projects and all u get is smartass ppl sayin u have a spelling mistake ehhhhhh... help... talk about my actual script or ##%% off!

Ahh so nice to have support from this "helping forum" lol Well yes its easy to spoof your ip, but you would need to know what ip u need to spoof, and im pretty sure u can spoof a SPECIFIC ip address so unless my system decides to allow random spoofed ip's then ur out of luck. tell your friend to give it a go, I have this software running on http://www.ipsecure.com.au/demo.php if he can send me a screenshot of just the login page ill be VERY surprised LOL. The only way to compromise this would be to attack the server, its on a basic server without ssl so hooray if he manages to attack it. Remember u think my script is the problem so tell him to attack the script. And for any users that don't have windows i feel sorry for you and u will have to purchase a static ip off your isp also ill hash a basic word using my hash and u get him to crack it :/ just a basic 5 letter plain word jcrypT Hash: ^[EMa3v_Km=)_@S)EM[3t)CH@oX6=3@P have fun.

thank you! let me have a try to implement this.

well its been a year and i have successfully finished my project!! i built a exe to update the mysql database every time the users dynamic ip changes and it works 100% also built a nice hash to protect ip addresses in the database if you want to read more and see some screenshots have a look at the website >> ipsecure.com.au anyone interested on working on this project with me send me a pm!

hey guys i have a small script below i have commented what i need help with if anyone has any ideas ill be very gratefull ive tryed but cannot get it to work at all. This is a small fraction of a large script i'm writing but the easy way to get help with my problem was to section it into below code so don't worry if the script looks pointless as long as it works thats all im after! <?php $bad_directory = 'home/username/public_html/'; // I need help to convert the following orange text into PHP please // search $bad_directory & list all files created within last hour of current day (file names as a array eg: 'blah.txt','ttl.gif') // search $bad_directory & list all folders created within last hour of current day (folder names as a array eg: 'blah','ttl') // get list of last hour created files from above and rename all files with _NEW at end EG: "just_added.php" to "just_added.php_NEW" // get list of last hour created folders from above and add a .htaccess file to each folder EG on how to create file ,htaccess below // Create the .htaccess file i need added to each newly added folder ^^^ $filename = '.htaccess'; $contents = 'AuthUserFile '.$htpass_dir.'.htpasswd AuthName "THIS AREA HAS BEEN LOCKED FOR SECURITY REASONS" AuthType Basic require user Admin'; $handle = fopen($filename, 'x+'); fwrite($handle, $contents); fclose($handle); ?>

hey i have a basic bit of code ill post below, at the moment it works fine, but im sure it is very unsecure, what i need to know is how to apply the PDO function to it so its a safe script and also if there are any other things i can do to tidy it up / make it more secure please let me know. <?php require ("auth.php"); // Checks to see if user is valid // If User is valid then below will function // Connect To Database $dbhost = 'localhost'; $dbuser = ''; $dbpass = ''; $dbname = ''; $conn = mysql_connect($dbhost, $dbuser, $dbpass) or die ('Error Connecting to MYSQL'); mysql_select_db($dbname); // End //Get Data $sql = mysql_query("SELECT * FROM `allowed_ips` WHERE `host_noip` = '$host_noip' limit 0, 30"); $result = mysql_fetch_assoc($sql); //End // Show Companys key $show_secKey = $result['company_secKey']; echo "<form method='post' action=''>enter key here: <input name='secKey' type='text'> <input type='submit' value='Submit'></form>"; $checksecKey = $_POST['secKey']; if($checksecKey == $show_secKey) { mysql_query("UPDATE allowed_ips SET ip_address = '$ip' WHERE host_noip = '$host_noip'"); mysql_query("UPDATE allowed_ips SET ip_host = '$ip_host' WHERE host_noip = '$host_noip'"); $result = mysql_query; if($result) { echo "<meta HTTP-EQUIV='REFRESH' content='0; url=index.php'>"; }} else { echo 'Error Wrong Key'; } ?> Ive tryed to apply the PDO myself but cant seem to get it to work! thanks in advance

Yea i understand, but thanks alot for taking to time to help me!

@everyone: Thanks for your reply's, I like having other people opinions! Even though you have all disagreed, I will still try to complete my system, I have a very open mind so hopefully I can come up with something great! Im on the level at the moment where my system is working & it can also update a users IP when it notices a dynamic IP has changed via a method i have used. Once i have it running how i want ill post it here for you guys to look at and im sure you will be surprised at how i have got it to work and also be able to help me fix any vulnerabilities / messy code etc.. thanks again!

@AyKay47: hey thanks alot for the help but that code gave me white page saying: There Was A Error @jcbones: that script works great and does everything i need it to do! thanks alot, it can even email me the backup zipped or send it to a remote ftp server! very nice!!

hey i want a php file to backup my mysql database into a .sql file for me im using the code below, I save this code as backup.php and when i visit backup it says "Database Backup Completed" but the database backup folder is empty it doesnt create or write to the sql file.. ive also tryed giving the file and folder permissions 755, 775 & 777 and still none worked! not sure whats wrong? <?php // Connect To Database $dbhost = 'localhost'; $dbuser = 'database_user'; $dbpass = '***********'; $dbname = 'database_name'; $conn = mysql_connect($dbhost, $dbuser, $dbpass) or die ('Error Connecting to MYSQL'); mysql_select_db($dbname); // End $backupFile = 'backup_folder/backup_file.sql'; mysql_query("SELECT * FROM '$dbname' -> INTO OUTFILE '$backupFile'"); $result = mysql_query; if($result) { echo "Database Backup Completed"; } else { echo "There Was A Error"; } ?>

ok i figured it out i used the code below: <?php define('ABSPATH',dirname(dirname(__FILE__)) . '/'); require(ABSPATH . 'hidden_files/config.php'); ?>

ok kool ill have a look thanks, any idea why code below doesnt work anyone? <?php require($_SERVER['DOCUMENT_ROOT'] . '/../hidden_files/config.php'); ?>