Jump to content

Henaro

Members
  • Posts

    29
  • Joined

  • Last visited

    Never

Posts posted by Henaro

  1. There's a lot of bugs but I'm only going to post this one for now:

     

    You can upload/delete any files on the server:

    http://www.commabunny.org/public/pub/

     

    This is very serious. You can make a php script that reads/edits all of the files on your server.

     

    --edit I just make a php script that got the usernames/passwords for the db and admin panel...

     

    Well that sucks.  Anything else?

     

    EDIT:Also how exactly would you get the usernames and password for the db and admin panel?  I was aware that you can upload some love that'll read the directories, but how exactly can they read and print out the password for the db and admin panel? 

     

    EDIT:And other than the /public directory is there anything wrong with the bbs directory (/v8)?  So far I'm only aware of one XSS exploit, but it only effects IE so I havn't bothered fixing it. 

  2. Hello everyone~

     

    I seem to have stumbled onto a terrible error today! 

     

    It reads "Unknown column 'rname' in 'field list'".  I googled it and I found that I needed apostrophes on my statements.  But that doesn't seem to be working.  Here is my statement:

     

    UPDATE boards SET rname='$r' WHERE number='$number'

     

    And the table:

    CREATE TABLE `boards` (
      `number` int(3) NOT NULL auto_increment,
      `name` text NOT NULL,
      `rnames` int(1) NOT NULL default '2',
      `Description` text NOT NULL,
      `open` int(11) NOT NULL default '1',
      PRIMARY KEY  (`number`)
    ) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

     

    MYSQL version is 5.  I'm trying to change rname to what the user inputs.  Any suggestions? 

  3. Hello everyone~

     

    I've been having trouble with this function for a bit:

     

    function get_ses($pass, $key) {
    //Take the first 16 chars of session md5 and validate
    if (substr(md5($key)), 0, 16)==substr($_SESSION['a_stuff'], 0, 16)){	
    	//Go 16 characters into the session, and take 16 characters out
    	if (substr(md5($pass))==substr($_SESSION['a_stuff'], 16, 16)){
    		$ses_vald = "true";
    	}else{
    		$ses_vald = "false";
    	}
    }else{
    	//If key isn't valid return false
    	$ses_valid = "false";
    }
    return $ses_vald;
    }

     

    I get an error that says:

    Parse error: syntax error, unexpected ',' in /home/x/x/x/x/x/x/stuff/funs/get_ses.php on line 4

    The problem is, is that I'm unable to locate that unexpected ,. 

     

    Also, is this a good way to encrypt a login?  Like if someone logs in and their pass is encrypted plus a set key on the config file? 

     

    I'd like some criticism on it...

     

    Thanks,

    Hen

     

  4. Hello again~

     

    Sorry for resurrecting  this posts, but I thought it would be better than creating a new one. 

     

    I seem to have broken it.  I moved the BBCode function onto a file called fun.php.  Which is included correctly on the post_reply file.  But now it seems like it broke the youtube tag (which was working fine with your help).  All of the other BBcode works except for this.  ???

     

    Anyone know what might be wrong? '_'

     

    Thanks,

    Henaro

     

    EDIT:

    And here's the full code:

    <?php
    function BBCode ($str) {
            $simple_search = array(
                                    '/\[b\](.*?)\[\/b\]/is',                               
                                    '/\[i\](.*?)\[\/i\]/is',                               
                                    '/\[u\](.*?)\[\/u\]/is',
    			'/\[url\=(.*?)\](.*?)\[\/url\]/is',
    			'/\[url\](.*?)\[\/url\]/is',
    			'/(>>)([0-9]+)/',
    			'/\[img\](.*?)\[\/img\]/is', 
    			'/\[yt\]http:\/\/youtube.com\/watch\?v=(.*?)\[\/yt\]/', 
    			'/\[em\](.*?)\[\/em\]/is',                               
                                    '/\[txt\](.*?)\[\/txt\]/is' 
                                    );
            $simple_replace = array(
                                    '<strong>$1</strong>',
                                    '<em>$1</em>',
                                    '<u>$1</u>',
    			'<a href="$1">$2</a>',
    			'<a href="$1">[link]</a>',
    			'<a href=\'index.php#$2\'>$1$2</a>',
    			'<a href="$1"><img src="$1" boarder=0 /></a>',
    			'<object width="425" height="350"><param name="movie" value="http://www.youtube.com/v/$1"></param><param name="wmode" value="transparent"></param><embed src="http://www.youtube.com/v/$1" type="application/x-shockwave-flash" wmode="transparent" width="425" height="350"></embed></object>',
    			'<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" WIDTH="550" HEIGHT="400" id="Embeded File"><PARAM NAME=quality VALUE=high><PARAM NAME=bgcolor VALUE=#FFFFFF><EMBED src="$1" quality=high bgcolor=#FFFFFF WIDTH="550" HEIGHT="400" NAME="Embeded File" ALIGN="" TYPE="application/x-shockwave-flash" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer"></EMBED></OBJECT>',
                                    '<div class="code">$1</div>'
                                    );
            // Do simple BBCode's
            $str = preg_replace ($simple_search, $simple_replace, $str);
    
            return $str;
    }
    
    ?>

  5. This doesn't seem to work at all.  My friend used str_replace(); on his code and it works.  Infact his looks exactly like mine except for minor differences and it works.  This is his:

     

    <?php
    //Data Key
    $ddk = $_POST["decrypt"];
    
    $n_ddk=chunk_split($ddk, 2);
    
    //Non encrypted characters array
    $nec = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o",
    "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", 
    "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q",  
    "R", "S", "T", "U", "V", "W", "X", "Y", "Z", 
    "1", "2", "3", "4", "5", "6", "7", "8", "9", "0", 
    "]", "[", "|", "/", "-", 
    ":", "=", ".", "~", "_", 
    "!", "@", "#", "$", "%", "^", "&", "*", "(SPACE)");
    
    //Encrypted characters array
    $ec = array("32", "31", "30", "37", "36", "35", "34", "3b", "3a", "39", "38", "3f", "3e", "3d", "3c",
    "23", "22", "21", "20", "27", "26", "25", "24", "2b", "2a", "29", 
    "12", "11", "10", "17", "16", "15", "14", "1b", "1a", "19", "18", "1f", "1e", "1d", "1c", "03", "02",  
    "01", "00", "07", "06", "05", "04", "0b", "0a", "09", 
    "62", "61", "60", "67", "66", "65", "64", "6b", "6a", "63", 
    "0e", "08", "2f", "7c", "7e", 
    "69", "6e", "7d", "2d", "0c", 
    "72", "13", "70", "77", "76", "0d", "75", "79", "73");
    
    //Decryption
    $e2n = str_replace($ec, $nec, $n_ddk);
    ?>

  6. Hello everyone~

     

    My friend made a php file that decrypts data strings.  He sent it to me and I decided to make an encrypter.  Ithought to myself, "Why not just do what he did but backwards?"

     

    Well I did and here's what I got:

     

    <?php
    //Data Key
    $ddk = $_POST["decrypt"];
    
    //add a space between each character
    $n_ddk=chunk_split($ddk, 1);
    
    //Encrypted characters array
    $nec = array("32", "31", "30", "37", "36", "35", "34", "3b", "3a", "39", "38", "3f", "3e", "3d", "3c",
    "23", "22", "21", "20", "27", "26", "25", "24", "2b", "2a", "29",
    "12", "11", "10", "17", "16", "15", "14", "1b", "1a", "19", "18", "1f", "1e", "1d", "1c", "03", "02",
    "01", "00", "07", "06", "05", "04", "0b", "0a", "09",
    "62", "61", "60", "67", "66", "65", "64", "6b", "6a", "63", 
    "0e", "08", "2f", "7c", "7e", 
    "69", "6e", "7d", "2d", "0c",
    "72", "13", "70", "77", "76", "0d", "75", "79", "73");
    
    //Non encrypted characters array
    $ec = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o",
    "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z",
    "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q",
    "R", "S", "T", "U", "V", "W", "X", "Y", "Z",
    "1", "2", "3", "4", "5", "6", "7", "8", "9", "0",
    "]", "[", "|", "/", "-",
    ":", "=", ".", "~", "_",
    "!", "@", "#", "$", "%", "^", "&", "*", "(SPACE)");
    
    
    //Encrypt
    $e2n = str_replace($ec, $nec, $n_ddk);
    ?>

     

    It works fine it's just that it adds 656 in front of every letter of the encryption.  Example:

    Original:

    hi

    Encrypted:

    6563b 6563a

     

    Thanks,

    Henaro

  7. Sadly I don't.  :(

     

    If you find out please tell me though. ;D

     

    EDIT:

    Actually I just go curious and decided to look at this site's javascript. 

     

    I found this:

    function surroundText(text1, text2, textarea)
    {
    // Can a text range be created?
    if (typeof(textarea.caretPos) != "undefined" && textarea.createTextRange)
    {
    	var caretPos = textarea.caretPos, temp_length = caretPos.text.length;
    
    	caretPos.text = caretPos.text.charAt(caretPos.text.length - 1) == ' ' ? text1 + caretPos.text + text2 + ' ' : text1 + caretPos.text + text2;
    
    	if (temp_length == 0)
    	{
    		caretPos.moveStart("character", -text2.length);
    		caretPos.moveEnd("character", -text2.length);
    		caretPos.select();
    	}
    	else
    		textarea.focus(caretPos);
    }
    // Mozilla text range wrap.
    else if (typeof(textarea.selectionStart) != "undefined")
    {
    	var begin = textarea.value.substr(0, textarea.selectionStart);
    	var selection = textarea.value.substr(textarea.selectionStart, textarea.selectionEnd - textarea.selectionStart);
    	var end = textarea.value.substr(textarea.selectionEnd);
    	var newCursorPos = textarea.selectionStart;
    	var scrollPos = textarea.scrollTop;
    
    	textarea.value = begin + text1 + selection + text2 + end;
    
    	if (textarea.setSelectionRange)
    	{
    		if (selection.length == 0)
    			textarea.setSelectionRange(newCursorPos + text1.length, newCursorPos + text1.length);
    		else
    			textarea.setSelectionRange(newCursorPos, newCursorPos + text1.length + selection.length + text2.length);
    		textarea.focus();
    	}
    	textarea.scrollTop = scrollPos;
    }
    // Just put them on the end, then.
    else
    {
    	textarea.value += text1 + text2;
    	textarea.focus(textarea.value.length - 1);
    }
    }

     

    That's what the use for their bold and image tags.  Used the same way as the other function. 

     

    Example:

    <a href="#" onclick="surroundText('[img=', ']', document.forms.FORMNAMEHERE.TEXTAREANAMEHERE); return false;">

  8. I had this same problem awhile back and I eventually found this function somewhere:

     

    <script language="JavaScript" type="text/JavaScript">
            function sendText(e, text)
            {
               e.value+=text
            }
    </script>
    

     

    I can't exactly remember where I found it but oh well.

     

    A way it can be used is:

     

    <a href='#' onClick="sendText(document.FORMNAMEHERE.TEXTAREANAMEHERE, '[b][/b]')" >[b][/b]</a>

  9. Hey everyone.  I'm having a bit of trouble with one of my scripts. 

     

    The error I'm getting is this:

     

    Warning: preg_replace(): Unknown modifier 'w' in html/board/boards/post_topic.php on line 66

     

    Here's line 66:

    $str = preg_replace ($simple_search, $simple_replace, $str);

     

    And here's the code I just added that I am suspicious about:

    '/\[yt\]http:\/\/youtube.com/watch?v=(.*?)\[\/yt\]/', 

     

    Which goes to:

     

    '<object width="425" height="350"><param name="movie" value="http://www.youtube.com/v/$1"></param><param name="wmode" value="transparent"></param><embed src="http://www.youtube.com/v/$1" type="application/x-shockwave-flash" wmode="transparent" width="425" height="350"></embed></object>',

     

    The whole idea is to let users embed youtube videos.  But it seems like it's not working correctly.  :(

     

    Here's the whole function:

     

    function BBCode ($str) {
            $simple_search = array(
                                    '/\[b\](.*?)\[\/b\]/is',                               
                                    '/\[i\](.*?)\[\/i\]/is',                               
                                    '/\[u\](.*?)\[\/u\]/is',
    			'/\[url\=(.*?)\](.*?)\[\/url\]/is',
    			'/\[url\](.*?)\[\/url\]/is',
    			'/(>>)([0-9]+)/',
    			'/\[img\](.*?)\[\/img\]/is', 
    			'/\[yt\]http:\/\/youtube.com/watch?v=(.*?)\[\/yt\]/', 
    			'/\[em\](.*?)\[\/em\]/is',                               
                                    '/\[txt\](.*?)\[\/txt\]/is' 
                                    );
            $simple_replace = array(
                                    '<strong>$1</strong>',
                                    '<em>$1</em>',
                                    '<u>$1</u>',
    			'<a href="$1">$2</a>',
    			'<a href="$1">[link]</a>',
    			'<a href=\'index.php#$2\'>$1$2</a>',
    			'<a href="$1"><img src="$1" boarder=0 /></a>',
    			'<object width="425" height="350"><param name="movie" value="http://www.youtube.com/v/$1"></param><param name="wmode" value="transparent"></param><embed src="http://www.youtube.com/v/$1" type="application/x-shockwave-flash" wmode="transparent" width="425" height="350"></embed></object>',
    			'<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" WIDTH="550" HEIGHT="400" id="Embeded File"><PARAM NAME=quality VALUE=high><PARAM NAME=bgcolor VALUE=#FFFFFF><EMBED src="$1" quality=high bgcolor=#FFFFFF WIDTH="550" HEIGHT="400" NAME="Embeded File" ALIGN="" TYPE="application/x-shockwave-flash" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer"></EMBED></OBJECT>',
                                    '<div class="code">$1</div>'
                                    );
            // Do simple BBCode's
            $str = preg_replace ($simple_search, $simple_replace, $str);
    
            return $str;
    }

     

     

    I can't really think of a solution for this.  It's 1:30AM right now though, so it could be that I'm just tired and not seeing straight.  But I hope someone can help me out. 

     

    Thanks,

    Henaro

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.