Kindly dont spoil my site but try to find flaws and report to me

[om]

I posted a message and somehow it worked...  Did I just get a virus? 

 

I still don't understand the whole point of this site?

 

Just make sure to leave your Name, in the message.

 

 

You may have observed there were no advertisements. 

 

I am happy to learn that it has worked,  WAS it Fast,

 

Dont worry from my side there wont be any virus, but from Internet you may get it, to which almost all are equally susceptible.

 

 

The point is communication among the group, just like this message board

[darkfreaks]

OM what do you plan on doing about the SQL injection on the register page ???

[justinh]

Glad I could help OM, your site is looking better, but still needs major work. Try sticking with one font color.

[om]

OM what do you plan on doing about the SQL injection on the register page ???

 

Well so far I didn't detect any vulnerability, same clean function works well before $POST is used.

 

If you have found any, please immediatly  or post message here or on my site, I will give you a special mail id at my site / see your inbox.

[Maq]

Submitted Form State:

 

    * huid: ++

    * htpwd: ++

    * hcode: ++

    * ribtn: ++ Change / Refresh Image

    * cbe: ++

    * jbs_indx_submit: ++Open

 

Results:

Server Status Code: 302 Found

Tested value: &#49&#39&#32&#79&#82&#32&#39&#49&#39&#61&#39&#49

Server Status Code: 302 Found

Tested value: 1' OR '1'='1

Server Status Code: 302 Found

Tested value: %31%27%20%4F%52%20%27%31%27%3D%27%31

Server Status Code: 302 Found

Tested value: 1 UNI/**/ON SELECT ALL FROM WHERE

[darkfreaks]

MAQ forget it this guy isnt ever going to learn how to do proper SQL injection, i will laugh when his site gets hacked once again

[Maq]

MAQ forget it this guy isnt ever going to learn how to do proper SQL injection, i will laugh when his site gets hacked once again

 

Lol!  His site has already been hacked?

[om]

MAQ forget it this guy isnt ever going to learn how to do proper SQL injection, i will laugh when his site gets hacked once again

 

Lol!  His site has already been hacked?

 

 

 

 

Can you tell what way?

 

I told some valid people to alter some table show its column names on this

 

site so that at least they prove they were able penetrate the data base?

 

 

 

Initial page is not effected

 

 

Will you help??????????????????

 

 

[Maq]

You do it!  Download SQL inject me and test it on your forms.

[aximbigfan]

Welp, I figured out how to login... Barley... After teaching myself PHP, CSS, HTML, VB, VC++, C, Javascript, etc, starting a computer business, and making a custom database server, logging in was close to one of the most confusing things I have ever done...

 

Your links are broken. When you click on something, it doesn't open (you have to right click => "open in new tab" or somesuch). My guess is it is trying to open the link in an iframe (wouldn't be surprised...) or something. I haven't really gotten any deeper in it.

 

As soon as I try to figure out how to post a message, I'll try some things.

 

Do you seriously want your members to try and memorize several different codes just to log in?

 

Chris

 

 

 

 

[aximbigfan]

DAMNIT! It logged me out for no apparent reason...

 

Back in I suppose...

 

Chris

[Maq]

Welp, I figured out how to login... Barley... After teaching myself PHP, CSS, HTML, VB, VC++, C, Javascript, etc, starting a computer business, and making a custom database server, logging in was close to one of the most confusing things I have ever done...

 

I laughed when I read that...

 

So are you saying if I can figure out how to log in then I can teach myself PHP, CSS, HTML, VB, VC++, C, Javascript, etc, starting a computer business, and making a custom database server?

[aximbigfan]

Welp, I figured out how to login... Barley... After teaching myself PHP, CSS, HTML, VB, VC++, C, Javascript, etc, starting a computer business, and making a custom database server, logging in was close to one of the most confusing things I have ever done...

 

I laughed when I read that...

 

So are you saying if I can figure out how to log in then I can teach myself PHP, CSS, HTML, VB, VC++, C, Javascript, etc, starting a computer business, and making a custom database server?

 

Pretty much, yeah...

 

Logging in should be the new MENSA membership test. Extra points for posting a message..

 

Chris

[aximbigfan]

Sorry guys, I think I "spoiled" it. I attempted to test the "change password" deal. I think I just killed the guest account he posted...  It won't let me log in anymore, with either password...

 

The new password was "lol", but I can't login anymore. OM could you give us a new guest account? I promise I won't hose it up again!

 

Chris

[Maq]

Sorry guys, I think I "spoiled" it. I attempted to test the "change password" deal. I think I just killed the guest account he posted...  It won't let me log in anymore, with either password...

 

Chris

 

Good job, how am I going to get in touch with god now?

[aximbigfan]

Sorry guys, I think I "spoiled" it. I attempted to test the "change password" deal. I think I just killed the guest account he posted...  It won't let me log in anymore, with either password...

 

Chris

 

Good job, how am I going to get in touch with god now?

 

Sorry I guess you are just going straight to hell

 

The new password was going to be "lol", if you want to mess with it..

 

OOM, see the above edited post

 

Chris

[aximbigfan]

I take that back, I don't think _I_ hosed it up, I think it hosed it's self up. When you log it with the new pass of "lol", it says "logged out", and somethign about a hug...

 

Chris

[Maq]

Every time I try to log in it logs me right out...

 

om: You shouldn't have JS popups until the user is finished filling out the fields.  You could have little notifications next to the fields like Yahoo has when you're creating an email account but the popups are just annoying.

[om]

Sorry guys, I think I "spoiled" it. I attempted to test the "change password" deal. I think I just killed the guest account he posted...  It won't let me log in anymore, with either password...

 

The new password was "lol", but I can't login anymore. OM could you give us a new guest account? I promise I won't hose it up again!

 

Chris

 

i OBSERVED SOME BODY TESTED CHNG PWD, SO THAT WAS NO PROBLEM, MAY BE be you for got it, so i have over written it back to g and code to g2g, so u can as it is.

 

Well i saw some feed back, but hope once you know  it, there will be nothing so easy.

 

[Lamez]

last I was reading this thread you guys where talking about how horrible the website is, and what not. Now you guys are talking about hacking it, I must say "lol"!

[Mchl]

In a month they'll be buying it.

[om]

MAQ forget it this guy isnt ever going to learn how to do proper SQL injection, i will laugh when his site gets hacked once again

 

Your clean implemented but still is vulnerable to SQL injection checked on sql INJECT ME.

 

So any improvements.

 

Well there was a missing semicolon verify on page 10/9.

 

it gave xss me error while testing.

 

Then i rectified it.

 

 

[om]

last I was reading this thread you guys where talking about how horrible the website is, and what not. Now you guys are talking about hacking it, I must say "lol"!

 

I just dont understand, well you, get nothing by destructive [-ve] hacking

 

Posit[+ve]hacking will be appreciated.

 

I discovered a bug my messages at my site can be longer as long as this check out at my site

The following 40 lines are posted................ 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 The following 40 lines are posted................ 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 A totalof The above lines are 83 lines inclu. this

 

[om]

You do it!  Download SQL inject me and test it on your forms.

 

i have done it but clean is not really clean.

 

I call it just after the including of files, in the beggining of the php script .

 

Well for a normal operations, the site is strong enough.

 

What do you say

 

Well from now on I look forward for those who can really help me out in getting into the site.

 

Well, I contacted my host, they said it was first down for routine maintanance on Indian sundays.

 

Now, I eagerly look forward to +ve, days.

[om]

MAQ forget it this guy isnt ever going to learn how to do proper SQL injection, i will laugh when his site gets hacked once again

 

Lol!  His site has already been hacked?

 

 

 

 

Can you tell what way?

 

I told some valid people to alter some table show its column names on this

 

site so that at least they prove they were able penetrate the data base?

 

 

 

Initial page is not effected

 

 

Will you help??????????????????

 

 

Now Maq and others really answer  to the point is expected.