Hello & Welcome to our community. Is this your first visit? Register
Page 1 of 11 123456789 ... LastLast
Results 1 to 15 of 155
  1. #1
    Hardcore Member AmirZ's Avatar

    Rank
    Member
    Join Date
    Jan 2012
    Posts
    128
    Likes (Received)
    12

    DeltaCMS 1.0 - First Version of Delta!

    (Update 1-2-2012) 1.0.7: [Only registered and activated users can see links. ]
    Another update for it: [Only registered and activated users can see links. ] (not complete, replace the files that are already in there)

    (Update 31-1-2012) 1.0.6: [Only registered and activated users can see links. ]

    New 1.0.3: [Only registered and activated users can see links. ] (1.0.3)
    It was already in the reactions but for the people that don't want read the reactions here.

    I think all exploits fixed in 1.3 ;)
    ________________________________


    Hello RaGEZONE

    Everyone who downloaded my releases knows I was working on a CMS from scratch called DeltaCMS. George2000 would make the emu, DeltaEMU, to work with it but he didn't have enough time so I made the cms compatible with Phoenix Emulator.

    So I have two versions: With and without news/campaign images and badges. That images are the same as Public/Images from phoenix so just copy that map if you already have phoenix and don't want to download it.

    DL Link with images: [Only registered and activated users can see links. ]
    DL Link without images: [Only registered and activated users can see links. ]

    Database: [Only registered and activated users can see links. ]

    I made two themes called Test and Habbo. "Habbo" is dutch and "Test" is English. I only have a little housekeeping yet.

    Best XAMPP: [Only registered and activated users can see links. ] (1.6.8)
    Xampp 1.7.3 and below should work.

    PHPMyAdmin security fix:
    open C:/xampp/phpmyadmin/index.php and on top place:
    <?php
    if($_SERVER['REMOTE_ADDR'] !== '127.0.0.1'){
    header("Location: ../yousuckman!");
    exit();
    }
    ?>

    Screens (Habbo Theme):

    [Only registered and activated users can see links. ]
    [Only registered and activated users can see links. ]
    [Only registered and activated users can see links. ]
    [Only registered and activated users can see links. ]

    Live Demo (nog 24/7): Hablow.dyndns.org
    I don't think DeltaCMS will still be on Hablow over a month so please post other demos :)

    And I have a request: Can some people code more themes for 1.1?


    Please like the thread if you like it!
    + I still want my account 'azaidi' back

    __
    Exploit found by joopie:
    Very important:

    change:

    foreach($_COOKIE as $key => $value){
    $_SESSION[$key]=X($value);
    }

    to:

    foreach($_COOKIE as $key => $value){
    $_COOKIE[$key]=X($value);
    }
    Last edited by AmirZ; 01-02-12 at 07:26 PM.
    I HAVE MY ACCOUNT 'azaidi' BACK

  2. #2
    Registered

    Rank
    Member
    Join Date
    Sep 2011
    Posts
    8
    Likes (Received)
    0

    Re: DeltaCMS 1.0 - First Version of Delta!

    Nice AmirZ

    You are pro.

  3. #3
    Hardcore Member AmirZ's Avatar

    Rank
    Member
    Join Date
    Jan 2012
    Posts
    128
    Likes (Received)
    12

    Re: DeltaCMS 1.0 - First Version of Delta!

    Are you the owner of sunniechat?
    I HAVE MY ACCOUNT 'azaidi' BACK

  4. #4
    Dracarys!

    Rank
    True Member
    Join Date
    Dec 2009
    Posts
    943
    Likes (Received)
    318

    Re: DeltaCMS 1.0 - First Version of Delta!

    That , just look's exactly like HabboRE CMS....

  5. #5
    TadAAAAAAA Akimbo's Avatar

    Rank
    True Member
    Join Date
    Jul 2011
    Location
    Norway
    Posts
    299
    Likes (Received)
    68

    Re: DeltaCMS 1.0 - First Version of Delta!

    Nah, it is allright, credits for the effort! :)
    helo

  6. #6
    FeedMe Joopie's Avatar

    Rank
    Subscriber
    Join Date
    Jun 2010
    Location
    The Netherlands
    Posts
    2,099
    Likes (Received)
    1628

    Re: DeltaCMS 1.0 - First Version of Delta!

    Which fag removed my post?

    Cant i say there is an exploit?, Jesus, ragefags
    Posted via Mobile Device
    Last edited by Joopie; 23-01-12 at 05:03 PM.

  7. #7
    The one and only!

    Rank
    Gamma
    Join Date
    Nov 2008
    Posts
    4,125
    Likes (Received)
    1746

    Re: DeltaCMS 1.0 - First Version of Delta!

    Whatever idiot keeps removing Joopie's post just STOP! Either delete the thread or leave the post!! He is warning everyone about a major exploit in this CMS.

  8. #8
    Hardcore Member AmirZ's Avatar

    Rank
    Member
    Join Date
    Jan 2012
    Posts
    128
    Likes (Received)
    12

    Re: DeltaCMS 1.0 - First Version of Delta!

    Ohw didn't know filtering cookies would become an exploit?
    I HAVE MY ACCOUNT 'azaidi' BACK

  9. #9
    The one and only!

    Rank
    Gamma
    Join Date
    Nov 2008
    Posts
    4,125
    Likes (Received)
    1746

    Re: DeltaCMS 1.0 - First Version of Delta!

    Quote Originally Posted by AmirZ View Post
    Ohw didn't know filtering cookies would become an exploit?
    Not filtering, you changing them into sessions - Joopie was explaining to me on MSN that you can put session Username and change it to an administrators username, then reload the page it converts that cookie you created to a session and you are on administrator account.

  10. #10
    Hardcore Member AmirZ's Avatar

    Rank
    Member
    Join Date
    Jan 2012
    Posts
    128
    Likes (Received)
    12

    Re: DeltaCMS 1.0 - First Version of Delta!

    foreach($_COOKIE as $key => $value){
    $_SESSION[$key]=X($value);
    }

    WOW OOPS! IT SHOULD BE:

    foreach($_COOKIE as $key => $value){
    $_COOKIE[$key]=X($value);
    }
    I HAVE MY ACCOUNT 'azaidi' BACK

  11. #11
    FeedMe Joopie's Avatar

    Rank
    Subscriber
    Join Date
    Jun 2010
    Location
    The Netherlands
    Posts
    2,099
    Likes (Received)
    1628

    Re: DeltaCMS 1.0 - First Version of Delta!

    Btw, You don't need to filter the session as it is server-side.
    Only when you set the session with an value from the post/get/cookie (client-side) you need to filter it.
    HabboProject!
    FURNIS · SQL · DOWNLOADS · UP-TO-DATE · BADGES

  12. #12
    [̲̅$̲̅(̲̅1̲̅)̲̅$ ̲̅] leenster's Avatar

    Rank
    True Member
    Join Date
    May 2008
    Location
    Kanaada
    Posts
    982
    Likes (Received)
    791

    Re: DeltaCMS 1.0 - First Version of Delta!

    I knew joopie was here for a reason... :)
    Posted via Mobile Device

  13. #13
    Registered

    Rank
    Member
    Join Date
    Jan 2012
    Posts
    7
    Likes (Received)
    0

    Re: DeltaCMS 1.0 - First Version of Delta!

    Quote Originally Posted by AmirZ View Post
    Are you the owner of sunniechat?
    I'm the Co-owner / dev of sunniechat :-)
    Next time use a better password for your hotel and databases, ktnxbye.

    Also, Your cms is exploitabale like sh*t.


    > Also.
    Next time dont tell us that you are going to "hack" us, and put my name in your copyright.

    >> Oh and

    <?php
    if($_SERVER['REMOTE_ADDR'] !== '127.0.0.1'){
    header("Location: ../yousuckman!");
    exit();
    }
    ?>

    Wont work if you are hosting it on a webhost.
    :-)
    Last edited by v00rp; 23-01-12 at 06:07 PM.

  14. #14
    Registered Mavec's Avatar

    Rank
    Member
    Join Date
    Jan 2012
    Posts
    22
    Likes (Received)
    2

    Re: DeltaCMS 1.0 - First Version of Delta!

    It has a nice design, me like Uber Design.

    But this ''DeltaCMS'' has exploits, fix this in your second version for positive comments.
    You are doin' well but it can be better, good luck!

  15. #15
    Hardcore Member AmirZ's Avatar

    Rank
    Member
    Join Date
    Jan 2012
    Posts
    128
    Likes (Received)
    12

    Re: DeltaCMS 1.0 - First Version of Delta!

    Ohw I thought a simple post and get script would make it exploit free, I was wrong..
    I HAVE MY ACCOUNT 'azaidi' BACK

 

 
Page 1 of 11 123456789 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

HostKey
Sponsored by HostKey , secured by Incapsula and mods by DBTech. RaGECRAFT.
All times are GMT +1. The time now is 10:56 AM.
Powered by vBulletin® Copyright , Jelsoft Enterprises Ltd.