Just to advise, this website isn't hack free. Anyone can inject ur sql server easily.
Printable View
Just to advise, this website isn't hack free. Anyone can inject ur sql server easily.
go to: http://your_ip/install/install.phpQuote:
Originally Posted by peachy61
btw, i need more people opinion. Is this site realy so secureles?
It isn't secure!Quote:
Originally Posted by Svaike
pff tell me whatz the problem with secaure and i will resolve it..
ur webbie is vulnerable to sql injects.
in this site there is anti sql injection by john_d, and it puted wrong or what? i thought it can save me from sql injections..
it can't.
Cold666, do u know how to make sql injection? try with mine site http://FanMU.sytes.net
if u can, then i can believe that it doesn't. If some1 can make sql injection post in this section my sql user and password (my server is offline so no harm). If any1 can it will be very big warning to users of this site and and warning to =master= to secure it better
lolz but what have the anti-sql injection? dsent work or what?
Quote:
Originally Posted by =[Master]=
cold666 thinks and i want that it will be tested (personaly i am not sure...):smileysexQuote:
ur webbie is vulnerable to sql injects.
btw, master, can u make a little thing in 0.4 version? :) suporting of listing is sub server online or not (sometimes it may be that only subserver is online and main server offline)
sql password is hashed in msdb so it can't be retrived... only login, but it will not give any sense. But anyway you can run any queries you want.
mhhh... it's bad.... how to fix it or block it?
Ur webbie isn't secure.Quote:
Originally Posted by Svaike
i am waiting for sql login and pass :)Quote:
Originally Posted by Cold666
I started web site with this package and i created my admin account and password also security code,then i go to admin area and edit sucessfuly my char,and after 15 mins i go again there and when i write admin account , password and security code,they gives me an error :
Spirit Uniti Administrator control panel
Error: Only Administrator can do this!
how to resolve this problem ?
and also i am SURE im typing the right things !
Final opinion: your security is not only in site (block connection to sql server with FW) and every site can be hacked
So just use site and w8 for new security updates:P
well the security problems is not anti-slq injection? is somthing ealse?
http://goblin.servegame.com/index.php
I don`t get it you just talking about the INJECTION.... so make the INJECTION to my website:crash:
OMG now i'm really confused.....tell me the security problem of muweb
you cant inject sql server easily, i also offered my site to try... so Cold666 don't talk if u are not sure... and in conclusion u should know that every site can be hacked!Quote:
Originally Posted by Cold666
u may hide admin area button, i hidded it :) http://FanMU.sytes.netQuote:
OMG now i'm really confused.....tell me the security problem of muweb
Q1: version 0.4?
Q2: when? :D
SQL Injection Detected - Make sure only to use letters and numbers! :)Quote:
Originally Posted by baraev
hi its very good web ,but reset system is poor.I need after reset character get 700 and after 2 reset get 1400 but i dont know how to do... can you fix it ?
I need help..
When you said to go into OBDC and set everything up step by step.
When it asks for a server name what do i put, and does it mean the MU server? my launcher or main ??
or the sql , or apache server?? please help.
server name, OMG :D name how u named your server ( like FrienzMU )Quote:
Originally Posted by peachy61
do i rename the main thing that came with 1.02d or the launcher i got? to FadeMU??
when i put my name/pass for the login thing it says connection failed - in the OBDC part.
and i cant install the MU requirements untill it connects...