Exploit [RevCMS]

Results 1 to 7 of 7
  1. #1
    YOLO <3 DutchenL is offline
    MemberRank
    Jul 2013 Join Date
    543Posts

    Exploit [RevCMS]

    Someone is getting accounts and changing the pass, I use the revcms basic version 1.9.9.9 without any new themes or addons. I have deleted the forgot exploit but it still happens. He has no access to the vps server or something, I already changed the pass. Nothing helped.
    I have the IIS logs but still can't find something, where should I search for?
    Last edited by DutchenL; 13-01-16 at 03:30 PM.


  2. #2
    Retired Robot is offline
    MemberRank
    Apr 2015 Join Date
    EnglandLocation
    720Posts

    Re: Ranking yourself [RevCMS]

    This could be anything from forgotten password exploit but from reading above you've removed this? So its possible your HK isn't safe and they can exploit it to rank themselves, try removing HK for a few house and see if he still ranks himself, if he doesn't then its obvs its the HK.

  3. #3
    YOLO <3 DutchenL is offline
    MemberRank
    Jul 2013 Join Date
    543Posts

    Re: Ranking yourself [RevCMS]

    Quote Originally Posted by Robot View Post
    This could be anything from forgotten password exploit but from reading above you've removed this? So its possible your HK isn't safe and they can exploit it to rank themselves, try removing HK for a few house and see if he still ranks himself, if he doesn't then its obvs its the HK.
    I've never used the hk and I already deleted this for months

    And I searched in the logs for 'ase' but couldn't find anything

  4. #4
    Retired Robot is offline
    MemberRank
    Apr 2015 Join Date
    EnglandLocation
    720Posts

    Re: Ranking yourself [RevCMS]

    Quote Originally Posted by DutchenL View Post
    I've never used the hk and I already deleted this for months

    And I searched in the logs for 'ase' but couldn't find anything
    Meh I couldn't help you then.

  5. #5
    YOLO <3 DutchenL is offline
    MemberRank
    Jul 2013 Join Date
    543Posts

    Re: Ranking yourself [RevCMS]

    Maybe it's the badge.php in the /habbo-imaging/ folder?

    - - - Updated - - -

    I also found this, has something to do with the SWF:
    2016-01-13 12:37:34 GET /r69/sh_lion.swf &counterparameter=4 80 - Mozilla/5.0+(Windows+NT+10.0;+WOW64;+rv:43.0)+Gecko/20100101+Firefox/43.0 404 0 2 56

    the '&counterparamater=4' looks suspicious, or not?

  6. #6
    G'nome sayin' Exonize is offline
    MemberRank
    May 2011 Join Date
    Czech RepublicLocation
    517Posts

    Re: Ranking yourself [RevCMS]

    Quote Originally Posted by DutchenL View Post
    Maybe it's the badge.php in the /habbo-imaging/ folder?

    - - - Updated - - -

    I also found this, has something to do with the SWF:
    2016-01-13 12:37:34 GET /r69/sh_lion.swf &counterparameter=4 80 - Mozilla/5.0+(Windows+NT+10.0;+WOW64;+rv:43.0)+Gecko/20100101+Firefox/43.0 404 0 2 56

    the '&counterparamater=4' looks suspicious, or not?
    yeh, he prolly got dat new super flash hack program 1.0

  7. #7
    YOLO <3 DutchenL is offline
    MemberRank
    Jul 2013 Join Date
    543Posts

    Re: Ranking yourself [RevCMS]

    Quote Originally Posted by Exonize View Post
    yeh, he prolly got dat new super flash hack program 1.0
    Not funny..



Advertisement