For those using Their WebShop to sell donation items

[SystemLog]

Take Note: there is a lot of hacker right now using TAMPER DATA Add-ons by Mozilla Firefox .. they can buy items that you selling in your itemshop even their don't have EPoints ..

Video Proof : YouTube - Using Tamper Data to 'hack' values.

- IM A ALREADY A VICTIM OF THIS HACKED - Only my players Told me how their buying DONATION Items without epoints .. Thanks to him .. so Guys Let's Avoid this before it's too late

---------- Post added 14-11-10 at 12:28 AM ---------- Previous post was 13-11-10 at 11:51 PM ----------

the best idea for now is to block FIREFOX to Browse Itemshop / webshop.php using javascript

[MentaL]

[dheluxe]

wow nc1 :D hehe

[bone-you]

the best idea for now is to block FIREFOX to Browse Itemshop / webshop.php using javascript

Firefox has addons to modify headers to make it look like any browser. The best idea is to fix the bug.

[dheluxe]

I think it can be fix using '<>' <--- that parameter hope you get me :D

[Fusion7]

i also got this problem

[zet]

this is an old story dheluxe is right. the problem is in your script not secure. maybe you didnt check your cp before open in public.

[SystemLog]

this is an old story dheluxe is right. the problem is in your script not secure. maybe you didnt check your cp before open in public.

LOL Don't act you already know and encounter this !

- The best idea is block the firefox using java script only IE Browser Can access ( Only your webshop "webshop.php" not whole ran WEB )

- The Problem is there any one know what is that script
- Only bk and other web expert can do this or share the anti tamper script

[-Jumong-]

LOL Don't act you already know and encounter this !

- The best idea is block the firefox using java script only IE Browser Can access ( Only your webshop "webshop.php" not whole ran WEB )

- The Problem is there any one know what is that script
- Only bk and other web expert can do this or share the anti tamper script

You dont need to encounter this to know the problem, all you need is to understand how coding php coding works. Also i want you to clear out what is this, a Help or a discussion because on the flow of this its a problem of yours so i will be moving this to help section in few more posts. And next time you guys open up a discussion that is a help problem ill infract you for posting on wrong section because most of you guys doesnt want to ask help coz i understand that it lowers your reputation so you guys open up a discussion instead but ill lower up again your reputation by giving you infraction if this kind of thread are made again under wrong section.

[zet]

LOL Don't act you already know and encounter this !

- The best idea is block the firefox using java script only IE Browser Can access ( Only your webshop "webshop.php" not whole ran WEB )

- The Problem is there any one know what is that script
- Only bk and other web expert can do this or share the anti tamper script

yes i encounter this problem about a year ago blocking firefox is not the right solution.

in fact sir jumong previous PR Forum gave me the idea how to fix it.

[xXILoveYouXx]

this IS an old problem. BEEN THERE, DONE THAT. some have already fixed this leak.

[metal666]

Not Only the Data tamper, We need to cover our server to the hackers that use this kind of software, DosHTTP for the Webserver Disconnected. . any Idea How to Blocked this?

[jow]

Put this code in your itemshop2.php can be found in your includes folder.

PHP Code:

if($Price <> $ItemMoney) {
            echo '<font color=red size=2><center>Item Hack Detected(Your IP has been saved!)<p>';
            $error = 1; delayedrefresh('index.php');
        } 


[SeiferXIII]

Put this code in your itemshop2.php can be found in your includes folder.

PHP Code:

if($Price <> $ItemMoney) {
            echo '<font color=red size=2><center>Item Hack Detected(Your IP has been saved!)<p>';
            $error = 1; delayedrefresh('index.php');
        } 


can you explain bro how is this script working?

[metal666]

I mean the DosHTTP attack. . He/She Want Hack The Server Using this software DosHTTP. . the result is ServerFiles Crashes and the Control Panel is Broken i mean the connection is broken. . and Many Hackers Using Packet Sender. . thats Why Many Server Down. . Hayzzz



Sorry for my Bad English. . ^__^

[the_eliter]

Put this code in your itemshop2.php can be found in your includes folder.

PHP Code:

if($Price <> $ItemMoney) {
            echo '<font color=red size=2><center>Item Hack Detected(Your IP has been saved!)<p>';
            $error = 1; delayedrefresh('index.php');
        } 


this script works pretty well sir, but you also need to cover up the product num of every items ,. hacker can be buy your expensive item by just placing the expensive product num to the cheaper product num.
if this not work, try to opposite the method.

@all
this hack is effectively works mostly on old cp's even bkrancp/based.,
once i posted this, better to close your shop for a while if you think that your cp is hackable.

btw, im not teaching anyone to hack or spreading this fcking hack.,
i am also victim of this basic method of hacking.,