Fix the exploit in rCMS!

Yes, that's right, there is an exploit in rCMS...

And I am here to tell you how to fix it!!

1) In;
C:\xampp\htdocs\hk_beta
open navigator, and look for:

PHP Code:

---

if(USER_NAME=="Jontycat") 


---

2) Change;

PHP Code:

---

if(USER_NAME=="Jontycat") 


---

to;

PHP Code:

---

if(USER_NAME=="YOUR USERNAME") 


---

E.g;

PHP Code:

---

if(USER_NAME=="Exacto") 


---

3) OPTIONAL:
Or you can remove the code;

PHP Code:

---

if(USER_NAME=="Jontycat") 


---

and;

PHP Code:

---

jMenu(); 


---

4) OPTIONAL:
Or you may simply remove the hk_beta folder :lol:

Well there you have it, you can fix one MAJOR exploit :thumbup:

Hope it helps! :cool:

Its nit exactly an exploit, it's just the case of changing the name. XD
Posted via Mobile Device

Well, I hope it helped :)

This is not an expoit. Stop trying to be a big boy coder *ipixelhotel* haha, oops did I say your name? :o

Oh, I didn't know that because I don't use rCMS. ;)
Posted via Mobile Device

Thanks for this, can't believe people are that pathetic.

Quote:

---

Originally Posted by Kryptos

Thanks for this, can't believe people are that pathetic.

---

We are talking about jonty here, We already all new he was.

You could just rename the folder to something like LOLUFAILRIL or some shit..

Nope, because he will find the folder some how... Just delete it or edit it like it says in the tut ;)

Jonty if you are reading this;
I only wanted to help fellow ragezone :)

JontyCat did that so he can get free vips are hotels lol or mod :P

lol fail @ jontycat

he made everyone to look like a fool :[ what a naughty cat

Aww well, Lucky for me I was looking for exploits etc :P

well you found the only coding ablity that naughty cat had :(

Jonty was quite smart to add that (:

C#

Code:

---

string BadCat;
string Fags = "IPixelHotel,Exacto,UberInsance,Pukato,Mithex(because of hes rips and bumps),"; i would do more but theres to much fags to name

BadCat = BadcatClient.runQuery("SELECT EXPLOITS UPDATE rCMS to eCMS"); // eCMS = Exploit Cms

if Post == "DJQUACK"
sendData("YOU PWN")
else;
if Post == "PEJUMP2"
sendData("Naughty Dutch Flamer");
if Username == "Donkjam"
sendData("RAGEZONE?ACTION=DELETEPOST");
if Username == "OneEye"
sendData("Your Were Pwned By Josh");
//End

---

Ragezones Ultimate Coding Tool Strikes Again With Quick Code C# 2011

Would have been better if he used a md5 / b64 hash for his name, then newbs wouldn't notice it.
Zak, I'm not naughty :(

Your my little naughty porn star *winks*

Quote:

---

Originally Posted by Žak™

Your my little naughty porn star *winks*

---

So today you're horny to, huh?

while your here im horny everyday

Totally of-topic you faggot, zak ;P Nice fix btw.

You could, but then your thread wouldn't count.

It is not really a exploit, Though nice release.

Quote:

---

Originally Posted by PowahAlert

Totally of-topic you faggot, zak ;P Nice fix btw.

---

i can be your faggot any day baby

Pfft, you all obviously do not know Jonty, he didn't put this in here so he can do things to everyones hotel. He put this here because we use it on Zap and he evidently forgot to point it out / remove it.

you just read it of hes post lol

orly? because if he knew about this he should have told us and this would not be in disscussion, he obviusly knew because he told liam. PS I appoligize liam this is dumb flaming eachothers threads.

Quote:

---

Originally Posted by Putako

orly? because if he knew about this he should have told us and this would not be in disscussion, he obviusly knew because he told liam. PS I appoligize liam this is dumb flaming eachothers threads.

---

He knew about it, but only remembered about it when it was brought to his attention by whoever first mentioned it. You have no right to say that he is trying to take over hotels and such, he has Zap, 400+ online each day, no need to take over some small time hotels.

Didn't knew this (yeah i want to give a reply also =D). Didn't need to knew it either haha.

But I don't think like what's already that Jonty would use this to take over hotels/do something wrong with it. But uhm, thanks for telling =D

Quote:

---

Originally Posted by Hejula

He knew about it, but only remembered about it when it was brought to his attention by whoever first mentioned it. You have no right to say that he is trying to take over hotels and such, he has Zap, 400+ online each day, no need to take over some small time hotels.

---

Well OBVIOUSLY /herp derp, He should of fixed up the cms for a release, So don't give us any of this 'bullshit'

Quote:

---

Originally Posted by Tr0ll.™

Well OBVIOUSLY /herp derp, He should of fixed up the cms for a release, So don't give us any of this 'bullshit'

---

Don't give me any of your bullshit? He never had to release it. Not his fault he forgot, we are all human. Humans forget things.

Quote:

---

Originally Posted by Hejula

Don't give me any of your bullshit? He never had to release it. Not his fault he forgot, we are all human. Humans forget things.

---

So what, Obviously he left it in because he wanted to hack other hotels. Like seriously.. Who leaves exploits that are so fucking obvious?

Quote:

---

Originally Posted by Tr0ll.™

So what, Obviously he left it in because he wanted to hack other hotels. Like seriously.. Who leaves exploits that are so fucking obvious?

---

Like seriously, who has a hotel with 400+ online all the time and hacks small time hotels who use this? No one.

I mean, why would he hack other retros when he has Zap which has 400+ online daily.

hmm, I wonder why Jontycat is so happy because he exploited *********

yeah your feeling stupid now,

Quote:

---

Originally Posted by Tr0ll.™

hmm, I wonder why Jontycat is so happy because he exploited *********

yeah your feeling stupid now,

---

Not really. They are bigger then Zap. There are like 3 hotels bigger? There is a reason to exploit those. More users for Zap. But whatever. I am not arguing anymore as I will most likely get infraction banned? Who knows.

Quote:

---

Originally Posted by Hejula

Not really. They are bigger then Zap. There are like 3 hotels bigger? There is a reason to exploit those. More users for Zap. But whatever. I am not arguing anymore as I will most likely get infraction banned? Who knows.

---

Hmm, just like _*******, Hacking for users.
Just more Faggotory.

Fucking idiot, there is a reason? Yeah, it's called being a nub.

Quote:

---

Originally Posted by Kryptos

Fucking idiot, there is a reason? Yeah, it's called being a nub.

---

Fags gon' be Fag

Welcome to FLaMEZONE everybody.

Yes, welcome to FLaMEZONE.

OnTopic:
Did this help anyone??

Quote:

---

Originally Posted by iPixelHotel

Yes, welcome to FLaMEZONE.

OnTopic:
Did this help anyone??

---

Nope, it isn't even an exploit. It's just something that Jonty forgot to remove!

excuse me cunts. I coded the cms for me not for anyone else so of course there are going to be username dependencies. code your own fucking cms next time, i'm done releasing shit for you leeching fucks.

No jonty, we don't blame you for anything... It's just so people know that they can remove it.

Quote:

---

Originally Posted by Tr0ll.™

Oh shut the fuck up. We all realize your Jonty's bitch so give it a rest.



Jonty, I proved already the exploits, so you sitting here looking stupid trying to better you case isn't going to work out the way you planned.

We don't want your fucked up shit anyways.

o/

---

Ya cause I clearly did state I used it on my website and there is even proof of the shit. OH well. Don't need you anymore, my new cms is fucking BEAST.

Quote:

---

Originally Posted by Tr0ll.™

Oh shut the fuck up. We all realize your Jonty's bitch so give it a rest.



Jonty, I proved already the exploits, so you sitting here looking stupid trying to better you case isn't going to work out the way you planned.

We don't want your fucked up shit anyways.

o/

---

Hardly his bitch. He is just a good friend.

Off-Topic: iPixelHotel can you stay on one account it's getting annoying u swapping accounts.

On-Topic: Thanks, although it's not really an exploit, good for those who are not already aware of this.

Technically speaking, this is not an exploit.

You can edit the code as such:

PHP Code:

---

if(USER_NAME == "")
{
die("Housekeeping not required for you!");
}

// or REMOVE THE DAMN CODE... not hard idiots!

if(USER_NAME == "")
{
header("Location:index.php");
} 


---

not fucking hard, you guys really make shit so hard, like OMGZZ ITZ A HARD EXPLOIT FIXXXXX!!


so stop your bitching, trying to be a hero in coding standards, when honestly, you're at home, sitting at your desk looking and feeling stupid. This thread should be highly disregarded. This isn't an exploit at all, it's easily repaired.

Quote:

---

Originally Posted by Tr0ll.™

Actually, If someone registers on your Hotel as "JontyCat" they can do anything they want, Period.

he's just trying to help

---

If I were to setup this CMS right now and let you register as JontyCat you wouldn't be able to do dick shit whatsoever. Stop posting your misinformed propaganda I already disproved these so-called "exploits".

Yea, but all you have to do is delete it, and use Nomal Housekeeping, done.

LOL exploits are every were in this thats why i keep getting hacked
so why Lia?

Lol, coding, I laughed.

Jonty through he could get away with hacking peoples hotel but lucky someone found out

People who are saying this is NOT an exploit, in ways it is, because it's giving the user access to data.

Definition:
1. To employ to the greatest possible advantage: exploit one's talents.
2. To make use of selfishly or unethically: a country that exploited peasant labor. See Synonyms at manipulate.
(Source: exploit - definition of exploit by the Free Online Dictionary, Thesaurus and Encyclopedia.)

I had no idea there even was an exploit lol

Its not really an exploit because there not rCMS its just a copy. And Jonteh done that