DeltaCMS 1.0 - First Version of Delta!

AmirZ · Jan 23, 2012

(Update 1-2-2012) 1.0.7:

You must be registered to see links

Another update for it:

You must be registered to see links

(not complete, replace the files that are already in there)

(Update 31-1-2012) 1.0.6:
You must be registered to see links

New 1.0.3:
You must be registered to see links
(1.0.3)
It was already in the reactions but for the people that don't want read the reactions here.

I think all exploits fixed in 1.3
________________________________

Hello RaGEZONE

Everyone who downloaded my releases knows I was working on a CMS from scratch called DeltaCMS. George2000 would make the emu, DeltaEMU, to work with it but he didn't have enough time so I made the cms compatible with Phoenix Emulator.

So I have two versions: With and without news/campaign images and badges. That images are the same as Public/Images from phoenix so just copy that map if you already have phoenix and don't want to download it.

DL Link with images:
You must be registered to see links

DL Link without images:
You must be registered to see links

Database:
You must be registered to see links

I made two themes called Test and Habbo. "Habbo" is dutch and "Test" is English. I only have a little housekeeping yet.

Best XAMPP:
You must be registered to see links
(1.6.8)
Xampp 1.7.3 and below should work.

PHPMyAdmin security fix:
open C:/xampp/phpmyadmin/index.php and on top place:
<?php
if($_SERVER['REMOTE_ADDR'] !== '127.0.0.1'){
header("Location: ../yousuckman!");
exit();
}
?>

Screens (Habbo Theme):

You must be registered to see links

You must be registered to see links

You must be registered to see links

You must be registered to see links

Live Demo (nog 24/7): Hablow.dyndns.org
I don't think DeltaCMS will still be on Hablow over a month so please post other demos

And I have a request: Can some people code more themes for 1.1?

Please like the thread if you like it!
+ I still want my account 'azaidi' back :grr:

__
Exploit found by joopie:
Very important:

change:

foreach($_COOKIE as $key => $value){
$_SESSION[$key]=X($value);
}

to:

foreach($_COOKIE as $key => $value){
$_COOKIE[$key]=X($value);
}

MichellGeerdink · Jan 23, 2012

Nice AmirZ

You are pro.

AmirZ · Jan 23, 2012

Are you the owner of sunniechat?

Jax · Jan 23, 2012

That , just look's exactly like HabboRE CMS....

Akimbo · Jan 23, 2012

Nah, it is allright, credits for the effort!

Joopie · Jan 23, 2012

Which fag removed my post?

Cant i say there is an exploit?, Jesus, ragefags

Hejula · Jan 23, 2012

Whatever idiot keeps removing Joopie's post just STOP! Either delete the thread or leave the post!! He is warning everyone about a major exploit in this CMS.

AmirZ · Jan 23, 2012

Ohw didn't know filtering cookies would become an exploit?

Hejula · Jan 23, 2012

AmirZ said:
Ohw didn't know filtering cookies would become an exploit?

Not filtering, you changing them into sessions - Joopie was explaining to me on MSN that you can put session Username and change it to an administrators username, then reload the page it converts that cookie you created to a session and you are on administrator account.

AmirZ · Jan 23, 2012

foreach($_COOKIE as $key => $value){
$_SESSION[$key]=X($value);
}

WOW OOPS! IT SHOULD BE:

foreach($_COOKIE as $key => $value){
$_COOKIE[$key]=X($value);
}

Joopie · Jan 23, 2012

Btw, You don't need to filter the session as it is server-side.
Only when you set the session with an value from the post/get/cookie (client-side) you need to filter it.

leenster · Jan 23, 2012

I knew joopie was here for a reason...

v00rp · Jan 23, 2012

AmirZ said:
Are you the owner of sunniechat?

I'm the Co-owner / dev of sunniechat
Next time use a better password for your hotel and databases, ktnxbye.

Also, Your cms is exploitabale like sh*t.

> Also.
Next time dont tell us that you are going to "hack" us, and put my name in your copyright.

>> Oh and

<?php
if($_SERVER['REMOTE_ADDR'] !== '127.0.0.1'){
header("Location: ../yousuckman!");
exit();
}
?>

Wont work if you are hosting it on a webhost.

Mavec · Jan 23, 2012

It has a nice design, me like Uber Design.

But this ''DeltaCMS'' has exploits, fix this in your second version for positive comments.
You are doin' well but it can be better, good luck!

AmirZ · Jan 23, 2012

Ohw I thought a simple post and get script would make it exploit free, I was wrong..

Mavec · Jan 23, 2012

AmirZ said:
Ohw I thought a simple post and get script would make it exploit free, I was wrong..

Hopeful you code next time better.

v00rp · Jan 23, 2012

AmirZ said:
Ohw I thought a simple post and get script would make it exploit free, I was wrong..

You sir, you fail.

AmirZ · Jan 23, 2012

You must be registered to see links

Fixed now?

v00rp · Jan 23, 2012

AmirZ said:
You must be registered to see links

Fixed now?

Still failing

AmirZ · Jan 23, 2012

I don't have skype and I don't want to.

DeltaCMS 1.0 - First Version of Delta!

Newbie Spellweaver

Newbie Spellweaver

Newbie Spellweaver

C# Programmer

Experienced Elementalist

Magical Xenforo Unicorn

The one and only!

Newbie Spellweaver

The one and only!

Newbie Spellweaver

Magical Xenforo Unicorn

[̲̅$̲̅(̲̅1̲̅)̲̅$ ̲̅]

Newbie Spellweaver

Newbie Spellweaver

Newbie Spellweaver

Newbie Spellweaver

Newbie Spellweaver

Newbie Spellweaver

Newbie Spellweaver

Newbie Spellweaver