Latest posts for the topic "hack in advance westbook 2.2"

hack in advance westbook 2.2

Anonymous — GMT

Dear

Please Helpme, in my westbook always change my password, the htlm is off, the picture is on. A hack edit a record and change a picture for this script

and more, the scrip show the westbook record in administration mode without option "delete" or "edit"

Regards

Auron — GMT

Firstly report that geocities account to geocities to shut it down and then
wait for Carbonize to have a look at this thread.

Auron

Carbonize — GMT

A link would be useful. Are you using Advanced Guestbook 2.2 or 2.3.1?

Guestbook

Anonymous — GMT

2.2.

Is strange, I can reproduce this error to edit wherever record in admin mode and change the word text for the scrip.....but htlm is off????

Regards

Carbonize — GMT

Yes as admin you can put anything you want in the entry even HTML. The script deals with any HTML tags and AGcode in a post when it is submitted.I assume you have access to your admin again? If you do then I recommmend looking in this forum for my fix for this exploit.

change

Anonymous — GMT

Ok, I read some notes in your forum, and change the line in php for
if (!get_magic_quotes_gpc()) {
$username = addslashes($username);
$password = addslashes($password);

Is all ok now?

Regards

Carbonize — GMT

Yup thats basically the jist of it.

Thank

Anonymous — GMT

Many Thanks Carbonize.......

The last question, I will found and delete the fake Admin in the database?

Regards

Sorry

Anonymous — GMT

I MUST found and delete the fake administrator in my database, or his hack and pass with my administrator user?

Regards

Carbonize — GMT

Wel if you haven't patched the exploit you can alway slog in using it. If you have patched simply restore the old session.class.php and use the exploit.

Sorry again

Anonymous — GMT

Sorry

If the patch = change the session.class.php for new scrip, why you say me "if you have patched simply restore the old session.class.php"???????.....and what is "the exploit"?

Carbonize — GMT

The exploit is simple and posted in many places online. I don't feel it is appropriate for me to post it in here though. To unpatch simply do the reverse my fix.