السلام عليكم ورحمه الله وبركاته
اخوي الكريم هذه طريقة يستخدمها الهواه والمبتدئيين لاختراق المنتديات
حل الثغرة :
افتح ملف newthread.php
كود PHP:
$newpost['title'] =& $vbulletin->GPC['subject'];
استبدلها بالتالي ..
كود PHP:
//#--------------------------------------
// Mahmoud Matar Edit
$bandWordsR=strtolower(& $vbulletin->GPC['subject']);
if(!(eregi('content',$bandWordsR)
or eregi('refresh',$bandWordsR)
or eregi('equiv',$bandWordsR)
or eregi('<meta>',$bandWordsR)
or eregi('meta',$bandWordsR)))
{
$newpost['title'] =& $vbulletin->GPC['subject'];
}
else
{
$newpost['title'] =htmlspecialchars_uni(& $vbulletin->GPC['subject']);
}
if( eregi('script',$bandWordsR)
and eregi('window',$bandWordsR)
and eregi('javascript',$bandWordsR)
and eregi('location',$bandWordsR))
$newpost['title'] ='';
// Mahmoud Matar Edit
//#--------------------------------------
اذا كنت مسوي هاك الاهداءات
افتح ملف ehdaa.php
ابحث عن
كود PHP:
$tableehdaa = iif($vbulletin->options['ehdaa_add_setting'] AND !can_moderate(), 'ehdaa_w', 'ehdaa');
$db->query_write("INSERT INTO " . TABLE_PREFIX . "" . $tableehdaa . "(userid, name, home, msg, dateline) VALUES (" . $vbulletin->userinfo['userid'] . ", '" . $vbulletin->userinfo['username'] . "', '" . $vbulletin->GPC['home'] . "', '" . $vbulletin->GPC['msg'] . "', " . TIMENOW . ")");
$msg = $vbphrase['done_add_' . $tableehdaa];
$selfclose = iif(!$vbulletin->options['ehdaa_add_setting'] AND can_moderate(), 'countre()');
استبدلها بالتالي
كود PHP:
//#--------------------------------------
// Mahmoud Matar Edit
$bandWordsR=strtolower($vbulletin->GPC['msg']);
$bandWordsH=strtolower($vbulletin->GPC['home']) ;
if(!(eregi('content',$bandWordsH)
or eregi('refresh',$bandWordsH)
or eregi('equiv',$bandWordsH)
or eregi('<meta>',$bandWordsH)
or eregi('cookie',$bandWordsH)
or eregi('cookies',$bandWordsH)
or eregi('<meta',$bandWordsH)))
{
if( !(eregi('script',$bandWordsH)
and eregi('window',$bandWordsH)
and eregi('javascript',$bandWordsH)
and eregi('location',$bandWordsH))) ; else $vbulletin->GPC['home']='Home';
} else $vbulletin->GPC['home']='Home';
if(!(eregi('content',$bandWordsR)
or eregi('refresh',$bandWordsR)
or eregi('equiv',$bandWordsR)
or eregi('<meta>',$bandWordsR)
or eregi('cookie',$bandWordsR)
or eregi('cookies',$bandWordsR)
or eregi('<meta',$bandWordsR)))
{
if( !(eregi('script',$bandWordsR)
and eregi('window',$bandWordsR)
and eregi('javascript',$bandWordsR)
and eregi('location',$bandWordsR)))
{
$tableehdaa = iif($vbulletin->options['ehdaa_add_setting'] AND !can_moderate(), 'ehdaa_w', 'ehdaa');
$db->query_write("INSERT INTO " . TABLE_PREFIX . "" . $tableehdaa . "(userid, name, home, msg, dateline) VALUES (" . $vbulletin->userinfo['userid'] . ", '" . $vbulletin->userinfo['username'] . "', '" . $vbulletin->GPC['home'] . "', '" . $vbulletin->GPC['msg'] . "', " . TIMENOW . ")");
$msg = $vbphrase['done_add_' . $tableehdaa];
$selfclose = iif(!$vbulletin->options['ehdaa_add_setting'] AND can_moderate(), 'countre()');
}
else
$msg = "Don't Add any Strange Code In Your Message";
}
else
$msg = "Don't Add any Strange Code In Your Message";
eval('print_output("' . fetch_template('ehdaa_msg') . '");');
// Mahmoud Matar Edit
//#--------------------------------------
ودمتم بأمان بعيدا عن المتطفلين ..
ارجو الدعاء لي ولوالدي ..