eMoneySpace
Welcome, Guest. Please login or register.
Did you miss your activation email?
News: Earn your money online safely here at eMoneySpace. Feb 06, 2023 01:46 pm




Aurora Exploits and their solutions
Print
Author Topic: Aurora Exploits and their solutions  (Read 1026 times)
asifshabir
Reputation: (+6)
*

Offline

Gender: Male
Posts: 2921
Referrals: 2

View Profile
Feb 08, 2015 05:17 am

Hello EMS,

This thread is for aurora exploits and their solutions.
This thread is aim to make aurora more stronger and safer.

All admins/ users/ who found any exploits , may post it here with step by step solution.

Thanks
Logged
Tymer
Reputation: (+1)
*

Offline

Posts: 333
Referrals: 1


Visit www.HowToCreatePTC.com and make your own PTC

View Profile WWW
Reply #1: Feb 08, 2015 07:44 am

Nice topic, if it gets good answers it should get sticky
Logged

donatien
Reputation: (+85)
*

Offline

Posts: 18222
Referrals: 4


I'm not donatien @bitcointalk thank U (‿)凸

View Profile
Reply #2: Feb 08, 2015 09:54 am

it should be posted in the private board,
Logged
Tymer
Reputation: (+1)
*

Offline

Posts: 333
Referrals: 1


Visit www.HowToCreatePTC.com and make your own PTC

View Profile WWW
Reply #3: Feb 08, 2015 10:14 am

it should be posted in the private board,

What do you mean?
Logged

cngohar
Reputation: (+12)
*

Offline

Posts: 10230
Referrals: 0


View Profile
Reply #4: Feb 08, 2015 10:27 am

it should be posted in the private board,

he mran only gpt site owner can view the thread
Logged

UNIQUE PTC Template For Sale -
asifshabir
Reputation: (+6)
*

Offline

Gender: Male
Posts: 2921
Referrals: 2

View Profile
Reply #5: Feb 08, 2015 11:26 am

he mran only gpt site owner can view the thread

If gpt owners had any idea about these threats, they should be have been complaining about any hacking issues Smiley
Logged
megojoe
Reputation: (+2)
*

Offline

Gender: Male
Posts: 72
Referrals: 1


View Profile WWW
Reply #6: Feb 09, 2015 03:32 am

Steve here

Here or some i found here and there so i hope it helps

========================================================

Bot detector fix
Create htaccess file

Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_HOST} ^yoursite.com [NC]
RewriteRule ^(.*)$ http://www.yoursite.com/$1 [L,R=301]


=========================================================

wizards/link.php

prevent people from uploading free credits into your ptc ads


else if(is_ad_blocked($target)) {
         $err="Ad blocked was returned. Please contact support!";
      }
      else if (($daily_limit) <= "24" && ($daily_limit != "0")) {
               $err="Your add must have daily limit of at least 25 clicks, or leave 0 for unlimited!";
            }


*******

else if($adoption1 == "exsistlink") {
      $exsistlink = mysql_real_escape_string($_POST['exsistlink']);
      $sql=$Db1->query("SELECT * FROM ads WHERE id='$exsistlink'");
      $pad=$Db1->fetch_array($sql);
   }

=============================================================
wizards/fad.php


else if($adoption1 == "exsistfad") {
      $exsistfad = mysql_real_escape_string($_POST['exsistfad']);
      $sql=$Db1->query("SELECT * FROM fads WHERE id='$exsistfad'");
      $pad=$Db1->fetch_array($sql);
   }

================================================================

wizards/fbanner.php


else if($adoption1 == "exsistfbanner") {
      $exsistfbanner = mysql_real_escape_string($_POST['exsistfbanner']);
      $sql=$Db1->query("SELECT * FROM fbanners WHERE id='$exsistfbanner'");
      $pad=$Db1->fetch_array($sql);
   }

=============================================================

wizards/ptsu.php file, line 39 to 43 and add what is in bold:

else if($adoption1 == "exsistptsu") {
      $exsistptsu = mysql_real_escape_string($_POST['exsistptsu']);
      $sql=$Db1->query("SELECT * FROM ptsuads WHERE id='$exsistptsu'");
      $pad=$Db1->fetch_array($sql);
   }

============================================================


wizards/ptra.php

else if($adoption1 == "exsistptra") {
           $exsistptra = mysql_real_escape_string($_POST['exsistptra']);
      $sql=$Db1->query("SELECT * FROM ptrads WHERE id='$exsistptra'");
      $pad=$Db1->fetch_array($sql);
   }

===============================================================

wizards/ptr.php

else if($adoption1 == "exsistptr") {
      $exsistptr = mysql_real_escape_string($_POST['exsistptr']);
      $sql=$Db1->query("SELECT * FROM emails WHERE id='$exsistptr'");
      $pad=$Db1->fetch_array($sql);
   }

================================================================

wizards/popups.php


else if($adoption1 == "exsistpopup") {
      $exsistpopup = mysql_real_escape_string($_POST['exsistpopup']);
      $sql=$Db1->query("SELECT * FROM popups WHERE id='$exsistpopup'");
      $pad=$Db1->fetch_array($sql);
   }

=======================================================

wizards/flink.php

else if($adoption1 == "exsistflink") {
      $exsistflink = mysql_real_escape_string($_POST['exsistflink']);
      $sql=$Db1->query("SELECT * FROM flinks WHERE id='$exsistflink'");
      $pad=$Db1->fetch_array($sql);
   }

=======================================================
root
flinkclick.php

$id = mysql_real_escape_string($_REQUEST['id']);

====================================================
root
bannerclick.php

$id = mysql_real_escape_string($_REQUEST['id']);

======================================================
root
fadclick.php

$id = mysql_real_escape_string($_REQUEST['id']);

===================================================

admin edit_flink.php



==================================================

admin flinks.php

==================================================

admin fbanners.php


===================================================

wizards/banner.php

else if($adoption1 == "exsistbanner") {
      $exsistbanner = mysql_real_escape_string($_POST['exsistbanner']);
      $sql=$Db1->query("SELECT * FROM banners WHERE id='$exsistbanner'");
      $pad=$Db1->fetch_array($sql);
   }

=================================================

good luck

Steve

P.s I am working on the one for admin pass word keep getting changed


Logged

Print
 
Jump to:  
Copyright © 2008-2023 eMoneySpace. All rights reserved.