Net Builder
here is a critical news for all proxy list owners using proxylistscript.com script.
It has got some vulnerability by exploiting which anyone can hack into your administration panel.
I have seen many sites using it have got affected today and I recommend you to lock your admin directory from your control panel until the vulnerability is fixed and if someone knows the script owner do notify him too
Will.Spencer (8 June, 2009)
Moderator
Can you give more details so we can patch our sites?
Submit Your Proxies @ Proxy Sites.net
Net Builder
Originally Posted by nux
sorry mate I am not a programmer neither a hacker so I have no idea.
I just got to know it from my friend that he found the vulnerability and added his proxy in some of the lists using that vulnerability and at the same time asked me to notify all proxy owners and script owner. By the time i could have asked him about the vulnerability he went offline.
Master Net Builder
That's true, I can do the same with every others' person script -- I just didn't mention it for the whole world
I can give all my websites on every site the best listing without even getting into the admin pannel, but heck I won't do it
Greetz
|Nico Lawsons - Quality Web Hosting at WiredStorm
|cPanel with Softaculous and 24/7 Email (Ticket) Support & Live Chat
One is glad to be of service
Aquarezz could you pm me on how your doing this so I can have dtkguy see if he can patch this. So that we can supply a patch on this forum.
Reverse IP Check ಠ_ಠ Proxy Sites
<?php if ($youask == 'stupid question') { echo ('stupid answer'); } ?>
Master Net Builder
It doesn't seem to work on most proxy lists (although it worked before as I tested it on the first ProxLists.Com script (It was the PLS but from warez) ) And the thing I had to do was just adding:
To the end, from that I didn't even had to login to the admin pannel it just updated -- although it isn't working anymore on ProxB.Com (legal updated version) and it wasn't working on proxylist.al.gd so I guess it has been updated already or that that method only works on warez version...Code:admin.php?url=http%3A%2F%2Fsurfall.org&category=PHProxy+Proxies&email=nico.lawsons%40yahoo.com&status=4&accept=yes&edit=http%3A%2F%2Fsurfall.org
Greetz
|Nico Lawsons - Quality Web Hosting at WiredStorm
|cPanel with Softaculous and 24/7 Email (Ticket) Support & Live Chat
Net Builder
That's true, I can do the same with every others' person script -- I just didn't mention it for the whole world
I can give all my websites on every site the best listing without even getting into the admin pannel, but heck I won't do it
Greetz
well its not mentioning to the whole world.
The thing is that the script devolopment have been stopped and now it relies on proxy list owners on how to patch it so it was supposed to be announced not to be kept back as a secret because we all are into business because of each other and also its our duty to ensure none of our mates loose their sites or their content on which they have worked really hard
-
I think there's is a plug in for firefox that can do the trick
PHP Coder
Hello There,
Contact Me for knowing about the exploit ,as if I will give it out publicly then people might make wrong use of it.
-
CoolHello There,
I am only founder of the exploit and I dont think much guys knows this.I can control proxy listing in mins
What if I offer you $1,000 for the exploit?
Posting Permissions
LinkBack URL
About LinkBacks
Bookmarks