Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> General/Other Stuff
Author Message
hitwalker
Sells PC To Pay For Divorce


Joined:
Posts: 5661

PostPosted: Thu Feb 16, 2006 8:37 pm Reply with quote

Only registered users can see links on this board! Get registered or login!

ok raven...thought i make this a special topic...
Im sure your not aware of this: Only registered users can see links on this board! Get registered or login! is directly hotlinking to the above file.

view his page here: Only registered users can see links on this board! Get registered or login!



EDIT:
also these files are linked directly.
Auto Registration Activation Mod v1.0 Only registered users can see links on this board! Get registered or login!

And Only registered users can see links on this board! Get registered or login!


Also i recommend everybody to view my topic here: Only registered users can see links on this board! Get registered or login!

the list of websites he hotlinks the files from is getting huge...
 
View user's profile Send private message
jaded
Theme Guru


Joined: Nov 01, 2003
Posts: 1006

PostPosted: Fri Feb 17, 2006 6:00 am Reply with quote

i find that behavior to be rather unsettling Neutral

_________________
Themes BB Skins Only registered users can see links on this board! Get registered or login!
Graphic Tees Only registered users can see links on this board! Get registered or login!
Paranormal Tees Only registered users can see links on this board! Get registered or login!
Ghost Stories & More Only registered users can see links on this board! Get registered or login!

Last edited by jaded on Fri Feb 17, 2006 6:25 am; edited 2 times in total 
View user's profile Send private message Visit poster's website
hitwalker
PostPosted: Fri Feb 17, 2006 6:23 am Reply with quote

oh but my dear jaded thats not all...
i had some sleep so i continued the search....
ok galen...the next few...

PHP-Nuke Package[RavenPHPScripts] v2.0 Only registered users can see links on this board! Get registered or login!

and
Only registered users can see links on this board! Get registered or login!
 
jaded
PostPosted: Fri Feb 17, 2006 6:25 am Reply with quote

as a follow up i went there and i found great amusement in the following. when you attempt to download from there.

Quote:
IMPORTANT: In an effort to prevent bandwidth theft, We have implemented measures to ensure that the download requests are only processed from our site. This mechanism is not compatible with all anti-virus software, download accelerators, and proxies. If you make it through to the download request screen and then get a Forbidden message, the chances are it is a result of one of the three things just mentioned. In that case, you will have to temporarily disable or tweak the settings for those applications to allow the download.

Thank You For Your Co-operation.


the idea that they are concerned about bandwidth theft simply cracked me up killing me


Last edited by jaded on Fri Feb 17, 2006 7:03 am; edited 1 time in total 
hitwalker
PostPosted: Fri Feb 17, 2006 6:59 am Reply with quote

whitch file did you tried cause i could still download the collapsable .......
 
jaded
PostPosted: Fri Feb 17, 2006 7:01 am Reply with quote

LOL, he has half of the nuke sites out there, nukeresources included, hotlinked. With the number of downloads everyone is having their transfer stolen. I have to say that if you cannot afford to host the site you want then don't run one. If the only way that you can run a website is to leech off the back of every other site out there then give up the dream. I suggest that you buy more space and bandwidth, get rid of the hotlinks, and try to run your site legitimatly. Smile
 
djmaze
Subject Matter Expert


Joined: May 15, 2004
Posts: 719
Location: http://tinyurl.com/5z8dmv

PostPosted: Fri Feb 17, 2006 8:44 am Reply with quote

jaded wrote:
as a follow up i went there and i found great amusement in the following. when you attempt to download from there.

Quote:
IMPORTANT: In an effort to prevent bandwidth theft, We have implemented measures to ensure that the download requests are only processed from our site. This mechanism is not compatible with all anti-virus software, download accelerators, and proxies. If you make it through to the download request screen and then get a Forbidden message, the chances are it is a result of one of the three things just mentioned. In that case, you will have to temporarily disable or tweak the settings for those applications to allow the download.



Why do I always laugh when i see those messages on a php-nuke download module?
This is 100% FUD information (also known as hoax), because the information is false.

Example: Only registered users can see links on this board! Get registered or login!
Now how did i get that, although they say they have an meganism?
(note the page says 404 but just press [enter] in the address bar, that will reset HTTP_REFERER to empty so you bypass his protection)

No wonder people hotlink nuke sites, it's always possible Laughing
Now you go try that on Trevor and mine superior Downloads Pro module for Dragonfly, hehehe.


Last edited by djmaze on Fri Feb 17, 2006 8:56 am; edited 3 times in total 
View user's profile Send private message Visit poster's website
djmaze
PostPosted: Fri Feb 17, 2006 8:52 am Reply with quote

Hmm if people are interested i could write a bot that lists all his downloads so you can mirror/hotlink them.
 
hitwalker
PostPosted: Fri Feb 17, 2006 8:54 am Reply with quote

oh yeah do please......
ill drop it on a few friendly sites where it can be downloaded a few 100.000 times....
 
djmaze
PostPosted: Fri Feb 17, 2006 9:07 am Reply with quote

fetch.php file:
Code:


<?php
if (isset($_POST['id'])) {
    echo base64_decode($_POST['id']);
)
?>
<form action="fetch.php" method="POST">
fetchid: <input name="id" value="aHR0cDovL3d3dy5waHBudWtlLWRvd25sb2Fkcy5jb20vZG93bmxvYWRzL2Jsb2Nrcy9ibG9jay1kYmNsb2NrLnppcA==">
<input type="submit" name="Download It" value="Download It">
</form>


The value for fetchid can be found on a phpnuke-downloads.com download page at:

<input type="hidden" name="fetchid" value="foobar">
where 'foobar' is a long encoded string

The id in the above code decodes into Only registered users can see links on this board! Get registered or login!

copy the url into your browser address bar and hit enter.

hitwalker, i could write a more sophisticated system that allows you to completely replace your downloads module with a hotlink module.
But that's not realy fun for me, anyway with the above example you should be on your way.

NOTE: This is the only PoC i have ever provided on this website and will hopefully be my last. I've provided this PoC not because someone is a asshole but more based on many assholes that disbelieve my warnings and words that i should stop mentioning that i could hack them. This simple PoC should be enough to let you all know i know enough about php-nuke for not using it.


Last edited by djmaze on Fri Feb 17, 2006 9:12 am; edited 1 time in total 
hitwalker
PostPosted: Fri Feb 17, 2006 9:10 am Reply with quote

so is this type download per download or is it somehow automated..?
or how to go for that?
 
djmaze
PostPosted: Fri Feb 17, 2006 9:15 am Reply with quote

1. go to a download on his website that you want.
2. view source
3. find in source: name="fetchid"
4. copy value into fetch.php script

I could make it fully automatic using preg_match() but i don't. It's just bad to ask an "eye for an eye"
 
hitwalker
PostPosted: Fri Feb 17, 2006 9:19 am Reply with quote

yes i understand but people have to do to much work with way......lol
 
sting
Involved
Involved


Joined: Sep 23, 2003
Posts: 456
Location: Somewhere out there...

PostPosted: Fri Feb 17, 2006 10:00 am Reply with quote

Guys/Gals, sorry if I have inconenienced anyone, but I moved this here due to DJ's POC. Awesome POC by the way, but I just can't stand the thought of some kiddie out there getting it.

Now come to think of it, I didn't actually see the exact forum it was in before, so I may have moved it to a forum with the same security perms.

Want Raven to see this before putting it out there for all to see.

-sting

_________________
You see - I told you I wasn't paranoid. They were really out to get me. 
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Sun Feb 19, 2006 10:12 am Reply with quote

Thanks Sting for your sensitivity in this matter. After having talked to DJ about it and reading it over, I think it will serve more purpose in the open than not.
 
View user's profile Send private message
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> General/Other Stuff

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©