<|R0cKm@nX|>
New Member
i mean your name...
no need to get the admin file
no need to get the admin file
-
Howdy! Welcome to our community of more than 130.000 members devoted to web hosting. This is a great place to get special offers from web hosts and post your own requests or ads. To start posting sign up here. Cheers! /Peo, FreeWebSpace.net
Free Hosting Script
- Thread starter <|R0cKm@nX|>
- Start date
Ted S
New Member
There really is no reason for such messures. Although this hack does indeed work (and yes, the developer is aware of it), it does not really give users admin access. Instead it puts them in a pre-approved area for moderator status but since the moderator feature was never completed this isnt really a security risk.
To become an admin, a user would have to access a completely different file. In order to access this file, that user would have to breach yoru entire server's security that is to say... if a user can write to one file, they cna easily write to the file next to it or run a search and find another file, so moving files wouldn't make much differance....
To become an admin, a user would have to access a completely different file. In order to access this file, that user would have to breach yoru entire server's security that is to say... if a user can write to one file, they cna easily write to the file next to it or run a search and find another file, so moving files wouldn't make much differance....
<|R0cKm@nX|>
New Member
oh i c..
anyway, i think solutionscripts should make a function where users can move files...
and anyway, i really hate the hack.. but i still used it sometimes hehe
anyway, i think solutionscripts should make a function where users can move files...
and anyway, i really hate the hack.. but i still used it sometimes hehe
zazoo
New Member
well t35.com got hacked, I'm not sure how but someone got em
and 3hosting4U got hacked by someone and spammed everyone and then they got shut down by donhosting because the spammer put warez in the email messages
(it was solution scripts who installed 3hosting4U's homefree script)
and 3hosting4U got hacked by someone and spammed everyone and then they got shut down by donhosting because the spammer put warez in the email messages
(it was solution scripts who installed 3hosting4U's homefree script)
surfichris
New Member
t35hosting was using an illegal version of Home Free anyway, the webmaster admitted it even. I posted on the Solution Scripts forums a while back and Ted answered me, i listed 2 sites using illegal versions
<|R0cKm@nX|>
New Member
how do u know they are using an illegal copy of homefree? by looking at the 'n' after the version number? i have saw a few sites' homefree have an 'n' after the version numbers! wonder wat they are...
<|R0cKm@nX|>
New Member
Originally posted by zazoo
can someone PM me the hack if it isn't any real harm?
I just wanna try it on my site and mabee I could try fixing it up a bit to stop it from working (with any luck)
I believe SolutionScripts will annouce the hack after Ted have sent them the hack and fixed the hack...
Ted S
New Member
Originally posted by zazoo
well t35.com got hacked, I'm not sure how but someone got em
and 3hosting4U got hacked by someone and spammed everyone and then they got shut down by donhosting because the spammer put warez in the email messages
(it was solution scripts who installed 3hosting4U's homefree script)
The hack that is being discused ehre is no where near as serious as an issue like that. Homefree has not had a majority security breach that would lalow anyone to access other homefree files in years. When there was sucha problem, it was fixed 15 minutes after a CERT warning sas issued.
As for SolutionScripts doing the installation, when I worked there, we did very few installs and any install we did do do was rather basic... script upload, chmod, set the basic variables and let them admin go from there.
Most any server with homefree that has really been hacked as been through a commonly hacked linux or nt breach such as sendmail, dns, etc....
