Sitedeki açik.
selamun aleyküm arkadaşlar bu 2 dosyada açik gözikiyo nasil düzeltebilirim ?
php sürümüm : 5.3.3
coklu.php
Kod:
<?php ob_start(); set_time_limit(0); error_reporting(0); echo '<form method="post" action=""> Defacer : <input type="text" name="defacer"><br><br> <textarea name="siteler" cols="60" rows="7"></textarea><br> <input type="submit" value="Postala"> </form></center>'; if($_POST){ $defacer = htmlspecialchars($_POST['defacer']); $siteler = explode("\n",$_POST['siteler']); foreach($siteler as $yenisiteler){ $trim=trim($yenisiteler); $trim = htmlspecialchars($trim); $exec = trim(file_get_contents("http://hack3rz.org/mass.php?hacker=$defacer&domain=$trim")); if(!$exec==""){ $hata01 = 'Hacker Adi veya Site Adresi Bos Olmamali.'; $hata02 = 'Kaynak Okunamadi.'; $hata03 = 'Bu kaydi Bu hacker daha onceden almis.'; $hata04 = 'Kayit basarili'; $hata05 = 'Kayit Basarisiz.'; $hata06 = 'Sunucuda Problem Var.'; $hata07 = 'icerikte index Bulunamadi..'; if($exec=="01"){ echo ''.$trim.' - '.$hata01.'<br>'; }elseif($exec=="02"){ echo ''.$trim.' - '.$hata02.'<br>'; }elseif($exec=="03"){ echo ''.$trim.' - '.$hata03.'<br>'; }elseif($exec=="04"){ echo ''.$trim.' - '.$hata04.'<br>'; }elseif($exec=="05"){ echo ''.$trim.' - '.$hata05.'<br>'; }elseif($exec=="06"){ echo ''.$trim.' - '.$hata06.'<br>'; }elseif($exec=="07"){ echo ''.$trim.' - '.$hata07.'<br>'; }else{ echo 'harbi hata'; } ob_flush(); flush(); } } } ?>
mass.php
Kod:
<?php session_start(); $_SESSION['ddos_sessionu'] = 1; $hacker = strip_tags(addslashes(trim($_REQUEST['hacker']))); $domain = strip_tags(trim($_REQUEST['domain'])); if($hacker=="BaronHackTeam"){ echo 'bu kisinin bu siteden mass kayit almasi yasaklanmistir.'; exit(); } //$domain = urldecode($domain); if($hacker==""||$domain==""){ $halt = '01'; }else{ $gonder = curl_init(); curl_setopt($gonder, CURLOPT_URL, $domain); curl_setopt($gonder, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($gonder, CURLOPT_REFERER, $domain); curl_setopt ($gonder, CURLOPT_USERAGENT, "Mozilla 2003, that coolish version"); $data = curl_exec ($gonder); curl_close ($gonder); if($data==""){ $halt = '02'; }else{ $veri = array('HACKED','Hacked','defaced','HaCKeD','hijacked','hacker','Hack','Hacking','Defacer','DEFACE','Ownz','Powned','owned','Deface','Hacker','HACKER',$cikti['hacker']); $metin = $data; $sp = array(); foreach($veri as $veriler){ if(ereg($veriler,$metin)){ $sp[] = "var"; } } $say = count($sp); if($say>0){ include "settings.php"; include "class/class.inc.php"; //$hacker = $seo->sef($hacker); $dbo->setSql("select name from hacker where name='$hacker'")->runSql(); $varmi = $dbo->numRows(); $site = $Golge->DomainReplace($domain); if($varmi>0){ $kontrol = control($site, $hacker); }else{ $dbo->setSql("insert into hacker(name,h,n,g)values('$hacker','0','0','0')")->runSql(); } if($kontrol > 0){ $halt = "03"; }else{ $data = addslashes($data); $server = $server->os($site); $hng = $hng->hng($domain); $halt = $hng; $ip = gethostbyname($site); $zaman = date("d:m:Y - h:i:s"); $uip = $_SERVER['REMOTE_ADDR']; $dbo->setSql("insert into onhold(hacker,url,kaynak,hng,os,zaman,domain,ip,user_ip)values('$hacker','$domain','$data','$hng','$server','$zaman','$site','$ip','$uip')")->runSql(); if($dbo->result()){ $table = $hng; if($table == 0){ $table = "g"; }elseif($table==1){ $table = "h"; }else{ $table = "n"; } $dbo->setSql("update hacker set $table = $table+1 where name = '$hacker'")->runSql(); if($dbo->result()){ $halt = '04'; }else{ $halt = "05"; } }else{ $halt = "06"; } } }else{ $halt = '07'; } } } echo $halt; ?>
2016-09-24 11:05:34