Open admin/index.php
<?php
After add:
$ourLogin = "Username";
$ourPassword = "Password";
session_start();
if ($_SESSION['login']!=$ourLogin && $_SESSION['password']!=$ourPassword) {
if ($_POST['login']==$ourLogin && $_POST['password']==$ourPassword) {
$_SESSION['login'] = $_POST['login'];
$_SESSION['password'] = $_POST['password'];
header("Location: index.php");
}
else {
echo "
<form action=index.php method=post>
Login:<br>
<input type=text name=login value=''><br>
Password:<br>
<input type=password name=password value=''><br>
<input type=submit value=' - ok - '>
</form>
";
exit;
}
}
Change:
$ourLogin = "Username";
$ourPassword = "Password";
Please stick topic
Is there a question or something I missed here?
Yeah.. can anyone confirm that this is working, and if it isn't a security hole?
Saolasın
destroyer Wrote:Yeah.. can anyone confirm that this is working, and if it isn't a security hole?
Bi de gavur olcan bizden iyi eğitim alıonuz,daha bi bok bilmion kro.
I don't understand a word of that.
KURTAY Wrote:destroyer Wrote:Yeah.. can anyone confirm that this is working, and if it isn't a security hole?
Bi de gavur olcan bizden iyi eğitim alıonuz,daha bi bok bilmion kro.
Of course we all understand Turkish!
destroyer Wrote:I don't understand a word of that.
I mean that, how couldn't you understand this code's meaning?
LeX- Wrote:KURTAY Wrote:destroyer Wrote:Yeah.. can anyone confirm that this is working, and if it isn't a security hole?
Bi de gavur olcan bizden iyi eğitim alıonuz,daha bi bok bilmion kro.
Of course we all understand Turkish!
So, i've written in turkish
Admin Cp Extra Password
All -1.1.3 site hacked.Exploit
hacker use exploit.Create new admin but admin cp extra password security.He don't enter admin cp