设为首页收藏本站
切换到窄版

 找回密码
 注册
金光网»广场 ╃ 建 站 技 术 ╆ 『网站建设』 网声的图片上载站演示-Scripteen image hosting script ...
广告投放 虚位以待【阿里云】2核2G云新老同享 99元/年,续费同价做网站就用糖果主机-sugarhosts.comJtti.com-新加坡服务器,美国服务器,香港服务器
返回列表 发新帖
查看: 675|回复: 2

网声的图片上载站演示-Scripteen image hosting script v1.4.6 PHP script

[复制链接]
金光
发表于 2010 年 6 月 27 日 07:35:04 | 显示全部楼层 |阅读模式

马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。

您需要 登录 才可以下载或查看,没有账号?注册

×
http://pictures.wszy.net/

Free Image Hosting is a great free photo hosting for your daily online surfing. You will have several types of links to the photo that you have stored with us including a direct link which makes it suitable to publish the photo anywhere while the links can be also used in websites, blogs and any content management system. You don't even have to register to be able to upload but registration gives you the benifit of tracking your photos and know how many views did it get and where those views are coming from and the best thing is that it's all FREE!

Maximum File Size: 2 MB

Allowed File Types: gif,jpg,jpeg,png

Jgwy.Com - Free Web Hosting Guide & Directory In China since 2001! Jgwy.Net-Jglt.Net
回复

使用道具 举报

金光
 楼主| 发表于 2010 年 6 月 27 日 07:36:43 | 显示全部楼层
【腾讯云】2核2G云服务器新老同享 99元/年,续费同价

                               
登录/注册后可看大图





Front End Features. Nice and user friendly design.
High CTR ad placements.
Dynamic navigation bar with 3 link groups for guests/members/admin.
Support for gif,jpg,jpeg,png,bmp with thumbnails by default.
Ajax Multi file upload.
Url upload (uploading from links).
Auto thumbnail generation.
Enhanced Photo gallery.
Users can report images as adult.
Auto generation of different linking types.
Send links to email.
Member registration system with email confirmation.
Advanced user control panel.
Members can see all photos and their links from user cp.
Members can see where their photos are posted.
Members can see how much 带宽 their photos are using.
Members can delete photos from user cp.

Admin Features.
Welcome page with site stats.
Advanced configuration page to set detailed options for users/guests like file types/max file size / max 带宽 and more.
Ability to add multiple servers to distribute site disk and 带宽 usage.
Admin can view/search/edit/ban/delete users.
Admin can view/delete images.
Image cleaner to delete unused images.
Enable / disable URL upload for guests.
Enable / disable URL upload for members.
Ad manager to control advertising slots all over the site.
IP blocker to block users violating terms from uploading more photos.

http://go.rapiddigger.com/rapids ... 1-4-6-zip-28881786/
Jgwy.Com - Free Web Hosting Guide & Directory In China since 2001! Jgwy.Net-Jglt.Net
回复

使用道具 举报

金光
 楼主| 发表于 2010 年 6 月 27 日 07:42:34 | 显示全部楼层
Scripteen Free Image Hosting Script 2.3 Insecure Cookie Handling Vuln
SSV ID:14772
发布时间:2009-07-24
测试方法:
[www.sebug.net]
本站提供程序(方法)可能带有攻击性,仅供安全研究与教学之用,风险自负!

  2.                                             ||          ||   | ||
  3.                                      o_,_7 _||  . _o_7 _|| q_|_||  o_\\\_,
  4.                                     (  :  /    (_)    /           (      .

  6.                                              ___________________
  7.                                            _/QQQQQQQQQQQQQQQQQQQ\__
  8.                                         __/QQQ/````````````````\QQQ\___
  9.                                       _/QQQQQ/                  \QQQQQQ\
  10.                                      /QQQQ/``                    ```QQQQ\
  11.                                     /QQQQ/                          \QQQQ\
  12.                                    |QQQQ/    By  Qabandi             \QQQQ|
  13.                                    |QQQQ|                            |QQQQ|
  14.                                    |QQQQ|    From Kuwait, PEACE...   |QQQQ|
  15.                                    |QQQQ|                            |QQQQ|
  16.                                    |QQQQ\       iqa[a]hotmail.fr     /QQQQ|
  17.                                     \QQQQ\                      __  /QQQQ/
  18.                                      \QQQQ\                    /QQ\_QQQQ/
  19.                                       \QQQQ\                   \QQQQQQQ/
  20.                                        \QQQQQ\                 /QQQQQ/_
  21.                                         ``\QQQQQ\_____________/QQQ/\QQQQ\_
  22.                                            ``\QQQQQQQQQQQQQQQQQQQ/  `\QQQQ\
  23.                                               ```````````````````     `````

  25. =Vuln:                Scripteen Free Image Hosting Script V2.3 Insecure Cookie Handling
  26. =INFO:                http://www.scripteen.com/
  27. =BUY:                  ---
  28. =Download:      http://www.scripteen.com/forum/news-announcements-f2-scripteen-free-image-hosting-script-v2-3-t631.html
  29. =DORK:                DORK:"Powered by Scripteen Free Image Hosting Script V 2.3"

  31.                                   ____________
  32.                               _-=/:Conditions:\=-_
  33. ````````````````````````````````````````````````````````````````````````````````

  35. none

  37. ---------------------------------------===--------------------------------------

  39.                                 _________________
  40.                             _-=/:Vulnerable_Code:\=-_
  41. ````````````````````````````````````````````````````````````````````````````````
  42. // in ".\admin\header.php"

  44. $userid=$_SESSION['userid'];
  45. $usergid=$_SESSION['usergid'];
  46. if (!$userid || empty($userid) || $userid==""){
  47.         $userid = $_COOKIE['cookid'];
  48.         $usergid = $_COOKIE['cookgid'];
  49. }

  51. // this is the scripts authentication code, pasted in all admin files.. fail.

  53. if($usergid!="1")
  54. {
  55.         header("Location: logout.php");        exit;
  56. }
  57. ---------------------------------------===--------------------------------------

  59.                                      _______
  60.                                  _-=/:P.o.C:\=-_
  61. ````````````````````````````````````````````````````````````````````````````````
  62. Set:

  64. Cookie: cookgid=1

  66. ---------------------------------------===--------------------------------------

  68.                                     __________
  69.                                 _-=/:SOLUTION:\=-_
  70. ````````````````````````````````````````````````````````````````````````````````
  71. nah

  73. ---------------------------------------===--------------------------------------
  74. ______________________________________________________________________________
  75. /                                                                              \
  76. |      ----------------------------------------------------------------------  |
  77. \______________________________________________________________________________/
  78.                                 \ No More Private /
  79.                                  `````````````````
  80.                            Salamz to All Muslim Hackers.

  82. # sebug.net
  83. // sebug.net [2009-07-24]
复制代码
Jgwy.Com - Free Web Hosting Guide & Directory In China since 2001! Jgwy.Net-Jglt.Net
回复

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

Archiver|手机版|小黑屋|金光论坛

GMT+8, 2025 年 2 月 4 日 00:02 , Processed in 0.027629 second(s), 22 queries .

Powered by Discuz! X3.5

© 2001-2024 Discuz! Team.

快速回复 返回顶部 返回列表