Results 1 to 10 of 13
-
5th Jun 2010, 10:08 PM #1OPMemberWebsite's:
Rapidleech.com FullMaza.com WarezOcean.com MediaFireForum.com[Official] WARNING: For Public Rapidleech Servers. Read Special Security Updates
WARNING:
For Public Rapidleech Servers. Special Security Updates
Bug found due to the insert_location() function (download system) which reveals premium cookies and base_64 encoded auth-strings to end user(s). The premium accounts of rapidleech servers providing premium-account downloads to public, are in danger of having their premium accounts compromised!
Private rapidleech servers are safe for now, but are strongly encouraged to upgrade.
Standard auth system for premium accounts is put in place, any premium plugins not adhering to the new standard will either be compromised, or won't work with the new system. Premium account data using base64 authorization are no longer passed via the insert_location function, instead they are retrieved internally.
New premium cookie encryption system implemented (due to the complexity of cookie system and to keep load on 3rd-party servers to a minimum, cookies are encrypted instead, and then decrypted when needed) New $secretkey in accounts.php, which is used for cookie encryption.
A standard key is included, but you must create your own random string, max 56 characters in length
Rapidshare, Hotfile, Megaupload, Netload premium system updated. Other filehost premium plugins will need to be updated, if needed (this includes paid-for plugins also)
Please replace the old files in your rapidleech with the new security updated files as structured in the zip file below:
Add classes/blowfish.php
Add classes/class.pcrypt.php
Replace classes/other.php
Replace configs/accounts.php
Replace hosts/download/hotfile_com.php
Replace hosts/download/megaupload_com.php
Replace hosts/download/netload_in.php
Replace hosts/download/rapidshare_com.php
Replace index.php
Code:http://rapidshare.com/files/395697523/Security_Rapidleech.zip
Palooo 2009 Reviewed by Palooo 2009 on . [Official] WARNING: For Public Rapidleech Servers. Read Special Security Updates WARNING: For Public Rapidleech Servers. Special Security Updates Bug found due to the insert_location() function (download system) which reveals premium cookies and base_64 encoded auth-strings to end user(s). The premium accounts of rapidleech servers providing premium-account downloads to public, are in danger of having their premium accounts compromised! Private rapidleech servers are safe for now, but are strongly encouraged to upgrade. Standard auth system for premium accounts Rating: 5
-
5th Jun 2010, 10:09 PM #2mmm mmm!
Hope rapidleechhost will update
HATERS GONNA probably bring up some valid points considering I am an ignorant little twat so far up my own ass that i blame my problems on everyone and if you criticize me you're automatically wrong.
-
5th Jun 2010, 10:32 PM #3Member
Thank you dude
-
5th Jun 2010, 11:05 PM #4Member
thanks palooo
-
6th Jun 2010, 12:00 AM #5Member
Rapidleech sucks. The coding is so messy.
-
6th Jun 2010, 12:14 AM #6
-
6th Jun 2010, 03:00 AM #7MemberWebsite's:
devilzarena.net
-
6th Jun 2010, 10:29 PM #8
-
6th Jun 2010, 10:47 PM #9OPMemberWebsite's:
Rapidleech.com FullMaza.com WarezOcean.com MediaFireForum.com
-
6th Jun 2010, 10:55 PM #10Member
Sponsored Links
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Similar Threads
-
Defendos Security - Official Thread
By l0calh0st in forum Web Development AreaReplies: 40Last Post: 31st Oct 2012, 03:54 PM -
Security Alert - Warning about Yahoo Browser Plugin for Chrome
By Mr Happy in forum News & Current EventsReplies: 1Last Post: 24th May 2012, 07:11 PM -
List of Free/Public Rapidleech Servers
By manic32 in forum File Host DiscussionReplies: 8Last Post: 26th Feb 2012, 05:22 AM -
Firefox 4 browser won't have any more security updates
By CyberAff in forum News & Current EventsReplies: 0Last Post: 22nd Jun 2011, 05:00 PM -
[Official] Regarding DDL0.com's Downtime & Updates
By SJshah in forum Forum and DDL DiscussionReplies: 26Last Post: 18th Dec 2010, 08:17 PM
themaCreator - create posts from...
Version 3.24 released. Open older version (or...