Tarih: 2006-01-26, 14:07:34 Mesaj konusu: Burda Açik Nerde var
Kod:
<?php
error_reporting(E_ALL ^ E_NOTICE);
$GLOBALS['fc_config'] = array(
'backtimeOnLogin' => 0, //set to non-zero value to force loading previous messages since XXX minutes ago, upon login
'timeOffset' => 0, //sets server time offset (needed only to correct server timezone problem), minutes
'debug' => false, //set to true to run in debug mode
'version' => '3.9.6.1',//architecture release . feature release . patch release
'appdata_path' => './appdata/appTime.txt', //path to file where application data is stored (MUST be writeable!)
'liveSupportMode' => false,//set to true to use chat in "Live Support" mode
'hideSelfPopup' => false,//set to false to allow self popup menu
'showConfirmation' => true, //set to true to allow confirmation popup window for admin (moderator)
'showTimeStamp' => false, //set to true to show the time stamp with messages
'timeStampPosition' => TIMESTAMP_BEFORE, //TIMESTAMP_BEFORE, TIMESTAMP_AFTER
'timeStampFormat' => 'g:i a', //pattern for PHP date function
'loginsPerIP' => 4, // number of logins allowed per IP address
'disabledIRC' => '',// you can put list of IRC commands to disable here, like 'back,backtime'
'maxMessageSize' => 500, //maximum input text size, # characters
'maxMessageCount' => 1000, //maximum number of the messages stored in the chat log
'userListAutoExpand' => false, //if true user list opens all the rooms with users in them
'showLogoutWindow' => true, // if false, then use only the ....src=logout.php method, but do not use the popup method at all
'logoutWindowDisplayTime' => 3, // in seconds
'floodInterval' => 1, // in seconds, the amount of time that must pass before the user posts another message
'inactivityInterval' => 24*60*60, // in seconds, if a user has FlashChat open for 'inactivityInterval' seconds, but they
// do not type anything, then the user should be automatically logged-out of the chat
// Note 60*60 - one hour
//Rooms config
'defaultRoom' => 1, //primary key of room where all users go after login
'autoremoveAfter' => 300, //number of seconds before room is removed
'roomTitleFormat' => 'ROOM_LABEL - USER_COUNT', //format string for room title in userlist
'maxUsersPerRoom' => 50,
'listOrder' => 'MOD_THEN_AZ', // options: AZ, ENTRY, MOD_THEN_AZ, MOD_THEN_ENTRY
// AZ = alphabetical order, A to Z
// ENTRY = by order of entry only
// MOD_THEN_AZ = same as AZ, but moderators at top
// MOD_THEN_ENTRY = same as ENTRY, but moderators at top
// Roles config
'adminPassword' => 'schatz6', //allows any user to login as a moderator - stateless CMS mode only
'spyPassword' => 'spypass', //allows any user to login as a spy - stateless CMS mode only
//Language config. For some languages like Japanese or Chinese.
//This option allows ctrl+enter vs enter and always enables the send button.
'special_language' => array(
'itm0' => 'jp',
'itm1' => 'cn'
),
//Message processing
'msgRequestInterval' => 3, //chat refresh time, seconds
'msgRequestIntervalAway' => 15, //chat refresh time in away state, seconds
//NOTE: it should not be bigger than a half of autologoutAfter
//otherwice your users being disconnected in away mode
'msgRemoveAfter' => 3600, //messages removed after this time, seconds
//Connection processing
'autologoutAfter' => 60, //time of pooling inactivity after which user is considered logged off, seconds
'autocloseAfter' => 3600,//time of pooling inactivity after which connection is removed from database, seconds
'helpUrl' => 'http://tufat.com/wiki/', //you can use also help.php
//Ban processing
'autounbanAfter' => 36000, //time after user became un-banned, seconds
//Language options
'languages' => array(), //do not change this
'defaultLanguage' => 'tr', //two-letter code of the default language (see below)
'base' => '',
//external sound options
'sound_options' => array(
'RingBell' => 'sounds/tin_can.mp3',
'LeaveRoom' => 'sounds/door_shut.mp3',
'OtherUserEnters' => 'sounds/jetsons.mp3',
'ReceiveMessage' => 'sounds/aol_receive_message.mp3',
'SubmitMessage' => 'sounds/aol_send_message.mp3',
'RoomOpenClose' => 'sounds/_default.mp3',
'InitialLogin' => 'sounds/harp_cord.mp3',
'Logout' => 'sounds/high_low_chord.mp3',
'ComboListOpenClose' => 'sounds/mouse_over_6.mp3',
'UserBannedBooted' => 'sounds/chime.mp3',
'InvitationReceived' => 'sounds/three_notes.mp3',
'PrivateMessageReceived' => 'sounds/aol_receive_message.mp3',
'UserMenuMouseOver' => 'sounds/mouse_over_1.mp3',
'PopupWindowOpen' => 'sounds/air_swoosh_2.mp3',
'PopupWindowCloseMin' => 'sounds/mouse_over_2.mp3',
'EnterRoom' => 'sounds/ta_da.mp3',
'PressButton' => 'sounds/activate_button.mp3'
),
//---
//File sharing options
// to disable file sharing, go to /inc/layouts/user.php and set allowFileShare to 'false'
'filesharing' => array(
'allowShareRoom' => false,//moderators can always share with all users in a room - this option is only for non-moderators
'allowShareChat' => false,//moderators can always share with all users in a chat - this option is only for non-moderators
'allowFileExt' => 'zip,rar,jpg,gif,sit,pdf',// allowed file extensions, comma separated (to allow all extensions set to '')
'maxFileSize' => 0.5*1024*1024,//max file size in bytes (2*1024*1024 equals 2 Mb)
'maxFileHoursLife' => 0.5, // time in hours to store the file on the server (file will be deleted after this time)
),
//---
//Logout behavior
'logout' => array(
'close' => false, // if true, then FlashChat window is closed upon logout
'redirect' => false, // redirectURL must be a valid URL
'url' => 'http://www.tufat.com', // 'redirect' must be set to true for this to work
'window' => '_blank', // the window to open into. possible values: _blank, _self, _parent, or a named window
),
//---
//module settings (anchored SWF/JPG file)
'module' => array(
'achor' => 0,//the anchor point: 0,1,2,3 or 4 (0=centered,1-4=corners of space below roomlist)
'path' => '',//set to '' to disable. To see how this works, use 'banner.swf'
'stretch' => false, // if true, anchored SWF is stretched horizontally & vertically to fill all available space
),
);
Yukaridaki kodlar flashchat sohbet modülüne ait config.php dosyasinin kodlaridir.. Bastan sona bu sekilde..Biri bu dosyadaki aciklardan dolayi hack edecegini soyledi.. kodlardan fazla anlamam bi gözatabilirmisiniz...Aciklar nerede ve nasil düzeltirim
Tarih: 2006-03-21, 03:48:20 Mesaj konusu: Re: Burda Açik Nerde var
merhaba arkadasım..açık bu kod da degil açık index sayfasında yer alıyor...ordan otomatik olarak admin girişi yapabiliyorlar onun kapatılması gerekiyor..
index sayfasına dikkatlice bakarsan orda bu dosyada kullandıgın aşagıdaki şifreleri bu dosyadan alıyor ve kullanıcı olarak random yani rastgele bir nick ile admin girişi yapılabiliyor...gerisini de zaten herkes tahmin edebilir :)
'adminPassword' => 'schatz6', //allows any user to login as a moderator - stateless CMS mode only
'spyPassword' => 'spypass', //allows any user to login as a spy - stateless CMS mode only
Bu forumda yeni başlıklar açamazsınız Bu forumdaki başlıklara cevap veremezsiniz Bu forumdaki mesajlarınızı değiştiremezsiniz Bu forumdaki mesajlarınızı silemezsiniz Bu forumdaki anketlerde oy kullanamazsınız