Author Topic: Multiple Vulnerabilities in XBTIT (Read 516 times)

fatdragon · « **on:** October 13, 2019, 03:14:40 PM »

Has these been addressed yet !?

https://rastating.github.io/xbtit-multiple-vulnerabilities/

King Cobra · « **Reply #1 on:** October 13, 2019, 03:38:19 PM »

I know some xss has been fixed

fatdragon · « **Reply #2 on:** October 13, 2019, 08:03:53 PM »

I also see some patches on that link and recommendation to upgrade!

King Cobra · « **Reply #3 on:** October 15, 2019, 03:44:59 AM »

Quote from: fatdragon on October 13, 2019, 08:03:53 PM

I also see some patches on that link and recommendation to upgrade!

If you want you can become a contributor on the github cause I'm the only one & I have other xbtit scripts to work on besides this one also

fatdragon · « **Reply #4 on:** October 16, 2019, 06:53:48 PM »

Yea, sure..I am also checking my old 2.0 code into git as I am making lots of changes to the prviate tracker..I created few hack in last few days to only allow certain old torrent clients! I tested while I brought server down for 4/5 days with various clients and etc..I share the small hack here in case someone can use!
So now I have to watch the server..make sure members can use it properly and watch these pissed off cheaters/hackers! after that few more weeks of taxes and stuff and then I need to get to 2.6 version. which then I can provide feedback in upgrade and hack my way! I ain't no expert..but if I need to get anything done I will do it! don't matter what it is.system, security, network, development, devops and etc..! still wish I could retire though! Give me some time so I can catch up with 2.6 codebase!

I might have pissed lots of trollers and php hackers after i brought the tracker back online! lol!
I see them trying to get back in again and use the exploit to use it into their ratio cheater clients!

Code: [Select]

69.89.31.90 - - [16/Oct/2019:20:39:47 -0700] "GET /index.php?page=torrent-details&id=7050b650beec861626e8e152281befe7b1b035051111111111111%27%20UNION%20SELECT%20CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81,45),CHAR(45,120,52,45,81,45),CHAR(45,120,53,45,81,45),CHAR(45,120,54,45,81,45),CHAR(45,120,55,45,81,45),CHAR(45,120,56,45,81,45),CHAR(45,120,57,45,81,45),CHAR(45,120,49,48,45,81,45),CHAR(45,120,49,49,45,81,45),CHAR(45,120,49,50,45,81,45),CHAR(45,120,49,51,45,81,45),CHAR(45,120,49,52,45,81,45),CHAR(45,120,49,53,45,81,45),CHAR(45,120,49,54,45,81,45),CHAR(45,120,49,55,45,81,45),CHAR(45,120,49,56,45,81,45)%20--%20/*%20order%20by%20%27as HTTP/1.1" 403 336 "-" "-"

Quote from: King Cobra on October 15, 2019, 03:44:59 AM

Quote from: fatdragon on October 13, 2019, 08:03:53 PM
I also see some patches on that link and recommendation to upgrade!
If you want you can become a contributor on the github cause I'm the only one & I have other xbtit scripts to work on besides this one also

Author Topic: Multiple Vulnerabilities in XBTIT (Read 516 times)

fatdragon

Multiple Vulnerabilities in XBTIT

King Cobra

Re: Multiple Vulnerabilities in XBTIT

fatdragon

Re: Multiple Vulnerabilities in XBTIT

King Cobra

Re: Multiple Vulnerabilities in XBTIT

fatdragon

Re: Multiple Vulnerabilities in XBTIT