Admin paneel van Mafiabase

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • Admin paneel van Mafiabase

      Hey,

      Ik heb hier de source van Mafiabase gedownload, nu heb ik een probleem ondervonden, op dat admin paneel zit een wachtwoord wat ik niet kan vinden, ben rond 10u beginnen met zoeken, alleen zonder resultaat. Het wachtwoord van het mod paneel was snel gevonden, stond bovenaan in de code.
      Dus wou ik aan jullie vragen, kent niemand van jullie hem toevallig of kan hem uit het onderstaande script vinden ? (Als een noob in scripten is ben ik hem wel.)

      //

      Source Code

      1. <?
      2. if(!$data->admin == 1) {
      3. exit;
      4. }
      5. define("include", "adminpage");
      6. include('admin/settings.php');
      7. if($_SESSION['Admin'] == 1){
      8. $error = 0;
      9. } else {
      10. $error = 2;
      11. }
      12. if($_GET['logout'] == 1){
      13. $error = 3;
      14. $_SESSION['Admin'] = "";
      15. }
      16. if (isset ($_POST['passcode'])){
      17. if ($_POST['passcode'] == $pass){
      18. $error = 0;
      19. $_SESSION['Admin'] = 1;
      20. } else{
      21. $error = 1;
      22. }
      23. }
      24. if (!$error == 0){
      25. ?>
      26. <table width="100%">
      27. <tr>
      28. <td align="center">
      29. <br><br><br><br>
      30. <table class="div_popup" align="center">
      31. <tr>
      32. <td>
      33. <p>Mafiabase Admin Panel</p>
      34. <br/>
      35. <?
      36. if ($error == 1){
      37. echo '<span class="adm-error">Error</span><br/><br/>';
      38. }
      39. if ($error == 3){
      40. echo '<span class="adm-error">Logged Out</span><br/><br/>';
      41. }
      42. ?>
      43. </td>
      44. </tr>
      45. <tr>
      46. <td>
      47. <form method="post">
      48. Pass:
      49. <input name="passcode" type="password" />
      50. <input name="adminpanel" type="submit" value="ok" />
      51. </form>
      52. </td>
      53. </tr>
      54. </table>
      55. </td>
      56. </tr>
      57. </table>
      58. <script language="javascript">
      59. setTimeout("document.location.href='?a=news'",(20000));
      60. </script>
      61. </div>
      62. </td>
      63. </tr>
      64. </table>
      65. </td>
      66. <?
      67. } else{
      68. ?>
      69. <div class="title_bg">
      70. <div class="title">Admin Panel</div>
      71. </div>
      72. <div style="background-color:#dbd2b7; padding:4px;">
      73. <table width="100%" class="mod_list" cellspacing="2" cellpadding= "2">
      74. <tr>
      75. <td style="padding:4px;">
      76. <form action="?a=min" method="post">
      77. Zoek speler:
      78. <input type="text" name="user"/>
      79. <input type="submit" value="Zoek" class="mod_submit"/>
      80. </form>
      81. </td>
      82. </tr>
      83. <table width="100%" class="mod_list" cellspacing="2" cellpadding= "2">
      84. <tr>
      85. <td width="20" align="center"><a href="?a=bvcc10"><img src="images/admin/callcredits.png" border="0" width="70" height="70"></a></td>
      86. <td width="20" align="center"><a href="?a=bvvd7"><img src="images/admin/vipdagen.png" border="0" width="70" height="70"></a></td>
      87. <td width="20" align="center"><a href="?a=pakketdienst"><img src="images/admin/pakketten.png" border="0" width="70" height="70"></a></td>
      88. <td width="20" align="center"><a href="?a=klikmissies"><img src="images/admin/klikmissies.png" border="0" width="70" height="70"></a></td>
      89. <td width="20" align="center"><a href="?a=multicheck"><img src="images/admin/multichecker.png" border="0" width="70" height="70"></a></td>
      90. </tr>
      91. <tr>
      92. <td width="20" align="center"><a href="?a=bvcc10">Callcredits</a></td>
      93. <td width="20" align="center"><a href="?a=bvvd7">Vipdagen</a></td>
      94. <td width="20" align="center"><a href="?a=pakketdienst">Pakketten</a></td>
      95. <td width="20" align="center"><a href="?a=klikmissies">Klikmissies</a></td>
      96. <td width="20" align="center"><a href="?a=multicheck">Multi Checker</a></td>
      97. </tr>
      98. <tr>
      99. <td width="20" align="center"><a href="?a=min&mode=banlijst"><img src="images/admin/banlijst.png" border="0" width="70" height="70"></a></td>
      100. <td width="20" align="center"><a href="?a=min&mode=Mlist"><img src="images/admin/mutelijst.png" border="0" width="70" height="70"></a></td>
      101. <td width="20" align="center"><a href="?a=chatkick"><img src="images/admin/chatkick.png" border="0" width="70" height="70"></a></td>
      102. <td width="20" align="center"><a href="?a=min&mode=chatlog"><img src="images/admin/chatlogs.png" border="0" width="70" height="70"></a></td>
      103. <td width="20" align="center"><a href="?a=crewchat"><img src="images/admin/crewchat.png" border="0" width="70" height="70"></a></td>
      104. </tr>
      105. <tr>
      106. <td width="20" align="center"><a href="?a=min&mode=banlijst">Banlijst</a></td>
      107. <td width="20" align="center"><a href="?a=min&mode=Mlist">Mutelijst</a></td>
      108. <td width="20" align="center"><a href="?a=chatkick">Chatkick</a></td>
      109. <td width="20" align="center"><a href="?a=min&mode=chatlog">Chatlogs</a></td>
      110. <td width="20" align="center"><a href="?a=crewchat">Crewchat</a></td>
      111. </tr>
      112. <tr>
      113. <td width="20" align="center"><a href="?a=crewmessage"><img src="images/admin/crewbericht.png" border="0" width="70" height="70"></a></td>
      114. <td width="20" align="center"><a href="?a=berichtencheck"><img src="images/admin/berichten.png" border="0" width="70" height="70"></a></td>
      115. <td width="20" align="center"><a href="?a=min&mode=spambox"><img src="images/admin/spambox.png" border="0" width="70" height="70"></a></td>
      116. <td width="20" align="center"><a href="?a=werkblok"><img src="images/admin/werkblok.png" border="0" width="70" height="70"></a></td>
      117. <? if($data->kerstlogo == 0){?><td width="20" align="center"><a href="?a=kerstlogoaan"><img src="images/admin/kerstlogo.png" border="0" width="70" height="70"></a></td>
      118. <?} if($data->kerstlogo == 1){?><td width="20" align="center"><a href="?a=kerstlogouit"><img src="images/admin/kerstlogo.png" border="0" width="70" height="70"></a></td><?}?>
      119. </tr>
      120. <tr>
      121. <td width="20" align="center"><a href="?a=crewmessage">Crewbericht</a></td>
      122. <td width="20" align="center"><a href="?a=berichtencheck">Berichten</a></td>
      123. <td width="20" align="center"><a href="?a=min&mode=spambox">Spambox</a></td>
      124. <td width="20" align="center"><a href="?a=werkblok">Werkblok</a></td>
      125. <? if($data->kerstlogo == 0){?><td width="20" align="center"><a href="?a=kerstlogoaan">Kerstlogo aanzetten</a></td>
      126. <?} if($data->kerstlogo == 1){?><td width="20" align="center"><a href="?a=kerstlogouit">Kerstlogo uitzetten</a></td><?}?>
      127. </tr>
      128. <tr>
      129. <td width="20" align="center"><a href="?a=nieuwsbrief"><img src="images/admin/nieuwsbrief.png" border="0" width="70" height="70"></a></td>
      130. <td width="20" align="center"><a href="?a=resett"><img src="images/admin/spelresetten.png" border="0" width="70" height="70"></a></td>
      131. <?
      132. //superadmin opties
      133. if($SA){
      134. ?>
      135. <td width="20" align="center"><a href="?a=min&mode=dlog"><img src="images/admin/donatielogs.png" border="0" width="70" height="70"></a></td>
      136. <?}?>
      137. </tr>
      138. <tr>
      139. <td width="20" align="center"><a href="?a=nieuwsbrief">Nieuwsbrief</a></td>
      140. <td width="20" align="center"><a href="?a=resett">Spel Resetten</a></td>
      141. <?
      142. //superadmin opties
      143. if($SA){
      144. ?>
      145. <td width="20" align="center"><a href="?a=min&mode=dlog">Donatielogs</a></td>
      146. <?}?>
      147. </tr>
      148. </table>
      149. </div>
      150. <table width='100%' cellspacing='0' cellpadding='0'>
      151. <tr>
      152. <td class='content_bottom'></td>
      153. </tr>
      154. </table>
      155. <div class="resultwin">
      156. <?
      157. //includes
      158. if (isset ($_POST['user'])){
      159. include('admin/search.php');
      160. }
      161. if ($_GET['mode'] == "chatlog" && !isset ($_POST['afzender'])){
      162. include('admin/chatlogs.php');
      163. }
      164. if ($_GET['mode'] == "Mlist" && !isset ($_POST['user'])){
      165. include('admin/mutelist.php');
      166. }
      167. if ($_GET['mode'] == "clean"){
      168. include('admin/clean.php');
      169. }
      170. if ($_GET['mode'] == "viewedit"){
      171. include('admin/viewedit.php');
      172. }
      173. if ($_GET['mode'] == "MUTE"){
      174. include('admin/mute.php');
      175. }
      176. if ($_GET['mode'] == "dlog" && $SA == true){
      177. include('admin/donatelog.php');
      178. }
      179. if ($_GET['mode'] == "spambox"){
      180. include('admin/spambox.php');
      181. }
      182. if ($_GET['mode'] == "banlijst" && !isset ($_POST['user'])){
      183. include('admin/banlist.php');
      184. }
      185. if ($_GET['mode'] == "msg" && !isset ($_POST['user'])){
      186. include('admin/usermessage.php');
      187. }
      188. if ($_GET['mode'] == "BAN"){
      189. include('admin/ban.php');
      190. }
      191. if ($_GET['mode'] == "edit"){
      192. include('admin/useredit.php');
      193. }
      194. ?>
      195. </div>
      196. </div>
      197. </td>
      198. </tr>
      199. </table>
      200. </td>
      201. <?
      202. }
      203. ?>
      Display All
    • Dit is Shearch.php, volgens mij staat hier het wachtwoord niet in.

      Source Code

      1. ​<?
      2. if (!defined('include')) {
      3. echo 'hacking attempt...';
      4. exit;
      5. }
      6. $find = $_POST['user'];
      7. $res = $connection->query("SELECT * FROM `users` WHERE `login` LIKE '$find%' LIMIT 20");
      8. print "<table width='100%'>";
      9. print "<tr>";
      10. print "<td>ID:</td>";
      11. print "<td>Login:</td>";
      12. print "<td></td>";
      13. print "<td></td>";
      14. print "<td></td>";
      15. print "<td></td>";
      16. print "<td></td>";
      17. print "</tr>";
      18. while ($datas = mysqli_fetch_object($res)) {
      19. print "<tr>";
      20. print "<td>".$datas->id."</td>";
      21. print "<td><a href='?a=profile&x=".$datas->id."'>".$datas->login."</a></td>";
      22. print "<td><a href='?a=min&mode=edit&x=".$datas->id."'>stats</a></td>";
      23. print "<td><a href='?a=min&mode=msg&x=".$datas->id."'>Verwijder berichten</a></td>";
      24. print "<td><a href='?a=min&mode=clean&x=".$datas->id."'>Clean Profile</a></td>";
      25. print "<td><a href='?a=min&mode=MUTE&x=".$datas->id."'>Muten</a></td>";
      26. print "<td><a href='?a=min&mode=BAN&x=".$datas->id."'>Verbannen</a></td>";
      27. print "</tr>";
      28. }
      29. print "</table>";
      30. ?>
      Display All