Sitedeki açik

DisLanZe Süleyman Akyıldız

selamun aleyküm arkadaşlar bu 2 dosyada açik gözikiyo nasil düzeltebilirim ?
php sürümüm : 5.3.3
coklu.php

Kod:
<?php
ob_start();
set_time_limit(0);
error_reporting(0);
echo '<form method="post" action="">
Defacer : <input type="text" name="defacer"><br><br>
<textarea name="siteler" cols="60" rows="7"></textarea><br>
<input type="submit" value="Postala">
</form></center>';
if($_POST){
$defacer = htmlspecialchars($_POST['defacer']);
$siteler = explode("\n",$_POST['siteler']);
foreach($siteler as $yenisiteler){
$trim=trim($yenisiteler);
$trim = htmlspecialchars($trim);
$exec = trim(file_get_contents("http://hack3rz.org/mass.php?hacker=$defacer&domain=$trim"));


if(!$exec==""){
$hata01 = 'Hacker Adi veya Site Adresi Bos Olmamali.';
$hata02 = 'Kaynak Okunamadi.';
$hata03 = 'Bu kaydi Bu hacker daha onceden almis.';
$hata04 = 'Kayit basarili';
$hata05 = 'Kayit Basarisiz.';
$hata06 = 'Sunucuda Problem Var.';
$hata07 = 'icerikte index Bulunamadi..';

if($exec=="01"){
echo ''.$trim.' - '.$hata01.'<br>';
}elseif($exec=="02"){
echo ''.$trim.' - '.$hata02.'<br>';
}elseif($exec=="03"){
echo ''.$trim.' - '.$hata03.'<br>';
}elseif($exec=="04"){
echo ''.$trim.' - '.$hata04.'<br>';
}elseif($exec=="05"){
echo ''.$trim.' - '.$hata05.'<br>';
}elseif($exec=="06"){
echo ''.$trim.' - '.$hata06.'<br>';
}elseif($exec=="07"){
echo ''.$trim.' - '.$hata07.'<br>';
}else{
echo 'harbi hata';
}
ob_flush();
flush();
}
}

}




?>

mass.php

Kod:
<?php
session_start();
$_SESSION['ddos_sessionu'] = 1;
$hacker = strip_tags(addslashes(trim($_REQUEST['hacker'])));
$domain = strip_tags(trim($_REQUEST['domain']));
if($hacker=="BaronHackTeam"){
echo 'bu kisinin bu siteden mass kayit almasi yasaklanmistir.';
exit();
}
//$domain = urldecode($domain);
if($hacker==""||$domain==""){
$halt = '01';
}else{
$gonder = curl_init();
curl_setopt($gonder, CURLOPT_URL, $domain);
curl_setopt($gonder, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($gonder, CURLOPT_REFERER, $domain);
curl_setopt ($gonder, CURLOPT_USERAGENT, "Mozilla 2003, that coolish version");
$data = curl_exec ($gonder);
curl_close ($gonder);



if($data==""){
$halt = '02';
}else{
$veri = array('HACKED','Hacked','defaced','HaCKeD','hijacked','hacker','Hack','Hacking','Defacer','DEFACE','Ownz','Powned','owned','Deface','Hacker','HACKER',$cikti['hacker']);
$metin = $data;
$sp = array();
foreach($veri as $veriler){
if(ereg($veriler,$metin)){
$sp[] = "var";
}
}
$say = count($sp);
if($say>0){
include "settings.php";
include "class/class.inc.php";
//$hacker = $seo->sef($hacker);
$dbo->setSql("select name from hacker where name='$hacker'")->runSql();
$varmi = $dbo->numRows();
$site = $Golge->DomainReplace($domain);
if($varmi>0){
$kontrol = control($site, $hacker);
}else{
$dbo->setSql("insert into hacker(name,h,n,g)values('$hacker','0','0','0')")->runSql();
}
if($kontrol > 0){
$halt = "03";
}else{
$data = addslashes($data);
$server = $server->os($site);
$hng = $hng->hng($domain);
$halt = $hng;
$ip = gethostbyname($site);
$zaman = date("d:m:Y - h:i:s");
$uip = $_SERVER['REMOTE_ADDR'];
$dbo->setSql("insert into 
onhold(hacker,url,kaynak,hng,os,zaman,domain,ip,user_ip)values('$hacker','$domain','$data','$hng','$server','$zaman','$site','$ip','$uip')")->runSql();
if($dbo->result()){
$table = $hng;
if($table == 0){
$table = "g";
}elseif($table==1){
$table = "h";
}else{
$table = "n";
}
$dbo->setSql("update hacker set $table = $table+1 where name = '$hacker'")->runSql();
if($dbo->result()){
$halt = '04';
}else{
$halt = "05";
}
}else{
$halt = "06";
}
}
}else{
$halt = '07';
}
}
}

echo $halt;
?>
24-09-2016 11:05

    www.Phpkodlari.com © 2009 Herkes Php öğrenecek
    Web tasarım ve eğitim kaynağınız.