- ARCHIVES
- » First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] :arrow: TinyMC
Pages: 12
First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] :arrow: TinyMC
- rudyhartadi
- » FTalker
119
0
1969-12-31
First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] :arrow: TinyMC
First, i want to say sorry if this post is unuseful,
and sorry for the mods, i've post this on my regional section.
and i'm not guarantee that this trick would work 100%,
[b]Credit[/b] 
TinyMCE JavaScript Content Editor for the Javascript-PHP Header
[b]REQUIREMENTS:[/b]
1. Web/file hosting that support php file
2. No php script knowledge (i guess 
)
[b]Here is the php file code[/b]
[spoiler]
<?
$basename='http://profiles.friendster.com';
$url=array();
//edit these url, but don't include '/user.php' please
$url[0]=$basename.'/[b][color=blue]0000000[/color][/b]';//uid
$url[1]=$basename.'/user.php?uid=[b][color=blue]000000[/color][/b]';//uid
$url[2]=$basename.'/[b][color=blue]asdfgh[/color][/b]';//personalized url
//end edit
$referer=$_SERVER['HTTP_REFERER'];
function cekReferer(){
global $url,$referer;
foreach($url as $key=>$value){
if($referer===$value) return true;
}
return false;
}
if(!cekReferer()){
//this file is directly accessed, give the 403 error page
//you may edit this section, write your message for the ripper(maybe)
//uncomment if you just want to redirect to your profile
//header('location:'.$url[0]);
//this example would output the 403 Forbidden Page
?>
[b][color=blue]<html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1>You don't have permission to access <? echo $_SERVER['PHP_SELF'] ?> on this server.<hr /></body></html>[/color][/b]
<?
} else {
//don't remove the header, if you remove it, your script won't work
header("Content-type:text/javascript;charset:UTF-8");
//this line below is to inject your script, you may edit it
//you also can directly write all your js code here, very recommended
?>[b][color=blue]
a='URL FILE JS';
b=document.createElement('script');
b.type='text/javascript';
b.src=a;
document.getElementsByTagName('head')[0].appendChild(b);[/color][/b]
<? } ?>
[/spoiler]
edit the blue text,
there are 3 part of the blue text:
[b]1. the profile url[/b]
follow the rule in the commented text
[b]2. the error page[/b]
This is where you can write your html code to warn the viewer of your script or the ripper maybe.
Here you also can write the code to redirect to your profile, or just uncomment this line [b]header('location:'.$url[0]);[/b]
The default is output the 403 Forbidden Page
[b]3. the javascript code[/b]
in this tutorial, i put the js injector for one file, if you use more than one file, you may edit it first, or i think directly write the script here is good
[b]The Minus[/b]
you can't open your profile via /user.php
That's all,
i know this tutorial isn't explainable,
i'm sorry for my english,
if you're indonesian (or malaysian maybe), [url=http://theftalk.com/t34167-%7BTUTORIAL%7D-PHP-JavaScript-Injector---Another-way-to-secure-your-script.html]read this post[/url] is very helpfull
goodluck all,
oh ya, the preview [url=http://profiles.friendster.com/44348601]here[/url]
if the preview works,
can you find where is the wvm code written?
thanks,
TinyMCE JavaScript Content Editor for the Javascript-PHP Header
[b]REQUIREMENTS:[/b]
1. Web/file hosting that support php file
2. No php script knowledge (i guess )
[b]Here is the php file code[/b]
[spoiler]
<?
$basename='http://profiles.friendster.com';
$url=array();
//edit these url, but don't include '/user.php' please
$url[0]=$basename.'/[b][color=blue]0000000[/color][/b]';//uid
$url[1]=$basename.'/user.php?uid=[b][color=blue]000000[/color][/b]';//uid
$url[2]=$basename.'/[b][color=blue]asdfgh[/color][/b]';//personalized url
//end edit
$referer=$_SERVER['HTTP_REFERER'];
function cekReferer(){
global $url,$referer;
foreach($url as $key=>$value){
if($referer===$value) return true;
}
return false;
}
if(!cekReferer()){
//this file is directly accessed, give the 403 error page
//you may edit this section, write your message for the ripper(maybe)
//uncomment if you just want to redirect to your profile
//header('location:'.$url[0]);
//this example would output the 403 Forbidden Page
?>
[b][color=blue]<html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1>You don't have permission to access <? echo $_SERVER['PHP_SELF'] ?> on this server.<hr /></body></html>[/color][/b]
<?
} else {
//don't remove the header, if you remove it, your script won't work
header("Content-type:text/javascript;charset:UTF-8");
//this line below is to inject your script, you may edit it
//you also can directly write all your js code here, very recommended
?>[b][color=blue]
a='URL FILE JS';
b=document.createElement('script');
b.type='text/javascript';
b.src=a;
document.getElementsByTagName('head')[0].appendChild(b);[/color][/b]
<? } ?>
[/spoiler]
edit the blue text,
there are 3 part of the blue text:
[b]1. the profile url[/b]
follow the rule in the commented text
[b]2. the error page[/b]
This is where you can write your html code to warn the viewer of your script or the ripper maybe.
Here you also can write the code to redirect to your profile, or just uncomment this line [b]header('location:'.$url[0]);[/b]
The default is output the 403 Forbidden Page
[b]3. the javascript code[/b]
in this tutorial, i put the js injector for one file, if you use more than one file, you may edit it first, or i think directly write the script here is good
[b]The Minus[/b]
you can't open your profile via /user.php
That's all,
i know this tutorial isn't explainable,
i'm sorry for my english,
if you're indonesian (or malaysian maybe), [url=http://theftalk.com/t34167-%7BTUTORIAL%7D-PHP-JavaScript-Injector---Another-way-to-secure-your-script.html]read this post[/url] is very helpfull
goodluck all,
oh ya, the preview [url=http://profiles.friendster.com/44348601]here[/url]
if the preview works,
can you find where is the wvm code written?
thanks,
Last edited by rudyhartadi (2008-06-10 06:20:32)
 |
- rudyhartadi
- » FTalker
- 119
- 0
- 1969-12-31
Re: First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] :arrow: TinyMC
[quote=mhedge]hoW can i use thut??
[/quote]
just copy the php code, edit the blue text, save, then upload it, then use it as your main script (script that called via the linker),
if you follow the tutorial step by step, i think you can do it 
i hope you understand it,
thanks,
[/quote]
just copy the php code, edit the blue text, save, then upload it, then use it as your main script (script that called via the linker),
if you follow the tutorial step by step, i think you can do it
i hope you understand it,
thanks,
|
- mhedge
- » FTalkGeek
- 1027
- 0
- 1969-12-31
Re: First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] :arrow: TinyMC
ok.. it's noW clear.. oppss very very clear.. 
nice code...
nice code...
|
- cklahrckiey
- » FTalkFreak
- 1891
- 0
- 1969-12-31
Re: First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] :arrow: TinyMC
where's the php? 
all i see in your preview is a layout.... 
all i see in your preview is a layout....
|
- rudyhartadi
- » FTalker
- 119
- 0
- 1969-12-31
Re: First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] :arrow: TinyMC
@cklahrckiey
yup, in the preview, i focused on the layout,
if the script work, there will be an alert box,
the question is, can you find the url of file that the alert code is written?
the php file is [url=http://h1.ripway.com/rudyhartadi/smp25/js-link.php]here[/url]
i recommend to use firefox.
|
- dale
- » FTalkAgent
- 2122
- 0
- 1969-12-31
Re: First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] :arrow: TinyMC
[quote=rudyhartadi]@cklahrckiey
yup, in the preview, i focused on the layout,
if the script work, there will be an alert box,
the question is, can you find the url of file that the alert code is written?
the php file is here
i recommend to use firefox.[/quote]
ur preview is not working..
|
- mhedge
- » FTalkGeek
- 1027
- 0
- 1969-12-31
Re: First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] :arrow: TinyMC
[quote=dale]ur preview is not working..[/quote]
check the code it's working=) 
[/quote]
check the code it's working=)
|
- Ephemeral
- » FTalkElite
- 4669
- 0
- 1969-12-31
Re: First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] :arrow: TinyMC
I think the proper title of this is JavaScript Encryption Through PHP right? Not How to Inject JavaScript via PHP. Just clarifying...
Last edited by Ephemeral (2008-06-04 06:15:27)
|
- mhedge
- » FTalkGeek
- 1027
- 0
- 1969-12-31
Re: First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] :arrow: TinyMC
[quote=Ephemeral]I the proper title of this is JavaScript Encryption Through PHP right? Not How to Inject JavaScript via PHP. Just clarifying...[/quote]
so he is Wrong
|
- rudyhartadi
- » FTalker
- 119
- 0
- 1969-12-31
Re: First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] :arrow: TinyMC
[quote=mhedge]what linker i will use?? css or js linker?? 
[/quote]
js linker of course,
[quote=eehjhay]Where should this php code be inserted?[/quote]
this php file actually is your external js file,
just write your js code, then add the php code, then save it as php file instead of js file
[quote=Ephemeral]I think the proper title of this is JavaScript Encryption Through PHP right? Not How to Inject JavaScript via PHP. Just clarifying...[/quote]
, i don't know where is the best title, i'm still a newbie,
btw, if u think that should be the best, let's change it,
@other
i'm sorry if my preview is not working,
i'm rarely online now,
so maybe there is an error or maybe my linker is not up to date,
today, i've fix it,
sorry for u all, if this trick won't work on yours,
sorry if this post is unusefull,
btw thanks,
[/quote]
js linker of course,
[quote=eehjhay]Where should this php code be inserted?[/quote]
this php file actually is your external js file,
just write your js code, then add the php code, then save it as php file instead of js file
[quote=Ephemeral]I think the proper title of this is JavaScript Encryption Through PHP right? Not How to Inject JavaScript via PHP. Just clarifying...[/quote]
, i don't know where is the best title, i'm still a newbie,
btw, if u think that should be the best, let's change it,
@other
i'm sorry if my preview is not working,
i'm rarely online now,
so maybe there is an error or maybe my linker is not up to date,
today, i've fix it,
sorry for u all, if this trick won't work on yours,
sorry if this post is unusefull,
btw thanks,
|
- feruzz
- » Banned
- 1557
- 0
- 1969-12-31
Re: First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] :arrow: TinyMC
I still can view the source code of PHP with this trick 
|
- rudyhartadi
- » FTalker
- 119
- 0
- 1969-12-31
Re: First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] :arrow: TinyMC
[quote=feruzz]I still can view the source code of PHP with this trick [/quote]
haha, you're the master,
btw, how?
[/quote]
haha, you're the master,
btw, how?
Last edited by rudyhartadi (2008-06-10 06:46:06)
|
- feruzz
- » Banned
- 1557
- 0
- 1969-12-31
Re: First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] :arrow: TinyMC
^ its easy to view the source but for newbie its so hard 
Last edited by feruzz (2008-06-10 06:47:10)
|
- rudyhartadi
- » FTalker
- 119
- 0
- 1969-12-31
Re: First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] :arrow: TinyMC
[quote=feruzz]^ its easy to view the source but for newbie its so hard [/quote]
beuh,
some question, the php code or the js code?
is you use google?
or there are friendster module that can be used?
btw bang, can i use your comment linker? 
[/quote]
beuh,
some question, the php code or the js code?
is you use google?
or there are friendster module that can be used?
btw bang, can i use your comment linker?
|
- feruzz
- » Banned
- 1557
- 0
- 1969-12-31
Re: First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] :arrow: TinyMC
^ just use a notepad & common sense
[quote=rudyhartadi]btw bang, can i use your comment linker?[/quote]
sure you can as long as you ask permission
[quote=rudyhartadi]btw bang, can i use your comment linker?[/quote]
sure you can as long as you ask permission
|
- m0g0l
- » FTalker
- 129
- 0
- 1969-12-31
Re: First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] :arrow: TinyMC
hahaha!! THANKS !! nice share!! but me too, even it is inserted in .swf or .php, i can stiLL see your javascript files!t.. take note of this, a hacker wiLL always find ways to hack!!..
hehe...
@bro feruzz, how didi you do that your javascript code is in an extension of .png? wow! your reaLLy such a master code!!! idoL!!
THANKS !! nice share!! but me too, even it is inserted in .swf or .php, i can stiLL see your javascript files!t.. take note of this, a hacker wiLL always find ways to hack!!.. hehe...
@bro feruzz, how didi you do that your javascript code is in an extension of .png? wow! your reaLLy such a master code!!! idoL!!
|