[GTE] DB Passwords RevCMS [Un-Hashed]

Pocket

Original
Aug 20, 2012
123
14
Okay, So with my Gold Tree Emulator the passwords don't seem to be hashing.. They show up in the database as the normal password, I've tried reseting the db, importing Phoenix DB and Using the PHX to GTE Update.. any sqls i should run I'm using IIS/Navicat/RevCMS/Gold Tree Emulator if that helps..
 

Pocket

Original
Aug 20, 2012
123
14
Get me your RevCMS app/class.core.

<?php

namespace Revolution;
if(!defined('IN_INDEX')) { die('Sorry, you cannot access this file.'); }
class core implements iCore
{

final public function CheckIfVoted($ip) {
$url = ' ' . $ip;
$context = stream_context_create(array('http' => array('timeout' => 5)));
$data = @file_get_contents($url, 0, $context);

if(!$data || !is_numeric($data)) {
return "[ERROR] System Failure in voting system.";
} else if ($data == 1 || $data == 2) {
return "";
} else {
return '<form action=" " method="post" name="votingform">
<input type="hidden" name="api_url" value=" " />
</form>
<script language="javascript">setTimeout("document.forms[\'votingform\'].submit()",0);</script>';
exit;
}
}

final public function getOnline()
{
global $engine;
return $engine->result("SELECT users_online FROM server_status");
}

final public function getStatus()
{
global $engine;
return $engine->result("SELECT status FROM server_status");
}

final public function systemError($who, $txt)
{
die('<b>' . $who . ' - RevCMS: </b><br /> <center>' . $txt . '</center>');
}

final public function handleCall($k)
{
global $users, $template, $_CONFIG;

if($_CONFIG['hotel']['in_maint'] == false)
{
if(!isset($_SESSION['user']['id']))
{
switch($k)
{
case "index":
case null:
case "login":
$users->login();
break;

case "register":
$users->register();
break;

case "forgot":
$users->forgotten();
break;

case "maintenance":
case "ToS":
//
break;

case "me":
case "account":
case "news":
header('Location: '.$_CONFIG['hotel']['url'].'/index');
exit;
break;

default:
//Nothing
break;
}
}
else
{
if($_SESSION['user']['ip_last'] != $_SERVER['REMOTE_ADDR'])
{
header('Location: '.$_CONFIG['hotel']['url'].'/logout');
}

switch($k)
{
case "index":
case null:
header('Location: '.$_CONFIG['hotel']['url'].'/me');
exit;
break;

case "register":
header('Location: '.$_CONFIG['hotel']['url'].'/me');
exit;
break;

case "forgot":
header('Location: '.$_CONFIG['hotel']['url'].'/me');
exit;
break;

case "client":
$users->createSSO($_SESSION['user']['id']);
$users->updateUser($_SESSION['user']['id'], 'ip_last', $_SERVER['REMOTE_ADDR']);
$template->setParams('sso', $users->getInfo($_SESSION['user']['id'], 'auth_ticket'));
break;

case "help":
$users->help();
break;

case "account":
$users->updateAccount();
break;

default:
//nothing
break;
}
}
}
elseif($_GET['url'] != 'maintenance')
{
header('Location: '.$_CONFIG['hotel']['url'].'/maintenance');
exit;
}
}

final public function handleCallHK($k)
{
global $users, $engine, $_CONFIG;

if($_SESSION["in_hk"] != true)
{
if(isset($_SESSION['user']['id']))
{
if($k == 'login')
{
$users->loginHK();
}
else
{
header("Location:".$_CONFIG['hotel']['url']."/ase/login");
exit;
}
}
else
{
header("Location:".$_CONFIG['hotel']['url']."/index");
exit;
}
}
else
{
if(!isset($k))
{
header("Location:".$_CONFIG['hotel']['url']."/ase/dash");
exit;
}
else
{
if($k == 'balist')
{

if(isset($_GET["unban"]))
{
$user = $engine->secure($_GET["unban"]);
$engine->query("DELETE FROM bans WHERE id = '" . $user . "'");
header("Location: ".$_CONFIG['hotel']['url']."/ase/banlist");
exit;
}
}
}
}
}

final public function hashed($password)
{
return $password;
}
}
?>
 

Pocket

Original
Aug 20, 2012
123
14
<?php

namespace Revolution;
if(!defined('IN_INDEX')) { die('Sorry, you cannot access this file.'); }
class core implements iCore
{

final public function CheckIfVoted($ip) {
$url = ' ' . $ip;
$context = stream_context_create(array('http' => array('timeout' => 5)));
$data = @file_get_contents($url, 0, $context);

if(!$data || !is_numeric($data)) {
return "[ERROR] System Failure in voting system.";
} else if ($data == 1 || $data == 2) {
return "";
} else {
return '<form action=" " method="post" name="votingform">
<input type="hidden" name="api_url" value=" " />
</form>
<script language="javascript">setTimeout("document.forms[\'votingform\'].submit()",0);</script>';
exit;
}
}

final public function getOnline()
{
global $engine;
return $engine->result("SELECT users_online FROM server_status");
}

final public function getStatus()
{
global $engine;
return $engine->result("SELECT status FROM server_status");
}

final public function systemError($who, $txt)
{
die('<b>' . $who . ' - RevCMS: </b><br /> <center>' . $txt . '</center>');
}

final public function handleCall($k)
{
global $users, $template, $_CONFIG;

if($_CONFIG['hotel']['in_maint'] == false)
{
if(!isset($_SESSION['user']['id']))
{
switch($k)
{
case "index":
case null:
case "login":
$users->login();
break;

case "register":
$users->register();
break;

case "forgot":
$users->forgotten();
break;

case "maintenance":
case "ToS":
//
break;

case "me":
case "account":
case "news":
header('Location: '.$_CONFIG['hotel']['url'].'/index');
exit;
break;

default:
//Nothing
break;
}
}
else
{
if($_SESSION['user']['ip_last'] != $_SERVER['REMOTE_ADDR'])
{
header('Location: '.$_CONFIG['hotel']['url'].'/logout');
}

switch($k)
{
case "index":
case null:
header('Location: '.$_CONFIG['hotel']['url'].'/me');
exit;
break;

case "register":
header('Location: '.$_CONFIG['hotel']['url'].'/me');
exit;
break;

case "forgot":
header('Location: '.$_CONFIG['hotel']['url'].'/me');
exit;
break;

case "client":
$users->createSSO($_SESSION['user']['id']);
$users->updateUser($_SESSION['user']['id'], 'ip_last', $_SERVER['REMOTE_ADDR']);
$template->setParams('sso', $users->getInfo($_SESSION['user']['id'], 'auth_ticket'));
break;

case "help":
$users->help();
break;

case "account":
$users->updateAccount();
break;

default:
//nothing
break;
}
}
}
elseif($_GET['url'] != 'maintenance')
{
header('Location: '.$_CONFIG['hotel']['url'].'/maintenance');
exit;
}
}

final public function handleCallHK($k)
{
global $users, $engine, $_CONFIG;

if($_SESSION["in_hk"] != true)
{
if(isset($_SESSION['user']['id']))
{
if($k == 'login')
{
$users->loginHK();
}
else
{
header("Location:".$_CONFIG['hotel']['url']."/ase/login");
exit;
}
}
else
{
header("Location:".$_CONFIG['hotel']['url']."/index");
exit;
}
}
else
{
if(!isset($k))
{
header("Location:".$_CONFIG['hotel']['url']."/ase/dash");
exit;
}
else
{
if($k == 'balist')
{

if(isset($_GET["unban"]))
{
$user = $engine->secure($_GET["unban"]);
$engine->query("DELETE FROM bans WHERE id = '" . $user . "'");
header("Location: ".$_CONFIG['hotel']['url']."/ase/banlist");
exit;
}
}
}
}
}

final public function hashed($password)
{
return $password;
}
}
?>
EDIT:
So i Just looked over an old RevCMS i use and i noticed at the bottom it says " return md5($password); " unlike the spoiler should i change that?
EDIT2: Yeah, i Changed it and it worked, Thanks for that Just needed toknow where to look :p
 

Data

Posting Freak
May 19, 2013
593
97
EDIT:
So i Just looked over an old RevCMS i use and i noticed at the bottom it says " return md5($password); " unlike the spoiler should i change that?
EDIT2: Yeah, i Changed it and it worked, Thanks for that Just needed toknow where to look :p
Yeah that was it, sorry about late reply was out..
 

Users who are viewing this thread

Top