Wysłany: 24-08-2010, 22:39 Błędy typu FPD (Dzisiejszy zbiór ^^)
Witam,
dzisiaj poświęciłem chwilkę czasu aby poszukać jakiś błędów, okazała się że na mfo jest mnóstwo błędów typu Full Path Disclosure - może nie są to jakieś straszliwie groźne błędy ale przy złożonych atakach (bardziej skomplikowanych) mogą się przydać
Tutaj lista, wszystko zapisywałem w notatniku więc tutaj wrzucam do kodu
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-
http://w1.my-fantasy.net/map.php?p[]=move
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
+ Query error
-=-=-=-=-=-=-
http://w1.my-fantasy.net/map.php?p[]=map
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
+ Query error
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/services.php?p[]=charge
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/services.php?p[]=log
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/services.php?p[]=error
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
Warning: preg_match() expects parameter 2 to be string, array given in /home/mfo/public_html/logic/services/error.php on line 2
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/items.php?p[]=armor
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/items.php?p[]=items
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/items.php?p[]=gems
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/ai.php?p[]=settings
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/ai.php?p[]=edit
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/challenge.php?p[]=fights
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
Warning: Illegal offset type in /home/mfo/public_html/logic/teams/team.php on line 15
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/teams.php?p[]=challenges
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/teams.php?p[]=fights
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/teams.php?p[]=teams
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/mfo/public_html/logic/messages/write.php on line 43
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/cups.php?p[]=fights
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/cups.php?p[]=yours
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/cups.php?p[]=private
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/cups.php?p[]=public
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/cups/show.php on line 64
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/cups/show.php on line 67
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/market.php?p[]=search
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/market.php?p[]=observed
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/profile.php?p[]=edit
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/profile.php?p[]=show
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/search.php?p[]=player
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/search.php?p[]=team
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/search/player.php on line 51
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/search/player.php on line 54
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/search/team.php on line 11
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/search/team.php on line 14
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/rank.php?p[]=players
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
Warning: array_key_exists() [function.array-key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/rank/players.php on line 3
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/faq.php?p[]=mirabar.eu
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/regulamin.php?p[]=gm
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/pp.php?p[]=logs
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/pp.php?p[]=info
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
http://w1.my-fantasy.net/pp.php?p[]=about
Warning: key_exists() [function.key-exists]: The first argument should be either a string or an integer in /home/mfo/public_html/logic/overall_header.php on line 53
-=-=-=-=-=-=-=-
Większość opiera się na tym samym pliku overall_header.php
Prawdopodobnie powodem jest złe filtrowanie co poniektórych zmiennych na obecność tablic (brak rzutowania typów).
A czy wiesz co one oznaczają?
A czy jakikolwiek Windows jest bez błędów? Czy cokolwiek na świecie jest wolne od błędów?
Wątpię. Zawsze coś tam może być lepsze, dokładniejsze ...
_________________ 1. Dajcie mi nick a znajdę na niego paragraf
2. Jeżeli masz mi coś do zarzucenia wiedz, że Twoje poczynanie będzie skutkowało zablokowaniem kilku kont z najbliższego grona (oczywiście uzasadnione).
a tam dużo tego nie było, znacznie mniej groźne od ostatniego zgłoszenia (tamtego nie umieszczałem na forum bowiem ktoś mógłby z niego skorzystać - wykradanie danych do logowania użytkowników poprzez wejście do mnie na profil )
Nie możesz pisać nowych tematów Nie możesz odpowiadać w tematach Nie możesz zmieniać swoich postów Nie możesz usuwać swoich postów Nie możesz głosować w ankietach
Regulamin Forum
)