Ultima modifica da un moderatore:
Ragazzi vi voglio fare un regalo sicocme tutit ogni volta vogliono aprire un retro ma non è buono bèh io vi renderò opensource i miei fix e le mie aggiunte in questa discussione anche se farò più di un post Iniziamo con presentare il mio SISTEMA ANTI-HACK ciò che dovete fare è:
Creare un file PHP nella catella Admin che si chiami sistema-antihack.php e ci dovete inserire tutto questo:
Poi Sostituire il file admin.php che si trova sempre nella cartella Admin e sostituirlo con questo:
Questo è il primo di una serie dei miei lavori spero vi piaccia genera una password random e prima di accedere al vero login si deve per forza effettuare un login con la password random ma la password si può cambiare facilmente basta andare nel file admin-antihack.tpl che si genera automaticamente quando voi chiccerete su genera password in alto a destra della pagina admin.php per vedere la vostra password aprite il file tpl e vrete i vostri admin panel superprotetti!
Saluti
MisterX
- - - Updated - - -
Poi andate su dorf2.php e sostituitelo con:
Saluti
MisterX
Creare un file PHP nella catella Admin che si chiami sistema-antihack.php e ci dovete inserire tutto questo:
PHP:
<?php
if(file_exists('admin-antihack.tpl')){
echo "Mi spiace ma il file è già stato creato!";
}else{
$code = rand(1, 5675896);
$scrive = fopen("admin-antihack.tpl","w");
fwrite($scrive,$code);
fclose($scrive);
$file=fopen("admin-antihack.tpl","r");
$leggi=fread($file,filesize("admin-antihack.tpl"));
$contenuto=nl2br($leggi);
fclose($file);
if($contenuto = $code){
echo "Password Generata!!!";
}else{
echo "Siamo spiacenti ma la password NON è cambiata!";
}
}
?>
Poi Sostituire il file admin.php che si trova sempre nella cartella Admin e sostituirlo con questo:
PHP:
<?php
#################################################################################
## -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =- ##
## --------------------------------------------------------------------------- ##
## Filename admin.php ##
## Developed by: MisterX ##
## License: TraviateZ Project ##
## Copyright: TraviateZ (c) 2012-2013. All rights reserved. ##
## ##
#################################################################################
session_start();
include("../GameEngine/Database.php");
include("../GameEngine/Admin/database.php");
include("../GameEngine/config.php");
include("../GameEngine/Data/buidata.php");
class timeFormatGenerator
{
public function getTimeFormat($time)
{
$min = 0;
$hr = 0;
$days = 0;
while ($time >= 60): $time -= 60; $min += 1; endwhile;
while ($min >= 60): $min -= 60; $hr += 1; endwhile;
while ($hr >= 24): $hr -= 24; $days +=1; endwhile;
if ($min < 10)
{
$min = "0".$min;
}
if($time < 10)
{
$time = "0".$time;
}
return $days ." day ".$hr."h ".$min."m ".$time."s";
}
};
$timeformat = new timeFormatGenerator;
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<link REL="shortcut icon" HREF="favicon.ico"/>
<title>Admin Panel</title>
<link rel=stylesheet type="text/css" href="../img/admin/admin.css">
<link rel=stylesheet type="text/css" href="../img/admin/acp.css">
<link rel=stylesheet type="text/css" href="../img/img.css">
<script src="/mt-full.js?423cb" type="text/javascript"></script>
<script src="ajax.js" type="text/javascript"></script>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta http-equiv="imagetoolbar" content="no">
</head>
<body>
<script language="javascript">
function aktiv() {this.srcElement.className='fl1'; }
function inaktiv() {event.srcElement.className='fl2'; }
function del(e,id){
if(e == 'did'){ var conf = confirm('Dou you really want delete village id '+id+'?'); }
if(e == 'unban'){ var conf = confirm('Dou you really want unban player '+id+'?'); }
if(e == 'stopDel'){ var conf = confirm('Dou you really want stop deleting user '+id+'?'); }
if(conf){return true;}else{return false;}
}
</script>
<script type="text/javascript">
function showStuff(id) {
document.getElementById(id).style.display = 'block';
}
function hideStuff(id) {
document.getElementById(id).style.display = 'none';
}
</script>
<div id="ltop1">
<div style="position:relative; width:231px; height:100px; float:left;">
<img src="http://www.inforge.net/community/img/x.gif" width="1" height="1">
</div>
<img class="fl2" src="http://www.inforge.net/community/img/admin/x1.gif" width="70" height="100" border="0" onmouseover="this.className='fl1'" onmouseout="this.className='fl2'"><img class="fl2" src="http://www.inforge.net/community/img/admin/x2.gif" width="70" height="100" border="0" onmouseover="this.className='fl1'" onmouseout="this.className='fl2'"><img class="fl2" src="http://www.inforge.net/community/img/admin/x3.gif" width="70" height="100" border="0" onmouseover="this.className='fl1'" onmouseout="this.className='fl2'"><img class="fl2" src="http://www.inforge.net/community/img/admin/x4.gif" width="70" height="100" border="0" onmouseover="this.className='fl1'" onmouseout="this.className='fl2'"><img class="fl2" src="http://www.inforge.net/community/img/admin/x5.gif" width="70" height="100" border="0" onmouseover="this.className='fl1'" onmouseout="this.className='fl2'"></div>
<div id="lmidall">
<div id="lmidlc">
<div id="lleft" style="width: 160px;">
<a href="<?php echo HOMEPAGE; ?>"><img src="http://www.inforge.net/community/img/en/a/travian0.gif" class="logo_plus" width="116" height="60" border="0"></a>
<table id="navi_table" cellspacing="0" cellpadding="0" style="width: 150px;">
<tr>
<td class="menu">
<?php
if($funct->CheckLogin())
{?>
<?php
if($_SESSION['access'] == ADMIN)
{ ?>
<a href="<?php echo HOMEPAGE; ?>">Server Homepage</a>
<a href="admin.php">Control Panel Home</a>
<a href="<?php echo SERVER; ?>dorf1.php">Return to the server</a>
<a href="?p=update"><font color="Red"><b>Server Update</font></b></a>
<br />
<a href="?action=logout">Logout</a>
<br />
<a href="#"><b>Server Info</b></a>
<a href="?p=server_info">Server Info</a>
<a href="?p=online">Online Users</a>
<a href="?p=notregistered">Players Not Activated</a>
<br />
<a href="#"><b>Search</b></a>
<a href="?p=search">General Search</a>
<a href="?p=message">Search IGMs/Reports</a>
<br />
<a href="#"><b>Ban</b></a>
<a href="?p=ban">Ban/Unban Players</a>
<a href="?p=maintenence">Server Maintenence</a>
<a href="?p=cleanban">Clean Banlist Data</a>
<br />
<a href="#"><b>Gold</b></a>
<a href="?p=gold">Give All Free Gold</a>
<a href="?p=usergold">Give Free Gold To Specific User</a>
<a href="?p=maintenenceResetGold">Reset Gold</a>
<br />
<a href="#"><b>Medals</b></a>
<a href="?p=delmedal">Delete Player Medals</a>
<a href="?p=delallymedal">Delete Ally Medals</a>
<br />
<a href="#"><b>Plus</b></a>
<a href="?p=givePlus">Give All Plus</a>
<a href="?p=maintenenceResetPlus">Reset Plus</a>
<br />
<a href="#"><b>Res Bonus</b></a>
<a href="?p=givePlusRes">Give All Res Bonus</a>
<a href="?p=maintenenceResetPlusBonus">Reset Res Bonus</a>
<br />
<a href="#"><b>Natars</b></a>
<a href="?p=natarend">Add WW Villages</a>
<a href="?p=natarbuildingplan">Add WW Building Plan Villages</a>
<br />
<a href="#"><b>Admin:</b></a>
<a href="?p=admin_log"><font color="Red"><b>Admin Log</font></b></a>
<a href="?p=config">Server Settings</a>
<?php
}
else if($_SESSION['access'] == MULTIHUNTER)
{ ?>
<a href="admin.php">MCP Home</a>
<a href="<?php echo HOMEPAGE; ?>">Homepage</a>
<a href="#"></a><a href="#"></a>
<a href="?p=server_info">Server Info</a>
<a href="?p=online">Online users</a>
<a href="?p=search">Search</a>
<a href="?p=message">Msg/Rep</a>
<a href="?p=ban">Ban</a>
<a href="#"></a><a href="#"></a><a href="#"></a>
<a href="?action=logout">Logout</a><?php
}
}
?>
</td>
</tr>
</table>
</div>
<div id="lmid1">
<div id="lmid3">
<?php
if($funct->CheckLogin())
{
if($_POST or $_GET)
{
if($_GET['p'] and $_GET['p']!="search")
{
$filename = 'Templates/'.$_GET['p'].'.tpl';
if(file_exists($filename))
{
include($filename);
}
else
{
include('Templates/404.tpl');
}
}
else
{
include('Templates/search.tpl');
}
if($_POST['p'] and $_POST['s'])
{
$filename = 'Templates/results_'.$_POST['p'].'.tpl';
if(file_exists($filename))
{
include($filename);
}
else
{
include('Templates/404.tpl');
}
}
}
else
{
include('Templates/home.tpl');
}
}
else
{
?>
<form method="post" action="">
<p class="old_p1">
<table width="75%" cellspacing="1" cellpadding="0" id="profile">
<thead>
<tr>
<th colspan="2">Entra nell' Admin Login</th>
</td>
</thead>
<tr>
<td>Password:</td>
<td>
<input type="password" name="codice" value="">
</td>
</tr>
<tr>
<td colspan="2">
<center>
<input type="submit" value="Invia" />
</center>
</td>
</tr>
</tbody>
</table>
</p>
</form>
<?php
}
if(file_exists('admin-antihack.tpl')){
$file=fopen("admin-antihack.tpl","r");
$leggi=fread($file,filesize("admin-antihack.tpl"));
$contenuto=nl2br($leggi);
fclose($file);
$codice=$_POST['codice'];
if($codice == $contenuto){
include('Templates/login.tpl');
}else{
echo '<center><b>Metti la password per accedere al login del pannello Admin!</b></center>';
}
}else{
echo 'Clicca sulla scritta <b><font color="Red">Genera Password!</font></b> che trovi nel box a destra per generare una password segreta di accesso!';
}
?>
</div>
</div>
</div>
<div id="lright1">
<div class="news">
<table cellspacing="1" cellpadding="0" id="profile">
<thead>
<tr>
<th colspan="2"><b><font color="Red">Password Segreta</font></b></th>
</td>
</thead>
<tr>
<td>Puoi trovare la password segreta andando sul file: <b><font color="Green">admin-antihack.tpl</font></b> che si trova nella cartella: <b><font color="Green">Admin</font></b> che sta nella root del sito! per creare una password segreta clicca qui:</br></br><a href="sistema-antihack.php"><center><b><font color="Red">Genera Password!</font></b></center></a><font size="1" color="Green"><b>By Mister<font color="Red">X</font></b></font></td>
</tr>
</div>
</div>
<div id="ce"></div>
</div>
</body>
</html>
Questo è il primo di una serie dei miei lavori spero vi piaccia genera una password random e prima di accedere al vero login si deve per forza effettuare un login con la password random ma la password si può cambiare facilmente basta andare nel file admin-antihack.tpl che si genera automaticamente quando voi chiccerete su genera password in alto a destra della pagina admin.php per vedere la vostra password aprite il file tpl e vrete i vostri admin panel superprotetti!
Saluti
MisterX
- - - Updated - - -
FIX PER NON SUPERARE IL LIVELLO MASSIMO DI UNA STRUTTURA!!!
Nella root dei vostri file sostituite la pagina chiamata dorf1.php con questo:
PHP:
<?php
#################################################################################
## -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =- ##
## --------------------------------------------------------------------------- ##
## Filename dorf1.php ##
## Developed by: Dzoki ##
## License: TravianX Project ##
## Copyright: TravianX (c) 2010-2011. All rights reserved. ##
## ##
#################################################################################
include("GameEngine/Village.php");
$start = $generator->pageLoadTimeStart();
if(isset($_GET['ok'])){
$database->updateUserField($session->uid,'ok','0','1'); $_SESSION['ok'] = '0';
}
if(isset($_GET['newdid'])) {
$_SESSION['wid'] = $_GET['newdid'];
header("Location: ".$_SERVER['PHP_SELF']);
}else{
//INIZIO FIX CONTROLLO STRUTTURE LIVELLO MASSIMO by MisterX
$controllo = $_GET['a'];
$id = $building->canBuild($id, $bid);
if($controllo == $id){
$building->procBuild($_GET);
}
//FINE FIX CONTROLLO STRUTTURE LIVELLO MASSIMO by MisterX
}
if(isset($_GET['master']) && isset($_GET['id']) && isset($_GET['time']) && $session->gold >= 1 && $session->goldclub) {
if($session->access!=BANNED){
$level = $database->getResourceLevel($village->wid);
$database->addBuilding($village->wid, $_GET['id'], $_GET['master'], 1, $_GET['time'], 1, $level['f'.$_GET['id']] + 1 + count($database->getBuildingByField($village->wid,$_GET['id'])));
header("Location: ".$_SERVER['PHP_SELF']);
}else{
header("Location: banned.php");
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title><?php echo SERVER_NAME ?></title>
<link REL="shortcut icon" HREF="favicon.ico"/>
<meta http-equiv="cache-control" content="max-age=0" />
<meta http-equiv="pragma" content="no-cache" />
<meta http-equiv="expires" content="0" />
<meta http-equiv="imagetoolbar" content="no" />
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<script src="mt-full.js?0faaa" type="text/javascript"></script>
<script src="unx.js?0faaa" type="text/javascript"></script>
<script src="new.js?0faaa" type="text/javascript"></script>
<link href="<?php echo GP_LOCATE; ?>lang/en/compact.css?e21d2" rel="stylesheet" type="text/css" />
<link href="<?php echo GP_LOCATE; ?>lang/en/lang.css?e21d2" rel="stylesheet" type="text/css" />
<?php
if($session->gpack == null || GP_ENABLE == false) {
echo "
<link href='".GP_LOCATE."travian.css?e21d2' rel='stylesheet' type='text/css' />
<link href='".GP_LOCATE."lang/en/lang.css?e21d2' rel='stylesheet' type='text/css' />";
} else {
echo "
<link href='".$session->gpack."travian.css?e21d2' rel='stylesheet' type='text/css' />
<link href='".$session->gpack."lang/en/lang.css?e21d2' rel='stylesheet' type='text/css' />";
}
?>
<script type="text/javascript">
window.addEvent('domready', start);
</script>
</head>
<body class="v35 ie ie8">
<div class="wrapper">
<img style="filter:chroma();" src="img/x.gif" id="msfilter" alt="" />
<div id="dynamic_header">
</div>
<?php include("Templates/header.tpl"); ?>
<div id="mid">
<?php include("Templates/menu.tpl"); ?>
<div id="content" class="village1">
<h1><?php echo $village->vname; if($village->loyalty!='100'){ if($village->loyalty>'33'){ $color="gr"; }else{ $color="re"; } ?><div id="loyality" class="<?php echo $color; ?>"><?php echo LOYALTY; ?> <?php echo floor($village->loyalty); ?>%</div><?php } ?></h1>
<?php include("Templates/field.tpl");
$timer = 1;
?>
<div id="map_details">
<?php
include("Templates/movement.tpl");
include("Templates/production.tpl");
include("Templates/troops.tpl");
if($building->NewBuilding) {
include("Templates/Building.tpl");
}
?>
</div>
</br></br></br></br><div id="side_info">
<?php
include("Templates/multivillage.tpl");
include("Templates/quest.tpl");
include("Templates/news.tpl");
include("Templates/links.tpl");
?>
</div>
<div class="clear"></div>
</div>
<div class="footer-stopper"></div>
<div class="clear"></div>
<?php
include("Templates/footer.tpl");
include("Templates/res.tpl");
?>
<div id="stime">
<div id="ltime">
<div id="ltimeWrap">
<?php echo CALCULATED_IN;?> <b><?php
echo round(($generator->pageLoadTimeEnd()-$start)*1000);
?></b> ms
<br /><?php echo SEVER_TIME;?> <span id="tp1" class="b"><?php echo date('H:i:s'); ?></span>
</div>
</div>
</div>
<div id="ce"></div>
</body>
</html>
Poi andate su dorf2.php e sostituitelo con:
PHP:
<?php
#################################################################################
## -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =- ##
## --------------------------------------------------------------------------- ##
## Filename dorf2.php ##
## Developed by: Dzoki ##
## License: TravianX Project ##
## Copyright: TravianX (c) 2010-2011. All rights reserved. ##
## ##
#################################################################################
include("GameEngine/Village.php");
$start = $generator->pageLoadTimeStart();
if(isset($_GET['newdid'])) {
$_SESSION['wid'] = $_GET['newdid'];
header("Location: ".$_SERVER['PHP_SELF']);
}else{
//INIZIO FIX CONTROLLO STRUTTURE LIVELLO MASSIMO by MisterX
$controllo = $_GET['a'];
$id = $building->canBuild($id, $bid);
if($controllo == $id){
$building->procBuild($_GET);
}
//FINE FIX CONTROLLO STRUTTURE LIVELLO MASSIMO by MisterX
}
if(isset($_GET['master']) && isset($_GET['id']) && isset($_GET['time']) && $session->gold >= 1 && $session->goldclub) {
if($session->access!=BANNED){
$level = $database->getResourceLevel($village->wid);
$database->addBuilding($village->wid, $_GET['id'], $_GET['master'], 1, $_GET['time'], 1, $level['f'.$_GET['id']] + 1 + count($database->getBuildingByField($village->wid,$_GET['id'])));
header("Location: ".$_SERVER['PHP_SELF']);
}else{
header("Location: banned.php");
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title><?php echo SERVER_NAME ?></title>
<link REL="shortcut icon" HREF="favicon.ico"/>
<meta http-equiv="cache-control" content="max-age=0" />
<meta http-equiv="pragma" content="no-cache" />
<meta http-equiv="expires" content="0" />
<meta http-equiv="imagetoolbar" content="no" />
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<script src="mt-full.js?0faaa" type="text/javascript"></script>
<script src="unx.js?0faaa" type="text/javascript"></script>
<script src="new.js?0faaa" type="text/javascript"></script>
<link href="<?php echo GP_LOCATE; ?>lang/en/lang.css?f4b7c" rel="stylesheet" type="text/css" />
<link href="<?php echo GP_LOCATE; ?>lang/en/compact.css?f4b7c" rel="stylesheet" type="text/css" />
<?php
if($session->gpack == null || GP_ENABLE == false) {
echo "
<link href='".GP_LOCATE."travian.css?e21d2' rel='stylesheet' type='text/css' />
<link href='".GP_LOCATE."lang/en/lang.css?e21d2' rel='stylesheet' type='text/css' />";
} else {
echo "
<link href='".$session->gpack."travian.css?e21d2' rel='stylesheet' type='text/css' />
<link href='".$session->gpack."lang/en/lang.css?e21d2' rel='stylesheet' type='text/css' />";
}
?>
<script type="text/javascript">
window.addEvent('domready', start);
</script>
</head>
<body class="v35 ie ie8">
<div class="wrapper">
<img style="filter:chroma();" src="img/x.gif" id="msfilter" alt="" />
<div id="dynamic_header">
</div>
<?php include("Templates/header.tpl"); ?>
<div id="mid">
<?php include("Templates/menu.tpl"); ?>
<div id="content" class="village2">
<h1><?php echo $village->vname; if($village->loyalty!='100'){ if($village->loyalty>'33'){ $color="green"; }else{ $color="red"; } ?><div id="loyality"><span style="color:<?php echo $color; ?>;font-size:xx-small;" size><?php echo LOYALTY; ?> <?php echo floor($village->loyalty); ?>%</span></div><?php } ?></h1>
<?php include("Templates/dorf2.tpl");
if($building->NewBuilding) {
include("Templates/Building.tpl");
}
?>
</div>
</br></br></br></br><div id="side_info">
<?php
include("Templates/multivillage.tpl");
include("Templates/quest.tpl");
include("Templates/news.tpl");
include("Templates/links.tpl");
?>
</div>
<div class="clear"></div>
</div>
<div class="footer-stopper"></div>
<div class="clear"></div>
<?php
include("Templates/footer.tpl");
include("Templates/res.tpl");
?>
<div id="stime">
<div id="ltime">
<div id="ltimeWrap">
Calculated in <b><?php
echo round(($generator->pageLoadTimeEnd()-$start)*1000);
?></b> ms
<br />Server time: <span id="tp1" class="b"><?php echo date('H:i:s'); ?></span>
</div>
</div>
</div>
<div id="ce"></div>
</body>
</html>
Saluti
MisterX