Quote Originally Posted by mrsandvik View Post
lolwut..

Is this why my hotfile account went from premium to free after i used the script?

Scary
I am not sure but i do not think so. A hacker still needs to know the address you uploaded it to. I think it could be hotfile's limit that you crossed which made them cancel your premium account.

I have removed my "guess" from my post and kept it to facts only. The script manager.php is a shell script. The script direct.php is a script that can be used to transload a shell script to your host. I am the owner of "direct.php" and if you look in the source, i have given an option to password protect the script, which was ignored. In my readme file, its clearly stated that:

> Security issue fixed with transloader.
> Now you may set your own password for the script.
The security fix comes as a .htaccess file that directly downloads any files placed in the original "transloaded" folder. This way, shell scripts cannot be executed.

The password protect was there as an added security for those on windows server.

Deathbliss, next time you modify a script, read the readme file atleast. You could also have contacted me via PM or IM about it (like v3g3t4 did) before using my scripts in ways it wasn't meant to be used.


Quote Originally Posted by deAthbLisS View Post
nvm..
people knowing the things about transloader Vulnerability could have PM'd me
if i pmed you and you were not online then all the people who downloaded the script would be at risk.

I have edited my post. I am sorry if i have offended you. My post was not directed towards you. I meant if a hacker knew about that, then they could do that.

Still, i am sorry for offending you.