Fun With Tevs - Not Good If You Are Running Tevs
 

Sorry to say but some of the worst code I have seen in a while comes from this Tevs script..

Appears this script is built for hacker heaven as it accepts database queries from any ip and site is injectible with anything you care to run on it...

all you need...is to know who is using tevs and you can own all their traffic..

Appears all data being managed by this script is unsanitized.

I'll further up the analysis of this script as give time for owner to patch it up quickly, well if he can, it appears he hasnt brushed up on his skills in many years.


If you are running tevs, i would disable all input form surfers until fixed.

In 48 hours, if not fixed I will post simple exploit

Not good.

php combined with mysql is known for this.

Everything is hackable but my buddy also told me about the exploit. I usually by a script after 1.5 when most of then known exploits are cleaned up.

good shit.

sounds like blackmail to me.. wouldn't it be more helpful if you posted the fix or contacted him with the fix?

someone ban that fucking bot

Why not talk to Zorgman about this before bringing it to the boards? So he can get it cleaned up...

Suck a dick fatty :1orglaugh

This is lame to bump this thread with nonsense.

Would you like to play a game???? :thumbsup

Want the truth?

I really dont give to shits anymore about anyone on or in this industry, i have 12 years of business relationships and only thing I have learned, is oyur all skillless, you're all thieves, and you would all ass rape your own mothers if given the chance

Ouch, I just bought TEVS, guess I'll wait to install it.

Ouch - That is far from the truth!

I take someone hasn't paid a bill?

for one who is on GFY daily, you sure are not learning much....

ok thats a bannable offence.. thanks

Email your info to Dean... I know they're busy working on v1.1 to fix a lot of things including stuff like this but would be great if you gave him some specifics to work on...

Reminds me of ole' bobby drop tables:

http://imgs.xkcd.com/comics/exploits_of_a_mom.png

Blackmail is not good.

And we wonder why this industry has so many scum bags

So you are going to post an exploit to a script alot of guys on here use, and then you basically call everyone here scammers.

And you have the balls to tell someone what they said is bannable?

How about you post something valid, 12 years or not, you look/sound like a fucking jealous retard.

Its not 'everyone'.

Take a deep breathe - you are doing what I do when I am pissed off. It gets me a heap of trouble, and I regret it in the morning.

lets get soemthing straight, i own multiple licenses of this script.
and I am outraged at some of this fucking code i see here..
It's beyond fucking ridiculous in todays age to see such fucking crap
in todays coding world... and quite frankly this script is a $29 script
someone could write in 2 fucking days correctly...

so fuck off and die already I dont give a shit, once again
a nameless wonder on attack...

I wonder what happened

Accepting db connections from any IP has nothing to do with php. It has to do with mysql user settings and firewalls. Restrict the mysql user to accept connections from localhost only, as well as firewall out your mysql port.

they should just fucking ban every fucking moron here with no name... its so fucking obvious people create fake nicks just to talk fucking trash, then you got assholes like sortie who own other tube scripts constatnly bumping this for self satisfaction, probably rodman is him.... see how the game works????
then they got a few more fake drama nicks... this board is toast... all industry players know it.... so have fun.. you fucked it up for everyone

shut the fuck up, i got a script form you that was hacked and they got me for $800 paypal... so just shut the fuck up

shhhhhhhhhhhhh don't tell him that!! :pimp

Oh Shit - GFY meltdown - we have all done it.

You have one guy posting trash in your post, that I see... the rest have made comments, questions, statements.. I don't see any real fake nick/trash talking going on here.

You might want to try calming down, have a drink or a smoke.. whatever your poison is, do a lot of it.

Ya know I was really not liking you till this post lol you hit the nail right on the head about sortie! :pimp

I aint here to be liked, im here to pass along the 12 years of fucking hell and displeasure of working for you all.. so please dont ass kiss me you'll only get brown lips and no sugar

aint fucking talking about ip connections, i meant that anyone can fucking post to the database

Part of me wants to defend myself against this, but the other part of me knows that arguing on the internet is retarded and bad for business. All i'm going to say on this topic is this...

I'll admit, 2.5+ years ago when this happened, I was less experienced. I feel it definitely could have been handled better then changing the ftp password on me and trying to charge-back via paypal without even informing me of the issues. You complained that it was susceptible to SQL injection and XSS, which could have easily been fixed.

I absolutely would have fixed this for you given the opportunity, and I'm sorry our deal went sour.

I felt sorry for you until you posted this. If you look at Deniss Rodmans
threads you can see him trashing me and everything I own.
To have you accuse me of being him means you are a paraniod asshole.

I made three post in this thread one was "this is not good", the next was
telling rodman that he was lame and the thrid was "what actually happened".

Getting mad at me is not going to fix your script.

I've already fixed my scripts, i've actually 100% rewritten most of this script as most of it dont even work as it appears.

If you knew anything about anything you coder, you'd fucking know that
a simple form bot can and probably has already infected every tevs installation otu there, you should all be fucking thanking me

No brown nosing here - just think back to the number of times you have seen me do this. I ALWAYS regret it.

So teks, have you ever looked over vShare? If so, what's your technical opinion on that one as a tube script?

Dont relate bitterness to coffin nails... I want to make sure I can't come back.... Trust me its what I want and I know it... sometimes its hard to leave... othertimes its a blessing, i will make my exit a blessign

Well, if you fixed them already then what is all this ranting about?

Nobody should be thanking you for anything because you haven't fixed
anything for them or even explained what happened to cause you to
find a problem.

:1orglaugh:1orglaugh

I did try to offer help to Zorgman in this area as well....

He doesn't quite get it.

-Ben

Does that me you managed unencoded the backend files?

stfu fatty

no it means i wrote my own fucking admin, how do you like those apples?

why am i fighting with a bunch of trolls.. lol

im gone, i wont be back... have fun playing games with other trolls...

ughm... i laugh at the next moron to pay $10k to skin this board.. lol, worse then shoveling it into a fireplace hahah