Anyone know of any good Free Hosting Script?
I dun want HomeFree cuz its too easy to get hacked!

huh? :rolleyes:

While I never recommend using a simple pre-made hosting script, I can say that HomeFree is a great program and rarely gets hacked. In fact, I have not heard of a HomeFree site being hacked through homefree in several years. NOrmally when a site with homefree is hacked is is through something other than the homefree program such as user enabled php.

maybe u still dunno how to hack homefree...
ppl can put a special code where it will break all the restrictions and have everything! even the admin permissions!!! :(
thats why i am searching for other good free hosting script!

Although I haven't logged in to homefree's forums in almost a year, I did tech support for the company for almost 3 years. Since then I've worked with half a dozen large sites using homefree and not one has had any suck problem.

If you know of such a code line, email me with it' I'd love to see what they do. But until someone shows me otherwise I don't believe it. I've never seen an account with admin powers or anything close to it that shouldn't have them (being as that the admins are a different file, it's not suprising) and I've looked at nearly 500,000 accounts....

Ted

lol
u go search the code for yourself cuz i found it on the net too! :D
cuz if i sent u, u will be the next few person to rule homefree :D :D :D :D :D :D :D :D :D

Originally posted by <|R0cKm@nX|>
lol
u go search the code for yourself cuz i found it on the net too! :D
cuz if i sent u, u will be the next few person to rule homefree :D :D :D :D :D :D :D :D :D

Actually, I have no real desire to take over homefree systems but as a friend of the company and a former tech support asistant, I'd like to fix the bug :)

With that said, Ive done a search for anything related to rbeaking into homefree and here's what I found:

http://www.happyhacker.org/uberhacker/incite.shtml
(a way to destroy a server through homefree fixed ages ago)

Besides this site I found a few bits of informaiton on this exploit which was long since fixed, a few reports of users who had their system breached talk about if homefree played a part in the breach and many other articles talking about homefree add-ons.

I found code or mention of any code that talked about breaking the homefree system which leads me to believe that there is no such code. After all, going from a user to an admin in the homefree script takes much more than just altering one database line, you have to leave the users file and entire into an entirely seperate script.... that's dooable but if it could be done, it would means much worse things then hacking homefree would also be doable....

where can i get HomeFree from?

Homefree is sold by Solution Scripts at (you guessed it) SolutionScripts.com

thanx

Originally posted by Ted Sindzinski


Actually, I have no real desire to take over homefree systems but as a friend of the company and a former tech support asistant, I'd like to fix the bug :)

With that said, Ive done a search for anything related to rbeaking into homefree and here's what I found:

http://www.happyhacker.org/uberhacker/incite.shtml
(a way to destroy a server through homefree fixed ages ago)

Besides this site I found a few bits of informaiton on this exploit which was long since fixed, a few reports of users who had their system breached talk about if homefree played a part in the breach and many other articles talking about homefree add-ons.

I found code or mention of any code that talked about breaking the homefree system which leads me to believe that there is no such code. After all, going from a user to an admin in the homefree script takes much more than just altering one database line, you have to leave the users file and entire into an entirely seperate script.... that's dooable but if it could be done, it would means much worse things then hacking homefree would also be doable....

argh!!!!!! :mad: :p
since u dun believe me, i will PM u the code to hack HomeFree. and plz plz plz find a way to stop this hack from working! :D
And dun give this code to any1!!!!!!!!!!!!!!!!!!!! not even your mom or dad! LOL :D :D :D :D :D :p

I assure you, I'll have the developers looking into this bug as soon as you send me the code...

oh..! i believe you... ;)
Read your PM! :cool:

after you fix it can I get this fix?

I have homefree :( :confused: :confused: :(

i think he will get solutionscripts to fix it and get it released in the next version

ok thanks ;)

no problem ;)

Free hosting? I'm coding a script like that as we speak :D

Free hosting? I'm coding a script like that as we speak
So am I :). Two, really, one in Perl, the other in PHP. The PHP one closely replicates a Windows 9x environment. The Perl one has multiple windows, pretty little icons, and all the elements of Windows but it doesn't go so far as to try to look like Windows. It's template based, actually, it can look however you want it to look, but certainly nothing that complicated.

Though the PHP one's neat to look at and play with, I find the Perl one's much easier to use.

you know i was thinking.....

since they have to get to the admin file to put in this line of code you speak of that gives them total access..

why dont I just move the admin files into another file, change all the references in it to point to the right location and the put htaccess in the new folder that I put the admin files in?

it would be alot of work but this would gaurrentee security right?:confused:

I mean like.. cracks htaccess, get into homefree user name and pass and they would have to know what folder the admin files were in in the first place

i mean your name...
no need to get the admin file :cool:

There really is no reason for such messures. Although this hack does indeed work (and yes, the developer is aware of it), it does not really give users admin access. Instead it puts them in a pre-approved area for moderator status but since the moderator feature was never completed this isnt really a security risk.

To become an admin, a user would have to access a completely different file. In order to access this file, that user would have to breach yoru entire server's security that is to say... if a user can write to one file, they cna easily write to the file next to it or run a search and find another file, so moving files wouldn't make much differance....

oh i c..
anyway, i think solutionscripts should make a function where users can move files...
and anyway, i really hate the hack.. but i still used it sometimes hehe :D :D

well t35.com got hacked, I'm not sure how but someone got em

and 3hosting4U got hacked by someone and spammed everyone and then they got shut down by donhosting because the spammer put warez in the email messages

(it was solution scripts who installed 3hosting4U's homefree script) :(

can someone PM me the hack if it isn't any real harm?

I just wanna try it on my site and mabee I could try fixing it up a bit to stop it from working (with any luck):rolleyes:

t35hosting was using an illegal version of Home Free anyway, the webmaster admitted it even. I posted on the Solution Scripts forums a while back and Ted answered me, i listed 2 sites using illegal versions

Originally posted by surfichris
t35hosting was using an illegal version of Home Free anyway, the webmaster admitted it even. I posted on the Solution Scripts forums a while back and Ted answered me, i listed 2 sites using illegal versions

how do u know they are using an illegal copy of homefree? by looking at the 'n' after the version number? i have saw a few sites' homefree have an 'n' after the version numbers! wonder wat they are...:rolleyes:

Originally posted by zazoo
can someone PM me the hack if it isn't any real harm?

I just wanna try it on my site and mabee I could try fixing it up a bit to stop it from working (with any luck):rolleyes:

I believe SolutionScripts will annouce the hack after Ted have sent them the hack and fixed the hack... :D

Originally posted by zazoo
well t35.com got hacked, I'm not sure how but someone got em

and 3hosting4U got hacked by someone and spammed everyone and then they got shut down by donhosting because the spammer put warez in the email messages

(it was solution scripts who installed 3hosting4U's homefree script) :(

The hack that is being discused ehre is no where near as serious as an issue like that. Homefree has not had a majority security breach that would lalow anyone to access other homefree files in years. When there was sucha problem, it was fixed 15 minutes after a CERT warning sas issued.

As for SolutionScripts doing the installation, when I worked there, we did very few installs and any install we did do do was rather basic... script upload, chmod, set the basic variables and let them admin go from there.

Most any server with homefree that has really been hacked as been through a commonly hacked linux or nt breach such as sendmail, dns, etc....