CI+Dojo+datamapper with the defualt structure

26 02 2009

CI+Dojo+datamapper with default strucure


CodeIgniter+DataMapper+Dojo Toolkit Package

12 02 2009

CodeIgniter+DataMapper+Dojo Toolkit Package
this package contains a :
PHP framework: Codeigniter 1.7.1 + manual
PHP dataMapper: DataMapper 1.6.0 + manual
javascript toolkit: DojoToolkit 1.2.3

it has everything you need ,
and codeigniter is made to consider the application folder as the root folder for
easy use ,
and datamapper is installed in the system folder not the aplication folder as said in the manual


The Sleeping Cat

12 02 2009


مهاجمة موقع بى اتش بى بى بى PHPBB

7 02 2009

حاولت ادخل على موقع منتدى بى بى ولكنه تم اختراقه

من الوضح ان المهاجم قام باستخدام ثغرة تسمى بالتاريخ الصفرى للدخول عن طريق قائمة المراسلات للموقع و نسخ البريد الألكترونى المسجل بها و قائمة المستخدمين الموجودة على الموقع نفسه

و لكن الشركة تنبه بأن البرنامج نفسه ليس به اى ثغرة و ان الثفرة كانت فى برنامج موجود على السيرفر الخاص بهم للتأخر فى تحديث البرامج

و هذا نص بالتفاصيل

As you may already be aware from the message on or the topic in the #phpBB channel on Freenode, we have recently been attacked via a vulnerability in an outdated PHPList installation. The initial attack was performed well before a new version of the software was released or a patch provided. It is important to stress that no vulnerabilities have been found in the phpBB software itself.

We took down along with to ensure integrity and prevent further damage. While we actively work to bring back online, we would also like to inform you of the damage that has been done.

The attacker gained entry through the PHPList application and was able to dump a complete backup of the emails on file. He then used the same exploit to access the database. Both the email list from PHPlist and a copy of the users table were then posted publicly.

phpBB3 uses a complex hashing algorithm in order to prevent someone from determining the plaintext value of a password. phpBB2, however, used a much simpler and less secure md5 algorithm to store passwords. This is one of the many reasons why we have decided to no longer support the phpBB2 software. Because hashes cannot be reversed, phpBB3 is set to convert phpBB2 hashes to the new phpBB3 standard during the first user login. Those users who registered while used phpBB2 and did not login on the new phpBB3 board continue to have their password hashes stored in the old format. Passwords stored in the old format are much less secure than those stored in the new format. The attackers have been focusing purely on the passwords stored in the old format.

If the password to your account is used anywhere else (especially with the same username), we strongly recommend that you change it. Using the same password across multiple sites is not security wise and should not be done under any circumstance. Additionally, you should change your password on, when it becomes available.

We apologise for not securing our servers in time to prevent this from happening. This demonstrates how critically important it is to always make sure that you keep up to date with any software that is running on your machine. Intrusion is possible even before a patch is provided to fix a vulnerability. At this time, the team is working around the clock to restore and other resources.

Press Contact: If you need to get in contact with the management, please email phpbb_press (at) marshalrusty (dot) com.

Thank you,

– The phpBB Teams

You may discuss this announcement here: viewtopic.php?f=3&t=29974

free webpage design

6 02 2009