Jump to content
--> Place your ad text here <--
Get Free Banners - Giveaway MaxCheaters.com
We're Rebuilding – Join Our Staff Team

TGS vote system - Topgameserver/Hopzone/L2topzone

TGSLineage2

By TGSLineage2
in Server Shares & Files [L2J]

 Share

Recommended Posts

TGSLineage2 Newbie

TGSLineage2

Posted
Posted (edited)

Hello, as I had already mentioned in the discussion section, today I bring you a voting reward system.


OTliF8V.jpg

 

 

NSqWD5s.png

 

** You can download it here**: Download Vote Reward System

 

For those who don't understand how it works, later I upload a video explaining how it works.

 

Edited by TGSLineage2
StinkyMadness Enthusiast

StinkyMadness

Posted
Posted
On 9/19/2019 at 7:51 PM, SweeTs said:

Atm it's NOT a share, just a redirect, which I believe, is against rules. You must include the download link as well.

Agree with that, and also i just cheked your code.. its a lot of messup there and 2 lib files for an single vote system.

  • SweeTs unlocked this topic
Nightw0lf Mentor

Nightw0lf

Posted
Posted (edited)

btw your website has a serious vulnerability 

VuGnsl8k5ZKsPUxniMb1I8XK2TbnILwCtcGUpA9X

somebody can hack into another's account and pretend to be him and act like him (change pass, spend money, anything)

 

also this script gives away all your "secrets" 


  <script type="text/javascript">

    $(document).ready(function(){
     

        function verifyLogin(e){
        $.ajax({
          url:"/verifyLogin/"+$(e.target).val()+"",
          dataType: 'JSON',
          method: 'GET',
          success : function(vl){
            if(vl.message=="ok"){
              $(e.target).siblings("#message-email-log").html("<p style='color:green;'>Found email</p>").hide().fadeIn(800);
              
            }else{
              $(e.target).siblings("#message-email-log").html("<p style='color:red;'>Mail not found</p>").hide().fadeIn(800);
            }
          }
        });
      }

      function verifymailReg(e){
      $.ajax({
        url:"/verifyLogin/"+$(e.target).val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          if(vl.message=="ok"){
            $(e.target).siblings("#message-email-reg").html("<p style='color:white;'>Email not available</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-email-reg").html("<p style='color:#92EC00;'>Email available</p>").hide().fadeIn(800);
          }
        }
      });
    }

    function verifyPassword(e){
      $.ajax({
        url:"/verifyPassword/"+$(e.target).val()+"/"+$(e.target).parents('#form-login-in').find('#email').val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          console.log(vl.dbpass+"   "+vl.requestpass);
          if(vl.message=="ok"){
            
            $(e.target).siblings("#message-password-log").html("<p style='color:green;'>Correct password</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-password-log").html("<p style='color:red;'>Wrong password</p>").hide().fadeIn(800);
          }
        }
      });
    }

      $("#email").blur(function(e){
        if($(e.target).val()!=""){
          verifyLogin(e);
        }
      });

      $("#myform-registrationUser").submit(function(e){
      event.preventDefault();
      var a = $(e.target);
      var url="/customRegister";
      var data = $(this).serializeArray();
      var token = $("#token").val();
      $.ajax({
        url : url,
        data : data,
        dataType : 'JSON',
        method : 'POST',
        headers: {'X-CSRF-TOKEN': token},
      }).done(function(response){
        if(response.errors){
          a.find("#message-name-reg").html(response.errors.name).fadeIn(400);
          a.find("#message-email-reg").html(response.errors.email).fadeIn(400);
          a.find("#message-password-reg").html(response.errors.password).fadeIn(400);
        }
        if(response.message=="ok"){
          window.location.replace("/message-registration");
        }
      });
    });
    $("#form-send-mail").submit(function(e){
      e.preventDefault();
      if($(e.targer).find("#email").val()=="" || $(e.targer).find("#subject").val()=="" || $(e.targer).find("#content").val()==""){
        alert("kha");
      }else{
        $.ajax({
          url: "/ckeckMail",
          method: "GET",
          data: $("#form-send-mail").serializeArray(),
          dataType: 'JSON',
        }).done(function(response){
          if(response.errors){
            console.log(response.errors);
          }else{
            window.location.replace("/sendMail");
          }
        });
      }

    });

      $('[data-toggle="tooltip"]').tooltip();
      var id_banners = [];
      var id_premiums = [];
      $("a").each(function(index){
        if($(this).hasClass("active_banner")){
        id_banners.push($(this).attr("id"));
      }
        if($(this).hasClass("active_premium")){
          id_premiums.push($(this).attr("id"));
        }
      });
            setTimeout(function(){
        $.ajax({
          url: "/updateImpresions",
          method: "POST",
          data: {ids : id_banners, idsp : id_premiums},
          dataType: "JSON",
          success : function(e){
            //console.log("Update impressions");
          },
          error : function(e){
            console.log("An error ocurred:"+e.error);
          }
        });
      },100);

          $(".active_banner").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });
          $(".visit").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateVisit",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

         $(".active_premium").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updatePremiumClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

     var elements = $('#sign_modal_overlay, #sign_modal');
      var body = $("body");
      var modal = document.getElementById('sign_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modal){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-login').click(function(){
          elements.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal').click(function(){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      var el = $('#contact_modal_overlay, #contact_modal');
      var modalc = document.getElementById('contact_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modalc){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-contact').click(function(){
          el.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal-contact').click(function(){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      $.ajaxSetup({
        headers: {'X-CSRF-TOKEN': $("meta[name='csrf-token']").attr("content")}
      });

    });


    window.onload = function(){

      (function(d, s, id){
       var js, fjs = d.getElementsByTagName(s)[0];
       if (d.getElementById(id)) {return;}
       js = d.createElement(s); js.id = id;
       js.src = "//connect.facebook.net/en_US/sdk.js";
       fjs.parentNode.insertBefore(js, fjs);
    }(document, 'script', 'facebook-jssdk'));

    window.fbAsyncInit = function() {
      FB.init({
        appId : '1616853315289008',
        xfbml : true,
        version : 'v2.8'
      });
    };

    $('.btn-facebook').click(function() {
    FB.getLoginStatus(function(response) {
      if (response.status === 'connected') {
        console.log('Already Logged In.');
      }
      else {
        FB.login();
      }
    });
    });

    }

</script>

 

Edited by Nightw0lf
TGSLineage2 Newbie

TGSLineage2

Posted
  • Author
Posted (edited)

@Nightw0lfThanks for your warning, but now I would like you to tell me how its that a unique confirmation token per browsing client generated by the framework I use, could affect my site vulnerability ?

Edited by TGSLineage2
wongerlt Collaborator

wongerlt

Posted
Posted
11 hours ago, Nightw0lf said:

btw your website has a serious vulnerability 


VuGnsl8k5ZKsPUxniMb1I8XK2TbnILwCtcGUpA9X

somebody can hack into another's account and pretend to be him and act like him (change pass, spend money, anything)

 

also this script gives away all your "secrets" 



  <script type="text/javascript">

    $(document).ready(function(){
     

        function verifyLogin(e){
        $.ajax({
          url:"/verifyLogin/"+$(e.target).val()+"",
          dataType: 'JSON',
          method: 'GET',
          success : function(vl){
            if(vl.message=="ok"){
              $(e.target).siblings("#message-email-log").html("<p style='color:green;'>Found email</p>").hide().fadeIn(800);
              
            }else{
              $(e.target).siblings("#message-email-log").html("<p style='color:red;'>Mail not found</p>").hide().fadeIn(800);
            }
          }
        });
      }

      function verifymailReg(e){
      $.ajax({
        url:"/verifyLogin/"+$(e.target).val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          if(vl.message=="ok"){
            $(e.target).siblings("#message-email-reg").html("<p style='color:white;'>Email not available</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-email-reg").html("<p style='color:#92EC00;'>Email available</p>").hide().fadeIn(800);
          }
        }
      });
    }

    function verifyPassword(e){
      $.ajax({
        url:"/verifyPassword/"+$(e.target).val()+"/"+$(e.target).parents('#form-login-in').find('#email').val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          console.log(vl.dbpass+"   "+vl.requestpass);
          if(vl.message=="ok"){
            
            $(e.target).siblings("#message-password-log").html("<p style='color:green;'>Correct password</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-password-log").html("<p style='color:red;'>Wrong password</p>").hide().fadeIn(800);
          }
        }
      });
    }

      $("#email").blur(function(e){
        if($(e.target).val()!=""){
          verifyLogin(e);
        }
      });

      $("#myform-registrationUser").submit(function(e){
      event.preventDefault();
      var a = $(e.target);
      var url="/customRegister";
      var data = $(this).serializeArray();
      var token = $("#token").val();
      $.ajax({
        url : url,
        data : data,
        dataType : 'JSON',
        method : 'POST',
        headers: {'X-CSRF-TOKEN': token},
      }).done(function(response){
        if(response.errors){
          a.find("#message-name-reg").html(response.errors.name).fadeIn(400);
          a.find("#message-email-reg").html(response.errors.email).fadeIn(400);
          a.find("#message-password-reg").html(response.errors.password).fadeIn(400);
        }
        if(response.message=="ok"){
          window.location.replace("/message-registration");
        }
      });
    });
    $("#form-send-mail").submit(function(e){
      e.preventDefault();
      if($(e.targer).find("#email").val()=="" || $(e.targer).find("#subject").val()=="" || $(e.targer).find("#content").val()==""){
        alert("kha");
      }else{
        $.ajax({
          url: "/ckeckMail",
          method: "GET",
          data: $("#form-send-mail").serializeArray(),
          dataType: 'JSON',
        }).done(function(response){
          if(response.errors){
            console.log(response.errors);
          }else{
            window.location.replace("/sendMail");
          }
        });
      }

    });

      $('[data-toggle="tooltip"]').tooltip();
      var id_banners = [];
      var id_premiums = [];
      $("a").each(function(index){
        if($(this).hasClass("active_banner")){
        id_banners.push($(this).attr("id"));
      }
        if($(this).hasClass("active_premium")){
          id_premiums.push($(this).attr("id"));
        }
      });
            setTimeout(function(){
        $.ajax({
          url: "/updateImpresions",
          method: "POST",
          data: {ids : id_banners, idsp : id_premiums},
          dataType: "JSON",
          success : function(e){
            //console.log("Update impressions");
          },
          error : function(e){
            console.log("An error ocurred:"+e.error);
          }
        });
      },100);

          $(".active_banner").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });
          $(".visit").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateVisit",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

         $(".active_premium").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updatePremiumClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

     var elements = $('#sign_modal_overlay, #sign_modal');
      var body = $("body");
      var modal = document.getElementById('sign_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modal){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-login').click(function(){
          elements.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal').click(function(){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      var el = $('#contact_modal_overlay, #contact_modal');
      var modalc = document.getElementById('contact_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modalc){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-contact').click(function(){
          el.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal-contact').click(function(){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      $.ajaxSetup({
        headers: {'X-CSRF-TOKEN': $("meta[name='csrf-token']").attr("content")}
      });

    });


    window.onload = function(){

      (function(d, s, id){
       var js, fjs = d.getElementsByTagName(s)[0];
       if (d.getElementById(id)) {return;}
       js = d.createElement(s); js.id = id;
       js.src = "//connect.facebook.net/en_US/sdk.js";
       fjs.parentNode.insertBefore(js, fjs);
    }(document, 'script', 'facebook-jssdk'));

    window.fbAsyncInit = function() {
      FB.init({
        appId : '1616853315289008',
        xfbml : true,
        version : 'v2.8'
      });
    };

    $('.btn-facebook').click(function() {
    FB.getLoginStatus(function(response) {
      if (response.status === 'connected') {
        console.log('Already Logged In.');
      }
      else {
        FB.login();
      }
    });
    });

    }

</script>

 

hooooooooow? :gusta:

Nightw0lf Mentor

Nightw0lf

Posted
Posted
17 hours ago, TGSLineage2 said:

@Nightw0lfThanks for your warning, but now I would like you to tell me how its that a unique confirmation token per browsing client generated by the framework I use, could affect my site vulnerability ?

all of your forms can be faked it does not change and its used for all of your forms lol

  • 2 weeks later...
TGSLineage2 Newbie

TGSLineage2

Posted
  • Author
Posted (edited)
On 12/10/2019 at 11:57, Pigasos-Dev said:

Update for l2top.co

You can do it Yourself, add a constant in you enum class, add some conditinals in your class controller  following the line of the other sites, add attributes in your model class, edit your DAO class , edit your table voters.

Edited by TGSLineage2
  • 2 weeks later...
  • 1 month later...
Smith Newbie

Smith

Posted
Posted

I have tested today!

It doesn't work, the jars are old, for Acis ante 362, it doesn't work because they constantly change the location files and their renames.
And the tgs.jar file has references that do not exist in current Acis or in old ones.
That is to work and only in version 362.
That's a pity

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing


  • Posts

    • Nightw0lf
      [Active Anticheat] When Promises Fall Short

      By Nightw0lf · Posted

      its not imagination we skip that on this topic my offer still stands i am accepting a house Mr. @ERROR501 for more information please contact me
    • FlatroON
      Sell Interlude ready server files, latest source + autofarm

      By FlatroON · Posted

      Sell ready interlude server files, with all popular features and tested, stable source + fully functional premium geodata for free.   Features include: Events: DM CTF TVT LM Dressme system Custom Buffer GM Shop Custom community board Donation manager  Auto Farm   Album: sell c6 — ImgBB   Test Server online: Patch link: https://drive.google.com/file/d/1mvEbv9XESsvfWwc638xFyyzyESeE2U95/view?usp=drive_link Auto acc create and auto admin   Price: 300$. Discord: l2retro
    • rufi
      InertiaX AutoFarm

      By rufi · Posted

      Faltan demasiados archivos,  y lógicas en clases claves como L2pcInstance, entre otras. si bien muchas cosas están y el flujo es valorable.  Gracias por tu esfuerzo es bastante... pero realmente no esta completo el código, falta que subas todas las modificaciones en clases colaterales... podrías intentar subir un diff de todo el mod  completo de tu pack y bueno ahí si que cada uno adapte... pero faltan muchas cosas, dudo que haya gente que lo haya echo funcionar con esto... 
    • Celestine
      [Active Anticheat] When Promises Fall Short

      By Celestine · Posted

      I know people who have fully bypassed and reversed AAC. One day, they might even release the full source code, but for now, they’re still making money off it. I won’t name anyone, but it’s clear that there aren’t any truly solid anticheats for Lineage2. As I’ve said before, kernel level anticheats are the only real solution. Anything that runs as Internal and injects gets flagged, and your account ends up getting kicked or banned. That’s just how most games handle it nowadays. To TL;DR the whole thing cheating will always exist because there are people out there smart enough to bypass any protection and run private cheats. Public cheats are always detected eventually, so I don’t see any point in buying AAC, especially when they claim it blocks adr, which simply isn’t true.
    • nicu30
      [L2J] L2 Adonis

      By nicu30 · Posted

      🌐 Website: https://l2adonis.com 📅 GRAND OPENING: July 18, 2025 – 20:00 (UTC+2) 💬 Discord: https://discord.com/invite/tZBj8JxAwx 🚫 No auto-farm • No auto-macro • No pay-to-win • No custom   Some Basic Info's (More detalied info's on website)  EXP/SP: x25  Adena: x15  Drop: x15  Spoil: x15  Seal Stones: x15  Raid Boss Drop: x10  Epic Boss Drop: x1  Manor: x10  Safe Enchant: +4  Max Enchant: +16  Normal Scroll Chance: 50%  Blessed Scroll Chance: 66% (If enchant fail item remain +4)  Buff Slots (30+4 extra with Divine Inspiration)  Dances/Songs Slots 14  Auto-learn skills  ⚔️ Real PvP • Real Progression • Retail-like experience JOIN NOW and relive the real L2 experience!

  • Topics

×
×
  • Create New...

AdBlock Extension Detected!

Our website is made possible by displaying online advertisements to our members.

Please disable AdBlock browser extension first, to be able to use our community.

I've Disabled AdBlock