| Author |
 Topic  |
|
|
Nam_Trung
Starting Member
22 Posts |
 Posted - 21 April 2001 : 18:50:02
|
Hi all,
I'm not sure if I post it up in the right forum. This is not a bug in the forum's code or something.
Locking a topic/forum/category should disable the ability to post/reply in that topic/forum/category.
As I was working on a mod (Forums Grouping), I found that I still was able to post/reply even the topic/forum/category is locked with a common user. And very easy to open the backdoor.
I'm not sure if someone already discover this backdoor. I have check it in Version 3.2 SR 4 and in SR 5 Alpha 3.
I have modified the some codes, now the backdoor is closed, I'm still testing the code. I will upload it whenever I finished with it, unless this problem is already fixed 
Nam Trung
PS: I have used the backdoor to post up a message in a locked forum: MOD Completed Add-Ons. Moderators/Admins please delete it.
|
|
|
John
Junior Member
USA
427 Posts |
Posted - 21 April 2001 : 20:54:55
|
E-mail the details to Mike or Gor.
 |
 |
|
|
Nam_Trung
Starting Member
22 Posts |
Posted - 22 April 2001 : 15:39:56
|
Hi,
I have mailed to Gor, telling him the backdoor, also included a modified code to close the backdoor. Hope it's good.
Nam Trung
|
|
|
|
RedLeader
New Member
USA
85 Posts |
Posted - 23 April 2001 : 11:51:33
|
Can you post the hole? This might be a benefit for everyone so they can patch the hole on their sites as well.
RL
|
|
|
|
Nam_Trung
Starting Member
22 Posts |
Posted - 23 April 2001 : 17:30:41
|
Sorry I can't up the backdoor, otherwise annoying people would start using the backdoor, since none sites will be do this at the same time I post this up.
But here is the modification against it:
-----------------------------------
=================================
========== POST.ASP ===========
=================================
======== Change this code
select case strRqMethod
case "Reply"
if (strNoCookies = 1) or (strDBNTUserName = "") then
Msg = Msg & "<b>Note:</b> You must be registered in order to post a reply.<br>"
Msg = Msg & "To register, <a href=""policy.asp"">click here</a>. Registration is FREE!<br>"
end if
..
..
..
..
..
..
..
..
case "EditForum"
Msg = Msg & "<b>Note:</b> Only the Moderator can edit the message."
case "EditCategory"
Msg = Msg & "Note: Only an administrator can edit the subject."
end select
========= INTO
'=======================================================
DIM anumber
anumber = ""
if Trim(Request.QueryString("method")) <> "" then anumber = anumber & "m"
if Trim(Request.QueryString("CAT_ID")) <> "" then anumber = anumber & "c"
if Trim(Request.QueryString("FORUM_ID")) <> "" then anumber = anumber & "f"
if Trim(Request.QueryString("TOPIC_ID")) <> "" then anumber = anumber & "t"
if Trim(Request.QueryString("REPLY_ID")) <> "" then anumber = anumber & "r"
strSql = "SELECT " & strTablePrefix & "CATEGORY.CAT_STATUS "
strSql = strSql & " FROM " & strTablePrefix & "CATEGORY "
strSql = strSql & " WHERE " & strTablePrefix & "CATEGORY.CAT_ID = " & Request.QueryString("CAT_ID")
if Instr(anumber, "mc") <> 0 then
set rsCStatus = my_Conn.Execute (strSql)
end if
strSql = "SELECT " & strTablePrefix & "FORUM.F_STATUS "
strSql = strSql & " FROM " & strTablePrefix & "FORUM "
strSql = strSql & " WHERE " & strTablePrefix & "FORUM.CAT_ID = " & Request.QueryString("CAT_ID")
strSql = strSql & " AND " & strTablePrefix & "FORUM.FORUM_ID = " & Request.QueryString("FORUM_ID")
if instr(anumber, "mcf") <> 0 then
set rsFStatus = my_Conn.Execute (strSql)
end if
strSql = "SELECT " & strTablePrefix & "TOPICS.T_STATUS "
strSql = strSql & " FROM " & strTablePrefix & "TOPICS "
strSql = strSql & " WHERE " & strTablePrefix & "TOPICS.CAT_ID = " & Request.QueryString("CAT_ID")
strSql = strSql & " AND " & strTablePrefix & "TOPICS.FORUM_ID = " & Request.QueryString("FORUM_ID")
strSql = strSql & " AND " & strTablePrefix & "TOPICS.TOPIC_ID = " & Request.QueryString("TOPIC_ID")
if instr(anumber, "mcft") <> 0 then
set rsTStatus = my_Conn.Execute (strSql)
end if
strSql = "SELECT " & strTablePrefix & "REPLY.R_AUTHOR "
strSql = strSql & " FROM " & strTablePrefix & "REPLY "
strSql = strSql & " WHERE " & strTablePrefix & "REPLY.CAT_ID = " & Request.QueryString("CAT_ID")
strSql = strSql & " AND " & strTablePrefix & "REPLY.FORUM_ID = " & Request.QueryString("FORUM_ID")
strSql = strSql & " AND " & strTablePrefix & "REPLY.TOPIC_ID = " & Request.QueryString("TOPIC_ID")
strSql = strSql & " AND " & strTablePrefix & "REPLY.REPLY_ID = " & Request.QueryString("REPLY_ID")
if instr(anumber, "mcftr") <> 0 then
set rsRStatus = my_Conn.Execute (strSql)
end if
if strRqMethod = "Reply" or strRqMethod = "ReplyQuote" or strRqMethod = "Topic" or strRqMethod = "TopicQuote" or strRqMethod = "Edit" or strRqMethod = "EditTopic" then
if (mLev = 4) or (chkForumModerator(Request.QueryString("FORUM_ID"), ChkString(STRdbntUserName, "decode"))= "1") or (lcase(strNoCookies) = "1") then
AdminAllowed = 1
else
AdminAllowed = 0
end if
end if
select case strRqMethod
case "Reply"
if (strNoCookies = 1) or (strDBNTUserName = "") then
Msg = Msg & "<b>Note:</b> You must be registered in order to post a reply.<br>"
Msg = Msg & "To register, <a href=""policy.asp"">click here</a>. Registration is FREE!<br>"
end if
if instr(anumber, "mcft") = 0 then
%>
<center>ERROR: Missing parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsTStatus.EOF OR rsTStatus.BOF then
%>
<center>ERROR: Incorrect parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsTStatus("T_STATUS") <> 1 and AdminAllowed = 0 or rsFStatus("F_STATUS") <> 1 and AdminAllowed = 0 or rsCStatus("CAT_STATUS") <> 1 and AdminAllowed = 0 then
%>
<center>ERROR: This topic has been closed<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
end if
end if
end if
case "ReplyQuote"
if (strNoCookies = 1) or (strDBNTUserName = "") then
Msg = Msg & "<b>Note:</b> You must be registered in order to post a reply.<br>"
Msg = Msg & "To register, <a href=""policy.asp"">click here</a>. Registration is FREE!<br>"
end if
if instr(anumber, "mcftr") = 0 then
%>
<center>ERROR: Missing parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsRStatus.EOF OR rsRStatus.BOF then
%>
<center>ERROR: Incorrect parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsTStatus("T_STATUS") <> 1 and AdminAllowed = 0 or rsFStatus("F_STATUS") <> 1 and AdminAllowed = 0 or rsCStatus("CAT_STATUS") <> 1 and AdminAllowed = 0 then
%>
<center>ERROR: This topic has been closed<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
end if
end if
end if
case "Topic"
if (strNoCookies = 1) or (strDBNTUserName = "") then
Msg = Msg & "<b>Note:</b> You must be registered in order to post a Topic.<br>"
Msg = Msg & "To register, <a href=""policy.asp"">click here</a>. Registration is FREE!<br>"
end if
if instr(anumber, "mcf") = 0 then
%>
<center>ERROR: Missing parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsFStatus.EOF OR rsFStatus.BOF then
%>
<center>ERROR: Incorrect parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsFStatus("F_STATUS") <> 1 and AdminAllowed = 0 or rsCStatus("CAT_STATUS") <> 1 and AdminAllowed = 0 then
%>
<center>ERROR: This forum has been closed<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
end if
end if
end if
case "TopicQuote"
if (strNoCookies = 1) or (strDBNTUserName = "") then
Msg = Msg & "<b>Note:</b> You must be registered in order to post a reply.<br>"
Msg = Msg & "To register, <a href=""policy.asp"">click here</a>. Registration is FREE!<br>"
end if
if instr(anumber, "mcft") = 0 then
%>
<center>ERROR: Missing parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsTStatus.EOF OR rsTStatus.BOF then
%>
<center>ERROR: Incorrect parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsTStatus("T_STATUS") <> 1 and AdminAllowed = 0 or rsFStatus("F_STATUS") <> 1 and AdminAllowed = 0 or rsCStatus("CAT_STATUS") <> 1 and AdminAllowed = 0 then
%>
<center>ERROR: This topic has been closed<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
end if
end if
end if
case "Forum"
Msg = Msg & "<b>Note:</b> You must be an administrator to create a new forum.<br>"
case "URL"
Msg = Msg & "<b>Note:</b> You must be an administrator to create a new web link.<br>"
case "Edit"
Msg = Msg & "<b>Note:</b> Only the poster of this message, and the Moderator can edit the message."
if instr(anumber, "mcftr") = 0 then
%>
<center>ERROR: Missing parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsRStatus.EOF OR rsRStatus.BOF then
%>
<center>ERROR: Incorrect parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsTStatus("T_STATUS") <> 1 and AdminAllowed = 0 or rsFStatus("F_STATUS") <> 1 and AdminAllowed = 0 or rsCStatus("CAT_STATUS") <> 1 and AdminAllowed = 0 then
%>
<center>ERROR: This topic has been closed<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
end if
end if
end if
case "EditTopic"
Msg = Msg & "<b>Note:</b> Only the poster of this message, and the Moderator can edit the message."
if instr(anumber, "mcft") = 0 then
%>
<center>ERROR: Missing parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsTStatus.EOF OR rsTStatus.BOF then
%>
<center>ERROR: Incorrect parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsTStatus("T_STATUS") <> 1 and AdminAllowed = 0 or rsFStatus("F_STATUS") <> 1 and AdminAllowed = 0 or rsCStatus("CAT_STATUS") <> 1 and AdminAllowed = 0 then
%>
<center>ERROR: This topic has been closed<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
end if
end if
end if
case "EditForum"
Msg = Msg & "<b>Note:</b> Only the Moderator can edit the message."
case "EditCategory"
Msg = Msg & "Note: Only an administrator can edit the subject."
end select
'========================================================
============================================
============== POST_INFO.ASP ================
============================================
======== After this code:
<!--#INCLUDE FILE="inc_top.asp" -->
<%
if strAuthType = "db" then
strDBNTUserName = Request.Form("UserName")
end if
======== Add this code
'=====================================================================
DIM anumber
anumber = ""
if Trim(Request.Form("Method_Type")) <> "" then anumber = anumber & "m"
if Trim(Request.Form("CAT_ID")) <> "" then anumber = anumber & "c"
if Trim(Request.Form("FORUM_ID")) <> "" then anumber = anumber & "f"
if Trim(Request.Form("TOPIC_ID")) <> "" then anumber = anumber & "t"
if Trim(Request.Form("REPLY_ID")) <> "" then anumber = anumber & "r"
strSql = "SELECT " & strTablePrefix & "CATEGORY.CAT_STATUS "
strSql = strSql & " FROM " & strTablePrefix & "CATEGORY "
strSql = strSql & " WHERE " & strTablePrefix & "CATEGORY.CAT_ID = " & Request.Form("CAT_ID")
if Instr(anumber, "mc") <> 0 then
set rsCStatus = my_Conn.Execute (strSql)
end if
strSql = "SELECT " & strTablePrefix & "FORUM.F_STATUS "
strSql = strSql & " FROM " & strTablePrefix & "FORUM "
strSql = strSql & " WHERE " & strTablePrefix & "FORUM.CAT_ID = " & Request.Form("CAT_ID")
strSql = strSql & " AND " & strTablePrefix & "FORUM.FORUM_ID = " & Request.Form("FORUM_ID")
if instr(anumber, "mcf") <> 0 then
set rsFStatus = my_Conn.Execute (strSql)
end if
strSql = "SELECT " & strTablePrefix & "TOPICS.T_STATUS "
strSql = strSql & " FROM " & strTablePrefix & "TOPICS "
strSql = strSql & " WHERE " & strTablePrefix & "TOPICS.CAT_ID = " & Request.Form("CAT_ID")
strSql = strSql & " AND " & strTablePrefix & "TOPICS.FORUM_ID = " & Request.Form("FORUM_ID")
strSql = strSql & " AND " & strTablePrefix & "TOPICS.TOPIC_ID = " & Request.Form("TOPIC_ID")
if instr(anumber, "mcft") <> 0 then
set rsTStatus = my_Conn.Execute (strSql)
end if
strSql = "SELECT " & strTablePrefix & "REPLY.R_AUTHOR "
strSql = strSql & " FROM " & strTablePrefix & "REPLY "
strSql = strSql & " WHERE " & strTablePrefix & "REPLY.CAT_ID = " & Request.Form("CAT_ID")
strSql = strSql & " AND " & strTablePrefix & "REPLY.FORUM_ID = " & Request.Form("FORUM_ID")
strSql = strSql & " AND " & strTablePrefix & "REPLY.TOPIC_ID = " & Request.Form("TOPIC_ID")
strSql = strSql & " AND " & strTablePrefix & "REPLY.REPLY_ID = " & Request.Form("REPLY_ID")
if instr(anumber, "mcftr") <> 0 then
set rsRStatus = my_Conn.Execute (strSql)
end if
if Request.Form("Method_Type") = "Reply" or Request.Form("Method_Type") = "ReplyQuote" or Request.Form("Method_Type") = "Topic" or Request.Form("Method_Type") = "TopicQuote" or Request.Form("Method_Type") = "Edit" or Request.Form("Method_Type") = "EditTopic" then
if (mLev = 4) or (chkForumModerator(Request.Form("FORUM_ID"), ChkString(STRdbntUserName, "decode"))= "1") or (lcase(strNoCookies) = "1") then
AdminAllowed = 1
else
AdminAllowed = 0
end if
end if
select case Request.Form("Method_Type")
case "Reply"
if instr(anumber, "mcft") = 0 then
%>
<center>ERROR: Missing parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsTStatus.EOF OR rsTStatus.BOF then
%>
<center>ERROR: Incorrect parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsTStatus("T_STATUS") <> 1 and AdminAllowed = 0 or rsFStatus("F_STATUS") <> 1 and AdminAllowed = 0 or rsCStatus("CAT_STATUS") <> 1 and AdminAllowed = 0 then
%>
<center>ERROR: This topic has been closed<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
end if
end if
end if
case "ReplyQuote"
if instr(anumber, "mcftr") = 0 then
%>
<center>ERROR: Missing parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsRStatus.EOF OR rsRStatus.BOF then
%>
<center>ERROR: Incorrect parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsTStatus("T_STATUS") <> 1 and AdminAllowed = 0 or rsFStatus("F_STATUS") <> 1 and AdminAllowed = 0 or rsCStatus("CAT_STATUS") <> 1 and AdminAllowed = 0 then
%>
<center>ERROR: This topic has been closed<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
end if
end if
end if
case "Topic"
if instr(anumber, "mcf") = 0 then
%>
<center>ERROR: Missing parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsFStatus.EOF OR rsFStatus.BOF then
%>
<center>ERROR: Incorrect parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsFStatus("F_STATUS") <> 1 and AdminAllowed = 0 or rsCStatus("CAT_STATUS") <> 1 and AdminAllowed = 0 then
%>
<center>ERROR: This forum has been closed<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
end if
end if
end if
case "TopicQuote"
if instr(anumber, "mcft") = 0 then
%>
<center>ERROR: Missing parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsTStatus.EOF OR rsTStatus.BOF then
%>
<center>ERROR: Incorrect parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsTStatus("T_STATUS") <> 1 and AdminAllowed = 0 or rsFStatus("F_STATUS") <> 1 and AdminAllowed = 0 or rsCStatus("CAT_STATUS") <> 1 and AdminAllowed = 0 then
%>
<center>ERROR: This topic has been closed<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
end if
end if
end if
case "Edit"
Msg = Msg & "<b>Note:</b> Only the poster of this message, and the Moderator can edit the message."
if instr(anumber, "mcftr") = 0 then
%>
<center>ERROR: Missing parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsRStatus.EOF OR rsRStatus.BOF then
%>
<center>ERROR: Incorrect parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsTStatus("T_STATUS") <> 1 and AdminAllowed = 0 or rsFStatus("F_STATUS") <> 1 and AdminAllowed = 0 or rsCStatus("CAT_STATUS") <> 1 and AdminAllowed = 0 then
%>
<center>ERROR: This topic has been closed<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
end if
end if
end if
case "EditTopic"
Msg = Msg & "<b>Note:</b> Only the poster of this message, and the Moderator can edit the message."
if instr(anumber, "mcft") = 0 then
%>
<center>ERROR: Missing parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsTStatus.EOF OR rsTStatus.BOF then
%>
<center>ERROR: Incorrect parameters.<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
else
if rsTStatus("T_STATUS") <> 1 and AdminAllowed = 0 or rsFStatus("F_STATUS") <> 1 and AdminAllowed = 0 or rsCStatus("CAT_STATUS") <> 1 and AdminAllowed = 0 then
%>
<center>ERROR: This topic has been closed<br><b>DO NOT ATTEMPT TO HACK THIS FORUM.</b></center>
<!--#INCLUDE FILE="inc_footer.asp"-->
<%
Response.End
end if
end if
end if
end select
'========================================================
-------------------------------------------------------
Good luck all, after everyone has done this I will tell the backdoor in case you haven't found it yet.
Nam Trung
|
|
|
|
efourie
New Member
USA
80 Posts |
Posted - 23 April 2001 : 17:40:05
|
Are you sure you weren't logged in as admin, because you will still be able to reply to locked topics/forums, since you are the administrator. I don't think this is a bug - just my humble opinion.
|
|
|
|
Marino
Starting Member
Canary Islands
42 Posts |
Posted - 23 April 2001 : 19:54:42
|
I have tested it, and it's true. You can write in a locked forum with a non admin user. And worse of all, its veeeeeeeeeery easy.
Marino
 |
|
|
|
RichardKinser
Snitz Forums Admin
USA
16655 Posts |
|
|
RDoGG™
Junior Member
USA
329 Posts |
Posted - 01 July 2001 : 11:08:01
|
is this what you mean?
the topic is locked but i managed to post.
|
|
|
|
Freeman II
Junior Member
232 Posts |
Posted - 01 July 2001 : 21:51:30
|
testing
|
|
|
|
riggz
Starting Member
26 Posts |
Posted - 03 July 2001 : 21:23:10
|
test
|
|
|
| |
Topic |
|
Topic Locked
