Login or Register :: Home :: Search :: Your Account :: Forums :: Waraxe Advisories :: Tools :: November 23, 2024 Menu Home Logout Discussions Forums Members List IRC chat Tools Base64 coder MD5 hash CRC32 checksum ROT13 coder SHA-1 hash URL-decoder Sql Char Encoder Affiliates y3dips ITsec Md5 Cracker User Manuals AlbumNow Content Content Sections FAQ Top Info Feedback Recommend Us Search Journal Your Account User Info Welcome, Anonymous Nickname Password (Register) Membership: Latest: MichaelSnaRe New Today: 0 New Yesterday: 0 Overall: 9144 People Online: Visitors: 86 Members: 0 Total: 86 Full disclosure APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1 Local Privilege Escalations in needrestart APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2 APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1 APPLE-SA-11-19-2024-2 visionOS 2.1.1 APPLE-SA-11-19-2024-1 Safari 18.1.1 Reflected XSS - fronsetiav1.1 XXE OOB - fronsetiav1.1 St. Poelten UAS | Path Traversal in Korenix JetPort 5601 St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionO S/watchOS) SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879) Security issue in the TX Text Control .NET Server for ASP.NET. SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater Unsafe eval() in TestRail CLI IT Security and Insecurity Portal www.waraxe.us Forum Index -> PHP script decode requests -> Codelock Script Help Pls.... View previous topic :: View next topic Codelock Script Help Pls.... Posted: Tue Mar 22, 2011 5:40 am nvision Regular user Joined: Mar 22, 2011 Posts: 7 Location: CyberSpace Man, I have been searching for this site for ages!!! I have a script that is kicking my butt. I think it is codelock encrypted which is suppose to be the easiest code to crack. Maybe they have included something else along side of codelock. Will someone take a look at this script and see if you can give me some help decoding it? I'm not sure if it is the tmm.php, update.php or another file that is calling home asking for the license, but there are 2 or 3 that have been codelocked. Code: http://dl.dropbox.com/u/22302894/Script/functions.php http://dl.dropbox.com/u/22302894/Script/index.php http://dl.dropbox.com/u/22302894/Script/tmm.php http://dl.dropbox.com/u/22302894/Script/update.php http://dl.dropbox.com/u/22302894/Script/dripfeeder.php I tried to decode them, but I get some funky stuff in the output: Code: <?php ////////////////////////////////////////////////////////////////// // Backn[šÈ›ÛÜÝÈ€´‚HÇeµ…Ñ”Ý…äÑ¼µ…­”—'’6–ævÄ4(¼¼‰…­±¥¹¬€ÄÀÀÀ”µ½É powerm[â6\žH&Y½É! // // Copyright 2009 - Sean GÛ˜ZÒÒF„5…¹¥Œ5…É­ter // All riÚÈ—6W'” ////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////// // M[˜Ý[ÛœÃB‹ËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËÈB™[˜Ý–öâÆöG%»siw2‚—°Ð ––b©mõá¥ÍÑÌ Á¥¹Í¥Ñs.txt')){ '[›2Ò ¥±('r[·6—s.txt'); ›Ü–6‚‚q¥¹³ \È [™J^ÃB‚BBBI–íÍ¥Õ=trim($n[’“°Ð ’G–æw6—FW5µÓÒ&‡GG¢òò"âG%»siuNÃB‚BB_BBCB‚BBIÛ…¹±¥ÍÐõ…ÉÉ…å}Õ¹¥Åå($pingsit\ÊNÂBBBCB‚BB\™]&âF6ÆVæÆ—7C°Ð —ÖVÇ6W°Ð –W'&÷"‚$6÷VЁ¹½Ð�[™–íÍ¥Ü˝›Üˆ–쁱¥ÍЈ¤ì4(%ô4)ô4(4(4)µnction#ØY[™ÜÚ]76½ÉÐ ¥ì4(%¥˜€¡™¥±•}¸ists('r[·6—sshort.txt')){ '[›2Ò ¥±('r[·6—sshort.txt'); foreach ($n[—22q¥¹”¥ì4($$$$‘Á¥¹Í¥Ñ=trim($line); $r[·6—s[]="http://".$pingsitNÃB‚BB_BBCB‚BBI6Å…¹¹st=arra{Ý[š\]YJ [™ÜÚ]\ÊNÂBBBCB‚BB\›GW&âF6ánlist; }kÛ°Ð –ÉÉ½È ‰ ½ì›Ý&–�Á¥¹Í¥Ñsskܝ&÷"–æråÍЈ¤ì4(%ô4)ô4(4*{˜Ý[Ûˆ6Ñ}½¹Ñ•¹ÑÌ ‘™¥±•¹…µ, &[˜Ü]‚ÒfÇ4°€‘ɕͽÕɍ•}½¹Ñ•áЀô¹Õ±°¤4)ì4(€€€€€€€€€‰f (falsHOOH €ô‚op[� ¥»˜[YK ܘ‰Ë [˜ÜF‚’’°Ð¢G&•É}•ÉÉ½È ŸmØÛ۝[Ê H&–ä to#Üâ7G%…´è9¼ÍՍ �[R÷" rXÝÜžIËõM_WARNING); r]\›ˆ&Ç6S°Ð¢ÐТ�Т ±arstatØXÚJ NÃBˆYˆ œÚ^’Òf–ÆW6—¤ ’il[˜[YJJHÃBˆ ]HH'&VB‚h, $œÚ^™JNÃBˆHÇ4ì4(€€€€€€€€€€€€€€‘‘…Ñ„€ô€œœì4(€€€€€€€€€€€€€Ý¡¥±”€ �kâ‚I ¤¤ì4(€€€€€€€€€€€€€€€€€€]HHœš ’h, 8192); } } ˜ÛÜÙJ š NÃBˆ—GW&âQ…Ñ; } žæ7F–öâ7ɱ}t_š[=½¹Ñnts($url) { $options = array( CT“ÔÔ‘BNS”ÔH€ôøÑÉÕ, // ret|›ˆÖ" C$ÄõEô„TDU"Óâ!lse, // don't r]\›ˆ‡'0Т2LOPT_CÓÑS‘ÈOˆˆ‹ËÈ[™RÆÂ.codings C$ÄõEõMAGC‚Óâ'7%‘r", // wkÈ[HCBˆÉ1=AQ}Ô‘PU$H€€€€ôøÑÉÕ”°€€€€€¼¼Ít ri—&W"öâ%‘¥É£t C$ÄõEô4ôääT5ED”ÔTõP€ôø€ÄÈÀ°€€€€€€¼¼Ñ¥µ•½ô#Ûˆ6öææV7@Т5I1=@_TIMEOUOˆLŒËÈ–Õ½ÕЁ½¸ÉsponsCBˆÉ1=AQ}5aI%IL€€€€€€ôø€ÄÀ°€€€€€€€¼¼Íßp YÈ€ÄÀÉ–\–7G0Т“°Ð ТF6‚Ò Õɱ}¥¹¥Ð €‘òl ); Ý\›ÜÛF÷Eö'&’‚F6‚ÂF÷F–öç2“°Ð¢M½¹Ñ•¹Ð€ôÕɱ}¸XÊ Ú NÃBˆ \œˆHß&ÅöW'&æò‚M €¤ì4(€€€€œœ›\òÒ7W&ÅöÉÉ½È €‘ €¤ì4(€€€€‘¨r = Ý\›öÑ¥¹™¼ €“h ); c|›ØÛ÷4 €“h ); Hope someone can help or at least point me in the direction of some proggy that will help. Thanks New Links Posted: Tue Mar 22, 2011 9:54 pm nvision Regular user Joined: Mar 22, 2011 Posts: 7 Location: CyberSpace I see that everyone is using pastebin for their files, so I decided to include my links there. Just in case everyone is not familiar with dropbox. Code: http://pastebin.com/jH2MVe4W http://pastebin.com/SLuGALN5 http://pastebin.com/RXhtbgVb http://pastebin.com/DAx1pWxc Maybe this will make it easier to access the code. Thanks Posted: Wed Mar 23, 2011 1:21 am tsabitah Valuable expert Joined: Jul 07, 2010 Posts: 328 Location: surabaya index.php Code: <?php ////////////////////////////////////////////////////////////////// // Backlink Booster - The ultimate way to make every single // backlink 1000% more powerful than every before! // // Copyright 2009 - Sean Donahoe - The Manic Marketer // All rights reserved ////////////////////////////////////////////////////////////////// // if the config does not exists, redirect to install.php if (!file_exists("config.php")) { header('Location: install.php'); exit; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>Backlink Booster</title> <link rel="stylesheet" href="style.css" type="text/css" media="screen" /> <META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW"> </head> <body> <img src="images/blblogo.png"> <h1>Boost Your SEO and Each Backlink's Potential Value</h1> <?php require_once("config.php"); $hostname = strtolower(gethost()); $hostname = str_replace("www.", "", $hostname); $hostelements = explode(".", $hostname); $primaryhost = $hostelements[0]; if (file_exists($primaryhost . ".key")) { $key = get_contents($primaryhost . ".key"); if (empty($key)) { error("Your license file appears to be empty"); } } else { error("Could not find the license key " . $primaryhost . ".key"); } //sets up an instance of the class $crypt = new crypt; //assigns an encryption key to the instance $crypt->crypt_key("elephantsonparade"); //encrypts the data using the key $keystring = $crypt->decrypt($key); $keyparts = explode("|", $keystring); // Check valid domains $validdomains = explode(",", $keyparts[1]); if (!in_array($hostname, $validdomains)) { $licenceddomains = implode(", ", $validdomains); error("This is an invalid copy of this script as it is only licenced for use on the following domains:<BR>" . $licenceddomains); } $tid = $keyparts[0]; $encrptedkey = $crypt->encrypt($key); $licensecheck = curl_get_file_contents("http://themanicmarketer.com/blbcheck.php?c=" . urlencode($encrptedkey)); if ($licensecheck == "Invalid Key") { error("Key is invalid or expired"); } else { // Remeber this is double encrypted $firststrip = $crypt->decrypt($licensecheck); $rtid = $crypt->decrypt($firststrip); if ($rtid != $tid) { error("License Check Failed"); } } // Check the install script is not in place... if (file_exists("install.php")) { error("Please delete the install.php file as it presents a security risk if left in place."); } if (empty($_REQUEST["url"]) || empty($_REQUEST["skey"])) { error("It looks like you did not press the button yet..."); } $skey = urldecode($_REQUEST["skey"]); if ($skey != $secretkey) { error("Did You Press The Button? Check Your Button and the SKEY Per The Instructions..."); } $url = urldecode($_REQUEST["url"]); $title = urldecode($_REQUEST["title"]); $description = urldecode($_REQUEST["description"]); // Now, which step are we on? $action = $_REQUEST["action"]; switch ($action) { case 1: $pingsites = loadpingsites(); processit(); break; default: getdata(); } function getdata() { global $description, $url, $title, $db, $skey, $keywords, $spindescription, $spintitle; title("Checking Data For Your Link..."); info("Title", $title); info("URL", "<a href='$url'>$url</a>"); if (empty($url)) { error("No url referred... exiting"); } $timestamp = $db->get_var("select timestamp from blbooster where link='" . addslashes("$url") . "'"); if ($timestamp) { error("This link already exists in the database... exiting"); } ///////////////////////////////////////////////////// // Get Site Details.... ///////////////////////////////////////////////////// $result = getUrlData($url); if (empty($title)) { $title = $result["title"]; } $description = $result["metaTags"]["description"]["value"]; if (empty($title) || empty($description)) { $mainurl = "http://" . parse_url($url, PHP_URL_HOST); $result = getUrlData($mainurl); if (empty($description)) { $description = $result["metaTags"]["description"]["value"]; $tags = $result["metaTags"]["keywords"]["value"]; } if (!empty($title)) { $title = $result["title"]; } } // If that did not do it them lets build from our base list of fill ins if (empty($title)) { info("Title", "Creating New Title As Could Not Get One From Site"); $mainurl = "http://" . parse_url($url, PHP_URL_HOST); // Keyword builder... $rkeywords = explode(",", $keywords); shuffle($rkeywords); // Description builder... $tkeyword = array_pop($rkeywords); shuffle($spintitle); $title = array_pop($spintitle); $host = $mainurl; $swaphost = str_replace("http://", "", $mainurl); $swaphost = str_replace("www.", "", $swaphost); $swaphost = ucwords(strtolower($swaphost)); $title = str_replace("%%KEYWORD%%", $tkeyword, $title); $title = str_replace("%%HOST%%", $swaphost, $title); $title = spinit($title); } // If that did not do it them lets build from our base list of fill ins if (empty($description) || strlen($description) < 50) { $sitecontents = getUrlContents($url); $description = first_sentence($sitecontents); info("Description", "Creating New Description As Could Not Get One From Site"); // If we still could not get one then lets try the homepage! if (empty($description) || strlen($description) < 50) { $mainurl = "http://" . parse_url($url, PHP_URL_HOST); $sitecontents = getUrlContents($mainurl); $description = first_sentence($sitecontents); if (empty($description) || strlen($description) < 50) { // Keyword builder... $rkeywords = explode(",", $keywords); shuffle($rkeywords); // Description builder... $tkeyword = array_pop($rkeywords); shuffle($spindescription); $description = array_pop($spindescription); $host = $mainurl; $swaphost = str_replace("http://", "", $mainurl); $swaphost = str_replace("www.", "", $swaphost); $swaphost = ucwords(strtolower($swaphost)); $description = str_replace("%%KEYWORD%%", $tkeyword, $description); $description = str_replace("%%HOST%%", $swaphost, $description); $description = spinit($description); } } } $description = trim(preg_replace('/\s\s+/', ' ', $description)); $title = trim(preg_replace('/\s\s+/', ' ', $title)); $url = trim(preg_replace('/\s\s+/', ' ', $url)); title("Confirm The Links Information"); ?> <form name="boostit" method="post" action="index.php" style="margin:0px;"> <table width="600" border="0" cellspacing="0" cellpadding="10"> <tr> <td width="60" valign=top><strong>Title:</strong></td> <td width="auto" valign=top><input type="text" name="title" value="<?php echo $title; ?>" class="tinput" style="width:100%;"></td> </tr> <tr> <td valign=top><strong>Description:</strong></td> <td valign=top><textarea name="description" rows="5" style="width:100%" class="tinput"><?php echo $description; ?></textarea><BR><small><B>Recommended</B> - 200 characters or more and use your keywords where possible</small></td> </tr> <tr> <td colspan="2"><div align="center"><input type="image" src="images/letsrock.png" name=submit value=submit ></div></td> </tr> </table> <input type="hidden" name="url" value="<?php echo urlencode($url); ?>"> <input type="hidden" name="skey" value="<?php echo urlencode($skey); ?>"> <input type="hidden" name="action" value="1"> </form> <?php } function processit() { global $description, $url, $title, $db, $skey, $pingsites, $pingfm_enable, $onlywire_enable, $pinging_enable; // Quick Validation if (empty($url)) { error("There is no URL to Process..."); } if (empty($title)) { error("The title is empty, please go back and make sure you added one"); } if (empty($description)) { error("There is no description, please go back and add one!"); } title("Adding Link To The Database For Promotion"); // Clean The Data... $description = preg_replace('/\s\s+/', ' ', $description); $title = preg_replace('/\s\s+/', ' ', $title); $url = preg_replace('/\s\s+/', ' ', $url); info("URL", $url); info("Title", $title); info("Description", $description); $id = $db->get_var("select id from blbooster where 1 order by id desc"); $cid = $id + 1; $db->query("insert into blbooster values ($cid,'" . addslashes($url) . "','" . addslashes($title) . "','" . addslashes($description) . "','" . time() . "' ); "); subtitle("Successfully Added Site To Database"); if ($pinging_enable == "Y") { title("Pinging The URL To Make Sure It Gets Indexed Quickly"); pingit($url, urlencode($title), $pingsites); } if ($pingfm_enable == "Y") { title("Sending This Link Directly To Ping.FM For Web 2.0 Transmission"); pingfmit($description, $title, $url); } if ($onlywire_enable == "Y") { title("If you have an Onlwire Account You Can Social Bookmark This Link Now..."); info("", "Auto Social Bookmarking: <B><a target='_blank' href=\"http://onlywire.com/b/bmnoframe?u=" . rawurlencode($url) . "&t=" . rawurlencode($title) . "\">Submit This To Onlywire Now >></a></b>"); } title("Saving URL To URL List for Import To Social Bookmarking Systems"); saveit($url); title("All Done... That Backlink Was Officially Boosted!"); info("", "Check your <a href='blbrss.php'><B>Backlink Booster RSS Feed</B></a> here<BR><BR><BR>"); } footer(); ?> </body> </html> _________________ http://sms-internet.biz Posted: Wed Mar 23, 2011 1:30 am nvision Regular user Joined: Mar 22, 2011 Posts: 7 Location: CyberSpace Damn ....thanks tsabitah!!! That is awesome looking out my friend. Do you think that this thing can be nulled? I think that the tmm.php is calling home for verification of license. Again, thank you so much. I really love this place Posted: Wed Mar 23, 2011 1:31 am tsabitah Valuable expert Joined: Jul 07, 2010 Posts: 328 Location: surabaya update.php:http://pastebin.com/PwYV04Mj functions.php:http://pastebin.com/69x9Veuz dripfeeder.php:http://pastebin.com/fanwQDr8 _________________ http://sms-internet.biz Posted: Wed Mar 23, 2011 1:37 am nvision Regular user Joined: Mar 22, 2011 Posts: 7 Location: CyberSpace Jeeze man you're fast. What are you using to decode? I have been trying to find codelock 2.7 but to no avail. Now I just need to figure out how to null this sucker and I'll be flying straight. Holding up some of my marketing campaigns. Trying to learn more of this so I can be of help to someone else. Thanks my friend. Posted: Wed Mar 23, 2011 2:49 am nvision Regular user Joined: Mar 22, 2011 Posts: 7 Location: CyberSpace Were you able to crack the tmm.php file? I'm not sure if it is needed, but there is a codelock on it, so they're trying to hide something. Posted: Wed Mar 23, 2011 3:31 am johnburn Advanced user Joined: Jan 14, 2011 Posts: 199 Location: Malaysia nvision wrote: Were you able to crack the tmm.php file? I'm not sure if it is needed, but there is a codelock on it, so they're trying to hide something. tmm.php is the loader to decode all of the other files you give. Posted: Wed Mar 23, 2011 5:22 am nvision Regular user Joined: Mar 22, 2011 Posts: 7 Location: CyberSpace johnburn wrote: nvision wrote: Were you able to crack the tmm.php file? I'm not sure if it is needed, but there is a codelock on it, so they're trying to hide something. tmm.php is the loader to decode all of the other files you give. Thanks John....I kind of figured that, but wasn't sure. So if I find a way to keep this baby from checking for a valid license, I can just leave the tmm.php file in place. While I was trying to crack this one, he came out with another version I got the latest version and maybe it can be installed without any trouble if I get this one nulled. That's why I want to learn to crack these suckers myself. You guys make it seem so easy. I was told that codelock 2.7 will decode any scripts encoded with codelock. I think I know where I can get a copy, but useless if I don't know how to use it. Can't find any tuts anywhere. Posted: Thu Mar 24, 2011 1:47 am johnburn Advanced user Joined: Jan 14, 2011 Posts: 199 Location: Malaysia nvision wrote: Thanks John....I kind of figured that, but wasn't sure. So if I find a way to keep this baby from checking for a valid license, I can just leave the tmm.php file in place. While I was trying to crack this one, he came out with another version I got the latest version and maybe it can be installed without any trouble if I get this one nulled. That's why I want to learn to crack these suckers myself. You guys make it seem so easy. I was told that codelock 2.7 will decode any scripts encoded with codelock. I think I know where I can get a copy, but useless if I don't know how to use it. Can't find any tuts anywhere. You can nulled the script quite easily (remove protection, callback etc) after you had decoded it Posted: Thu Mar 24, 2011 4:23 am nvision Regular user Joined: Mar 22, 2011 Posts: 7 Location: CyberSpace Thanks John.... So I can use codelock 2.7 to decode this new version, correct? Wait a minute... I think they switched from codelock to ioncube with this version. Could you take a look and see if I'm correct? Code: index: http://pastebin.com/R5xB1tJR functions: http://pastebin.com/w2Ri9U0J dripfeeder: http://pastebin.com/Nct5LNtH Thanks so much John. When I get this sucker to working, I can get on with my business. Codelock Script Help Pls.... www.waraxe.us Forum Index -> PHP script decode requests You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum All times are GMT Page 1 of 1 All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 YearOldest FirstNewest First Select a forumSecurity Research by waraxe----------------General discussionHow to fixMetasploit relatedHash cracking requests----------------MD5 hashesAll other hashesHash related informationhttp://www.waraxe.us portal----------------SuggestionsCooperation proposalsSecurity bugs and issues in general----------------Newbies cornerSql injectionCross-site scripting aka XSSRemote file inclusionFull path disclosureShell commands injectionPhishing and Social EngineeringAll other security holesVarious software----------------PhpNukePostNukePhpBBXMB forumvBulletin BoardInvision Power Boarde107MamboJoomlaXOOPSM$ WindowsLinux worldAll other softwareCoppermine Photo GalleryProgramming languages----------------PhpMySqlPerlJavaJavascriptC and C++Visual BasicBorland Delphi and PascalPythonHTML and XMLAssemblerReverse engineering----------------Newbies cornerDisassemblingPHP script decode requestsMiscellaneous stuff----------------Future of the ITNanotechnologyFun cornerLinksTry2hack sitesProxy databaseDirect Downloads----------------ToolsTutorialsWordlistsRecycle Bin----------------Removed messagesOutdated posts Powered by phpBB � 2001-2008 phpBB Group

Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.047 Seconds