|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Codelock Script Help Pls.... |
|
Posted: Tue Mar 22, 2011 5:40 am |
|
|
nvision |
Regular user |
|
|
Joined: Mar 22, 2011 |
Posts: 7 |
Location: CyberSpace |
|
|
|
|
|
|
Man, I have been searching for this site for ages!!!
I have a script that is kicking my butt. I think it is codelock
encrypted which is suppose to be the easiest code to crack.
Maybe they have included something else along side of codelock.
Will someone take a look at this script and see if you can give me some
help decoding it? I'm not sure if it is the tmm.php, update.php or another
file that is calling home asking for the license, but there are 2 or 3 that have been codelocked.
Code: | http://dl.dropbox.com/u/22302894/Script/functions.php
http://dl.dropbox.com/u/22302894/Script/index.php
http://dl.dropbox.com/u/22302894/Script/tmm.php
http://dl.dropbox.com/u/22302894/Script/update.php
http://dl.dropbox.com/u/22302894/Script/dripfeeder.php |
I tried to decode them, but I get some funky stuff in the output:
Code: |
<?php
//////////////////////////////////////////////////////////////////
// Backn[šÈ›ÛÜÝÈ€´‚HÇeµ…є݅äѼµ…”—'’6–ævÄ4(¼¼‰…±¥¹¬€ÄÀÀÀ”µ½É powerm[â6\žH&Y½É!
//
// Copyright 2009 - Sean GÛ˜ZÒÒF„5…¹¥Œ5…Éter
// All riÚÈ—6W'”
//////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////
// M[˜Ý[ÛœÃB‹ËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËËÈB™[˜Ý–öâÆöG%»siw2‚—°Ð ––b©mõá¥ÍÑÌ Á¥¹Í¥Ñs.txt')){
'[›2Ò ¥±('r[·6—s.txt');
›Ü–6‚‚q¥¹³ \È [™J^ÃB‚BBBI–íÍ¥Õ=trim($n[’“°Ð ’G–æw6—FW5µÓÒ&‡GG¢òò"âG%»siuNÃB‚BB_BBCB‚BBIÛ…¹±¥ÍÐõ…ÉÉ…å}Õ¹¥Åå($pingsit\ÊNÂBBBCB‚BB\™]&âF6ÆVæÆ—7C°Ð —ÖVÇ6W°Ð –W'&÷"‚$6÷Vй½Ð[™–íÍ¥Ü˛܈–ì±¥ÍЈ¤ì4(%ô4)ô4(4(4)µnction#ØY[™ÜÚ]76½ÉÐ ¥ì4(%¥˜€¡™¥±•}¸ists('r[·6—sshort.txt')){
'[›2Ò ¥±('r[·6—sshort.txt');
foreach ($n[—22q¥¹”¥ì4($$$$‘Á¥¹Í¥Ñ=trim($line);
$r[·6—s[]="http://".$pingsitNÃB‚BB_BBCB‚BBI6Å…¹¹st=arra{Ý[š\]YJ [™ÜÚ]\ÊNÂBBBCB‚BB\›GW&âF6ánlist;
}kÛ°Ð –ÉÉ½È ‰
½ì›Ý&–Á¥¹Í¥ÑsskÜ&÷"–æråÍЈ¤ì4(%ô4)ô4(4*{˜Ý[Ûˆ6Ñ}½¹Ñ•¹ÑÌ ‘™¥±•¹…µ, &[˜Ü]‚ÒfÇ4°€‘ɕͽÕÉ•}½¹Ñ•áЀô¹Õ±°¤4)ì4(€€€€€€€€€‰f (falsHOOH €ô‚op[ ¥»˜[YK ܘ‰Ë [˜ÜF‚’’°Ð¢G&•É}•ÉÉ½È ŸmØÛÛ[Ê
H&–ä to#Üâ7G%…´è9¼ÍÕ [R÷" rXÝÜžIËõM_WARNING);
r]\›ˆ&Ç6S°Ð¢ÐТ�Т
±arstatØXÚJ
NÃBˆYˆ
œÚ^’Òf–ÆW6—¤ ’il[˜[YJJHÃBˆ ]HH'&VB‚h, $œÚ^™JNÃBˆHÇ4ì4(€€€€€€€€€€€€€€‘‘…Ñ„€ô€œœì4(€€€€€€€€€€€€€Ý¡¥±”€ kâ‚I ¤¤ì4(€€€€€€€€€€€€€€€€€€]HHœš ’h, 8192);
}
}
˜ÛÜÙJ š
NÃBˆ—GW&âQ…Ñ;
}
žæ7F–öâ7ɱ}t_š[=½¹Ñnts($url)
{
$options = array(
CT“ÔÔ‘BNS”ÔH€ôøÑÉÕ, // ret|›ˆÖ"
C$ÄõEô„TDU"Óâ!lse, // don't r]\›ˆ‡'0Т2LOPT_CÓÑS‘ÈOˆˆ‹ËÈ[™RÆÂ.codings
C$ÄõEõMAGC‚Óâ'7%‘r", // wkÈ[HCBˆÉ1=AQ}Ô‘PU$H€€€€ôøÑÉÕ”°€€€€€¼¼Ít ri—&W"öâ%‘¥É£t
C$ÄõEô4ôääT5ED”ÔTõP€ôø€ÄÈÀ°€€€€€€¼¼Ñ¥µ•½ô#Ûˆ6öææV7@Т5I1=@_TIMEOUOˆLŒËÈ–Õ½Õн¸ÉsponsCBˆÉ1=AQ}5aI%IL€€€€€€ôø€ÄÀ°€€€€€€€¼¼Íßp YÈ€ÄÀÉ–\–7G0Т“°Ð ТF6‚Ò
Õɱ}¥¹¥Ð €‘òl );
Ý\›ÜÛF÷Eö'&’‚F6‚ÂF÷F–öç2“°Ð¢M½¹Ñ•¹Ð€ôÕɱ}¸XÊ Ú
NÃBˆ \œˆHß&ÅöW'&æò‚M €¤ì4(€€€€œœ›\òÒ7W&ÅöÉÉ½È €‘ €¤ì4(€€€€‘¨r = Ý\›öÑ¥¹™¼ €“h );
c|›ØÛ÷4 €“h ); |
Hope someone can help or at least point me in the direction of some proggy that will help.
Thanks |
|
|
|
|
|
|
New Links |
|
Posted: Tue Mar 22, 2011 9:54 pm |
|
|
nvision |
Regular user |
|
|
Joined: Mar 22, 2011 |
Posts: 7 |
Location: CyberSpace |
|
|
|
|
|
|
I see that everyone is using pastebin for their files, so I decided to include
my links there. Just in case everyone is not familiar with dropbox.
Code: | http://pastebin.com/jH2MVe4W
http://pastebin.com/SLuGALN5
http://pastebin.com/RXhtbgVb
http://pastebin.com/DAx1pWxc |
Maybe this will make it easier to access the code.
Thanks |
|
|
|
|
|
|
|
|
Posted: Wed Mar 23, 2011 1:21 am |
|
|
tsabitah |
Valuable expert |
|
|
Joined: Jul 07, 2010 |
Posts: 328 |
Location: surabaya |
|
|
|
|
|
|
index.php
Code: | <?php
//////////////////////////////////////////////////////////////////
// Backlink Booster - The ultimate way to make every single
// backlink 1000% more powerful than every before!
//
// Copyright 2009 - Sean Donahoe - The Manic Marketer
// All rights reserved
//////////////////////////////////////////////////////////////////
// if the config does not exists, redirect to install.php
if (!file_exists("config.php")) {
header('Location: install.php');
exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Backlink Booster</title>
<link rel="stylesheet" href="style.css" type="text/css" media="screen" />
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
</head>
<body>
<img src="images/blblogo.png">
<h1>Boost Your SEO and Each Backlink's Potential Value</h1>
<?php
require_once("config.php");
$hostname = strtolower(gethost());
$hostname = str_replace("www.", "", $hostname);
$hostelements = explode(".", $hostname);
$primaryhost = $hostelements[0];
if (file_exists($primaryhost . ".key")) {
$key = get_contents($primaryhost . ".key");
if (empty($key)) {
error("Your license file appears to be empty");
}
} else {
error("Could not find the license key " . $primaryhost . ".key");
}
//sets up an instance of the class
$crypt = new crypt;
//assigns an encryption key to the instance
$crypt->crypt_key("elephantsonparade");
//encrypts the data using the key
$keystring = $crypt->decrypt($key);
$keyparts = explode("|", $keystring);
// Check valid domains
$validdomains = explode(",", $keyparts[1]);
if (!in_array($hostname, $validdomains)) {
$licenceddomains = implode(", ", $validdomains);
error("This is an invalid copy of this script as it is only licenced for use on the following domains:<BR>" . $licenceddomains);
}
$tid = $keyparts[0];
$encrptedkey = $crypt->encrypt($key);
$licensecheck = curl_get_file_contents("http://themanicmarketer.com/blbcheck.php?c=" . urlencode($encrptedkey));
if ($licensecheck == "Invalid Key") {
error("Key is invalid or expired");
} else {
// Remeber this is double encrypted
$firststrip = $crypt->decrypt($licensecheck);
$rtid = $crypt->decrypt($firststrip);
if ($rtid != $tid) {
error("License Check Failed");
}
}
// Check the install script is not in place...
if (file_exists("install.php")) {
error("Please delete the install.php file as it presents a security risk if left in place.");
}
if (empty($_REQUEST["url"]) || empty($_REQUEST["skey"])) {
error("It looks like you did not press the button yet...");
}
$skey = urldecode($_REQUEST["skey"]);
if ($skey != $secretkey) {
error("Did You Press The Button? Check Your Button and the SKEY Per The Instructions...");
}
$url = urldecode($_REQUEST["url"]);
$title = urldecode($_REQUEST["title"]);
$description = urldecode($_REQUEST["description"]);
// Now, which step are we on?
$action = $_REQUEST["action"];
switch ($action) {
case 1:
$pingsites = loadpingsites();
processit();
break;
default:
getdata();
}
function getdata()
{
global $description, $url, $title, $db, $skey, $keywords, $spindescription, $spintitle;
title("Checking Data For Your Link...");
info("Title", $title);
info("URL", "<a href='$url'>$url</a>");
if (empty($url)) {
error("No url referred... exiting");
}
$timestamp = $db->get_var("select timestamp from blbooster where link='" . addslashes("$url") . "'");
if ($timestamp) {
error("This link already exists in the database... exiting");
}
/////////////////////////////////////////////////////
// Get Site Details....
/////////////////////////////////////////////////////
$result = getUrlData($url);
if (empty($title)) {
$title = $result["title"];
}
$description = $result["metaTags"]["description"]["value"];
if (empty($title) || empty($description)) {
$mainurl = "http://" . parse_url($url, PHP_URL_HOST);
$result = getUrlData($mainurl);
if (empty($description)) {
$description = $result["metaTags"]["description"]["value"];
$tags = $result["metaTags"]["keywords"]["value"];
}
if (!empty($title)) {
$title = $result["title"];
}
}
// If that did not do it them lets build from our base list of fill ins
if (empty($title)) {
info("Title", "Creating New Title As Could Not Get One From Site");
$mainurl = "http://" . parse_url($url, PHP_URL_HOST);
// Keyword builder...
$rkeywords = explode(",", $keywords);
shuffle($rkeywords);
// Description builder...
$tkeyword = array_pop($rkeywords);
shuffle($spintitle);
$title = array_pop($spintitle);
$host = $mainurl;
$swaphost = str_replace("http://", "", $mainurl);
$swaphost = str_replace("www.", "", $swaphost);
$swaphost = ucwords(strtolower($swaphost));
$title = str_replace("%%KEYWORD%%", $tkeyword, $title);
$title = str_replace("%%HOST%%", $swaphost, $title);
$title = spinit($title);
}
// If that did not do it them lets build from our base list of fill ins
if (empty($description) || strlen($description) < 50) {
$sitecontents = getUrlContents($url);
$description = first_sentence($sitecontents);
info("Description", "Creating New Description As Could Not Get One From Site");
// If we still could not get one then lets try the homepage!
if (empty($description) || strlen($description) < 50) {
$mainurl = "http://" . parse_url($url, PHP_URL_HOST);
$sitecontents = getUrlContents($mainurl);
$description = first_sentence($sitecontents);
if (empty($description) || strlen($description) < 50) {
// Keyword builder...
$rkeywords = explode(",", $keywords);
shuffle($rkeywords);
// Description builder...
$tkeyword = array_pop($rkeywords);
shuffle($spindescription);
$description = array_pop($spindescription);
$host = $mainurl;
$swaphost = str_replace("http://", "", $mainurl);
$swaphost = str_replace("www.", "", $swaphost);
$swaphost = ucwords(strtolower($swaphost));
$description = str_replace("%%KEYWORD%%", $tkeyword, $description);
$description = str_replace("%%HOST%%", $swaphost, $description);
$description = spinit($description);
}
}
}
$description = trim(preg_replace('/\s\s+/', ' ', $description));
$title = trim(preg_replace('/\s\s+/', ' ', $title));
$url = trim(preg_replace('/\s\s+/', ' ', $url));
title("Confirm The Links Information");
?>
<form name="boostit" method="post" action="index.php" style="margin:0px;">
<table width="600" border="0" cellspacing="0" cellpadding="10">
<tr>
<td width="60" valign=top><strong>Title:</strong></td>
<td width="auto" valign=top><input type="text" name="title" value="<?php
echo $title;
?>" class="tinput" style="width:100%;"></td>
</tr>
<tr>
<td valign=top><strong>Description:</strong></td>
<td valign=top><textarea name="description" rows="5" style="width:100%" class="tinput"><?php
echo $description;
?></textarea><BR><small><B>Recommended</B> - 200 characters or more and use your keywords where possible</small></td>
</tr>
<tr>
<td colspan="2"><div align="center"><input type="image" src="images/letsrock.png" name=submit value=submit ></div></td>
</tr>
</table>
<input type="hidden" name="url" value="<?php
echo urlencode($url);
?>">
<input type="hidden" name="skey" value="<?php
echo urlencode($skey);
?>">
<input type="hidden" name="action" value="1">
</form>
<?php
}
function processit()
{
global $description, $url, $title, $db, $skey, $pingsites, $pingfm_enable, $onlywire_enable, $pinging_enable;
// Quick Validation
if (empty($url)) {
error("There is no URL to Process...");
}
if (empty($title)) {
error("The title is empty, please go back and make sure you added one");
}
if (empty($description)) {
error("There is no description, please go back and add one!");
}
title("Adding Link To The Database For Promotion");
// Clean The Data...
$description = preg_replace('/\s\s+/', ' ', $description);
$title = preg_replace('/\s\s+/', ' ', $title);
$url = preg_replace('/\s\s+/', ' ', $url);
info("URL", $url);
info("Title", $title);
info("Description", $description);
$id = $db->get_var("select id from blbooster where 1 order by id desc");
$cid = $id + 1;
$db->query("insert into blbooster values ($cid,'" . addslashes($url) . "','" . addslashes($title) . "','" . addslashes($description) . "','" . time() . "' ); ");
subtitle("Successfully Added Site To Database");
if ($pinging_enable == "Y") {
title("Pinging The URL To Make Sure It Gets Indexed Quickly");
pingit($url, urlencode($title), $pingsites);
}
if ($pingfm_enable == "Y") {
title("Sending This Link Directly To Ping.FM For Web 2.0 Transmission");
pingfmit($description, $title, $url);
}
if ($onlywire_enable == "Y") {
title("If you have an Onlwire Account You Can Social Bookmark This Link Now...");
info("", "Auto Social Bookmarking: <B><a target='_blank' href=\"http://onlywire.com/b/bmnoframe?u=" . rawurlencode($url) . "&t=" . rawurlencode($title) . "\">Submit This To Onlywire Now >></a></b>");
}
title("Saving URL To URL List for Import To Social Bookmarking Systems");
saveit($url);
title("All Done... That Backlink Was Officially Boosted!");
info("", "Check your <a href='blbrss.php'><B>Backlink Booster RSS Feed</B></a> here<BR><BR><BR>");
}
footer();
?>
</body>
</html>
|
|
|
|
|
|
|
|
|
|
Posted: Wed Mar 23, 2011 1:30 am |
|
|
nvision |
Regular user |
|
|
Joined: Mar 22, 2011 |
Posts: 7 |
Location: CyberSpace |
|
|
|
|
|
|
Damn ....thanks tsabitah!!!
That is awesome looking out my friend. Do you think that this
thing can be nulled? I think that the tmm.php is calling home for
verification of license.
Again, thank you so much. I really love this place |
|
|
|
|
Posted: Wed Mar 23, 2011 1:31 am |
|
|
tsabitah |
Valuable expert |
|
|
Joined: Jul 07, 2010 |
Posts: 328 |
Location: surabaya |
|
|
|
|
|
|
update.php:http://pastebin.com/PwYV04Mj
functions.php:http://pastebin.com/69x9Veuz
dripfeeder.php:http://pastebin.com/fanwQDr8 |
|
|
|
|
Posted: Wed Mar 23, 2011 1:37 am |
|
|
nvision |
Regular user |
|
|
Joined: Mar 22, 2011 |
Posts: 7 |
Location: CyberSpace |
|
|
|
|
|
|
Jeeze man you're fast. What are you using to decode?
I have been trying to find codelock 2.7 but to no avail.
Now I just need to figure out how to null this sucker and
I'll be flying straight. Holding up some of my marketing
campaigns.
Trying to learn more of this so I can be of help to someone
else.
Thanks my friend. |
|
|
|
|
Posted: Wed Mar 23, 2011 2:49 am |
|
|
nvision |
Regular user |
|
|
Joined: Mar 22, 2011 |
Posts: 7 |
Location: CyberSpace |
|
|
|
|
|
|
Were you able to crack the tmm.php file?
I'm not sure if it is needed, but there is a codelock on
it, so they're trying to hide something. |
|
|
|
|
Posted: Wed Mar 23, 2011 3:31 am |
|
|
johnburn |
Advanced user |
|
|
Joined: Jan 14, 2011 |
Posts: 199 |
Location: Malaysia |
|
|
|
|
|
|
nvision wrote: | Were you able to crack the tmm.php file?
I'm not sure if it is needed, but there is a codelock on
it, so they're trying to hide something. |
tmm.php is the loader to decode all of the other files you give. |
|
|
|
|
|
|
|
|
Posted: Wed Mar 23, 2011 5:22 am |
|
|
nvision |
Regular user |
|
|
Joined: Mar 22, 2011 |
Posts: 7 |
Location: CyberSpace |
|
|
|
|
|
|
johnburn wrote: | nvision wrote: | Were you able to crack the tmm.php file?
I'm not sure if it is needed, but there is a codelock on
it, so they're trying to hide something. |
tmm.php is the loader to decode all of the other files you give. |
Thanks John....I kind of figured that, but wasn't sure. So if I find a way to
keep this baby from checking for a valid license, I can just leave the tmm.php file in place.
While I was trying to crack this one, he came out with another version
I got the latest version and maybe it can be installed without any trouble if
I get this one nulled.
That's why I want to learn to crack these suckers myself. You guys make it seem so easy. I was told that codelock 2.7 will decode any scripts encoded with codelock. I think I know where I can get a copy, but useless if I don't know how to use it. Can't find any tuts anywhere. |
|
|
|
|
|
|
|
|
Posted: Thu Mar 24, 2011 1:47 am |
|
|
johnburn |
Advanced user |
|
|
Joined: Jan 14, 2011 |
Posts: 199 |
Location: Malaysia |
|
|
|
|
|
|
nvision wrote: |
Thanks John....I kind of figured that, but wasn't sure. So if I find a way to
keep this baby from checking for a valid license, I can just leave the tmm.php file in place.
While I was trying to crack this one, he came out with another version
I got the latest version and maybe it can be installed without any trouble if
I get this one nulled.
That's why I want to learn to crack these suckers myself. You guys make it seem so easy. I was told that codelock 2.7 will decode any scripts encoded with codelock. I think I know where I can get a copy, but useless if I don't know how to use it. Can't find any tuts anywhere. |
You can nulled the script quite easily (remove protection, callback etc) after you had decoded it |
|
|
|
|
|
|
|
|
Posted: Thu Mar 24, 2011 4:23 am |
|
|
nvision |
Regular user |
|
|
Joined: Mar 22, 2011 |
Posts: 7 |
Location: CyberSpace |
|
|
|
|
|
|
Thanks John....
So I can use codelock 2.7 to decode this new version, correct?
Wait a minute... I think they switched from codelock to ioncube with this
version. Could you take a look and see if I'm correct?
Code: | index: http://pastebin.com/R5xB1tJR
functions: http://pastebin.com/w2Ri9U0J
dripfeeder: http://pastebin.com/Nct5LNtH |
Thanks so much John. When I get this sucker to working, I can get on with my business. |
|
|
|
|
www.waraxe.us Forum Index -> PHP script decode requests
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB 2001-2008 phpBB Group
|
|
|
|
|