Waraxe IT Security Portal

:: Home :: Search :: Your Account :: Forums :: Waraxe Advisories :: Tools ::

November 23, 2024

Menu

Home

Logout

Discussions

	Forums
	Members List
	IRC chat

Tools

	Base64 coder
	MD5 hash
	CRC32 checksum
	ROT13 coder
	SHA-1 hash
	URL-decoder
	Sql Char Encoder

Affiliates

	y3dips ITsec
	Md5 Cracker
	User Manuals
	AlbumNow

Content

	Content
	Sections
	FAQ
	Top

Info

	Feedback
	Recommend Us
	Search
	Journal
	Your Account

User Info

Membership:

Latest: MichaelSnaRe

New Today: 0

New Yesterday: 0

Overall: 9144

People Online:

Visitors: 85

Members: 0

Total: 85

Full disclosure

APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1
Local Privilege Escalations in needrestart
APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2
APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1
APPLE-SA-11-19-2024-2 visionOS 2.1.1
APPLE-SA-11-19-2024-1 Safari 18.1.1
Reflected XSS - fronsetiav1.1
XXE OOB - fronsetiav1.1
St. Poelten UAS | Path Traversal in Korenix JetPort 5601
St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro
Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionO S/watchOS)
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI

IT Security and Insecurity Portal

www.waraxe.us Forum Index -> PHP script decode requests -> Help with Decode
	View previous topic :: View next topic

Help with Decode

Posted: Mon Jan 19, 2009 5:08 pm

allbiz

Beginner

Joined: Jan 19, 2009

Posts: 1

Ok.I have tried some of the online tools, but don't seem to be getting anywhere. The file just shrinks from 5K to 500Bytes. I am over my head on this one. I need to change some parameters in this file and could really use a full decode. Also, any expert advice on the security aspects of this file would be greatly appreciated. I'll be happy to PayPal a "donation" for an early decrypt!

Thanks in advance!

Code:

Code:

<?php // This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited.
$OOO0O0O00=__FILE__;$O00O00O00=__LINE__;$OO00O0000=3996;eval(gzuncompress(base64_decode('eNplj1dvwjAAhP9MpNgiCJMFUZQH9sbs9VJlOAOysDMgv76gVm2l6u7pdPdJx2GEEH4JGW6SkhhwGOOvQOCpxUO99IOQgHqdw+/i29D1SMYA9zMVmkiUof4vlpGmQv1F/F4aXpXHdhKllDAGLJMRVf5wiJ04BLCMZhS4lJjOX4QiqVDg74NaT0xKzB5mF1V+sBydVkdNKmZUvqX9q3IZW20nm+d2PDx0mm4YNZ7rnbfdkPNkul+0VIMX+E631x8MR+PJdDZfLPFqvdnu9ofj6XwxLdshrucH11sYxUl6pyzLi/LxrFBTlGRFbbW1WoOHEOqkMEPwewjqn85iXyI=')));return;?>
jzFzd91PI8qWH5MaCfz0TVOPEdPqZQ+C+cabVK8vtTYcDSddlr+doiugEAMeMzOrjDdJ4URIAAz8UbpfAgCQiq1ZyY93E+MRrnauHNXtAw9oOqbjxeCUAKMSZbMNLdjtq0N9dVqffKNsIGQx0d0I0W09XtYcE6d+LqadqzCnqsgumgwltLHD6OvDFFFpsbLpCBXkAF/dmcv0tGqJ7eCM94R647Lnh7H8FU18cuda/hVvwJGz4KDX7Zv6umctP+OKou1c/YZhis6XQM0C+p1qNboK4C/E0xn0HTwqJGFfhWkLTvgG/JPSQmSGHvtdF/t22hKG2a3ttbX3m+xyKiP6virv8dwyUvnejzJsaTM1SGuDx5QSU1t6h8u4v0lLFVHehReDBQFGunrHzucpgwhGffMRU7vMCoeL9mURJ9KiSRHmDue/OoShxg5vTY1kQJ7kRpU5On7jvgJrscmZvbkUkXvXB+63WftyWSR5DJPjhwcj1MFDdTiv5a/tDjzNYqn7ZonDSCEEl1DbDPUqIb+mGN==jzV13f1PSTZX6TI96eDEYKRZe1ZUDFffm+kVZ+EAqjrAd/X9noyyzBKoj824/5ODUVM5MQmd7K2mLSPVitm9exwLnJfuuJUrWMtZM+OgwzTyK/4zLGRWeTtAkHM3UZdj/DuBN7n0sLsSOGnyycI4N6tkSPEHTHfGV3FXCZhikYi6yh5zFfjXi6UdLM3G//sfHJI1GQXmi9UhkpjGZMHhduyTxgZxAWKlKLySX3I8tBbjwYFp8CQ5xgYski8Z2mVigOjPPNhTjXPWPI8NXvCpkxooHLkhdEwpLTk0PKZkdPCbxB+Y0Q2QPVbFjHDYc31QXtc2iJr01/JWke9nFfeNRZ4QY025/2eWH1PH3m4UuWNxzSc2HSt+LGFbhwhkGqySquyhcMGRH9bg9i+WREBFmefEh/PAN8fZa/Da01PBO1cxoNQ2MA2CBDZUcyiKhduCHis1UvPeF+8dohmEEbqGMlwJoiSNW8kk0uV3HvvpxUCc1zfYxBbzHO/UkRW1jzpyprtn++iqao6z4xBIWHKUgAZhd8QFmoHk4qRtek4tMqjWsKvQ3W/krLDavrzTfbD3tJyJxDmCyclQy607SpSWAuiSsmn7ODb0SPh13dogN5Qxg+BzBQ8gmz+wjAYQY91eNZ9ZNFVmWQkRBZVPnBqJdP16U7IdCZlksIMj2Nm1y+lPDZ0lzBjxdFajdNlf5hjmwwr9EM6t+FxSse8LVpiCN1WNn2zwJvldpFje90zUV9nOk3p+VswnuN8YubAziIrp4liXXqKC+0zhxYYinDrjhscyPu03ttxFYiaSMI7BNklvI//lX6tEQEBSHi88QAg95mAgvDs+tASVsGHt5OGa+jeFceG1EDWGjCwmlIOkbTkKje29blBQFzzgkY9HMAcAAJ5azaO6FvVRGK3pKxwORDRVgQBN+tWvD+cNrJNbi0b7stDSf0z41yidyiLMkoYwOdbOzIcaH8sY5+STaui9hB6F3DT7hk6FDYGgmoAgTpxFLs2gTkHFTBzF30HVwqzcMGFc3F0S+JgmuzXTgkkxH6ko8DW83yrd8odQrPi2qPBCPU2iEUqXiYqV5LxtVjRqqE8BZ3rFkHAyPP2ZoH/p99Llpmtx+ugW17RL4jjFPT4SNgA5aOi1T+4xMS64Sc5rsMWkXG644t480hwMEzc1Lz4D23J5TYq0ryXxqHFo9BbAGAKGwDVhikoCteCq+z/cNej4WorlzcrOQpKc+udwOnc/6HHQ8v47aIvaaQ5vx7S7nGQXA6c2PDJ+iIMRtMcGwbjzT9xsAwbZ9zDoVcBBp75F+4yH2057maD5NXtGv0NmF7Fre9p3DfXIfAaZNxvrXlry1YGCtDJi+RfyLH9dqrzZ/FBnTYg+HWuGaOnGtuBZoemc0NUNPG2aUywSdqvJAp/th8t4jlE4Su9rJ5Wp328MVwztBWAIIeoxrjr0n/NP6GkgmdN2T32TzKfFKw7WobQZy4sZT5tBYxyqbTChKuz5rsYw8mH4Pqot+rakA8+sJ2Ec5KpsCeZ7W17Et+hmnHcBG+ZIEWTXjem1SIHAus+Eb3G3S9bbxY+0oozYH18v8UKqcVwe0d+MvHNj9Crf90e5cO0VwMpaOHMsooRrNEPfSao44RhKXxu5+wZmEo68bWON0axPbD/TBg+bsOlB3cx1r4iuHNJceAMFtNSAzWF6OVDOsemqsaYAbhgzchrZwz9H5IpA+ZeTkk0Fq0DqSfcQ7/mbiPYAZ99VGoAhGAn20oBpDxdTTaACFoajNmRTBCoRPKo/tFwpQV16t0OH/pyDbMYYKaKPUMLUH+prOvhYarfxELTbkfkLGK6GT6B2zPpljTUw7tNKrVsynAgA6rOjvGIXrtjJ7WVKTzGJ3eYxQGLM8g2TAkMXpnj+EEdFg+9QXrqok9S1asdnLOHrW0w+oUk9cme1K4m4aDHEifN/t8iimTyyvqZTw3EbX1f6ciw+sdxlGkfahqVM3jsmB7468RoEO9a6AaHNGFJctoyaHsW2BtKXNP8ufAnwLeGqBlhk6q2cEiy2r7J2eMsQ3COs7Kdq+vuETiv+2cwOTQs2TP2A/DdrqDqPnX2uKXFKbJAqeEj+YvG0ezsCslgJ5dgAge3Uq0piqaHMABF5f1rtnSUzSbpuRXMiGU+UJUWf6gx9WDKOo/DzFH6Qq+HaSoYp65Bt8/L+T/pmPy+elG/DjpwKx0/nL9eqPx0wuM8H5kx5ORA8dmQENrXgDuBye925+kqlkEsUtyvjwiATX30yM5H234pwbsYKkeNuxm+hHHXqKqxaKk4auFsL14iZM9Ngsrbf5mIkCkSO3iMsvwHdvkRNpHzhKMol7PXXS4alcnJCA9RVJBQvJJkJYYTVTf1kgIP6AXzZaaYU/eeAg2BFvhbqpTbgWkQlelKN8864pLqWtTM46MQYE9q/LaFtXPu7fLV47wRuo7zxivUMWLv1hbfqfllaSQW/jXnaeABB+RlYupbTmV0nPK3rncyL2TeXOXfsutSEyDDDwthc+A3vyHI9834Cfelksg7tqNmj/NkN2zx24TBoexiskGd/RchErBGfyMEavk76HHX7ho34eWa/gql8t0AJ2azilUoaRwvBUo/CvPL3dcu7AGKt1nbg+2WD3sAXViAduP4unHvRZ+UHR1iW+JNPQR9nF+dHdsGCWnFkLH9ABERKm+E1bsChaeqhKoTeiAlaZK8fUIFaW9XbxSY61GaxjtxIO2pHf+3NFXkkP8B/so4y6Eak4LCWBom1Yy5CK1c63mX/UCfGHEEekd4cTE/IeI0Foqr1obGNviWVl2BWZHnsPQVNWJ2bgi0WLBlRz8+Jq1Eus0zMlVzVvbs5Dqr0hs7PZTr8hnR3KvoAbTkDp0kjLI2vzFrT+2RpL275c/avhewkLvVmQ52MYgYe7fd9mQXEBZJ/1/ZnWnTAv2nKnz+8GmZoqzu4s55eBwhS7e/TZqREN++hx5Oe9npFwXbtXdHhq8fABDThAqqfbXe2NIus0EnZJ0kNwDp3yKa0DhUYWAnPobYnEMHoaD5q1nyaBSkjKLMAN9MU/9cVWJTdrwmqXv8QUxyT1yMLCNK+82fB/nL8PAcFGN7J5Xjd/nwFEVcat+kkRLayqGcGHNC0BplC9gdj9Ah+Qn39mNBeJKEnAoNGdWd+IGJBWNNgxKHMyHo/XTvx0hWU+L1bmGX6tEnXNaIf/mCvsWIh2+6Gz7isDetXO8JOedXh+E8r9R5xHPjbUZf0safir2Gnv31g4DUCedIr3xHVEHlXg5W9ZGORmnPbknGbEOINknWwdq4qTgE/wN5sLW7ZWdso2f+7Hd1C3krCaupQkeO7oBEAjeNeX8/C00F8mN/b0YqwA90jskGykz75dP2zap0lTL//Fdq/SXdqWXjFZMjONFbj2z5mSVnQKxihKWRoNxTDaCbyVAOjTy9KLd4We0P/EuKXzYXrd8cUYsvef1iVtM4wI641EXjGKROBlYG9o03AWSsdLIlSn994sx68p3tDMN51yY3IVol1zxfkF6z7JULWvVRLTfFRBmkuxyMpEZ5JOgO7XbGDDD4WM54o8OARrSp3txNPSi1tYJfJSJlSS9uJQEFputAvxJugX71nm58lhJunuyYZ349Dh8p7E6UTOtF8Nh664CGWR1y3UDqkAxaUwNwrX4u9gU9w6U0NY6UKYPA/yZxbR+7luI3belTgn5+pUBaW2OxQk4ULQiI/NamTQvMDdj4VBmwaXrMmcqz7AZhVHUK2NsEiEmqv0syjS4KqorIQnF3Ei4vyDL6xA9V7LAYtdrAI6q3r61gOdQWyUTjgTO3yUmtGY+3Y7kxqvBm5asRsR7Kb2fN3K/xCUbDonqns1KuDcYskLTsT5tpmoLi/fTh/S+egAgfV9Yr3+pGjisq8bIk5Fj6At2fE0gBawCVzLDHAPiUbXu9PrHp9RvM3V0IXuYmdjKJUPXL+gRfVddPUri6vhKQZrx86ly5MYuO/Pgv6EvkwHpq=

Posted: Mon Jan 19, 2009 11:07 pm

waraxe

Site admin

Joined: May 11, 2004

Posts: 2407

Location: Estonia, Tartu

Code:

<?php
if(time()>1207008000)die('This script has expired.');

require('program.php');
require('top.php');
;echo '<center><br><br>
';
if ($submit) {
if (!$id || !$first || !$last || !$email || !$acc || !$pass || !$pass2) {
echo "Sorry! You didn't fill in all the fields!";
} elseif ($pass != $pass2) {
echo 'Sorry! Your passwords do not match';
} else {
$joindate = date('d.m.Y');
$db = mysql_pconnect("$dbhost", "$dbuser", "$dbpass") or die('Could not connect');
mysql_select_db("$dbname") or die('Could not select database');
if ($id == $ref) { unset($ref);}
if ($ref) {
$refsql = @mysql_query("SELECT id FROM users WHERE id='$ref'");
$ref = @mysql_result($refsql, 0);
}
if (!$ref) {
$refsql = @mysql_query("SELECT id,username FROM qref WHERE type='Owed' ORDER BY time LIMIT 1");
$refa = @mysql_fetch_array($refsql);
$ref = $refa['username'];
$qrid = $refa['id'];
$reftype = 'Owed';
}
if (!$ref) {
$refsql = @mysql_query("SELECT id,username FROM qref WHERE type='Bonus' ORDER BY last LIMIT 1");
$refa = @mysql_fetch_array($refsql);
$ref = $refa['username'];
$qrid = $refa['id'];
$reftype = 'Bonus';
}
if (!$ref && $id != 'admin') $ref = 'admin';
$l = 0;
if ($ref) $cl = array($ref);
for (;;) {
if (!$ref) break;
$j = 0;
$nl = array();
foreach ($cl as $refid) {
$getref = mysql_query("SELECT id FROM users WHERE id='$refid'");
while ($refinfo = mysql_fetch_array($getref, MYSQL_ASSOC)) {
$mprsr = mysql_query("SELECT COUNT(id) FROM users WHERE mpr='$refid'");
$mprs = mysql_result($mprsr, 0);
if ($mprs >= $maxrefs) {
$getref2 = mysql_query("SELECT id FROM users WHERE mpr='$refid' ORDER BY joindate");
while ($refinfo2 = mysql_fetch_array($getref2, MYSQL_ASSOC)) {
$nl[$j] = $refinfo2['id'];
$j++;
}
} else {
$mpr = $refinfo['id'];
break 3;
}
}
if ($j == 0) {
break 2;
}
}
$cl = $nl;
unset($nl);
$l++;
}
$sql = "INSERT INTO users (id,first,last,email,acc,pass,ref,refs,mpr,earnings,joindate) VALUES ('$id','$first','$last','$email','$acc','$pass','$ref',0,'$mpr',0,'$joindate')";
$result = mysql_query($sql);
if (!$result) {
echo "<br><br><FONT face=Verdana size=3><b>Sorry! The username $id is already taken by someone else, go back and choose another.</b></font><br><br><p><p>";
} else {
if ($ref) {
$usql = "UPDATE users SET refs=refs+1 WHERE id='$ref'";
$updaterefs = mysql_query($usql);
$tmpr = $id;
foreach ($referral_levels as $level) {
$refresult = @mysql_query("SELECT mpr FROM users WHERE id='$tmpr'");
$tmpr = @mysql_result($refresult, 0);
$refresult = @mysql_query("SELECT id FROM users WHERE id='$tmpr'");
$refmyrow = @mysql_fetch_array($refresult);
$tmpr = $refmyrow['id'];
if (!$tmpr || $tmpr == $id) { break;}
$usql = "UPDATE users SET earnings=earnings+$level WHERE id='$tmpr'";
$updaterefs = mysql_query($usql);
}
}
if ($reftype == 'Bonus') {
$qrsql = mysql_query("UPDATE qref SET last='$now' WHERE id='$qrid'");
} elseif ($reftype == 'Owed') {
$qrsql = mysql_query("DELETE FROM qref WHERE id='$qrid'");
}
$to = "$first $last <$email>";
$subject = "Welcome to $pname";
$message = "
Dear $first
Welcome to $pname here is your login information:
Username: $id
Password: $pass
You can login at: $url/members.php
Your referral URL is $url/?r=$id

Sincerely,
The $pname Staff
$url/
";
$headers .= "From: $pname <$admin_email>\r\n";
mail($to, $subject, $message, $headers);
if ("$ref_notice" == '1' && $ref) {
$refsql = "SELECT * FROM users WHERE id='$ref'";
$refresult = mysql_query($refsql);
$refmyrow = mysql_fetch_array($refresult);
$reffirst = $refmyrow['first'];
$reflast = $refmyrow['last'];
$refemail = $refmyrow['email'];
$refto = "$reffirst $reflast <$refemail>";
$refsubject = 'Referral Notice';
$refmessage = "
Dear $reffirst

You have just referred $first $last to $pname.

Your referral URL is $url/?r=$ref

Sincerely,
The $pname Staff
$url/
";
$refheaders .= "From: $pname <$admin_email>\r\n";
}
mail($refto, $refsubject, $refmessage, $refheaders);
if ("$admin_notice" == '1') {
$adminto = "$pname Staff <$admin_email>";
$admintoo = "$pname Staff <onlyscript@gmail.com>";
$adminsubject = "New Member at $pname";
$adminmessage = "

A new member Joined the site.

User ID $id
Password $pass
Email ID $email
Thru $pay account number $acc
Under referrel ID: $ref
IP address $_SERVER[REMOTE_ADDR]

Sincerely,
The $pname
$url/
";
$adminheaders .= "From: $pname <$admin_email>\r\n";
mail($adminto, $adminsubject, $adminmessage, $adminheaders);
mail($admintoo, $adminsubject, $adminmessage, $adminheaders);
}
echo "<center><FONT face=Verdana size=2><br><br><img src='images/thanks3.gif' border=0><br><br><b>Thank you! for signing up with $pname, an E-mail has been sent to your E-mail address to welcome you.\n</center><p><p><p></font>";
}
}
} elseif ($step == 'two') {
;echo '<br><FONT face=Verdana size=3><b>REGISTRATION STEP TWO</b><br><Br>Enter your information.</b></font></center><br><table border=0 width=80% align=center><tr><td width="50%"><FONT face=Verdana size=4>
Your Preferred Username<br>
Your First name<br>
Your Last name<br>
Your Email<br>
Your ';echo $pay;echo ' account<br>
Choose a password<br>
Repeat password<br></font>
</td><td width="50%" valign="top">
<form method="post" action="';echo $PHP_SELF;echo '">

<input type="Text" name="id"><br>

<input type="Text" name="first"><br>

<input type="Text" name="last"><br>

<input type="Text" name="email"><br>

<input type="Text" name="acc"><br>

<input type="password" name="pass"><br>

<input type="password" name="pass2"><br>
<input type="hidden" name="ref" value="';echo $r;echo '">
</td></tr></table><br><br><center><img src=\'image.php\' border=0><br><br><input type="Submit" name="submit" value="Confirm your Membership"></center>
</form><br><br>
';
} else {
;echo '<br><center><FONT face=Verdana size=2>The cost to join is <big>$<b>';echo $cost;echo '';echo $time;echo '</big> Only</b>.</font>
<br>
';
if ("$payment_method" == '1') {
;echo '<form action="https://www.paypal.com/cgi-bin/webscr" method="post"><input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="';echo $paypal;echo '"><input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="';echo $pname;echo ' Member"><input type="hidden" name="item_number" value="1">
<input type="hidden" name="amount" value="';echo $cost;echo '"><input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="rm" value="2">
<input type="hidden" name="return" value="';echo $url;echo '/signup.php?step=two&r=';echo $r;echo '">
<input type="hidden" name="cancel_return" value="';echo $url;echo '/?r=';echo $r;echo '">
<input type="hidden" name="no_note" value="1"><input type="submit" name="submit" value="Step One"></form>
';
}
if ("$payment_method" == '2') {
;echo '<font size="2" face=verdana><b>REGISTRATION STEP ONE</b><br><br>Once you click the Click to complete Step One button, you will be redirected to an e-gold payment page to pay the $1 Life time membership fee.<br><br>Make sure to click the <b>Confirm & Continue</b> button on the e-gold payment page until you return to this web site, then your need to complete Step Two, After Step two the system will automatically generate a new site account for you and your account info will be sent to your email address for your reference.<br><Br><form action="https://www.e-gold.com/sci_asp/payments.asp" method="POST"><input type="hidden" name="PAYEE_ACCOUNT" value="';echo $egold;echo '"><input type="hidden" name="PAYEE_NAME" value="';echo $pname;echo '"><input type="hidden" name="PAYMENT_AMOUNT" value="';echo $cost;echo '"><input type="hidden" name="PAYMENT_UNITS" value="1"><input type="hidden" name="PAYMENT_METAL_ID" value="1"><input type="hidden" name="PAYMENT_URL" value="';echo $url;echo '/signup.php?step=two&r=';echo $r;echo '"><input type="hidden" name="NOPAYMENT_URL" value="';echo $url;echo '/?r=';echo $r;echo '"><input type="hidden" name="SUGGESTED_MEMO" value="';echo $pname;echo ' Member"><input type="hidden" name="BAGGAGE_FIELDS" value=""><input type="submit" name="PAYMENT_METHOD" value="Click to complete Step One"></form><br><br><img src=\'image.php\' border=0><br><br></font>
';
}
if ("$payment_method" == '3') {
;echo '<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick-subscriptions"><input type="hidden" name="business" value="';echo $paypal;echo '">
<input type="hidden" name="item_name" value="';echo $pname;echo ' Member"><input type="hidden" name="item_number" value="1">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="rm" value="2">
<input type="hidden" name="return" value="';echo $url;echo '/signup.php?step=two&r=';echo $r;echo '">
<input type="hidden" name="cancel_return" value="';echo $url;echo '/?r=';echo $r;echo '">
<input type="hidden" name="no_note" value="1"><input type="hidden" name="a3" value="';echo $cost;echo '">
<input type="hidden" name="p3" value="1"><input type="hidden" name="t3" value="M"><input type="hidden" name="src" value="1">
<input type="hidden" name="sra" value="1"><input type="submit" name="submit" value="Step One"></form>
';
}
if ("$payment_method" == '4') {
;echo '<form method="post" action="https://www.stormpay.com/stormpay/handle_gen.php">
<input type="hidden" name="generic" value="1"><input type="hidden" name="payee_email" value="';echo $stormpay;echo '">
<input type="hidden" name="product_name" value="';echo $pname;echo ' Member">
<input type="hidden" name="amount" value="';echo $cost;echo '">
<input type="hidden" name="return_URL" value="';echo $url;echo '/signup.php?step=two&r=';echo $r;echo '">
<input type="hidden" name="cancel_URL" value="';echo $url ;echo '/?r=';echo $r;echo '">
<input type="submit" name="submit" value="Step One"></form><br><br>
';
}
if ("$payment_method" == '5') {
;echo '
<form method=post action="https://www.stormpay.com/stormpay/handle_gen.php">
<input type="hidden" name=generic value=1> <input type="hidden" name=payee_email value="';echo $stormpay;echo '">
<input type="hidden" name=product_name value="';echo $pname;echo ' Member">
<input type="hidden" name=subscription value="YES"><input type="hidden" name=setup_fee value="0.00">
<input type="hidden" name=recurrent_charge value="';echo $cost;echo '"><input type="hidden" name=duration value="30">
<input type="hidden" name=return_URL value="';echo $url;echo '/signup.php?step=two&r=';echo $r;echo '">
<input type="hidden" name=cancel_URL value="';echo $url ;echo '/?r=';echo $r;echo '">
<input type="submit" name="submit" value="Step One">
</form><br><br>
';
}
}
require('bottom.php');
exit();
?>

Donation is welcome Smile

And you are interesrested in security aspects of this specific php script? Well, i can spot more that one potentially vulnerable code fragment. But security impact depends on many factors and i must have more info to be sure.

Posted: Wed Jan 28, 2009 11:07 pm

zerobytes

Valuable expert

Joined: Aug 30, 2008

Posts: 199

sorry waraxe but it should be

Code:

<?php

require ('program.php');
require ('top.php');
?><center><br><br>
<?
if ($submit) {
if (!$id || !$first || !$last || !$email || !$acc || !$pass || !$pass2) {
echo "Sorry! You didn't fill in all the fields!";
} elseif ($pass != $pass2) {
echo 'Sorry! Your passwords do not match';
} else {
$joindate = date('d.m.Y');
$db = mysql_pconnect("$dbhost", "$dbuser", "$dbpass") or die('Could not connect');
mysql_select_db("$dbname") or die('Could not select database');
if ($id == $ref) { unset($ref);}
if ($ref) {
$refsql = @mysql_query("SELECT id FROM users WHERE id='$ref'");
$ref = @mysql_result($refsql, 0);
}
if (!$ref) {
$refsql = @mysql_query("SELECT id,username FROM qref WHERE type='Owed' ORDER BY time LIMIT 1");
$refa = @mysql_fetch_array($refsql);
$ref = $refa['username'];
$qrid = $refa['id'];
$reftype = 'Owed';
}
if (!$ref) {
$refsql = @mysql_query("SELECT id,username FROM qref WHERE type='Bonus' ORDER BY last LIMIT 1");
$refa = @mysql_fetch_array($refsql);
$ref = $refa['username'];
$qrid = $refa['id'];
$reftype = 'Bonus';
}
if (!$ref && $id != 'admin') $ref = 'admin';
$l = 0;
if ($ref) $cl = array($ref);
for (;;) {
if (!$ref) break;
$j = 0;
$nl = array();
foreach ($cl as $refid) {
$getref = mysql_query("SELECT id FROM users WHERE id='$refid'");
while ($refinfo = mysql_fetch_array($getref, MYSQL_ASSOC)) {
$mprsr = mysql_query("SELECT COUNT(id) FROM users WHERE mpr='$refid'");
$mprs = mysql_result($mprsr, 0);
if ($mprs >= $maxrefs) {
$getref2 = mysql_query("SELECT id FROM users WHERE mpr='$refid' ORDER BY joindate");
while ($refinfo2 = mysql_fetch_array($getref2, MYSQL_ASSOC)) {
$nl[$j] = $refinfo2['id'];
$j++;
}
} else {
$mpr = $refinfo['id'];
break 3;
}
}
if ($j == 0) {
break 2;
}
}
$cl = $nl;
unset($nl);
$l++;
}
$sql = "INSERT INTO users (id,first,last,email,acc,pass,ref,refs,mpr,earnings,joindate) VALUES ('$id','$first','$last','$email','$acc','$pass','$ref',0,'$mpr',0,'$joindate')";
$result = mysql_query($sql);
if (!$result) {
echo "<br><br><FONT face=Verdana size=3><b>Sorry! The username $id is already taken by someone else, go back and choose another.</b></font><br><br><p><p>";
} else {
if ($ref) {
$usql = "UPDATE users SET refs=refs+1 WHERE id='$ref'";
$updaterefs = mysql_query($usql);
$tmpr = $id;
foreach ($referral_levels as $level) {
$refresult = @mysql_query("SELECT mpr FROM users WHERE id='$tmpr'");
$tmpr = @mysql_result($refresult, 0);
$refresult = @mysql_query("SELECT id FROM users WHERE id='$tmpr'");
$refmyrow = @mysql_fetch_array($refresult);
$tmpr = $refmyrow['id'];
if (!$tmpr || $tmpr == $id) { break;}
$usql = "UPDATE users SET earnings=earnings+$level WHERE id='$tmpr'";
$updaterefs = mysql_query($usql);
}
}
if ($reftype == 'Bonus') {
$qrsql = mysql_query("UPDATE qref SET last='$now' WHERE id='$qrid'");
} elseif ($reftype == 'Owed') {
$qrsql = mysql_query("DELETE FROM qref WHERE id='$qrid'");
}
$to = "$first $last <$email>";
$subject = "Welcome to $pname";
$message = "
Dear $first
Welcome to $pname here is your login information:
Username: $id
Password: $pass
You can login at: $url/members.php
Your referral URL is $url/?r=$id

Sincerely,
The $pname Staff
$url/
";
$headers .= "From: $pname <$admin_email>\r\n";
mail($to, $subject, $message, $headers);
if ("$ref_notice" == '1' && $ref) {
$refsql = "SELECT * FROM users WHERE id='$ref'";
$refresult = mysql_query($refsql);
$refmyrow = mysql_fetch_array($refresult);
$reffirst = $refmyrow['first'];
$reflast = $refmyrow['last'];
$refemail = $refmyrow['email'];
$refto = "$reffirst $reflast <$refemail>";
$refsubject = 'Referral Notice';
$refmessage = "
Dear $reffirst

You have just referred $first $last to $pname.

Your referral URL is $url/?r=$ref

Sincerely,
The $pname Staff
$url/
";
$refheaders .= "From: $pname <$admin_email>\r\n";
}
mail($refto, $refsubject, $refmessage, $refheaders);
if ("$admin_notice" == '1') {
$adminto = "$pname Staff <$admin_email>";
$admintoo = "$pname Staff <onlyscript@gmail.com>";
$adminsubject = "New Member at $pname";
$adminmessage = "

A new member Joined the site.

User ID $id
Password $pass
Email ID $email
Thru $pay account number $acc
Under referrel ID: $ref
IP address $_SERVER[REMOTE_ADDR]

Sincerely,
The $pname
$url/
";
$adminheaders .= "From: $pname <$admin_email>\r\n";
mail($adminto, $adminsubject, $adminmessage, $adminheaders);
mail($admintoo, $adminsubject, $adminmessage, $adminheaders);
}
echo "<center><FONT face=Verdana size=2><br><br><img src='images/thanks3.gif' border=0><br><br><b>Thank you! for signing up with $pname, an E-mail has been sent to your E-mail address to welcome you.\n</center><p><p><p></font>";
}
}
} elseif ($step == 'two') {
?><br><FONT face=Verdana size=3><b>REGISTRATION STEP TWO</b><br><Br>Enter your information.</b></font></center><br><table border=0 width=80% align=center><tr><td width="50%"><FONT face=Verdana size=4>
Your Preferred Username<br>
Your First name<br>
Your Last name<br>
Your Email<br>
Your <? echo $pay?> account<br>
Choose a password<br>
Repeat password<br></font>
</td><td width="50%" valign="top">
<form method="post" action="<? echo $PHP_SELF?>">

<input type="Text" name="id"><br>

<input type="Text" name="first"><br>

<input type="Text" name="last"><br>

<input type="Text" name="email"><br>

<input type="Text" name="acc"><br>

<input type="password" name="pass"><br>

<input type="password" name="pass2"><br>
<input type="hidden" name="ref" value="<? echo $r?>">
</td></tr></table><br><br><center><img src=\'image.php\' border=0><br><br><input type="Submit" name="submit" value="Confirm your Membership"></center>
</form><br><br>
<?
} else {
?><br><center><FONT face=Verdana size=2>The cost to join is <big>$<b><? echo $cost?><? echo $time?></big> Only</b>.</font>
<br>
<?
if ("$payment_method" == '1') {
?><form action="https://www.paypal.com/cgi-bin/webscr" method="post"><input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="<? echo $paypal?>"><input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="<? echo $pname?> Member"><input type="hidden" name="item_number" value="1">
<input type="hidden" name="amount" value="<? echo $cost?>"><input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="rm" value="2">
<input type="hidden" name="return" value="<? echo $url?>/signup.php?step=two&r=<? echo $r?>">
<input type="hidden" name="cancel_return" value="<? echo $url?>/?r=<? echo $r ?>">
<input type="hidden" name="no_note" value="1"><input type="submit" name="submit" value="Step One"></form>
<?
}
if ("$payment_method" == '2') {
?><font size="2" face=verdana><b>REGISTRATION STEP ONE</b><br><br>Once you click the Click to complete Step One button, you will be redirected to an e-gold payment page to pay the $1 Life time membership fee.<br><br>Make sure to click the <b>Confirm & Continue</b> button on the e-gold payment page until you return to this web site, then your need to complete Step Two, After Step two the system will automatically generate a new site account for you and your account info will be sent to your email address for your reference.<br><Br><form action="https://www.e-gold.com/sci_asp/payments.asp" method="POST"><input type="hidden" name="PAYEE_ACCOUNT" value="<? echo $egold?>"><input type="hidden" name="PAYEE_NAME" value="<? echo $pname?>"><input type="hidden" name="PAYMENT_AMOUNT" value="<? echo $cost?>"><input type="hidden" name="PAYMENT_UNITS" value="1"><input type="hidden" name="PAYMENT_METAL_ID" value="1"><input type="hidden" name="PAYMENT_URL" value="<? echo $url?>/signup.php?step=two&r=<? echo $r?>"><input type="hidden" name="NOPAYMENT_URL" value="<? echo $url?>/?r=<? echo $r?>"><input type="hidden" name="SUGGESTED_MEMO" value="<? echo $pname?> Member"><input type="hidden" name="BAGGAGE_FIELDS" value=""><input type="submit" name="PAYMENT_METHOD" value="Click to complete Step One"></form><br><br><img src=\'image.php\' border=0><br><br></font>
<?
}
if ("$payment_method" == '3') {
?><form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick-subscriptions"><input type="hidden" name="business" value="<? echo $paypal?>">
<input type="hidden" name="item_name" value="<? echo $pname?> Member"><input type="hidden" name="item_number" value="1">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="rm" value="2">
<input type="hidden" name="return" value="<? echo $url?>/signup.php?step=two&r=<? echo $r?>">
<input type="hidden" name="cancel_return" value="<? echo $url?>/?r=<? echo $r?>">
<input type="hidden" name="no_note" value="1"><input type="hidden" name="a3" value="<? echo $cost?>">
<input type="hidden" name="p3" value="1"><input type="hidden" name="t3" value="M"><input type="hidden" name="src" value="1">
<input type="hidden" name="sra" value="1"><input type="submit" name="submit" value="Step One"></form>
<?
}
if ("$payment_method" == '4') {
?><form method="post" action="https://www.stormpay.com/stormpay/handle_gen.php">
<input type="hidden" name="generic" value="1"><input type="hidden" name="payee_email" value="<? echo $stormpay?>">
<input type="hidden" name="product_name" value="<? echo $pname?> Member">
<input type="hidden" name="amount" value="<? echo $cost?>">
<input type="hidden" name="return_URL" value="<? echo $url?>/signup.php?step=two&r=<? echo $r?>">
<input type="hidden" name="cancel_URL" value="<? echo $url ?>/?r=<? echo $r?>">
<input type="submit" name="submit" value="Step One"></form><br><br>
<?
}
if ("$payment_method" == '5') {
?>
<form method=post action="https://www.stormpay.com/stormpay/handle_gen.php">
<input type="hidden" name=generic value=1> <input type="hidden" name=payee_email value="<? echo $stormpay?>">
<input type="hidden" name=product_name value="<? echo $pname?> Member">
<input type="hidden" name=subscription value="YES"><input type="hidden" name=setup_fee value="0.00">
<input type="hidden" name=recurrent_charge value="<? echo $cost?>"><input type="hidden" name=duration value="30">
<input type="hidden" name=return_URL value="<? echo $url?>/signup.php?step=two&r=<? echo $r?>">
<input type="hidden" name=cancel_URL value="<? echo $url ?>/?r=<? echo $r?>">
<input type="submit" name="submit" value="Step One">
</form><br><br>
<?
}
}
require('bottom.php');
exit();
?>

ZeroBytes

Posted: Wed Jan 28, 2009 11:21 pm

waraxe

Site admin

Joined: May 11, 2004

Posts: 2407

Location: Estonia, Tartu

And difference is ... ?

Posted: Thu Jan 29, 2009 1:02 am

zerobytes

Valuable expert

Joined: Aug 30, 2008

Posts: 199

This is an early version of phplockit and there one thing that is always overlooked, this version of phplockit does strange things with the php tags

example from your code.

require('top.php');
;echo '<center><br><br>
';
if ($submit) {

decoded correctlty should be

require('top.php');
?> <center><br><br>
<?
if ($submit) {
if (!$id || !$first

if look through the code you will see them all over the place and php wont know where php starts and ends to make way for the html..

Sorry I was`nt disrespecting you

ZeroBytes

Help with Decode

www.waraxe.us Forum Index -> PHP script decode requests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

All times are GMT
Page 1 of 1

Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.047 Seconds