Waraxe IT Security Portal
Login or Register
November 5, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 109
Members: 0
Total: 109
Full disclosure
4 vulnerabilities in ibmsecurity
32 vulnerabilities in IBM Security Verify Access
xlibre Xnest security advisory & bugfix releases
APPLE-SA-10-29-2024-1 Safari 18.1
SEC Consult SA-20241030-0 :: Query Filter Injection in Ping Identity PingIDM (formerly known as ForgeRock Identity Management) (CVE-2024-23600)
SEC Consult SA-20241023-0 :: Authenticated Remote Code Execution in Multiple Xerox printers (CVE-2024-6333)
APPLE-SA-10-28-2024-8 visionOS 2.1
APPLE-SA-10-28-2024-7 tvOS 18.1
APPLE-SA-10-28-2024-6 watchOS 11.1
APPLE-SA-10-28-2024-5 macOS Ventura 13.7.1
APPLE-SA-10-28-2024-4 macOS Sonoma 14.7.1
APPLE-SA-10-28-2024-3 macOS Sequoia 15.1
APPLE-SA-10-28-2024-2 iOS 17.7.1 and iPadOS 17.7.1
APPLE-SA-10-28-2024-1 iOS 18.1 and iPadOS 18.1
Open Redirect / Reflected XSS - booked-schedulerv2.8.5
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> PHP script decode requests -> Help with Decode
Post new topicReply to topic View previous topic :: View next topic
Help with Decode
PostPosted: Mon Jan 19, 2009 5:08 pm Reply with quote
allbiz
Beginner
Beginner
Joined: Jan 19, 2009
Posts: 1




Ok.I have tried some of the online tools, but don't seem to be getting anywhere. The file just shrinks from 5K to 500Bytes. I am over my head on this one. I need to change some parameters in this file and could really use a full decode. Also, any expert advice on the security aspects of this file would be greatly appreciated. I'll be happy to PayPal a "donation" for an early decrypt!

Thanks in advance!

Code:

Code:
<?php // This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited.
$OOO0O0O00=__FILE__;$O00O00O00=__LINE__;$OO00O0000=3996;eval(gzuncompress(base64_decode('eNplj1dvwjAAhP9MpNgiCJMFUZQH9sbs9VJlOAOysDMgv76gVm2l6u7pdPdJx2GEEH4JGW6SkhhwGOOvQOCpxUO99IOQgHqdw+/i29D1SMYA9zMVmkiUof4vlpGmQv1F/F4aXpXHdhKllDAGLJMRVf5wiJ04BLCMZhS4lJjOX4QiqVDg74NaT0xKzB5mF1V+sBydVkdNKmZUvqX9q3IZW20nm+d2PDx0mm4YNZ7rnbfdkPNkul+0VIMX+E631x8MR+PJdDZfLPFqvdnu9ofj6XwxLdshrucH11sYxUl6pyzLi/LxrFBTlGRFbbW1WoOHEOqkMEPwewjqn85iXyI=')));return;?>
jzFzd91PI8qWH5MaCfz0TVOPEdPqZQ+C+cabVK8vtTYcDSddlr+doiugEAMeMzOrjDdJ4URIAAz8UbpfAgCQiq1ZyY93E+MRrnauHNXtAw9oOqbjxeCUAKMSZbMNLdjtq0N9dVqffKNsIGQx0d0I0W09XtYcE6d+LqadqzCnqsgumgwltLHD6OvDFFFpsbLpCBXkAF/dmcv0tGqJ7eCM94R647Lnh7H8FU18cuda/hVvwJGz4KDX7Zv6umctP+OKou1c/YZhis6XQM0C+p1qNboK4C/E0xn0HTwqJGFfhWkLTvgG/JPSQmSGHvtdF/t22hKG2a3ttbX3m+xyKiP6virv8dwyUvnejzJsaTM1SGuDx5QSU1t6h8u4v0lLFVHehReDBQFGunrHzucpgwhGffMRU7vMCoeL9mURJ9KiSRHmDue/OoShxg5vTY1kQJ7kRpU5On7jvgJrscmZvbkUkXvXB+63WftyWSR5DJPjhwcj1MFDdTiv5a/tDjzNYqn7ZonDSCEEl1DbDPUqIb+mGN==jzV13f1PSTZX6TI96eDEYKRZe1ZUDFffm+kVZ+EAqjrAd/X9noyyzBKoj824/5ODUVM5MQmd7K2mLSPVitm9exwLnJfuuJUrWMtZM+OgwzTyK/4zLGRWeTtAkHM3UZdj/DuBN7n0sLsSOGnyycI4N6tkSPEHTHfGV3FXCZhikYi6yh5zFfjXi6UdLM3G//sfHJI1GQXmi9UhkpjGZMHhduyTxgZxAWKlKLySX3I8tBbjwYFp8CQ5xgYski8Z2mVigOjPPNhTjXPWPI8NXvCpkxooHLkhdEwpLTk0PKZkdPCbxB+Y0Q2QPVbFjHDYc31QXtc2iJr01/JWke9nFfeNRZ4QY025/2eWH1PH3m4UuWNxzSc2HSt+LGFbhwhkGqySquyhcMGRH9bg9i+WREBFmefEh/PAN8fZa/Da01PBO1cxoNQ2MA2CBDZUcyiKhduCHis1UvPeF+8dohmEEbqGMlwJoiSNW8kk0uV3HvvpxUCc1zfYxBbzHO/UkRW1jzpyprtn++iqao6z4xBIWHKUgAZhd8QFmoHk4qRtek4tMqjWsKvQ3W/krLDavrzTfbD3tJyJxDmCyclQy607SpSWAuiSsmn7ODb0SPh13dogN5Qxg+BzBQ8gmz+wjAYQY91eNZ9ZNFVmWQkRBZVPnBqJdP16U7IdCZlksIMj2Nm1y+lPDZ0lzBjxdFajdNlf5hjmwwr9EM6t+FxSse8LVpiCN1WNn2zwJvldpFje90zUV9nOk3p+VswnuN8YubAziIrp4liXXqKC+0zhxYYinDrjhscyPu03ttxFYiaSMI7BNklvI//lX6tEQEBSHi88QAg95mAgvDs+tASVsGHt5OGa+jeFceG1EDWGjCwmlIOkbTkKje29blBQFzzgkY9HMAcAAJ5azaO6FvVRGK3pKxwORDRVgQBN+tWvD+cNrJNbi0b7stDSf0z41yidyiLMkoYwOdbOzIcaH8sY5+STaui9hB6F3DT7hk6FDYGgmoAgTpxFLs2gTkHFTBzF30HVwqzcMGFc3F0S+JgmuzXTgkkxH6ko8DW83yrd8odQrPi2qPBCPU2iEUqXiYqV5LxtVjRqqE8BZ3rFkHAyPP2ZoH/p99Llpmtx+ugW17RL4jjFPT4SNgA5aOi1T+4xMS64Sc5rsMWkXG644t480hwMEzc1Lz4D23J5TYq0ryXxqHFo9BbAGAKGwDVhikoCteCq+z/cNej4WorlzcrOQpKc+udwOnc/6HHQ8v47aIvaaQ5vx7S7nGQXA6c2PDJ+iIMRtMcGwbjzT9xsAwbZ9zDoVcBBp75F+4yH2057maD5NXtGv0NmF7Fre9p3DfXIfAaZNxvrXlry1YGCtDJi+RfyLH9dqrzZ/FBnTYg+HWuGaOnGtuBZoemc0NUNPG2aUywSdqvJAp/th8t4jlE4Su9rJ5Wp328MVwztBWAIIeoxrjr0n/NP6GkgmdN2T32TzKfFKw7WobQZy4sZT5tBYxyqbTChKuz5rsYw8mH4Pqot+rakA8+sJ2Ec5KpsCeZ7W17Et+hmnHcBG+ZIEWTXjem1SIHAus+Eb3G3S9bbxY+0oozYH18v8UKqcVwe0d+MvHNj9Crf90e5cO0VwMpaOHMsooRrNEPfSao44RhKXxu5+wZmEo68bWON0axPbD/TBg+bsOlB3cx1r4iuHNJceAMFtNSAzWF6OVDOsemqsaYAbhgzchrZwz9H5IpA+ZeTkk0Fq0DqSfcQ7/mbiPYAZ99VGoAhGAn20oBpDxdTTaACFoajNmRTBCoRPKo/tFwpQV16t0OH/pyDbMYYKaKPUMLUH+prOvhYarfxELTbkfkLGK6GT6B2zPpljTUw7tNKrVsynAgA6rOjvGIXrtjJ7WVKTzGJ3eYxQGLM8g2TAkMXpnj+EEdFg+9QXrqok9S1asdnLOHrW0w+oUk9cme1K4m4aDHEifN/t8iimTyyvqZTw3EbX1f6ciw+sdxlGkfahqVM3jsmB7468RoEO9a6AaHNGFJctoyaHsW2BtKXNP8ufAnwLeGqBlhk6q2cEiy2r7J2eMsQ3COs7Kdq+vuETiv+2cwOTQs2TP2A/DdrqDqPnX2uKXFKbJAqeEj+YvG0ezsCslgJ5dgAge3Uq0piqaHMABF5f1rtnSUzSbpuRXMiGU+UJUWf6gx9WDKOo/DzFH6Qq+HaSoYp65Bt8/L+T/pmPy+elG/DjpwKx0/nL9eqPx0wuM8H5kx5ORA8dmQENrXgDuBye925+kqlkEsUtyvjwiATX30yM5H234pwbsYKkeNuxm+hHHXqKqxaKk4auFsL14iZM9Ngsrbf5mIkCkSO3iMsvwHdvkRNpHzhKMol7PXXS4alcnJCA9RVJBQvJJkJYYTVTf1kgIP6AXzZaaYU/eeAg2BFvhbqpTbgWkQlelKN8864pLqWtTM46MQYE9q/LaFtXPu7fLV47wRuo7zxivUMWLv1hbfqfllaSQW/jXnaeABB+RlYupbTmV0nPK3rncyL2TeXOXfsutSEyDDDwthc+A3vyHI9834Cfelksg7tqNmj/NkN2zx24TBoexiskGd/RchErBGfyMEavk76HHX7ho34eWa/gql8t0AJ2azilUoaRwvBUo/CvPL3dcu7AGKt1nbg+2WD3sAXViAduP4unHvRZ+UHR1iW+JNPQR9nF+dHdsGCWnFkLH9ABERKm+E1bsChaeqhKoTeiAlaZK8fUIFaW9XbxSY61GaxjtxIO2pHf+3NFXkkP8B/so4y6Eak4LCWBom1Yy5CK1c63mX/UCfGHEEekd4cTE/IeI0Foqr1obGNviWVl2BWZHnsPQVNWJ2bgi0WLBlRz8+Jq1Eus0zMlVzVvbs5Dqr0hs7PZTr8hnR3KvoAbTkDp0kjLI2vzFrT+2RpL275c/avhewkLvVmQ52MYgYe7fd9mQXEBZJ/1/ZnWnTAv2nKnz+8GmZoqzu4s55eBwhS7e/TZqREN++hx5Oe9npFwXbtXdHhq8fABDThAqqfbXe2NIus0EnZJ0kNwDp3yKa0DhUYWAnPobYnEMHoaD5q1nyaBSkjKLMAN9MU/9cVWJTdrwmqXv8QUxyT1yMLCNK+82fB/nL8PAcFGN7J5Xjd/nwFEVcat+kkRLayqGcGHNC0BplC9gdj9Ah+Qn39mNBeJKEnAoNGdWd+IGJBWNNgxKHMyHo/XTvx0hWU+L1bmGX6tEnXNaIf/mCvsWIh2+6Gz7isDetXO8JOedXh+E8r9R5xHPjbUZf0safir2Gnv31g4DUCedIr3xHVEHlXg5W9ZGORmnPbknGbEOINknWwdq4qTgE/wN5sLW7ZWdso2f+7Hd1C3krCaupQkeO7oBEAjeNeX8/C00F8mN/b0YqwA90jskGykz75dP2zap0lTL//Fdq/SXdqWXjFZMjONFbj2z5mSVnQKxihKWRoNxTDaCbyVAOjTy9KLd4We0P/EuKXzYXrd8cUYsvef1iVtM4wI641EXjGKROBlYG9o03AWSsdLIlSn994sx68p3tDMN51yY3IVol1zxfkF6z7JULWvVRLTfFRBmkuxyMpEZ5JOgO7XbGDDD4WM54o8OARrSp3txNPSi1tYJfJSJlSS9uJQEFputAvxJugX71nm58lhJunuyYZ349Dh8p7E6UTOtF8Nh664CGWR1y3UDqkAxaUwNwrX4u9gU9w6U0NY6UKYPA/yZxbR+7luI3belTgn5+pUBaW2OxQk4ULQiI/NamTQvMDdj4VBmwaXrMmcqz7AZhVHUK2NsEiEmqv0syjS4KqorIQnF3Ei4vyDL6xA9V7LAYtdrAI6q3r61gOdQWyUTjgTO3yUmtGY+3Y7kxqvBm5asRsR7Kb2fN3K/xCUbDonqns1KuDcYskLTsT5tpmoLi/fTh/S+egAgfV9Yr3+pGjisq8bIk5Fj6At2fE0gBawCVzLDHAPiUbXu9PrHp9RvM3V0IXuYmdjKJUPXL+gRfVddPUri6vhKQZrx86ly5MYuO/Pgv6EvkwHpq=
View user's profile Send private message
PostPosted: Mon Jan 19, 2009 11:07 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




Code:

<?php
if(time()>1207008000)die('This script has expired.');

require('program.php');
require('top.php');
;echo '<center><br><br>
';
if ($submit) {
if (!$id || !$first || !$last || !$email || !$acc || !$pass || !$pass2) {
echo "Sorry! You didn't fill in all the fields!";
} elseif ($pass != $pass2) {
echo 'Sorry! Your passwords do not match';
} else {
$joindate = date('d.m.Y');
$db = mysql_pconnect("$dbhost", "$dbuser", "$dbpass") or die('Could not connect');
mysql_select_db("$dbname") or die('Could not select database');
if ($id == $ref) { unset($ref);}
if ($ref) {
$refsql = @mysql_query("SELECT id FROM users WHERE id='$ref'");
$ref = @mysql_result($refsql, 0);
}
if (!$ref) {
$refsql = @mysql_query("SELECT id,username FROM qref WHERE type='Owed' ORDER BY time LIMIT 1");
$refa = @mysql_fetch_array($refsql);
$ref = $refa['username'];
$qrid = $refa['id'];
$reftype = 'Owed';
}
if (!$ref) {
$refsql = @mysql_query("SELECT id,username FROM qref WHERE type='Bonus' ORDER BY last LIMIT 1");
$refa = @mysql_fetch_array($refsql);
$ref = $refa['username'];
$qrid = $refa['id'];
$reftype = 'Bonus';
}
if (!$ref && $id != 'admin') $ref = 'admin';
$l = 0;
if ($ref) $cl = array($ref);
for (;;) {
if (!$ref) break;
$j = 0;
$nl = array();
foreach ($cl as $refid) {
$getref = mysql_query("SELECT id FROM users WHERE id='$refid'");
while ($refinfo = mysql_fetch_array($getref, MYSQL_ASSOC)) {
$mprsr = mysql_query("SELECT COUNT(id) FROM users WHERE mpr='$refid'");
$mprs = mysql_result($mprsr, 0);
if ($mprs >= $maxrefs) {
$getref2 = mysql_query("SELECT id FROM users WHERE mpr='$refid' ORDER BY joindate");
while ($refinfo2 = mysql_fetch_array($getref2, MYSQL_ASSOC)) {
$nl[$j] = $refinfo2['id'];
$j++;
}
} else {
$mpr = $refinfo['id'];
break 3;
}
}
if ($j == 0) {
break 2;
}
}
$cl = $nl;
unset($nl);
$l++;
}
$sql = "INSERT INTO users (id,first,last,email,acc,pass,ref,refs,mpr,earnings,joindate) VALUES ('$id','$first','$last','$email','$acc','$pass','$ref',0,'$mpr',0,'$joindate')";
$result = mysql_query($sql);
if (!$result) {
echo "<br><br><FONT face=Verdana size=3><b>Sorry! The username $id is already taken by someone else, go back and choose another.</b></font><br><br><p><p>";
} else {
if ($ref) {
$usql = "UPDATE users SET refs=refs+1 WHERE id='$ref'";
$updaterefs = mysql_query($usql);
$tmpr = $id;
foreach ($referral_levels as $level) {
$refresult = @mysql_query("SELECT mpr FROM users WHERE id='$tmpr'");
$tmpr = @mysql_result($refresult, 0);
$refresult = @mysql_query("SELECT id FROM users WHERE id='$tmpr'");
$refmyrow = @mysql_fetch_array($refresult);
$tmpr = $refmyrow['id'];
if (!$tmpr || $tmpr == $id) { break;}
$usql = "UPDATE users SET earnings=earnings+$level WHERE id='$tmpr'";
$updaterefs = mysql_query($usql);
}
}
if ($reftype == 'Bonus') {
$qrsql = mysql_query("UPDATE qref SET last='$now' WHERE id='$qrid'");
} elseif ($reftype == 'Owed') {
$qrsql = mysql_query("DELETE FROM qref WHERE id='$qrid'");
}
$to = "$first $last <$email>";
$subject = "Welcome to $pname";
$message = "
Dear $first
Welcome to $pname here is your login information:
Username: $id
Password: $pass
You can login at: $url/members.php
Your referral URL is $url/?r=$id

Sincerely,
The $pname Staff
$url/
";
$headers .= "From: $pname <$admin_email>\r\n";
mail($to, $subject, $message, $headers);
if ("$ref_notice" == '1' && $ref) {
$refsql = "SELECT * FROM users WHERE id='$ref'";
$refresult = mysql_query($refsql);
$refmyrow = mysql_fetch_array($refresult);
$reffirst = $refmyrow['first'];
$reflast = $refmyrow['last'];
$refemail = $refmyrow['email'];
$refto = "$reffirst $reflast <$refemail>";
$refsubject = 'Referral Notice';
$refmessage = "
Dear $reffirst

You have just referred $first $last to $pname.

Your referral URL is $url/?r=$ref

Sincerely,
The $pname Staff
$url/
";
$refheaders .= "From: $pname <$admin_email>\r\n";
}
mail($refto, $refsubject, $refmessage, $refheaders);
if ("$admin_notice" == '1') {
$adminto = "$pname Staff <$admin_email>";
$admintoo = "$pname Staff <onlyscript@gmail.com>";
$adminsubject = "New Member at $pname";
$adminmessage = "

A new member Joined the site.

User ID $id
Password $pass
Email ID $email
Thru $pay account number $acc
Under referrel ID: $ref
IP address $_SERVER[REMOTE_ADDR]

Sincerely,
The $pname
$url/
";
$adminheaders .= "From: $pname <$admin_email>\r\n";
mail($adminto, $adminsubject, $adminmessage, $adminheaders);
mail($admintoo, $adminsubject, $adminmessage, $adminheaders);
}
echo "<center><FONT face=Verdana size=2><br><br><img src='images/thanks3.gif' border=0><br><br><b>Thank you! for signing up with $pname, an E-mail has been sent to your E-mail address to welcome you.\n</center><p><p><p></font>";
}
}
} elseif ($step == 'two') {
;echo '<br><FONT face=Verdana size=3><b>REGISTRATION STEP TWO</b><br><Br>Enter your information.</b></font></center><br><table border=0 width=80% align=center><tr><td width="50%"><FONT face=Verdana size=4>
Your Preferred Username<br>
Your First name<br>
Your Last name<br>
Your Email<br>
Your ';echo $pay;echo ' account<br>
Choose a password<br>
Repeat password<br></font>
</td><td width="50%" valign="top">
<form method="post" action="';echo $PHP_SELF;echo '">

<input type="Text" name="id"><br>

<input type="Text" name="first"><br>

<input type="Text" name="last"><br>

<input type="Text" name="email"><br>

<input type="Text" name="acc"><br>

<input type="password" name="pass"><br>

<input type="password" name="pass2"><br>
<input type="hidden" name="ref" value="';echo $r;echo '">
</td></tr></table><br><br><center><img src=\'image.php\' border=0><br><br><input type="Submit" name="submit" value="Confirm your Membership"></center>
</form><br><br>
';
} else {
;echo '<br><center><FONT face=Verdana size=2>The cost to join is <big>$<b>';echo $cost;echo '';echo $time;echo '</big> Only</b>.</font>
<br>
';
if ("$payment_method" == '1') {
;echo '<form action="https://www.paypal.com/cgi-bin/webscr" method="post"><input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="';echo $paypal;echo '"><input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="';echo $pname;echo ' Member"><input type="hidden" name="item_number" value="1">
<input type="hidden" name="amount" value="';echo $cost;echo '"><input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="rm" value="2">
<input type="hidden" name="return" value="';echo $url;echo '/signup.php?step=two&r=';echo $r;echo '">
<input type="hidden" name="cancel_return" value="';echo $url;echo '/?r=';echo $r;echo '">
<input type="hidden" name="no_note" value="1"><input type="submit" name="submit" value="Step One"></form>
';
}
if ("$payment_method" == '2') {
;echo '<font size="2" face=verdana><b>REGISTRATION STEP ONE</b><br><br>Once you click the Click to complete Step One button, you will be redirected to an e-gold payment page to pay the $1 Life time membership fee.<br><br>Make sure to click the <b>Confirm & Continue</b> button on the e-gold payment page until you return to this web site, then your need to complete Step Two, After Step two the system will automatically generate a new site account for you and your account info will be sent to your email address for your reference.<br><Br><form action="https://www.e-gold.com/sci_asp/payments.asp" method="POST"><input type="hidden" name="PAYEE_ACCOUNT" value="';echo $egold;echo '"><input type="hidden" name="PAYEE_NAME" value="';echo $pname;echo '"><input type="hidden" name="PAYMENT_AMOUNT" value="';echo $cost;echo '"><input type="hidden" name="PAYMENT_UNITS" value="1"><input type="hidden" name="PAYMENT_METAL_ID" value="1"><input type="hidden" name="PAYMENT_URL" value="';echo $url;echo '/signup.php?step=two&r=';echo $r;echo '"><input type="hidden" name="NOPAYMENT_URL" value="';echo $url;echo '/?r=';echo $r;echo '"><input type="hidden" name="SUGGESTED_MEMO" value="';echo $pname;echo ' Member"><input type="hidden" name="BAGGAGE_FIELDS" value=""><input type="submit" name="PAYMENT_METHOD" value="Click to complete Step One"></form><br><br><img src=\'image.php\' border=0><br><br></font>
';
}
if ("$payment_method" == '3') {
;echo '<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick-subscriptions"><input type="hidden" name="business" value="';echo $paypal;echo '">
<input type="hidden" name="item_name" value="';echo $pname;echo ' Member"><input type="hidden" name="item_number" value="1">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="rm" value="2">
<input type="hidden" name="return" value="';echo $url;echo '/signup.php?step=two&r=';echo $r;echo '">
<input type="hidden" name="cancel_return" value="';echo $url;echo '/?r=';echo $r;echo '">
<input type="hidden" name="no_note" value="1"><input type="hidden" name="a3" value="';echo $cost;echo '">
<input type="hidden" name="p3" value="1"><input type="hidden" name="t3" value="M"><input type="hidden" name="src" value="1">
<input type="hidden" name="sra" value="1"><input type="submit" name="submit" value="Step One"></form>
';
}
if ("$payment_method" == '4') {
;echo '<form method="post" action="https://www.stormpay.com/stormpay/handle_gen.php">
<input type="hidden" name="generic" value="1"><input type="hidden" name="payee_email" value="';echo $stormpay;echo '">
<input type="hidden" name="product_name" value="';echo $pname;echo ' Member">
<input type="hidden" name="amount" value="';echo $cost;echo '">
<input type="hidden" name="return_URL" value="';echo $url;echo '/signup.php?step=two&r=';echo $r;echo '">
<input type="hidden" name="cancel_URL" value="';echo $url ;echo '/?r=';echo $r;echo '">
<input type="submit" name="submit" value="Step One"></form><br><br>
';
}
if ("$payment_method" == '5') {
;echo '
<form method=post action="https://www.stormpay.com/stormpay/handle_gen.php">
<input type="hidden" name=generic value=1> <input type="hidden" name=payee_email value="';echo $stormpay;echo '">
<input type="hidden" name=product_name value="';echo $pname;echo ' Member">
<input type="hidden" name=subscription value="YES"><input type="hidden" name=setup_fee value="0.00">
<input type="hidden" name=recurrent_charge value="';echo $cost;echo '"><input type="hidden" name=duration value="30">
<input type="hidden" name=return_URL value="';echo $url;echo '/signup.php?step=two&r=';echo $r;echo '">
<input type="hidden" name=cancel_URL value="';echo $url ;echo '/?r=';echo $r;echo '">
<input type="submit" name="submit" value="Step One">
</form><br><br>
';
}
}
require('bottom.php');
exit();
?>


Donation is welcome Smile

And you are interesrested in security aspects of this specific php script? Well, i can spot more that one potentially vulnerable code fragment. But security impact depends on many factors and i must have more info to be sure.
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Wed Jan 28, 2009 11:07 pm Reply with quote
zerobytes
Valuable expert
Valuable expert
Joined: Aug 30, 2008
Posts: 199




sorry waraxe but it should be

Code:

<?php

require ('program.php');
require ('top.php');
?><center><br><br>
<?
if ($submit) {
if (!$id || !$first || !$last || !$email || !$acc || !$pass || !$pass2) {
echo "Sorry! You didn't fill in all the fields!";
} elseif ($pass != $pass2) {
echo 'Sorry! Your passwords do not match';
} else {
$joindate = date('d.m.Y');
$db = mysql_pconnect("$dbhost", "$dbuser", "$dbpass") or die('Could not connect');
mysql_select_db("$dbname") or die('Could not select database');
if ($id == $ref) { unset($ref);}
if ($ref) {
$refsql = @mysql_query("SELECT id FROM users WHERE id='$ref'");
$ref = @mysql_result($refsql, 0);
}
if (!$ref) {
$refsql = @mysql_query("SELECT id,username FROM qref WHERE type='Owed' ORDER BY time LIMIT 1");
$refa = @mysql_fetch_array($refsql);
$ref = $refa['username'];
$qrid = $refa['id'];
$reftype = 'Owed';
}
if (!$ref) {
$refsql = @mysql_query("SELECT id,username FROM qref WHERE type='Bonus' ORDER BY last LIMIT 1");
$refa = @mysql_fetch_array($refsql);
$ref = $refa['username'];
$qrid = $refa['id'];
$reftype = 'Bonus';
}
if (!$ref && $id != 'admin') $ref = 'admin';
$l = 0;
if ($ref) $cl = array($ref);
for (;;) {
if (!$ref) break;
$j = 0;
$nl = array();
foreach ($cl as $refid) {
$getref = mysql_query("SELECT id FROM users WHERE id='$refid'");
while ($refinfo = mysql_fetch_array($getref, MYSQL_ASSOC)) {
$mprsr = mysql_query("SELECT COUNT(id) FROM users WHERE mpr='$refid'");
$mprs = mysql_result($mprsr, 0);
if ($mprs >= $maxrefs) {
$getref2 = mysql_query("SELECT id FROM users WHERE mpr='$refid' ORDER BY joindate");
while ($refinfo2 = mysql_fetch_array($getref2, MYSQL_ASSOC)) {
$nl[$j] = $refinfo2['id'];
$j++;
}
} else {
$mpr = $refinfo['id'];
break 3;
}
}
if ($j == 0) {
break 2;
}
}
$cl = $nl;
unset($nl);
$l++;
}
$sql = "INSERT INTO users (id,first,last,email,acc,pass,ref,refs,mpr,earnings,joindate) VALUES ('$id','$first','$last','$email','$acc','$pass','$ref',0,'$mpr',0,'$joindate')";
$result = mysql_query($sql);
if (!$result) {
echo "<br><br><FONT face=Verdana size=3><b>Sorry! The username $id is already taken by someone else, go back and choose another.</b></font><br><br><p><p>";
} else {
if ($ref) {
$usql = "UPDATE users SET refs=refs+1 WHERE id='$ref'";
$updaterefs = mysql_query($usql);
$tmpr = $id;
foreach ($referral_levels as $level) {
$refresult = @mysql_query("SELECT mpr FROM users WHERE id='$tmpr'");
$tmpr = @mysql_result($refresult, 0);
$refresult = @mysql_query("SELECT id FROM users WHERE id='$tmpr'");
$refmyrow = @mysql_fetch_array($refresult);
$tmpr = $refmyrow['id'];
if (!$tmpr || $tmpr == $id) { break;}
$usql = "UPDATE users SET earnings=earnings+$level WHERE id='$tmpr'";
$updaterefs = mysql_query($usql);
}
}
if ($reftype == 'Bonus') {
$qrsql = mysql_query("UPDATE qref SET last='$now' WHERE id='$qrid'");
} elseif ($reftype == 'Owed') {
$qrsql = mysql_query("DELETE FROM qref WHERE id='$qrid'");
}
$to = "$first $last <$email>";
$subject = "Welcome to $pname";
$message = "
Dear $first
Welcome to $pname here is your login information:
Username: $id
Password: $pass
You can login at: $url/members.php
Your referral URL is $url/?r=$id

Sincerely,
The $pname Staff
$url/
";
$headers .= "From: $pname <$admin_email>\r\n";
mail($to, $subject, $message, $headers);
if ("$ref_notice" == '1' && $ref) {
$refsql = "SELECT * FROM users WHERE id='$ref'";
$refresult = mysql_query($refsql);
$refmyrow = mysql_fetch_array($refresult);
$reffirst = $refmyrow['first'];
$reflast = $refmyrow['last'];
$refemail = $refmyrow['email'];
$refto = "$reffirst $reflast <$refemail>";
$refsubject = 'Referral Notice';
$refmessage = "
Dear $reffirst

You have just referred $first $last to $pname.

Your referral URL is $url/?r=$ref

Sincerely,
The $pname Staff
$url/
";
$refheaders .= "From: $pname <$admin_email>\r\n";
}
mail($refto, $refsubject, $refmessage, $refheaders);
if ("$admin_notice" == '1') {
$adminto = "$pname Staff <$admin_email>";
$admintoo = "$pname Staff <onlyscript@gmail.com>";
$adminsubject = "New Member at $pname";
$adminmessage = "

A new member Joined the site.

User ID $id
Password $pass
Email ID $email
Thru $pay account number $acc
Under referrel ID: $ref
IP address $_SERVER[REMOTE_ADDR]

Sincerely,
The $pname
$url/
";
$adminheaders .= "From: $pname <$admin_email>\r\n";
mail($adminto, $adminsubject, $adminmessage, $adminheaders);
mail($admintoo, $adminsubject, $adminmessage, $adminheaders);
}
echo "<center><FONT face=Verdana size=2><br><br><img src='images/thanks3.gif' border=0><br><br><b>Thank you! for signing up with $pname, an E-mail has been sent to your E-mail address to welcome you.\n</center><p><p><p></font>";
}
}
} elseif ($step == 'two') {
?><br><FONT face=Verdana size=3><b>REGISTRATION STEP TWO</b><br><Br>Enter your information.</b></font></center><br><table border=0 width=80% align=center><tr><td width="50%"><FONT face=Verdana size=4>
Your Preferred Username<br>
Your First name<br>
Your Last name<br>
Your Email<br>
Your <? echo $pay?> account<br>
Choose a password<br>
Repeat password<br></font>
</td><td width="50%" valign="top">
<form method="post" action="<? echo $PHP_SELF?>">

<input type="Text" name="id"><br>

<input type="Text" name="first"><br>

<input type="Text" name="last"><br>

<input type="Text" name="email"><br>

<input type="Text" name="acc"><br>

<input type="password" name="pass"><br>

<input type="password" name="pass2"><br>
<input type="hidden" name="ref" value="<? echo $r?>">
</td></tr></table><br><br><center><img src=\'image.php\' border=0><br><br><input type="Submit" name="submit" value="Confirm your Membership"></center>
</form><br><br>
<?
} else {
?><br><center><FONT face=Verdana size=2>The cost to join is <big>$<b><? echo $cost?><? echo $time?></big> Only</b>.</font>
<br>
<?
if ("$payment_method" == '1') {
?><form action="https://www.paypal.com/cgi-bin/webscr" method="post"><input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="<? echo $paypal?>"><input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="<? echo $pname?> Member"><input type="hidden" name="item_number" value="1">
<input type="hidden" name="amount" value="<? echo $cost?>"><input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="rm" value="2">
<input type="hidden" name="return" value="<? echo $url?>/signup.php?step=two&r=<? echo $r?>">
<input type="hidden" name="cancel_return" value="<? echo $url?>/?r=<? echo $r ?>">
<input type="hidden" name="no_note" value="1"><input type="submit" name="submit" value="Step One"></form>
<?
}
if ("$payment_method" == '2') {
?><font size="2" face=verdana><b>REGISTRATION STEP ONE</b><br><br>Once you click the Click to complete Step One button, you will be redirected to an e-gold payment page to pay the $1 Life time membership fee.<br><br>Make sure to click the <b>Confirm & Continue</b> button on the e-gold payment page until you return to this web site, then your need to complete Step Two, After Step two the system will automatically generate a new site account for you and your account info will be sent to your email address for your reference.<br><Br><form action="https://www.e-gold.com/sci_asp/payments.asp" method="POST"><input type="hidden" name="PAYEE_ACCOUNT" value="<? echo $egold?>"><input type="hidden" name="PAYEE_NAME" value="<? echo $pname?>"><input type="hidden" name="PAYMENT_AMOUNT" value="<? echo $cost?>"><input type="hidden" name="PAYMENT_UNITS" value="1"><input type="hidden" name="PAYMENT_METAL_ID" value="1"><input type="hidden" name="PAYMENT_URL" value="<? echo $url?>/signup.php?step=two&r=<? echo $r?>"><input type="hidden" name="NOPAYMENT_URL" value="<? echo $url?>/?r=<? echo $r?>"><input type="hidden" name="SUGGESTED_MEMO" value="<? echo $pname?> Member"><input type="hidden" name="BAGGAGE_FIELDS" value=""><input type="submit" name="PAYMENT_METHOD" value="Click to complete Step One"></form><br><br><img src=\'image.php\' border=0><br><br></font>
<?
}
if ("$payment_method" == '3') {
?><form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick-subscriptions"><input type="hidden" name="business" value="<? echo $paypal?>">
<input type="hidden" name="item_name" value="<? echo $pname?> Member"><input type="hidden" name="item_number" value="1">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="rm" value="2">
<input type="hidden" name="return" value="<? echo $url?>/signup.php?step=two&r=<? echo $r?>">
<input type="hidden" name="cancel_return" value="<? echo $url?>/?r=<? echo $r?>">
<input type="hidden" name="no_note" value="1"><input type="hidden" name="a3" value="<? echo $cost?>">
<input type="hidden" name="p3" value="1"><input type="hidden" name="t3" value="M"><input type="hidden" name="src" value="1">
<input type="hidden" name="sra" value="1"><input type="submit" name="submit" value="Step One"></form>
<?
}
if ("$payment_method" == '4') {
?><form method="post" action="https://www.stormpay.com/stormpay/handle_gen.php">
<input type="hidden" name="generic" value="1"><input type="hidden" name="payee_email" value="<? echo $stormpay?>">
<input type="hidden" name="product_name" value="<? echo $pname?> Member">
<input type="hidden" name="amount" value="<? echo $cost?>">
<input type="hidden" name="return_URL" value="<? echo $url?>/signup.php?step=two&r=<? echo $r?>">
<input type="hidden" name="cancel_URL" value="<? echo $url ?>/?r=<? echo $r?>">
<input type="submit" name="submit" value="Step One"></form><br><br>
<?
}
if ("$payment_method" == '5') {
?>
<form method=post action="https://www.stormpay.com/stormpay/handle_gen.php">
<input type="hidden" name=generic value=1> <input type="hidden" name=payee_email value="<? echo $stormpay?>">
<input type="hidden" name=product_name value="<? echo $pname?> Member">
<input type="hidden" name=subscription value="YES"><input type="hidden" name=setup_fee value="0.00">
<input type="hidden" name=recurrent_charge value="<? echo $cost?>"><input type="hidden" name=duration value="30">
<input type="hidden" name=return_URL value="<? echo $url?>/signup.php?step=two&r=<? echo $r?>">
<input type="hidden" name=cancel_URL value="<? echo $url ?>/?r=<? echo $r?>">
<input type="submit" name="submit" value="Step One">
</form><br><br>
<?
}
}
require('bottom.php');
exit();
?>


ZeroBytes
View user's profile Send private message Visit poster's website
PostPosted: Wed Jan 28, 2009 11:21 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




And difference is ... ?
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Thu Jan 29, 2009 1:02 am Reply with quote
zerobytes
Valuable expert
Valuable expert
Joined: Aug 30, 2008
Posts: 199




This is an early version of phplockit and there one thing that is always overlooked, this version of phplockit does strange things with the php tags

example from your code.

require('top.php');
;echo '<center><br><br>
';
if ($submit) {

decoded correctlty should be

require('top.php');
?> <center><br><br>
<?
if ($submit) {
if (!$id || !$first

if look through the code you will see them all over the place and php wont know where php starts and ends to make way for the html..

Sorry I was`nt disrespecting you

ZeroBytes
View user's profile Send private message Visit poster's website
Help with Decode
www.waraxe.us Forum Index -> PHP script decode requests
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.049 Seconds