|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Please no possibility of reversing this code |
|
Posted: Fri Aug 24, 2012 8:05 pm |
|
|
vv456 |
Advanced user |
|
|
Joined: Aug 24, 2012 |
Posts: 190 |
|
|
|
|
|
|
|
Please no possibility of reversing this code as the ODE is extensive posted it on paste bin the following address:
http://pastebin.com/wVq1KFr0 |
|
|
|
|
|
|
|
|
Posted: Fri Aug 24, 2012 9:59 pm |
|
|
demon |
Moderator |
|
|
Joined: Sep 22, 2010 |
Posts: 485 |
|
|
|
|
|
|
|
Code: | <?php
class ADDON_CIELOSTATUSWS extends ISC_ADDON
{
var $url_consulta = 'http://www.loja5.com.br/ws/cpf/index.php';
public function __construct()
{
$this->SetId("addon_cielostatusws");
$this->SetName("Gestor de Pedidos Cielo WS");
$this->RegisterMenuItem(array(
"location" => "mnuOrders",
"icon" => "mnuOrders.gif",
"text" => "Gestor de Pedidos Cielo WS",
"description" => "Gerencie os pedidos cielo da loja, capturas, cancelamentos e consulta de dados de cliente.",
"id" => "addon_cielostatusws"
));
$this->SetImage("logo.png");
$this->SetHelpText("Gerencie os pedidos cielo da loja, capturas, cancelamentos e consulta de dados de cliente.");
}
public function init()
{
$this->ShowSaveAndCancelButtons(true);
}
public function SetCustomVars()
{
return false;
}
public function EntryPoint()
{
$nomm = "Buy Page Loja (Direto na Loja)";
echo "<div class='BodyContainer'><h2>Gerenciado de Pedidos Cielo | " . $nomm . "</h2>";
echo "<p>Pedidos 'CRIADOS' caso nao concluidos apos 7 dias automaticamente o mesmo e cancelado. | Pedidos 'AUTORIZADOS' tem um prazo de 7 dias para capturar, caso nao seja capturado o mesmo automaticamente e cancelado.</p>";
echo "<table width='100%' class='GridPanel SortableGrid AutoExpand' border='0'>";
echo "<tr class='Heading3'>";
echo "<td>Pedido #</td>";
echo "<td>Titular Cartao</td>";
echo "<td>CPF</td>";
echo "<td>TID</td>";
echo "<td>Status Loja</td>";
echo "<td>Status Cielo</td>";
echo "<td>Cartao<br>6 Primeiros Digitos</td>";
echo "<td>Total Pedido</td>";
echo "<td>Acoes</td>";
echo "</tr>";
$query = "select * from [|PREFIX|]orders,cielows WHERE cielows.pedido=[|PREFIX|]orders.orderid ORDER BY [|PREFIX|]orders.orderid DESC";
$result = $GLOBALS["ISC_CLASS_DB"]->Query($query);
while ($row = $GLOBALS["ISC_CLASS_DB"]->Fetch($result)) {
echo "<tr class=\"GridRow\">";
echo "<td><b><a href='index.php?ToDo=editOrder&orderId=" . $row["orderid"] . "'>" . $row["orderid"] . "</a></b></td>";
echo "<td>" . $row["nome"] . "</td>";
echo '<td><a href=\'javascript:openwin("".$this->url_consulta."?cpf=".$row["cpf"]."&nome=".$row["nome"]."","testecielo",500,300);\'>".$row["cpf"]."</a></td>';
echo "<td>" . $row["tid"] . "</td>";
$querys = "select * from [|PREFIX|]order_status WHERE statusid = '" . $row["ordstatus"] . "'";
$results = $GLOBALS["ISC_CLASS_DB"]->Query($querys);
$rows = $GLOBALS["ISC_CLASS_DB"]->Fetch($results);
echo "<td>" . strtoupper($rows["statusdesc"]) . "</td>";
echo "<td>" . strtoupper($this->Msg($row["status"])) . "</td>";
echo "<td>" . strtoupper($row["cc"]) . "<br>" . $row["cartao"] . "****</td>";
echo "<td>" . CurrencyConvertFormatPrice($row["ordgatewayamount"], 1, 1, true) . "</td>";
echo "<td><b><a href='index.php?ToDo=runAddon&addon=addon_cielostatusws&func=ver&tid=" . $row["tid"] . "&pedido=" . $row["orderid"] . "'>Capturar<br>Cancelar</a></B></td>";
echo "</tr>";
}
echo "</table></div>";
}
public function Msg($cod)
{
switch ($cod) {
case "0":
$status = "Criada";
break;
case "1":
$status = "Em andamento";
break;
case "2":
$status = "Autenticada";
break;
case "3":
$status = "Nao autenticada";
break;
case "4":
$status = "Autorizada";
break;
case "5":
$status = "Nao autorizada";
break;
case "6":
$status = "Aprovada";
break;
case "8":
$status = "Nao capturada";
break;
case "9":
$status = "Cancelada";
break;
case "10":
$status = "Em autenticacao";
break;
default:
$status = "n/a";
break;
}
return $status;
}
public function ver()
{
$tid = $_GET["tid"];
$pedido = (int) $_GET["pedido"];
echo "<h2>Dados TID " . $tid . " | Pedido #" . $pedido . "</h2>";
$query = "select * from cielows WHERE tid = '" . $tid . "'";
$result = $GLOBALS["ISC_CLASS_DB"]->Query($query);
$row = $GLOBALS["ISC_CLASS_DB"]->Fetch($result);
$codigo = GetModuleVariable("checkout_cielows", "afiliacao");
$chave = GetModuleVariable("checkout_cielows", "chave");
$modo = GetModuleVariable("checkout_cielows", "modo");
if ($modo == "T") {
$urlvisa = "https://qasecommerce.cielo.com.br/servicos/ecommwsec.do";
} else {
$urlvisa = "https://ecommerce.cbmp.com.br/servicos/ecommwsec.do";
}
$cancelamento = '<?xml version="1.0" encoding="ISO-8859-1"?> \n<requisicao-cancelamento id=\"".md5(date("YmdHisu"))."\" versao="1.1.0"> \n <tid>".$tid."</tid>\n <dados-ec> \n <numero>".$codigo."</numero> \n <chave>".$chave."</chave> \n </dados-ec> \n</requisicao-cancelamento>';
$consulta = '<?xml version=\"1.0" encoding="ISO-8859-1\"?> \n<requisicao-consulta id=\"".md5(date("YmdHisu"))."" versao="1.1.0\"> \n <tid>".$tid."</tid>\n <dados-ec> \n <numero>".$codigo."</numero> \n <chave>".$chave."</chave> \n </dados-ec> \n</requisicao-consulta>';
$capturaxml = '<requisicao-captura id=\"".md5(date("YmdHisu"))."" versao="1.1.0\">\n\t\t\t<tid>".$tid."</tid>\n\t\t\t<dados-ec> \n <numero>".$codigo."</numero> \n <chave>".$chave."</chave> \n </dados-ec>\n </requisicao-captura>';
if (isset($_GET["cancelar"])) {
$can = @$this->simpleXMLToArray($this->Con($urlvisa, $cancelamento));
if (isset($can["codigo"])) {
echo "<hr><b>Ops:</b> Erro: " . $can["codigo"] . "<br>";
echo "<b>Log:</b> " . utf8_decode($can["mensagem"]) . "<br><hr>";
}
if (isset($can["autorizacao"]["codigo"]) && $can["autorizacao"]["codigo"] == 9) {
@UpdateOrderStatus($_GET["pedido"], ORDER_STATUS_CANCELLED);
}
}
if (isset($_GET["capturar"])) {
$cap = @$this->simpleXMLToArray($this->Con($urlvisa, $capturaxml));
if (isset($cap["codigo"])) {
echo "<hr><b>Ops:</b> Erro: " . $cap["codigo"] . "<br>";
echo "<b>Log:</b> " . utf8_decode($cap["mensagem"]) . "<br><hr>";
}
if (isset($cap["autorizacao"]["codigo"]) && $cap["autorizacao"]["codigo"] == 6) {
@UpdateOrderStatus($_GET["pedido"], ORDER_STATUS_AWAITING_SHIPMENT);
}
}
$con = $this->simpleXMLToArray($this->Con($urlvisa, $consulta));
if (isset($con["pan"])) {
echo "<b>PAN:</b> " . $con["pan"] . "<br>";
}
if (isset($con["dados-pedido"])) {
echo "<b>Dados Pedido</b><br>";
echo "<b>Pedido:</b> " . $con["dados-pedido"]["numero"] . "<br>";
echo "<b>Data/Hora:</b> " . $con["dados-pedido"]["data-hora"] . "<br>";
echo "<b>Detalhes:</b> " . $con["dados-pedido"]["descricao"] . "<br>";
}
if (isset($con["forma-pagamento"])) {
echo "<b>Forma de Pagamento</b><br>";
echo "<b>Cartao:</b> " . strtoupper($con["forma-pagamento"]["bandeira"]) . "<br>";
echo "<b>Parcelas:</b> " . $con["forma-pagamento"]["parcelas"] . "<br>";
}
if (isset($con["autorizacao"])) {
echo "<b>Forma de Pagamento</b><br>";
echo "<b>Status:</b> " . strtoupper($this->Msg($con["autorizacao"]["codigo"])) . "<br>";
echo "<b>Valor:</b> R\$ " . ($con["autorizacao"]["valor"] / 100) . "<br>";
echo "<b>LR:</b> " . $con["autorizacao"]["lr"] . "<br>";
}
if (isset($con["cancelamento"])) {
echo "<b>Cancelamento</b><br>";
echo "<b>Mensagem:</b> " . $con["cancelamento"]["mensagem"] . "<br>";
echo "<b>Data/Hora:</b> " . $con["cancelamento"]["data-hora"] . "<br>";
}
echo "<br><br>";
if (isset($con["autorizacao"]["codigo"])) {
@$GLOBALS["ISC_CLASS_DB"]->Query('UPDATE cielows SET status=\"".$con["autorizacao"]["codigo"]."" WHERE pedido ="".(int)$_GET["pedido"]."\"');
if ($con["autorizacao"]["codigo"] == 4 || $con["autorizacao"]["codigo"] == 6) {
echo "<a href='index.php?ToDo=runAddon&addon=addon_cielostatusws&func=ver&tid=" . $tid . "&cancelar=sim&pedido=" . (int) $_GET["pedido"] . "'>CANCELAR</a> |";
echo " <a href='index.php?ToDo=runAddon&addon=addon_cielostatusws&func=ver&tid=" . $tid . "&capturar=sim&pedido=" . (int) $_GET["pedido"] . "'>CAPTURAR</a> | ";
}
}
echo "<a href='index.php?ToDo=runAddon&addon=addon_cielostatusws'>VOLTAR</a>";
}
public function Con($url, $msg)
{
$curl = curl_init();
curl_setopt($curl, CURLOPT_HEADER, 0);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query(array(
"mensagem" => $msg
)));
$xml = curl_exec($curl);
curl_close($curl);
$DadosEnvio = simplexml_load_string($xml);
return $DadosEnvio;
}
public function simpleXMLToArray($xml, $flattenValues = true, $flattenAttributes = true, $flattenChildren = true, $valueKey = '@value', $attributesKey = '@attributes', $childrenKey = '@children')
{
$return = array();
if (!($xml instanceof SimpleXMLElement)) {
return $return;
}
$name = $xml->getName();
$_value = trim((string) $xml);
if (strlen($_value) == 0) {
$_value = null;
}
if ($_value !== null) {
if (!$flattenValues) {
$return[$valueKey] = $_value;
} else {
$return = $_value;
}
}
$children = array();
$first = true;
foreach ($xml->children() as $elementName => $child) {
$value = $this->simpleXMLToArray($child, $flattenValues, $flattenAttributes, $flattenChildren, $valueKey, $attributesKey, $childrenKey);
if (isset($children[$elementName])) {
if ($first) {
$temp = $children[$elementName];
unset($children[$elementName]);
$children[$elementName][] = $temp;
$first = false;
}
$children[$elementName][] = $value;
} else {
$children[$elementName] = $value;
}
}
if (count($children) > 0) {
if (!$flattenChildren) {
$return[$childrenKey] = $children;
} else {
$return = array_merge($return, $children);
}
}
$attributes = array();
foreach ($xml->attributes() as $name => $value) {
$attributes[$name] = trim($value);
}
if (count($attributes) > 0) {
if (!$flattenAttributes) {
$return[$attributesKey] = $attributes;
} else {
$return = array_merge($return, $attributes);
}
}
return $return;
}
}
require_once(dirname(__FILE__) . "/../../includes/classes/class.addon.php");
?> |
|
|
_________________ Go BIG or go HOME ! |
|
|
|
|
|
|
|
Posted: Sun Aug 26, 2012 2:50 am |
|
|
vv456 |
Advanced user |
|
|
Joined: Aug 24, 2012 |
Posts: 190 |
|
|
|
|
|
|
|
Thank you friend for the excellent work!!!
He/she would like to know if he/she won't ask a lot as it can be made that reversion
Was it with some tool? |
|
|
|
|
Posted: Sun Aug 26, 2012 6:53 am |
|
|
astra1993 |
Advanced user |
|
|
Joined: Jun 20, 2012 |
Posts: 125 |
|
|
|
|
|
|
|
Nope. Decoded by hand. |
|
|
|
|
Posted: Sun Aug 26, 2012 10:54 pm |
|
|
vv456 |
Advanced user |
|
|
Joined: Aug 24, 2012 |
Posts: 190 |
|
|
|
|
|
|
|
astra1993 wrote: | Nope. Decoded by hand. |
Hello Astra1993 , I understand and appreciate the explanations would like to know which method used by him, any of you could please show me to other opportunities I can help somebody forum which is in the same situation.
I thank the community for contributing! |
|
|
|
|
Posted: Sun Aug 26, 2012 11:09 pm |
|
|
demon |
Moderator |
|
|
Joined: Sep 22, 2010 |
Posts: 485 |
|
|
|
|
|
|
|
the method is simple just decode the hex values and then replace the variables with their original names |
|
_________________ Go BIG or go HOME ! |
|
|
|
Posted: Mon Aug 27, 2012 11:15 am |
|
|
vv456 |
Advanced user |
|
|
Joined: Aug 24, 2012 |
Posts: 190 |
|
|
|
|
|
|
|
demon wrote: | the method is simple just decode the hex values and then replace the variables with their original names |
Thanks, but its abuse their goodwill would have to send me an example of how to do this procedure ..... |
|
|
|
|
Posted: Mon Aug 27, 2012 1:31 pm |
|
|
demon |
Moderator |
|
|
Joined: Sep 22, 2010 |
Posts: 485 |
|
|
|
|
|
|
|
just use simple php:
Code: | <?php
$file = file_get_contents("source.php");
$decode = preg_replace('/[\\\\]x(\w\w)/e', 'chr(hexdec("$1"))', $file);
highlight_string(str_replace(";",";\n", $decode));
?> |
and then format the output with phpformater |
|
_________________ Go BIG or go HOME ! |
|
|
|
Posted: Mon Aug 27, 2012 1:57 pm |
|
|
vv456 |
Advanced user |
|
|
Joined: Aug 24, 2012 |
Posts: 190 |
|
|
|
|
|
|
|
demon wrote: | just use simple php:
Code: | <?php
$file = file_get_contents("source.php");
$decode = preg_replace('/[\\\\]x(\w\w)/e', 'chr(hexdec("$1"))', $file);
highlight_string(str_replace(";",";\n", $decode));
?> |
and then format the output with phpformater |
Thanks for everything!! |
|
|
|
|
Posted: Mon Aug 27, 2012 5:57 pm |
|
|
demon |
Moderator |
|
|
Joined: Sep 22, 2010 |
Posts: 485 |
|
|
|
|
|
|
|
you welcome |
|
_________________ Go BIG or go HOME ! |
|
|
|
www.waraxe.us Forum Index -> PHP script decode requests
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|