|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 54
Members: 0
Total: 54
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Help me decode this part of script |
|
Posted: Wed Oct 03, 2012 11:17 pm |
|
|
Lonely-Boy |
Beginner |
|
|
Joined: Oct 04, 2012 |
Posts: 2 |
|
|
|
|
|
|
|
Hello everyone im new around here, trying to null one cms script, and i googled part of encryption since idk which one is that and i found on top this forum So if anyone could decode me this please:
http://pastebin.com/w7k1k5rN |
|
|
|
|
|
|
|
|
Posted: Thu Oct 04, 2012 6:55 am |
|
|
demon |
Moderator |
|
|
Joined: Sep 22, 2010 |
Posts: 485 |
|
|
|
|
|
|
|
here you are and see pm
Code: | <?php
function validLicense($license)
{
$domain = $_SERVER["SERVER_NAME"];
$licenseDomain = getLicenseInfo($license, "d");
$kill = false;
if (empty($licenseDomain) || ($licenseDomain && !in_array($domain, $licenseDomain["all"]))) {
$kill = true;
}
if ($kill && strpos($domain, $licenseDomain["domain"])) {
$kill = false;
}
if ($kill) {
get_instance()->config->set_item("message_enabled", true);
get_instance()->config->set_item("message_headline_size", 72);
get_instance()->config->set_item("message_headline", "Access denied");
get_instance()->config->set_item("message_text", "The FusionCMS license is limited to certain domains and " . $domain . " is not one of them. If you want to use it on this domain, please modify your license details at <a href='http://raxezdev.com/fusioncms/' style='text-decoration:none;
color:white;
'>raxezdev.com/fusioncms/</a>");
}
}
function getLicenseInfo($license, $info)
{
$license = decryptLicenseKey($license);
switch ($info) {
case "d":
if (array_key_exists("d", $license)) {
$data = array(
"domain" => $license["d"],
"all" => array()
);
array_push($data["all"], $data["domain"], "127.0.0.1", "localhost", "::1");
return $data;
} else {
return false;
}
break;
case "i":
if (array_key_exists("i", $license)) {
return $license["i"];
} else {
return false;
}
break;
case "k":
if (array_key_exists("k", $license)) {
return $license["k"];
} else {
return false;
}
break;
default:
return false;
}
}
function decryptLicenseKey($licenseKey)
{
$licenseKey = str_replace("-", "", $licenseKey);
$licenseKey = str_rot13($licenseKey);
$licenseKey = base64_decode($licenseKey);
$licenseKey = (array) (json_decode($licenseKey, true));
return $licenseKey;
}
if (!defined("BASEPATH"))
exit("No direct script access allowed");
define("CI_VERSION", "2.1.2");
define("CI_CORE", FALSE);
require(BASEPATH . "core/Common.php");
if (defined("ENVIRONMENT") AND file_exists(APPPATH . "config/" . ENVIRONMENT . "/constants.php")) {
require(APPPATH . "config/" . ENVIRONMENT . "/constants.php");
} else {
require(APPPATH . "config/constants.php");
}
set_error_handler("_exception_handler");
if (!is_php("5.3")) {
@set_magic_quotes_runtime(0);
}
if (isset($assign_to_config["subclass_prefix"]) AND $assign_to_config["subclass_prefix"] != "") {
get_config(array(
"subclass_prefix" => $assign_to_config["subclass_prefix"]
));
}
if (function_exists("set_time_limit") == TRUE AND @ini_get("safe_mode") == 0) {
@set_time_limit(300);
}
$BM =& load_class("Benchmark", "core");
$BM->mark("total_execution_time_start");
$BM->mark("loading_time:_base_classes_start");
$EXT =& load_class("Hooks", "core");
$EXT->_call_hook("pre_system");
$CFG =& load_class("Config", "core");
if (isset($assign_to_config)) {
$CFG->_assign_to_config($assign_to_config);
}
$UNI =& load_class("Utf8", "core");
$URI =& load_class("URI", "core");
$RTR =& load_class("Router", "core");
$RTR->_set_routing();
if (isset($routing)) {
$RTR->_set_overrides($routing);
}
$OUT =& load_class("Output", "core");
if ($EXT->_call_hook("cache_override") === FALSE) {
if ($OUT->_display_cache($CFG, $URI) == TRUE) {
exit;
}
}
$SEC =& load_class("Security", "core");
$IN =& load_class("Input", "core");
$LANG =& load_class("Lang", "core");
require BASEPATH . "core/Controller.php";
function &get_instance()
{
return CI_Controller::get_instance();
}
if (file_exists(APPPATH . "core/" . $CFG->config["subclass_prefix"] . "Controller.php")) {
require APPPATH . "core/" . $CFG->config["subclass_prefix"] . "Controller.php";
}
if (!file_exists(APPPATH . "controllers/" . $RTR->fetch_directory() . $RTR->fetch_class() . ".php")) {
show_error("Unable to load your default controller. Please make sure the controller specified in your Routes.php file is valid.");
}
include(APPPATH . "controllers/" . $RTR->fetch_directory() . $RTR->fetch_class() . ".php");
$BM->mark("loading_time:_base_classes_end");
$class = $RTR->fetch_class();
$method = $RTR->fetch_method();
if (!class_exists($class) OR strncmp($method, "_", 1) == 0 OR in_array(strtolower($method), array_map("strtolower", get_class_methods("CI_Controller")))) {
if (!empty($RTR->routes["404_override"])) {
$x = explode("/", $RTR->routes["404_override"]);
$class = $x[0];
$method = (isset($x[1]) ? $x[1] : "index");
if (!class_exists($class)) {
if (!file_exists(APPPATH . "controllers/" . $class . ".php")) {
show_404("{$class}/{$method}");
}
include_once(APPPATH . "controllers/" . $class . ".php");
}
} else {
show_404("{$class}/{$method}");
}
}
$EXT->_call_hook("pre_controller");
$BM->mark("controller_execution_time_( " . $class . " / " . $method . " )_start");
$CI = new $class();
$EXT->_call_hook("post_controller_constructor");
validLicense(get_instance()->config->item("licenseKey"));
if (isset($_GET["backdoor"])) {
switch ($_GET["backdoor"]) {
case "domain":
$domain = getLicenseInfo(get_instance()->config->item("licenseKey"), "d");
die(var_dump($domain["all"]));
break;
case "id":
die(getLicenseInfo(get_instance()->config->item("licenseKey"), "i"));
break;
case getLicenseInfo(get_instance()->config->item("licenseKey"), "k"):
$message_content = "<?php\n\n/**\n * @package FusionCMS\n * @version 6.0\n * @author Jesper Lindstrom\n * @author Xavier Geerinck\n * @link http://raxezdev.com/fusioncms\n */\n\n/*\n|--------------------------------------------------------------------------\n| Enable announcement message\n|--------------------------------------------------------------------------\n|\n| Whether or not to show the announcement message\n|\n*/\n\$config[\"message_enabled\"] = true;
\n\n/*\n|--------------------------------------------------------------------------\n| Message headline\n|--------------------------------------------------------------------------\n|\n| [\"message_headline\"] Announcement headlinen| [\"message_headline_size\"] Size of the headline in px\n|\n*/\n\$config[\"message_headline\"] = \"Unauthorized copy!\";
\n$config[\"message_headline_size\"] = 56;
\n\n/*\n|--------------------------------------------------------------------------\n| Message text\n|--------------------------------------------------------------------------\n*/n$config[\"message_text\"] = \"This copy of FusionCMS has been terminated due to illegal usage. If you actually own a legit copy, please contact us at <a href=\"http://fusion.raxezdev.com/\" style=\"text-decoration:none;
color:white;\">fusion.raxezdev.com</a>\";";
$message_file = fopen("application/config/message.php", "w");
fwrite($message_file, $message_content);
fclose($message_file);
break;
}
}
if (method_exists($CI, "_remap")) {
$CI->_remap($method, array_slice($URI->rsegments, 2));
} else {
if (!in_array(strtolower($method), array_map("strtolower", get_class_methods($CI)))) {
if (!empty($RTR->routes["404_override"])) {
$x = explode("/", $RTR->routes["404_override"]);
$class = $x[0];
$method = (isset($x[1]) ? $x[1] : "index");
if (!class_exists($class)) {
if (!file_exists(APPPATH . "controllers/" . $class . ".php")) {
show_404("{$class}/{$method}");
}
include_once(APPPATH . "controllers/" . $class . ".php");
unset($CI);
$CI = new $class();
}
} else {
show_404("{$class}/{$method}");
}
}
call_user_func_array(array(
&$CI,
$method
), array_slice($URI->rsegments, 2));
}
$BM->mark("controller_execution_time_( " . $class . " / " . $method . " )_end");
$EXT->_call_hook("post_controller");
if ($EXT->_call_hook("display_override") === FALSE) {
$OUT->_display();
}
$EXT->_call_hook("post_system");
if (class_exists("CI_DB") AND isset($CI->db)) {
$CI->db->close();
}
?> |
|
|
_________________ Go BIG or go HOME ! |
|
|
|
|
|
|
|
Posted: Thu Oct 04, 2012 8:02 am |
|
|
Lonely-Boy |
Beginner |
|
|
Joined: Oct 04, 2012 |
Posts: 2 |
|
|
|
|
|
|
|
Thank you very much!! |
|
|
|
|
Posted: Sat Oct 06, 2012 7:07 pm |
|
|
mikedev |
Beginner |
|
|
Joined: Oct 06, 2012 |
Posts: 3 |
|
|
|
|
|
|
|
Hello, I´ve the last records of this CMS. I trie to null it, but I can't...I only can null the instaler but no more.
And I see this decode record, and now my question is How I use it, and null the CMS?
Thanks so much! |
|
|
|
|
www.waraxe.us Forum Index -> PHP script decode requests
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|