PornoKnox - Deobfuscated Files - Need To Be Nulled

***MajoMaslo*** · 08-02-2017, 09:23 PM

Hi guys!

Today i have something for adult marketers. It's a plugin called pornoknox and this plugin can import adult videos from few sites.

Features:

Quote:Features:
Automatic search for random videos
Two players available to choose from
100% responsive custom players
HTML5 Technology, Bootstrap and VideoJS
Search Fluency

publicar.php

PHP Code:

<?php  if(isset($_POST['publicar'])){ $totalvideos = $_POST['total_videos'];
 $reproductor = $_POST['selectplayer'];
 $publicados = 0;
 $servidor = 'servidor='.$_POST['servidor'].' ';
 for ($i=1;
 $i<=$totalvideos;
 $i++) { if (($_POST['check_'.$i])=='on'){$chon = 1;
} else{ $chon=0;
} if ($chon == 1){ $publicados++;
 $linkvideo = $_POST['video_url_'.$i];
 $videotitulo = $_POST['video_titulo_'.$i];
 $videodescripcion = $_POST['video_text_'.$i];
 $videothumb = $_POST['imagen_url_'.$i];
 $categoria = $_POST['cat_'.$i];
 $tags = $_POST['tags_'.$i];
 $post_status = 'publish';
 if ($reproductor == 'videojs'){ $shortcode = '[pornokoxhtml5js '.$servidor .$_POST['video_player_'.$i].']';
 } else{ $shortcode = '[pornokoxhtml5 '.$servidor .$_POST['video_player_'.$i].']';
 } $entrada = $shortcode."<br/>".$videodescripcion;
 $post_time=current_time('timestamp');
 $new_post = array( 'ID' => '', 'post_title' => $videotitulo, 'post_content' => $entrada, 'post_status' => $post_status, 'tags_input' => $tags, 'post_date' => date('Y-m-d H:i:s',$post_time), 'post_category' => array( 'category' => $categoria ) );
 $post_id = wp_insert_post($new_post);
 $thumb_url = $videothumb;
 require_once(ABSPATH . 'wp-admin/includes/file.php');
 require_once(ABSPATH . 'wp-admin/includes/media.php');
 set_time_limit(300);
 if ( ! empty($thumb_url) ) { $tmp = download_url( $thumb_url );
 preg_match('/[^\?]+\.(jpg|JPG|jpe|JPE|jpeg|JPEG|gif|GIF|png|PNG)/', $thumb_url, $matches);
 $file_array['name'] = basename($matches[0]);
 $file_array['tmp_name'] = $tmp;
 if ( is_wp_error( $tmp ) ) { @unlink($file_array['tmp_name']);
 $file_array['tmp_name'] = '';
 } $thumbid = media_handle_sideload( $file_array, $post_id, $desc );
 if ( is_wp_error($thumbid) ) { @unlink($file_array['tmp_name']);
 return $thumbid;
 } } set_post_thumbnail( $post_id, $thumbid );
 } } include("plugin-parts/head.php");
 include("plugin-parts/form-parts/formpublicado.php");
 include("/plugin-parts/footer.php");
 } ?>

license.php

PHP Code:

<?php  require_once( explode( "wp-content" , __FILE__ )[0] . "wp-load.php" );
 define('PORNOKOX_PLUGIN_SECRET_KEY', '5955b69ab1b9b2.39089405');
 define('PORNOKOX_PLUGIN_LICENSE_SERVER_URL', 'https://pornokox.elbarrunto.com');
 define('PORNOKOX_PLUGIN_ITEM_REFERENCE', 'PornoKox Premium');
 if (isset($_REQUEST['license_key'])){ if (isset($_POST['opciones']) and& $_POST['opciones'] == 'activar') { $license_key = $_REQUEST['license_key'];
 $api_params = array( 'slm_action' => 'slm_activate', 'secret_key' => PORNOKOX_PLUGIN_SECRET_KEY, 'license_key' => $license_key, 'registered_domain' => $_SERVER['SERVER_NAME'], 'item_reference' => urlencode(PORNOKOX_PLUGIN_ITEM_REFERENCE), );
 $query = esc_url_raw(add_query_arg($api_params, PORNOKOX_PLUGIN_LICENSE_SERVER_URL));
 $response = wp_remote_get($query, array('timeout' => 20, 'sslverify' => false));
 if (is_wp_error($response)){ echo '<fieldset><div class="key-success"> >> Unexpected Error! The query returned with an error. << </div></fieldset>';
 } $license_data = json_decode(wp_remote_retrieve_body($response));
 if($license_data->result == 'success'){ $mensaje = '<fieldset><div class="key-success"> >> '.$license_data->message.' << </div></fieldset><br/>';
 echo $mensaje;
 update_option('license_key', $license_key);
 update_option('license_notice', $mensaje);
 } else{ echo '<fieldset><div class="key-success">'.$license_data->message.'</div></fieldset><br/>';
 } } if (isset($_POST['opciones']) and& $_POST['opciones'] == 'desactivar') { $license_key = $_REQUEST['license_key'];
 $api_params = array( 'slm_action' => 'slm_deactivate', 'secret_key' => PORNOKOX_PLUGIN_SECRET_KEY, 'license_key' => $license_key, 'registered_domain' => $_SERVER['SERVER_NAME'], 'item_reference' => urlencode(PORNOKOX_PLUGIN_ITEM_REFERENCE), );
 $query = esc_url_raw(add_query_arg($api_params, PORNOKOX_PLUGIN_LICENSE_SERVER_URL));
 $response = wp_remote_get($query, array('timeout' => 20, 'sslverify' => false));
 if (is_wp_error($response)){ echo '<fieldset><div class="key-success"> >> Unexpected Error! The query returned with an error. << </div></fieldset>';
 } $license_data = json_decode(wp_remote_retrieve_body($response));
 if($license_data->result == 'success'){ $mensaje = '<fieldset><div class="key-success"> >> '.$license_data->message.' << </div></fieldset><br/>';
 echo $mensaje;
 update_option('license_key', '');
 update_option('license_notice', '');
 } else{ echo '<fieldset><div class="key-success">'.$license_data->message.'</div></fieldset><br/>';
 } } } ?>

Download:

Code:

https://pornokox.elbarrunto.com/api/updates/?action=download&slug=PornoKox

***sikewup*** · 08-03-2017, 05:40 AM

Note: I haven't tested, nor do i have wordpress, so try these at localhost before uploading to server:

publicar.php
No contact to server as i can see (although it contacts the server, i will tell you below about that)

license.php
Erase everything and just leave this:

Code:

<?php

?>

But, there is one more file which has a base64 encoded code (file: pornoknox.php), which is this:

Code:

eval(base64_decode("ICBhZGRfc2hvcnRjb2RlKCdwb3Jub2tveGh0bWw1JywgJ3ZpZGVvJyk7IC8vU2hvcnRjb2RlIHF1ZSBh​Z3JlZ2EgcmVwcm9kdWN0b3IgZGVmYXVsdCBkZSB3b3JkcHJlc3MKICBmdW5jdGlvbiB2aWRlbygkYXR0​cykgewoJJHNob3J0Y29kZV9hdHRzID0gc2hvcnRjb2RlX2F0dHMoIGFycmF5KAoJCSdzZXJ2aWRvcicg​PT4gJ3h2aWRlb3MnLAoJCSd1cmwnID0+ICdObyBzZSBlc3RhYmxlY2lvIHVuYSB1cmwgZGUgdmlkZW8n​LAoJCSdsaWNlbmNpYScgPT4gJycsCgkpLCAkYXR0cyApOwoJCgkkcmV0dXJuID0gJzxkaXYgaWQ9ImRp​dlZpZGVvIiBwb3N0ZXI9IiIgd2lkdGg9ICIxMDAlIiBoZWlnaHQ9IjEwMCUiPic7CgkkcmV0dXJuIC49​ICc8dmlkZW8gd2lkdGg9IjY0MCIgaGVpZ2h0PSI0ODAiICBjb250cm9scyBwcmVsb2FkPSJhdXRvIj4g​PHNvdXJjZSBzcmM9IiIgdHlwZT0idmlkZW8vbXA0Ii8+IDwvdmlkZW8+JzsKCSRyZXR1cm4gLj0gJzwv​ZGl2Pic7CgkkcmV0dXJuIC49ICc8c2NyaXB0IHNyYz0iLy9wb3Jub2tveC5lbGJhcnJ1bnRvLmNvbS9h​cGkvc291cmNlLycuJHNob3J0Y29kZV9hdHRzWydzZXJ2aWRvciddLicvJy4kc2hvcnRjb2RlX2F0dHNb​J3VybCddLicvJy5nZXRfb3B0aW9uKCdsaWNlbnNlX2tleScpLiciPjwvc2NyaXB0Pic7CglyZXR1cm4g​JHJldHVybjsKICB9CiAKICBhZGRfc2hvcnRjb2RlKCdwb3Jub2tveGh0bWw1anMnLCAndmlkZW9qcycp​OyAvL1Nob3J0Y29kZSBxdWUgYWdyZWdhIHJlcHJvZHVjdG9yIFZpZGVvLmpzCiAgZnVuY3Rpb24gdmlk​ZW9qcygkYXR0cykgewoJJHNob3J0Y29kZV9hdHRzID0gc2hvcnRjb2RlX2F0dHMoIGFycmF5KAoJCSdz​ZXJ2aWRvcicgPT4gJ3h2aWRlb3MnLAoJCSd1cmwnID0+ICdObyBzZSBlc3RhYmxlY2lvIHVuYSB1cmwg​ZGUgdmlkZW8nLAoJCSdsaWNlbmNpYScgPT4gJycsCgkpLCAkYXR0cyApOwoJJHJldHVybiA9ICc8ZGl2​IGlkPSJkaXZWaWRlbyIgcG9zdGVyPSIiIHdpZHRoPSIxMDAlIiBoZWlnaHQ9IjEwMCUiPic7CgkkcmV0​dXJuIC49ICc8dmlkZW8gaWQ9Im15LXZpZGVvIiBjbGFzcz0idmlkZW8tanMgdmpzLWRlZmF1bHQtc2tp​biB2anMtYmlnLXBsYXktY2VudGVyZWQgdmpzLTE2LTkiIHdpZHRoPSI2NDAiIGhlaWdodD0iNDgwIiAg​Y29udHJvbHMgcHJlbG9hZD0iYXV0byIgZGF0YS1zZXR1cD1cJ3sgImFzcGVjdFJhdGlvIjoiNjQwOjQ4​MCIsICJwbGF5YmFja1JhdGVzIjogWzEsIDEuNSwgMl0gfVwnPiA8c291cmNlIHNyYz0iIiB0eXBlPSJ2​aWRlby9tcDQiLz4gPC92aWRlbz4nOwoJJHJldHVybiAuPSAnPC9kaXY+JzsKCSRyZXR1cm4gLj0gJzxz​Y3JpcHQgc3JjPSIvL3Bvcm5va294LmVsYmFycnVudG8uY29tL2FwaS9zb3VyY2UvJy4kc2hvcnRjb2Rl​X2F0dHNbJ3NlcnZpZG9yJ10uJy8nLiRzaG9ydGNvZGVfYXR0c1sndXJsJ10uJy8nLmdldF9vcHRpb24o​J2xpY2Vuc2Vfa2V5JykuJyI+PC9zY3JpcHQ+JzsKCSRyZXR1cm4gLj0gJzxsaW5rIHJlbD0ic3R5bGVz​aGVldCIgaWQ9InBvcm5va294X2VzdGlsbzItY3NzIiAgaHJlZj0iLy92anMuemVuY2RuLm5ldC81LjE5​LjIvdmlkZW8tanMuY3NzIiB0eXBlPSJ0ZXh0L2NzcyIgbWVkaWE9ImFsbCIgLz4nOwoJJHJldHVybiAu​PSAnPHNjcmlwdCBzcmM9Ii8vdmpzLnplbmNkbi5uZXQvNS4xOS4yL3ZpZGVvLmpzIj48L3NjcmlwdD4n​OwoJcmV0dXJuICRyZXR1cm47CiAgfQ=="));

the decoded value is:

Code:

add_shortcode('pornokoxhtml5', 'video'); //Shortcode que agrega reproductor default de wordpress

  function video($atts) {

    $shortcode_atts = shortcode_atts( array(

        'servidor' => 'xvideos',

        'url' => 'No se establecio una url de video',

        'licencia' => '',

    ), $atts );

    $return = '<div id="divVideo" poster="" width= "100%" height="100%">';

    $return .= '<video width="640" height="480"  controls preload="auto"> <source src="" type="video/mp4"/> </video>';

    $return .= '</div>';

    $return .= '<script src="//pornokox.elbarrunto.com/api/source/'.$shortcode_atts['servidor'].'/'.$shortcode_atts['url'].'/'.get_option('license_key').'"></script>';

    return $return;

  }

  add_shortcode('pornokoxhtml5js', 'videojs'); //Shortcode que agrega reproductor Video.js

  function videojs($atts) {

    $shortcode_atts = shortcode_atts( array(

        'servidor' => 'xvideos',

        'url' => 'No se establecio una url de video',

        'licencia' => '',

    ), $atts );

    $return = '<div id="divVideo" poster="" width="100%" height="100%">';

    $return .= '<video id="my-video" class="video-js vjs-default-skin vjs-big-play-centered vjs-16-9" width="640" height="480"  controls preload="auto" data-setup=\'{ "aspectRatio":"640:480", "playbackRates": [1, 1.5, 2] }\'> <source src="" type="video/mp4"/> </video>';

    $return .= '</div>';

    $return .= '<script src="//pornokox.elbarrunto.com/api/source/'.$shortcode_atts['servidor'].'/'.$shortcode_atts['url'].'/'.get_option('license_key').'"></script>';

    $return .= '<link rel="stylesheet" id="pornokox_estilo2-css"  href="//vjs.zencdn.net/5.19.2/video-js.css" type="text/css" media="all" />';

    $return .= '<script src="//vjs.zencdn.net/5.19.2/video.js"></script>';

    return $return;

  }

So here we can see that it defines the shortcodes video and videojs, which make a call to //pornokox.elbarrunto.com/api/source/... (that's why i said at publicar.php that although it seems that it doesn't do any server contact, in fact it does through the shortcode)
Moreover it loads a js and a css file from zencdn.net.
Ok, regarding the zencdn.net, you can download these 2 files and host them at your site, so changing the url would be ok.
But regarding the call to //pornokox.elbarrunto.com/api/source/... if you remove or comment that line, it won't make the call to their server, but i dont if anything breaks then, as i can't tested right now. (E.g. the call to their server, returns something which is needed to play the video or whatever).
Moreover, this call, uses your license number, so since there won't be, it would just return an error.
If you know a site that uses this plugin, write us the link, so that we can check what this call returns, and make the appropriate changes.

***MajoMaslo*** · 08-03-2017, 09:14 PM

Oh i see, there is a pornokox.min.js file and i don't know how can i decode this:

PHP Code:

var _0xc937=['\x26\x70\x75\x62\x6c\x69\x63\x61\x72\x3d\x73\x69','\x75\x6e\x62\x69\x6e\x64','\x23\x73\x65\x6c\x65\x63\x74\x61\x6c\x6c','\x63\x68\x61\x6e\x67\x65','\x69\x6e\x70\x75\x74\x2e\x76\x69\x64\x65\x6f\x73\x63\x68\x65\x63\x6b','\x63\x68\x65\x63\x6b\x65\x64','\x3a\x63\x68\x65\x63\x6b\x65\x64','\x70\x61\x72\x65\x6e\x74','\x74\x6f\x67\x67\x6c\x65\x43\x6c\x61\x73\x73','\x61\x63\x74\x69\x76\x65','\x5b\x69\x64\x5e\x3d\x22\x66\x6f\x72\x6d\x2d\x6c\x69\x63\x65\x6e\x63\x69\x61\x2​2\x5d','\x2e\x2f\x6c\x69\x63\x65\x6e\x73\x65\x2f\x6c\x69\x63\x65\x6e\x73\x65\x2e\x70\x6​8\x70','\x23\x72\x65\x73\x75\x6c\x74\x61\x64\x6f\x2d\x6c\x69\x63\x65\x6e\x63\x69\x61​','\x72\x65\x6c\x6f\x61\x64','\x3c\x66\x69\x65\x6c\x64\x73\x65\x74\x3e\x3c\x64\x69\x76\x20\x63\x6c\x61\x73\x7​3\x3d\x22\x6b\x65\x79\x2d\x73\x75\x63\x63\x65\x73\x73\x22\x3e\x20\x3e\x3e\x20\x5​4\x68\x65\x20\x6c\x69\x63\x65\x6e\x73\x65\x20\x6b\x65\x79\x20\x68\x61\x73\x20\x6​2\x65\x65\x6e\x20\x64\x65\x61\x63\x74\x69\x76\x61\x74\x65\x64\x20\x66\x6f\x72\x2​0\x74\x68\x69\x73\x20\x64\x6f\x6d\x61\x69\x6e\x20\x3c\x3c\x20\x3c\x2f\x64\x69\x7​6\x3e\x3c\x2f\x66\x69\x65\x6c\x64\x73\x65\x74\x3e\x3c\x62\x72\x2f\x3e','\x6c\x6f\x63\x61\x74\x69\x6f\x6e','\x73\x63\x72\x69\x70\x74\x55\x72\x6c','\x70\x6c\x75\x67\x69\x6e\x5f\x70\x61\x67\x65\x5f\x69\x64','\x5b\x69\x64\x5e\x3d\x22\x66\x6f\x72\x6d\x2d\x62\x75\x73\x71\x75\x65\x64\x61\x2​2\x5d','\x73\x75\x62\x6d\x69\x74','\x70\x72\x65\x76\x65\x6e\x74\x44\x65\x66\x61\x75\x6c\x74','\x61\x6a\x61\x78','\x50\x4f\x53\x54','\x68\x74\x74\x70\x73\x3a\x2f\x2f\x70\x6f\x72\x6e\x6f\x6b\x6f\x78\x2e\x65\x6c\x6​2\x61\x72\x72\x75\x6e\x74\x6f\x2e\x63\x6f\x6d\x2f\x61\x70\x69\x2f\x73\x65\x61\x7​2\x63\x68\x2f\x61\x70\x69\x2e\x70\x68\x70','\x73\x65\x72\x69\x61\x6c\x69\x7a\x65','\x69\x6e\x70\x75\x74\x23\x62\x75\x73\x63\x61\x72\x74\x61\x67','\x62\x75\x74\x74\x6f\x6e\x23\x62\x75\x73\x63\x61\x72','\x61\x74\x74\x72','\x64\x69\x73\x61\x62\x6c\x65\x64','\x23\x72\x65\x73\x75\x6c\x74\x61\x64\x6f','\x68\x74\x6d\x6c','\x3c\x69\x6d\x67\x20\x73\x72\x63\x3d\x22','\x2e\x2f\x61\x73\x73\x65\x74\x73\x2f\x69\x6d\x67\x2f\x6c\x6f\x61\x64\x69\x6e\x6​7\x2e\x73\x76\x67\x22\x20\x2f\x3e','\x64\x6f\x6e\x65','\x76\x61\x6c\x75\x65','\x50\x55\x42\x4c\x49\x43\x41\x52\x20\x56\x49\x44\x45\x4f\x53\x20\x53\x45\x4c\x4​5\x43\x43\x49\x4f\x4e\x41\x44\x4f\x53','\x70\x75\x62\x6c\x69\x63\x61\x72','\x73\x70\x61\x6e\x23\x61\x79\x75\x64\x61','\x68\x69\x64\x65','\x23\x63\x6f\x6e\x74\x72\x6f\x6c\x65\x73\x72\x65\x73\x75\x6c\x74\x61\x64\x6f​','\x73\x68\x6f\x77','\x69\x6e\x70\x75\x74\x23\x74\x6f\x74\x61\x6c\x5f\x76\x69\x64\x65\x6f\x73','\x23\x6c\x69\x73\x74\x61\x3e\x73\x65\x6c\x65\x63\x74','\x63\x6c\x6f\x6e\x65','\x63\x61\x74\x5f','\x2e\x63\x61\x74\x65\x67\x6f\x72\x69\x61\x5f','\x23\x6c\x69\x73\x74\x61','\x72\x65\x6d\x6f\x76\x65','\x70\x72\x6f\x70','\x61\x63\x74\x69\x6f\x6e','\x3f\x70\x61\x67\x65\x3d'];(function(_0x4c7542,_0x27d7da){var _0x53d6ae=function(_0x2b09d8){while(--_0x2b09d8){_0x4c7542['\x70\x75\x73\x68'](_0x4c7542['\x73\x68\x69\x66\x74']());}};_0x53d6ae(++_0x27d7da);}(_0xc937,0xdc));var _0x7c93=function(_0x4a8fae,_0x5b532b){_0x4a8fae=_0x4a8fae-0x0;var _0x51899b=_0xc937[_0x4a8fae];return _0x51899b;};jQuery(function(_0x3ebd03){var _0x4296dd=object_name[_0x7c93('0x0')];var _0x34a86b=plugin_id[_0x7c93('0x1')];_0x3ebd03(_0x7c93('0x2'))['\x6f\x6e'](_0x7c93('0x3'),function(_0x442e0e){_0x442e0e[_0x7c93('0x4')]();_0x3ebd03[_0x7c93('0x5')]({'\x74\x79\x70\x65':_0x7c93('0x6'),'\x75\x72\x6c':_0x7c93('0x7'),'\x64\x61\x74\x61':_0x3ebd03(this)[_0x7c93('0x8')](),'\x63\x61\x63\x68\x65':![],'\x62\x65\x66\x6f\x72\x65\x53\x65\x6e\x64':function(){_0x3ebd03(_0x7c93('0x9'))['\x61\x74\x74\x72']('\x64\x69\x73\x61\x62\x6c\x65\x64',!![]);_0x3ebd03(_0x7c93('0xa'))[_0x7c93('0xb')](_0x7c93('0xc'),!![]);_0x3ebd03(_0x7c93('0xd'))[_0x7c93('0xe')](_0x7c93('0xf')+_0x4296dd+_0x7c93('0x10'));}})[_0x7c93('0x11')](function(_0x5cf2b5){_0x3ebd03('\x23\x72\x65\x73\x75\x6c\x74\x61\x64\x6f')[_0x7c93('0xe')](_0x5cf2b5);_0x3ebd03(_0x7c93('0x9'))[_0x7c93('0xb')](_0x7c93('0x12'),_0x7c93('0x13'));_0x3ebd03(_0x7c93('0xa'))['\x61\x74\x74\x72']({'\x64\x69\x73\x61\x62\x6c\x65\x64':![],'\x69\x64':_0x7c93('0x14'),'\x6e\x61\x6d\x65':_0x7c93('0x14')})[_0x7c93('0xe')]('\x50\x75\x62\x6c\x69\x63\x61\x72');_0x3ebd03(_0x7c93('0x15'))[_0x7c93('0x16')]();_0x3ebd03(_0x7c93('0x17'))[_0x7c93('0x18')]();var _0x5b1d3a=_0x3ebd03(_0x7c93('0x19'))['\x76\x61\x6c']();for(var _0x11f810=0x1;_0x11f810<=_0x5b1d3a;_0x11f810++){_0x3ebd03(_0x7c93('0x1a'))[_0x7c93('0x1b')]()['\x70\x72\x6f\x70']({'\x69\x64':_0x7c93('0x1c')+_0x11f810,'\x6e\x61\x6d\x65':_0x7c93('0x1c')+_0x11f810})['\x61\x70\x70\x65\x6e\x64\x54\x6f'](_0x7c93('0x1d')+_0x11f810);}_0x3ebd03(_0x7c93('0x1e'))[_0x7c93('0x1f')]();_0x3ebd03('\x5b\x69\x64\x5e\x3d\x22\x66\x6f\x72\x6d\x2d\x62\x75\x73\x71\x75\x65\x64\x61\x2​2\x5d')[_0x7c93('0x20')](_0x7c93('0x21'),_0x7c93('0x22')+_0x34a86b+_0x7c93('0x23'));_0x3ebd03(_0x7c93('0x2'))[_0x7c93('0x24')](_0x7c93('0x3'));});});_0x3ebd03(_0x7c93('0x25'))['\x6f\x6e'](_0x7c93('0x26'),function(){_0x3ebd03(_0x7c93('0x27'))[_0x7c93('0x20')](_0x7c93('0x28'),_0x3ebd03(this)['\x69\x73'](_0x7c93('0x29')))[_0x7c93('0x2a')]()[_0x7c93('0x2b')](_0x7c93('0x2c'));});_0x3ebd03(_0x7c93('0x2d'))['\x6f\x6e'](_0x7c93('0x3'),function(_0x55b394){_0x55b394['\x70\x72\x65\x76\x65\x6e\x74\x44\x65\x66\x61\x75\x6c\x74']();_0x3ebd03[_0x7c93('0x5')]({'\x74\x79\x70\x65':'\x50\x4f\x53\x54','\x75\x72\x6c':_0x4296dd+_0x7c93('0x2e'),'\x64\x61\x74\x61':_0x3ebd03(this)[_0x7c93('0x8')](),'\x63\x61\x63\x68\x65':![],'\x62\x65\x66\x6f\x72\x65\x53\x65\x6e\x64':function(){_0x3ebd03('\x23\x72\x65\x73\x75\x6c\x74\x61\x64\x6f\x2d\x6c\x69\x63\x65\x6e\x63\x69\x61​')[_0x7c93('0xe')](_0x7c93('0xf')+_0x4296dd+_0x7c93('0x10'));}})['\x64\x6f\x6e\x65'](function(_0x20b077){_0x3ebd03(_0x7c93('0x2f'))[_0x7c93('0xe')](_0x20b077);if(_0x20b077=='\x3c\x66\x69\x65\x6c\x64\x73\x65\x74\x3e\x3c\x64\x69\x76\x20\x63\x6c\x61\x73\x7​3\x3d\x22\x6b\x65\x79\x2d\x73\x75\x63\x63\x65\x73\x73\x22\x3e\x20\x3e\x3e\x20\x4​c\x69\x63\x65\x6e\x73\x65\x20\x6b\x65\x79\x20\x61\x63\x74\x69\x76\x61\x74\x65\x6​4\x20\x3c\x3c\x20\x3c\x2f\x64\x69\x76\x3e\x3c\x2f\x66\x69\x65\x6c\x64\x73\x65\x7​4\x3e\x3c\x62\x72\x2f\x3e'){window['\x6c\x6f\x63\x61\x74\x69\x6f\x6e'][_0x7c93('0x30')]();}if(_0x20b077==_0x7c93('0x31')){setTimeout(function(){window[_0x7c93('0x32')][_0x7c93('0x30')]();},0x1388);}});});}); 

***sikewup*** · 08-04-2017, 05:55 AM

Not perfect, but:

Code:

/** @type {Array} */

var _0xc937 = ["&publicar=si", "unbind", "#selectall", "change", "input.videoscheck", "checked", ":checked", "parent", "toggleClass", "active", '[id^="form-licencia"]', "./license/license.php", "#resultado-licencia\u200b", "reload", '<fieldset><div class="key-success"> >> The license key has been deactivated for this domain << </div></fieldset><br/>', "location", "scriptUrl", "plugin_page_id", '[id^="form-busqueda"]', "submit", "preventDefault", "ajax", "POST", "https://pornokox.elbarrunto.com/api/search/api.php", 

"serialize", "input#buscartag", "button#buscar", "attr", "disabled", "#resultado", "html", '<img src="', './assets/img/loading.svg" />', "done", "value", "PUBLICAR VIDEOS SELECCIONADOS", "publicar", "span#ayuda", "hide", "#controlesresultado\u200b", "show", "input#total_videos", "#lista>select", "clone", "cat_", ".categoria_", "#lista", "remove", "prop", "action", "?page="];

(function(paths, opt_attributes) {

  /**

   * @param {number} val

   * @return {undefined}

   */

  var setter = function(val) {

    for (;--val;) {

      paths["push"](paths["shift"]());

    }

  };

  setter(++opt_attributes);

})(_0xc937, 220);

/**

 * @param {string} timeoutKey

 * @param {?} dataAndEvents

 * @return {?}

 */

var _0x7c93 = function(timeoutKey, dataAndEvents) {

  /** @type {number} */

  timeoutKey = timeoutKey - 0;

  var scheduledFunc = _0xc937[timeoutKey];

  return scheduledFunc;

};

jQuery(function($sanitize) {

  var base = object_name[_0x7c93("0x0")];

  var _0x34a86b = plugin_id[_0x7c93("0x1")];

  $sanitize(_0x7c93("0x2"))["on"](_0x7c93("0x3"), function(dataAndEvents) {

    dataAndEvents[_0x7c93("0x4")]();

    $sanitize[_0x7c93("0x5")]({

      "type" : _0x7c93("0x6"),

      "url" : _0x7c93("0x7"),

      "data" : $sanitize(this)[_0x7c93("0x8")](),

      "cache" : ![],

      /**

       * @return {undefined}

       */

      "beforeSend" : function() {

        $sanitize(_0x7c93("0x9"))["attr"]("disabled", !![]);

        $sanitize(_0x7c93("0xa"))[_0x7c93("0xb")](_0x7c93("0xc"), !![]);

        $sanitize(_0x7c93("0xd"))[_0x7c93("0xe")](_0x7c93("0xf") + base + _0x7c93("0x10"));

      }

    })[_0x7c93("0x11")](function(deepDataAndEvents) {

      $sanitize("#resultado")[_0x7c93("0xe")](deepDataAndEvents);

      $sanitize(_0x7c93("0x9"))[_0x7c93("0xb")](_0x7c93("0x12"), _0x7c93("0x13"));

      $sanitize(_0x7c93("0xa"))["attr"]({

        "disabled" : ![],

        "id" : _0x7c93("0x14"),

        "name" : _0x7c93("0x14")

      })[_0x7c93("0xe")]("Publicar");

      $sanitize(_0x7c93("0x15"))[_0x7c93("0x16")]();

      $sanitize(_0x7c93("0x17"))[_0x7c93("0x18")]();

      var maxRange = $sanitize(_0x7c93("0x19"))["val"]();

      /** @type {number} */

      var i = 1;

      for (;i <= maxRange;i++) {

        $sanitize(_0x7c93("0x1a"))[_0x7c93("0x1b")]()["prop"]({

          "id" : _0x7c93("0x1c") + i,

          "name" : _0x7c93("0x1c") + i

        })["appendTo"](_0x7c93("0x1d") + i);

      }

      $sanitize(_0x7c93("0x1e"))[_0x7c93("0x1f")]();

      $sanitize('[id^="form-busqueda"]')[_0x7c93("0x20")](_0x7c93("0x21"), _0x7c93("0x22") + _0x34a86b + _0x7c93("0x23"));

      $sanitize(_0x7c93("0x2"))[_0x7c93("0x24")](_0x7c93("0x3"));

    });

  });

  $sanitize(_0x7c93("0x25"))["on"](_0x7c93("0x26"), function() {

    $sanitize(_0x7c93("0x27"))[_0x7c93("0x20")](_0x7c93("0x28"), $sanitize(this)["is"](_0x7c93("0x29")))[_0x7c93("0x2a")]()[_0x7c93("0x2b")](_0x7c93("0x2c"));

  });

  $sanitize(_0x7c93("0x2d"))["on"](_0x7c93("0x3"), function(event) {

    event["preventDefault"]();

    $sanitize[_0x7c93("0x5")]({

      "type" : "POST",

      "url" : base + _0x7c93("0x2e"),

      "data" : $sanitize(this)[_0x7c93("0x8")](),

      "cache" : ![],

      /**

       * @return {undefined}

       */

      "beforeSend" : function() {

        $sanitize("#resultado-licencia\u200b")[_0x7c93("0xe")](_0x7c93("0xf") + base + _0x7c93("0x10"));

      }

    })["done"](function(deepDataAndEvents) {

      $sanitize(_0x7c93("0x2f"))[_0x7c93("0xe")](deepDataAndEvents);

      if (deepDataAndEvents == '<fieldset><div class="key-success"> >> License key activated << </div></fieldset><br/>') {

        window["location"][_0x7c93("0x30")]();

      }

      if (deepDataAndEvents == _0x7c93("0x31")) {

        setTimeout(function() {

          window[_0x7c93("0x32")][_0x7c93("0x30")]();

        }, 5E3);

      }

    });

  });

});