46.gif

Search (advanced search)
Use this Search form before posting, asking or make a new thread.
Tips: Use Quotation mark to search words (eg. "How To Make Money Online")

10-24-2013, 08:02 AM
Post: #1
WizShield.. (lol)
SO got emailed about some awesome super duper new wordpress plugin protection system.

http://www.wizshield.com/launch-week/


I end up finding a plugin protected with it, the latest Page Expiration Robot.

Essentially, the "fully encrypted code" is:

Code:
$longassvariablehere = "base64-encoded-stuff-here";
// snipped a whole bunch of junk functions
// snipped an eval() that basically eval()s eval(gzdeflate(base64_decode($longassvariablehere)));
// snipped more junk functions

LOL, eval()..

After that you get the main protection.. and seriously, you can defeat it without having to grab the code being eval()'d.. well obviously if you know the wordpress option name being used.. Because it does THIS to check for non-activation:

Code:
if ( get_option( "page_expiration_robot__pro_vzcld_a"."ct"."iv"."a"."t"."i"."on" ) == "" || get_option( "page_expiration_robot__pro_vzcld_a"."ct"."iv"."a"."t"."i"."on" ) == "fedb2d84cafe20862cb4399751a8a7e3" )            { /* not activated */ }

So.. if you just get that option value.. you can basically put at the main plugin script, up the top after the first (wordpress required) comment
Code:
update_option("page_expiration_robot__pro_vzcld_a"."ct"."iv"."a"."t"."i"."on","LOLPWNED");

..or something. and hooray there goes wizshield, in the bin where it belongs..

Note to wizshield devs.. eval() is NOT a protection and neither is relying on hard coded wordpress options..

your "protection" needs to be much improved, you're selling this easy crackable "protection" that any half decent php coder can bypass..
If you like the share, give positive reputation!

Our releases should be used for learning only!!!
If you make money using our releases then you really should support the original devs and buy it!
Want to support me? Give me BitCoin:
[Image: GoldenAcceptedHereBitcoin.png]
1HQMH9W6hjLEmZL543ykYtxtmGYeGhxaEK
You can also donate me dogecoins: DE6NF3VP6SMGrPxjPRqqbirFBkyfDzh1Vk
10-24-2013, 08:03 AM (This post was last modified: 10-24-2013 08:28 AM by IceMans.)
Post: #2
RE:
Well I think after that they should be called WizFail :p but yeah so much for their "protection" lol.


EDIT: [Image: 0j7t.png]
Had to lol at that
10-24-2013, 04:33 PM
Post: #3
RE:
Wack0, are you back???

Thanks for the share on this, was kinda curious to see what had to be said here about this :)

Appreciate all your past (and hopefully future) efforts!!!
10-24-2013, 04:43 PM
Post: #4
RE:
lol, I bet they already knew about this and dont care

just another way to make a quick buck from a chumb

thanks for the share!
10-24-2013, 07:06 PM
Post: #5
RE:
LOL. Thanks for the share!
84.gif
Regards,

Premier
10-24-2013, 11:16 PM
Post: #6
RE:
No, way..only home delivery can somehow work
10-24-2013, 11:52 PM
Post: #7
RE:
anyone make a video tutorial..??
10-25-2013, 01:06 AM
Post: #8
RE:
(10-24-2013 11:52 PM)mikeymike57 Wrote:  anyone make a video tutorial..??
Hahaha.

No.
If you like the share, give positive reputation!

Our releases should be used for learning only!!!
If you make money using our releases then you really should support the original devs and buy it!
Want to support me? Give me BitCoin:
[Image: GoldenAcceptedHereBitcoin.png]
1HQMH9W6hjLEmZL543ykYtxtmGYeGhxaEK
You can also donate me dogecoins: DE6NF3VP6SMGrPxjPRqqbirFBkyfDzh1Vk
10-31-2013, 02:56 PM
Post: #9
RE: WizShield.. (lol)
You see?

This once again proves to me that in the name of profit developers and other businesses rarely operate on the customer's best interests. They develop a product that seems good enough for the naive people to purchase it but for any 9 year old semi "expert" able to crack/defeat it.

If they were creating a security software for THEIR OWN purposes to protect THEIR OWN work, then they would really put in a real effort into creating something that would seen impenetrable in their own eyes, but noooo, since a bunch of strangers that they can care less about will be using the "product" they will just create a product or a software as quickly as possible with very minimal debugging, and if they see that their "grand mother" can't crack it then they will call it a "product".

In the name of planned obsolescence, people have stopped creating quality products and software long time ago.
(10-24-2013 08:02 AM)NOP Wrote:  SO got emailed about some awesome super duper new wordpress plugin protection system.

http://www.wizshield.com/launch-week/


I end up finding a plugin protected with it, the latest Page Expiration Robot.

Essentially, the "fully encrypted code" is:

Code:
$longassvariablehere = "base64-encoded-stuff-here";
// snipped a whole bunch of junk functions
// snipped an eval() that basically eval()s eval(gzdeflate(base64_decode($longassvariablehere)));
// snipped more junk functions

LOL, eval()..

After that you get the main protection.. and seriously, you can defeat it without having to grab the code being eval()'d.. well obviously if you know the wordpress option name being used.. Because it does THIS to check for non-activation:

Code:
if ( get_option( "page_expiration_robot__pro_vzcld_a"."ct"."iv"."a"."t"."i"."on" ) == "" || get_option( "page_expiration_robot__pro_vzcld_a"."ct"."iv"."a"."t"."i"."on" ) == "fedb2d84cafe20862cb4399751a8a7e3" )            { /* not activated */ }

So.. if you just get that option value.. you can basically put at the main plugin script, up the top after the first (wordpress required) comment
Code:
update_option("page_expiration_robot__pro_vzcld_a"."ct"."iv"."a"."t"."i"."on","LOLPWNED");

..or something. and hooray there goes wizshield, in the bin where it belongs..

Note to wizshield devs.. eval() is NOT a protection and neither is relying on hard coded wordpress options..

your "protection" needs to be much improved, you're selling this easy crackable "protection" that any half decent php coder can bypass..
10-31-2013, 05:06 PM
Post: #10
RE:
The will have pdf files license protected in 14 weeks… whatever that means...
37.gif




39.gif