Best Blackhat Forum

Pages: 1 2

(05-13-2016 11:59 PM)jaliee85 Wrote: [ -> ]INSTALL V4 THEN UPGRADE TO V5 AND ITS WORK...NOT TEST IT ON LIVE.

Version 5 will not work from an upgrade. Fills in the moderator folder are not nulled. Here is evidence that it calls home.

PHP Code:

function is_licensed_true() {
    if (!) {
        return ;
        $key_info = array(  );
        $key_info['key'] = phpVibeKey;
        $key_info['domain'] = main_dom( SITE_URL );
        $serverurl = 'http://labs.phpvibe.com/server/server.php';
        curl_init( $serverurl );
        $ch = ;
        curl_setopt;
        $ch;
        CURLOPT_RETURNTRANSFER;
        true;
    } 

wheres you find this file?what the name.

(05-17-2016 11:20 PM)jaliee85 Wrote: [ -> ]wheres you find this file?what the name.

The files are in the moderator folder and are the only ones requiring ioncube. The file names are main53.php, main54.php and main55.php which correspond with the php version on the server detected by index.php

I managed to decode main53.php but can seem to get it to work as parts are missing due to the decode process. I haven't been able to get any help fully decoding main55.php or finding anyone with a 'easytoyou' account to decode it as most will be using php version 5.5 or higher.

V5 is being posted around as being nulled when its not.

Here is what I have of main53.php if you wish to give it a try. Verysad

PHP Code:

<?php
function main_dom($url) {
    $pieces = parse_url( $url );

    if (isset( $pieces['host'] )) {
        $pieces['host'];
        $domain = (true ?  : );
        preg_match;
    }


    if (( '/(?P<domain>[a-z0-9][a-z0-9\-]{1,63}\.[a-z\.]{2,6})$/i', $domain, $regs )) {
    }

    return ;
}

function is_licensed_true() {
    if (!) {
        return ;
        $key_info = array(  );
        $key_info['key'] = phpVibeKey;
        $key_info['domain'] = main_dom( SITE_URL );
        $serverurl = 'http://labs.phpvibe.com/server/server.php';
        curl_init( $serverurl );
        $ch = ;
        curl_setopt;
        $ch;
        CURLOPT_RETURNTRANSFER;
        true;
    }

    (  );
    curl_setopt( $ch, CURLOPT_POST, true );
    curl_setopt( $ch, CURLOPT_POSTFIELDS, $key_info );
    curl_exec( $ch );
    $result = ;
    json_decode( $result, true );
    $result = ;

    if ($result['valid'] == 'true') {
    }

    return ;
}

$phpenv = false;

if (function_exists( 'version_compare' )) {
    if (0 <= version_compare( PHP_VERSION, '5.3.0' )) {
        $phpenv = true;
    }
}
else {
    if (!) {
        echo ;
        do_action( 'admin-prebody' );
        apply_filters( 'admin-pre-body', false );

        if (_get( 'sk' )) {
            ADM . '/';
            str_replace;
            array( '/' =>  );
        }
    }
}

$file =  . ( array( ':' => , 'http' => , 'www' =>  ), array( '' => , '' => , '' => , '' =>  ), _get( 'sk' ) ) . '.php';

if (is_readable( $file )) {
    require_once( $file );
}

jmp;
echo ;
exit(  );
?>

Ok guys I've tested the v4 to v5.
Suddenly the key got useless, it is still trying to connect to labs.phpvibe.com for a key validation.
if someone can decode main53.php main54.php main55.php and null this I would really appreciate it alot!

I bought a easytoyou account specially to decode the files u requested.
I've got the 3 files in question in a .rar folder.

What shall I do with them?

check your pm

Code:

http://www86.zippyshare.com/v/quWambfS/file.html

pw: bestblackhatforum.com

i think you can bypass is_licensed_true by adding these lines to adm-functions.php

Quote:is_licensed_true(){
return true;
}

(06-03-2016 12:22 PM)mrqaidi Wrote: [ -> ]i think you can bypass is_licensed_true by adding these lines to adm-functions.php

The difference in this version is that it attempts call the license check server after a certain time in the mod panel regardless of is_lic being true.

also decoding the files eliminates the need for the latest ioncube on the server.

Pages: 1 2

Gernavor

jaliee85

Gernavor

Tufaann

Tufaann

Gernavor

Gernavor

mrqaidi

Gernavor