Don't be idiots guys. You spend all day searching for "nulled" plugins and scripts and then expect them to be clean? Imagine....spending all this time to null a script and then not getting paid for it and giving it out for FREE. Many things in this world are not free...so usually expect some kind of a catch.
Honestly....just go and buy the script/plugin/theme/whatever if you like it. The developers have spend a lot of time developing it and should be rewarded for that.
Im so glad Direct Download took action on this!
I also found something not wanted on a nulled plugin called digi auto links, it was not really dangerous since it was just displaying a 1pixel iframe with a cpa link in it...just remove the 2 javascript functions and went away :)
just ban them DD....don't think twice cause their try to infected us and their din't seem to think twice about their account so perm. ban suits for them.....
Thank Direct Download. I hope you're going to clarify that!!!
They are try to play the game, we will beat them with bang
Great post DD, this was my concern about that script that was for sale and now its happening which is what i didnt want to happen. There is no easy way to check a script for backdoors. Only trust the share if the member sharing has actually used it with no problems i guess
I am a problem with pages loading on the forum my anti virus is blocking this forum.
I had some malicious code in a plugin, and this was on a site that was live. I found the string that was injected and this small script here helped me alot:
PHP Code:
<?php
function get_status($path,$string) {
$handle=opendir($path);
while ($file = readdir($handle)) {
if($file=="." || $file == ".."){continue;}
if(is_dir($path.$file)){
echo get_status($path.'/'.$file,$string).'<br>';
}else{
echo check_file($path.'/'.$file,$string).'<br>';
}
}
closedir($handle);
return;
}
function check_file($file,$string){
if(is_dir($file)){return;}
$file=str_ireplace('//','/',$file);
$file_source=file_get_contents($file);
if (preg_match("/".$string."/i", $file_source)) {
return $file." contains the string (".$string.")<br />\n";
} else {
echo ' no string found';
}
}
get_status('./','REPLACE THIS WITH THE STRING TO SEARCH FOR');
?>
Create a file called check.php and add the code above in, upload it to your server root.
Access it by yoursite.com/check.php and you should see if a file has some malicious code in it or not.
Just remember to replace
PHP Code:
REPLACE THIS WITH THE STRING TO SEARCH FOR
with the code to search for. And to remove this when you are ready. It saved me alot of time.
Just a note, that plugin was not dl from this site.