1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Is there someone here good at nulling scripts?

Discussion in 'BlackHat Lounge' started by template, Nov 5, 2008.

  1. template

    template Newbie

    Joined:
    Oct 31, 2008
    Messages:
    15
    Likes Received:
    3
    here is license.php file how i can null it?

    <?


    function get_key ()
    {
    global $keyfile;
    $data = @file ($keyfile);
    if (!$data)
    {
    return false;
    }

    $buffer = false;
    foreach ($data as $line)
    {
    $buffer .= $line;
    }

    if (!$buffer)
    {
    return false;
    }

    $buffer = @str_replace ('<?PHP', '', $buffer);
    $buffer = @str_replace ('?>', '', $buffer);
    $buffer = @str_replace ('/*--', '', $buffer);
    $buffer = @str_replace ('--*/', '', $buffer);
    return @str_replace ('
    ', '', $buffer);
    }

    function parse_local_key ()
    {
    global $keyfile;
    if (!@file_exists ($keyfile))
    {
    return false;
    }

    $raw_data = @base64_decode (@get_key ());
    $raw_array = @explode ('|', $raw_data);
    if ((@is_array ($raw_array) AND @count ($raw_array) < 8))
    {
    return false;
    }

    return $raw_array;
    }

    function validate_local_key ($array)
    {
    $raw_array = parse_local_key ();
    if ((!@is_array ($raw_array) OR $raw_array === false))
    {
    return '<verify status='invalid_key' message='No file found or invalid file. Please contact support for a new license key.' />';
    }

    if (($raw_array[9] AND strcmp (@md5 ('f707118e3a066ae2b7966afcf9f66a14' . $raw_array[9]), $raw_array[10]) != 0))
    {
    return '<verify status='invalid_key' message='Please contact support for a new license key.' />';
    }

    if (strcmp (@md5 ('f707118e3a066ae2b7966afcf9f66a14' . $raw_array[1]), $raw_array[2]) != 0)
    {
    return '<verify status='invalid_key' message='Please contact support for a new license key.' ' . $raw_array[9] . ' />';
    }

    if (($raw_array[1] < time () AND $raw_array[1] != 'never'))
    {
    return '<verify status='invalid_key' message='Your local license key has expired. Please contact support for a new license key.' ' . $raw_array[9] . ' />';
    }

    if ($array['per_server'])
    {
    $server = phpaudit_get_mac_address ();
    $mac_array = @explode (',', $raw_array[6]);
    if (!in_array (@md5 ('f707118e3a066ae2b7966afcf9f66a14' . $server[0]), $mac_array))
    {
    return '<verify status='invalid_key' message='Please contact support for a new license key.' ' . $raw_array[9] . ' />';
    }

    $host_array = @explode (',', $raw_array[4]);
    if (!in_array (md5 ('f707118e3a066ae2b7966afcf9f66a14' . gethostbyaddr (@gethostbyname ($server[1]))), $host_array))
    {
    return '<verify status='invalid_key' message='Please contact support for a new license key.' ' . $raw_array[9] . ' />';
    }
    }
    else
    {
    if (($array['per_install'] OR $array['per_site']))
    {
    if ($array['per_install'])
    {
    $directory_array = @explode (',', $raw_array[3]);
    $valid_dir = path_translated ();
    $valid_dir = @md5 ('f707118e3a066ae2b7966afcf9f66a14' . $valid_dir);
    if (!@in_array ($valid_dir, $directory_array))
    {
    return '<verify status='invalid_key' message='Please contact support for a new license key.' ' . $raw_array[9] . ' />';
    }
    }

    $host_array = @explode (',', $raw_array[4]);
    if (!in_array (@md5 ('f707118e3a066ae2b7966afcf9f66a14' . $_SERVER['HTTP_HOST']), $host_array))
    {
    return '<verify status='invalid_key' message='Please contact support for a new license key.' ' . $raw_array[9] . ' />';
    }

    $ip_array = @explode (',', $raw_array[5]);
    if (!in_array (@md5 ('f707118e3a066ae2b7966afcf9f66a14' . @server_addr ()), $ip_array))
    {
    return '<verify status='invalid_key' message='Please contact support for a new license key.' ' . $raw_array[9] . ' />';
    }
    }
    }

    return '<verify status='active' message='The license key is valid.' ' . $raw_array[9] . ' />';
    }

    function phpaudit_get_mac_address ()
    {
    $fp = @popen ('/sbin/ifconfig', 'r');
    if (!$fp)
    {
    return 0 - 1;
    }

    $res = @fread ($fp, 4096);
    @pclose ($fp);
    $array = @explode ('HWaddr', $res);
    if (@count ($array) < 2)
    {
    $array = @explode ('ether', $res);
    }

    $array = @explode ('', $array[1]);
    $buffer[] = @trim ($array[0]);
    $array = @explode ('inet addr:', $res);
    if (@count ($array) < 2)
    {
    $array = @explode ('inet ', $res);
    }

    $array = @explode (' ', $array[1]);
    $buffer[] = @trim ($array[0]);
    return $buffer;
    }

    function path_translated ()
    {
    if (((isset ($_SERVER['PATH_TRANSLATED']) AND 0 < strlen ($_SERVER['PATH_TRANSLATED'])) AND @realpath ($_SERVER['PATH_TRANSLATED'])))
    {
    $path = (substr (php_uname (), 0, 7) == 'Windows' ? str_replace ('\\', '/', $_SERVER['PATH_TRANSLATED']) : $_SERVER['PATH_TRANSLATED']);
    $path = substr ($path, 0, @strrpos ($path, '/'));
    }

    if ($_SERVER['SCRIPT_FILENAME'])
    {
    return substr ($_SERVER['SCRIPT_FILENAME'], 0, @strrpos ($_SERVER['SCRIPT_FILENAME'], '/'));
    }

    return substr ($_SERVER['ORIG_PATH_TRANSLATED'], 0, @strrpos ($_SERVER['ORIG_PATH_TRANSLATED'], '\'));
    }

    function server_addr ()
    {
    return ($_SERVER['SERVER_ADDR'] ? $_SERVER['SERVER_ADDR'] : $_SERVER['LOCAL_ADDR']);
    }

    global $root_dir;
    global $license_set;
    global $keyfile;
    global $returned;
    include $root_dir . 'includes/db.inc.php';
    $license_set = 1;
    $installed_host = 'http://www.fsrevolution.com/order';
    $query_string .= 'product_id=1';
    $per_server = false;
    $per_install = false;
    $per_site = true;
    $keyfile = $root_dir . 'includes/key.php';
    $array['per_server'] = $per_server;
    $array['per_install'] = $per_install;
    $array['per_site'] = $per_site;
    $data = validate_local_key ($array);
    $parser = @xml_parser_create ('');
    @xml_parser_set_option ($parser, XML_OPTION_CASE_FOLDING, 0);
    @xml_parser_set_option ($parser, XML_OPTION_SKIP_WHITE, 1);
    @xml_parse_into_struct ($parser, $data, $values, $tags);
    @xml_parser_free ($parser);
    $returned = $values[0]['attributes'];
    if (empty ($returned))
    {
    $returned['status'] = 'invalid_key';
    }

    if ($returned['status'] == 'invalid_key')
    {
    if ((0 - 1 < strpos ($returned['message'], 'expired') OR 0 - 1 < strpos ($returned['message'], 'file')))
    {
    $api = new IXR_Client ('http://www.fsrevolution.com/phpaudit/rpc.php');
    $data = array ();
    $data['api_key'] = '77104ff3cc296847ec3099e6a25e1a4c';
    $data['license'] = $license;
    $api->query ('license.get_status', $data);
    $response = $api->getResponse ();
    if ($response['status'] == 'active')
    {
    $data = array ();
    $data['api_key'] = '77104ff3cc296847ec3099e6a25e1a4c';
    $data['license_key'] = $license;
    $api->query ('license.get_local_key', $data);
    $local_key = $api->getResponse ();
    $fp = fopen ($keyfile, 'w');
    @fwrite ($fp, $local_key);
    }
    }
    else
    {
    $access_details = '';
    if ($per_server)
    {
    $server = phpaudit_get_mac_address ();
    $access_details .= 'access_host=' . gethostbyaddr (@gethostbyname ($server[1]));
    $access_details .= '&access_mac=' . $server[0];
    }
    else
    {
    if ($per_install)
    {
    $access_details .= '&access_directory=' . path_translated ();
    $access_details .= '&access_ip=' . server_addr ();
    $access_details .= '&access_host=' . $_SERVER['HTTP_HOST'];
    }
    else
    {
    if ($per_site)
    {
    $access_details .= '&access_ip=' . server_addr ();
    $access_details .= '&access_host=' . $_SERVER['HTTP_HOST'];
    }
    }
    }

    header ('Location: ' . $installed_host . '/license_key_invalid.php?access=' . urlencode (@base64_encode ($access_details)));
    exit ();
    }
    }

    unset ($query_string);
    unset ($per_server);
    unset ($per_install);
    unset ($per_site);
    unset ($server);
    unset ($data);
    unset ($parser);
    unset ($values);
    unset ($tags);
    ?>