1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Whats is a nulled script?

Discussion in 'Black Hat SEO' started by luckyjJ, Nov 19, 2007.

  1. luckyjJ

    luckyjJ Junior Member

    Joined:
    Oct 23, 2007
    Messages:
    127
    Likes Received:
    7
    I see tons and tons of amazingly great scripts are warez forums.. I dont have much experience using scripts or installing scripts, but its something i want to learn about.

    My question is, what is the difference between a nulled script, and script that hasnt been nulled? I hope I can find the answer here.. Im confident i will.. thanks so much!!
     
  2. milligan

    milligan Junior Member

    Joined:
    Mar 19, 2007
    Messages:
    170
    Likes Received:
    63
    you will get a more authoratative answer here soon but in the meanitime:
    a nulled script is one that has the ability to check that it has been purchased legitimately removed. 1 example might be to remove the ability for a script to call home and verify its license.
     
  3. luckyjJ

    luckyjJ Junior Member

    Joined:
    Oct 23, 2007
    Messages:
    127
    Likes Received:
    7
    Thanks milligan.. Sorry for being so stupid on this topic, but can someone else give me some more details about nulled and unulled scripts? are nulled scripts safe to use? I would really appreciate any help you can give me.. thank!!
     
  4. TeddyC

    TeddyC Newbie

    Joined:
    Oct 31, 2007
    Messages:
    10
    Likes Received:
    0
    if a script has something where it 'calls home' ie

    checkLicense($yourLicenseKeyHere)

    and that function is
    PHP:
    function checkLicense($lic)
    {
        
    $handle fopen("someurl/checkLicense/?lic=".$lic", "r");
        
    $contents = stream_get_contents($handle);
        fclose(
    $handle);
        // and then the software does some magic to make sure your key
        //   matches an allowed on the server.
        if(license_is_valid) {
        return "
    valid";
    }
    else
    {
        return "
    invalid";
    }
    That could be nulled with a simple change to checkLicense().

    PHP:
    function checkLicense($yourLicense) {
        return 
    "valid";
    }

    Thats an overly simple example but it gets the point across.
     
  5. ContentFarmer

    ContentFarmer Junior Member

    Joined:
    Sep 21, 2007
    Messages:
    122
    Likes Received:
    12
    Occupation:
    Owner
    Location:
    Reno, NV
    Home Page:
    I would suggest that this depends on the particular software. For awhile I had written my software so that the license was only valid for 10 days and every 8 days I would have an automated script re-authorize it. To have been nulled, it would have had to been reverse engineered to figure out how to disable the validation altogether.

    Here's how you can safely check out what's happening: Install the nulled version on a computer not connected to the net, but which runs its own server (e.g. XAMPP) for server-based programs. Then setup a firewall on that non-internet-connected box which prompts you each time a request is made to an outside URL. Then, run the thing for a bit on that server and see how it works. If no popups occur and everything continues to work, you're probably fine. When you do put it on a box connected to the net, make sure that the program cannot be accessed by anyone from the net (for server programs, htaccess protect it; for desktop apps, configure your firewall to disallow such connections). Then, you're very likely safe from being caught.

    That said, I humbly request you don't do that with my software. :) Everything can be hacked except the one-time encryption methodology (properly employed); it's just a matter of time. Anyone telling you otherwise doesn't have a clue and should be wholly ignored.
     
  6. ContentFarmer

    ContentFarmer Junior Member

    Joined:
    Sep 21, 2007
    Messages:
    122
    Likes Received:
    12
    Occupation:
    Owner
    Location:
    Reno, NV
    Home Page:
    This code was, obviously, for demo purposes only, but it had an error. Also, it was for PHP 5 only (due to stream_get_contents). Here's the corrected code:
    PHP:
    function checkLicense($lic)
    {
        
    $handle fopen("someurl/checkLicense/?lic=".$lic"r");
        
    $contents stream_get_contents($handle);
        
    fclose($handle);
        
    $license_is_valid false;
        
    // and then the software does some magic to make sure your key is valid
        // and sets $license_is_valid = true;
        
    if($license_is_valid) {
            return 
    "valid";
        }
    }
    else
    {
        return 
    "invalid";
    }
     
  7. luckyjJ

    luckyjJ Junior Member

    Joined:
    Oct 23, 2007
    Messages:
    127
    Likes Received:
    7
    Thanks for the help!!
     
  8. milligan

    milligan Junior Member

    Joined:
    Mar 19, 2007
    Messages:
    170
    Likes Received:
    63
    as you can see that what I meant about a better answer than mine :)
     
  9. andygabon

    andygabon BANNED BANNED

    Joined:
    Nov 20, 2007
    Messages:
    67
    Likes Received:
    70
    for the lay terms,

    nulled script will make you safe to use it even illegally. no callback, active link or registration required and the creator of the script will no have any clue to find you out, unless you are too popular.
     
  10. Sigruna

    Sigruna Newbie

    Joined:
    Sep 28, 2007
    Messages:
    9
    Likes Received:
    0
    Looks like it's a lot easier than I thought to null a script. Thank you for the explanation.
     
  11. andygabon

    andygabon BANNED BANNED

    Joined:
    Nov 20, 2007
    Messages:
    67
    Likes Received:
    70
    not so easy if the script is encrypted, zended etc...
     
  12. onel

    onel Newbie

    Joined:
    Nov 22, 2007
    Messages:
    49
    Likes Received:
    29
    there are dezenders available for download somewhere but i don't know if it works or not.

    Not sure if there are (free) decrypters for ioncube though