+- (wL) Forums (https://war-lords.net/forum)
+-- Forum: Resources (https://war-lords.net/forum/forum-31.html)
+--- Forum: Programming (https://war-lords.net/forum/forum-33.html)
+--- Thread: Fixing the horribly fucked up blue thrust scripts (/thread-150.html)
Fixing the horribly fucked up blue thrust scripts - Leaky - Aug 04 2010
step 1: create deb0rker script
PHP Code:
<?PHP
$str = file_get_contents($argv[1]);
$i = 0;
while(substr($str, 0, 4) == 'eval') {
echo $i, ': ', substr($str, 0, 4), ' - ', $str, "\n\n";
$str = substr($str, 4);
eval('$str = ' . $str);
$i++;
}
file_put_contents($argv[1], '<?PHP' . "\n" . $str . "\n" . '?>');
?>step 2: remove the <?PHP and ?> from the files then run the deb0rker
index.php : 54 passes
_functions.php : 78 passes
brackets.php : 78 passes
console.php : 182 passes
install.php : 26 passes
for this i had to also remove ini_set('display_errors', '0'); and add it back in afterwards
include\calendar.php : 11 passes
include\chatboard.php : 78 passes
The rest seems to be encoded using the function btcodeprotect...
so here we go, btcodeprotect.php : 129 passes, then 25 passes and another 25 passes...
result?
PHP Code:
<?PHP
function btCodeProtect($decryptThis) {
foreach($_POST AS $key => $value) {
${$key} = $value;
global $value;
}
foreach($_GET AS $key => $value) {
${$key} = $value;
global $value;
}
foreach($_COOKIE AS $key => $value) {
${$key} = $value;
global $value;
}
foreach($_SESSION AS $key => $value) {
${$key} = $value;
global $value;
}
foreach($GLOBALS AS $key => $value) {
${$key} = $value;
global $value;
}
$decryptThis = str_replace("PROTECTEDSCRIPT", "K", $decryptThis);
$decryptThis = str_replace("COPYRIGHTBLUETHRUST", "M", $decryptThis);
$decryptThis = str_replace("BTCS3", "W", $decryptThis);
$decryptThis = str_replace("ACCESSDENIED", "Q", $decryptThis);
eval(gzinflate(base64_decode($decryptThis)));
}
?>I can't even continue to list how many passes it takes because it just gets ridiculous from there, basically PHP has to do somewhere around 400 or more passes before it even begins interpreting real php code...
anyways, after im done decoding these files and removing the stupid key then i'll post to downloads section, then as i FIX these skrewed up scripts i'll post updates here and updates to the download section.
STAY TUNED you may learn something
RE: Fixing the horribly fucked up blue thrust scripts - Leaky - Aug 04 2010
ok, finally finished.
scripts are no decompressed and i removed the stupid activation key. now in the downloads section.
http://war-lords.net/downloads.php?do=file&id=92
go, enjoy
i'll fix bugs in the scripts if you post them here, i'll also fix the HORRIBLE HORRIBLE job done coding these scripts until there is nothing left but my own code...
RE: Fixing the horribly fucked up blue thrust scripts - KŋÏğĦ‘tRìĐě® - Aug 05 2010
Hey Leaky, i was wondring if you could fix the "add download" file, when i add a download, it doesn't save it on the database. like uploading a file from my pc, it doesn't save it on the database.
oh and are you working on a new script? i remember you were.
RE: Fixing the horribly fucked up blue thrust scripts - Leaky - Aug 10 2010
knightrider;653 Wrote:Hey Leaky, i was wondring if you could fix the "add download" file, when i add a download, it doesn't save it on the database. like uploading a file from my pc, it doesn't save it on the database.is this an issue with my edited version or btv3 in general?
what is it expected to do? does this happen in all cases or only special cases?
knightrider;653 Wrote:oh and are you working on a new script? i remember you were.
i've been working on new scripts for almost 7 years now... im lazy
RE: Fixing the horribly fucked up blue thrust scripts - KŋÏğĦ‘tRìĐě® - Aug 11 2010
Leaky;656 Wrote:is this an issue with my edited version or btv3 in general?
what is it expected to do? does this happen in all cases or only special cases?
In both, When i upload a file(image,zip.rar any file) from my computer, it suppose to upload it on /downloads directory and save if on the database, but it doesn't do that.
Leaky;656 Wrote:i've been working on new scripts for almost 7 years now... im lazy
upload it and show me
RE: Fixing the horribly fucked up blue thrust scripts - Leaky - Aug 13 2010
knightrider;657 Wrote:In both, When i upload a file(image,zip.rar any file) from my computer, it suppose to upload it on /downloads directory and save if on the database, but it doesn't do that.
upload it and show me
Are you sure you have the permissions setup properly on that directory?
RE: Fixing the horribly fucked up blue thrust scripts - KŋÏğĦ‘tRìĐě® - Aug 13 2010
This is the current file:
AddMember.php:
PHP Code:
<?php
if(checkLogin(MEMBER_NAME, MEMBER_PASS) AND checkRank(MEMBER_RANK, $pid)) {
if($submit) {
echo "<table align='center' border='0' cellspacing='0' cellpadding='0' width='450'>";
if($fileurl == "" AND $downloadfile != "" AND is_numeric($type1) AND $name1 != "") {
$dlfilepath = basename($_FILES['downloadfile']['name']);
$dlextensions = getDownloadCatInfo("extension", $type1);
$totalextensions = substr_count($dlextensions, ",");
$passtest = 0;
if($totalextensions > 0) {
$dl_extensions = str_replace(" ", "", $dlextensions);
$dl_extensions = explode(",", $dl_extensions);
foreach($dl_extensions as $ext) {
$countext = strlen($ext);
$startpos = 0-$countext;
$testfile = substr($dlfilepath, $startpos);
if($testfile == $ext) { $passtest++; }
}
}
else {
$countext = strlen($dlextensions);
$startpos = 0-$countext;
$testfile = substr($dlfilepath, $startpos);
if($textfile == $ext) { $passtest++; }
}
if($passtest == 0) {
$diemessage = "The download could not be added. The file must be of type: $dlextensions";
die("<script language=\"Javascript\"> alert(\"$diemessage\"); window.location.href = 'console.php?pid=$pid'; </script>");
}
$failed = 0;
if(@move_uploaded_file($_FILES['downloadfile']['tmp_name'], "downloads/".$dlfilepath)) {
echo "<tr><td class='main'>File Uploaded Successfully!</td></tr>";
$failed = 0;
}
else {
echo "<tr><td class='main'>File Upload Failed!</td></tr>";
$failed = 1;
}
if($failed == 1) {
echo "<tr><td class='main'>File Upload Failed: The file was unable to be uploaded!</td></tr>";
}
else {
$filenamepath = "downloads/$dlfilepath";
$outsidelink = 0;
}
}
elseif($fileurl != "") {
$filenamepath = $fileurl;
$outsidelink = 1;
$failed = 0;
}
if(!is_numeric($type1) OR $name1 == "") { $failed = 1; }
if($failed == 0) {
foreach($_POST AS $key => $value) { ${$key} = addslashes(textFilter($value)); }
$time = time();
$query = "INSERT INTO {$dbprefix}downloads (name, description, type, poster, filename, outsidelink, adderip, dateadded) VALUES ('$name1', '$desc', '$type1', '$memid', '$filenamepath', '$outsidelink', '$ip', '$time')";
$result = mysql_query($query)
or die(mysql_error());
echo "
</table>
<script language=\"Javascript\">
alert(\"Success!\");
window.location.href = 'console.php';
</script>
";
}
else {
echo "
<tr><td class='main'>The download was not added to the database.</td></tr>
</table>
";
}
}
elseif(!$submit) {
$maxuploadsize = ini_get('upload_max_filesize')."B";
$downloadcats = getDownloads();
foreach($downloadcats as $download) {
$options .= "<option value='$download[1]'>$download[0]</option>";
}
$dispconsolename = getConsoleInfoByID("displayname", $pid);
echo "
<form action='console.php?pid=$pid' method='post' enctype='multipart/form-data'>
<table align='center' border='1' cellspacing='0' cellpadding='3' width='500' bordercolor='$bgcolor'>
<tr>
<td bordercolor='$bordercolor' background='themes/$theme/$bgimage' class='titles' align='center'><b>$dispconsolename</b></td>
</tr>
<tr>
<td bordercolor='$bordercolor' style='border-top-width: 0px' class='main'>
<blockquote>
<b>NOTE:</b> If both the Upload File and File URL are used, the File URL will be added to the database. It will overwrite any file with the same name.
<b>MAX UPLOAD SIZE: $maxuploadsize</b>
<center>
<table align='center' border='0' cellspacing='0' cellpadding='0' width='450'>
<tr>
<td class='main' width='150'><b>Upload File:</b></td>
<td class='main' width='300'><input type='file' name='downloadfile' class='form'></td>
</tr>
<tr><td align='center' class='main'>
<i>OR</i>
</td></tr>
<tr>
<td class='main' width='150'><b>File URL:</b></td>
<td class='main' width='300'><input type='text' name='fileurl' class='form'></td>
</tr>
<tr>
<td class='main' width='150'><b>Name:</b></td>
<td class='main' width='300'><input type='text' name='name1' class='form'></td>
</tr>
<tr>
<td class='main' width='150'><b>Type:</b></td>
<td class='main' width='300'><select name='type1' class='form'>$options</select></td>
</tr>
<tr>
<td class='main' width='150' valign='top'><b>Description:</b></td>
<td class='main' width='300'><textarea name='desc' rows='4' cols='40' class='form'></textarea></td>
</tr>
<tr>
<td colspan='2' class='main' align='center'>
<input type='submit' name='submit' value='Add Download'></td>
</tr>
</table>
</center>
</blockquote>
</td>
</tr>
</table>
</form>
";
}
}
else {
echo "
<table align='center' border='0' cellspacing='0' cellpadding='0' width='400'>
<tr>
<td class='main' align='center'>Your rank is not high enough to view this page</td>
</tr>
</table>
";
}
?>RE: Fixing the horribly fucked up blue thrust scripts - KŋÏğĦ‘tRìĐě® - Aug 21 2010
Bump..............
RE: Fixing the horribly fucked up blue thrust scripts - Leaky - Aug 31 2010
new addmember.php
PHP Code:
<?php
if(checkLogin(MEMBER_NAME, MEMBER_PASS) AND checkRank(MEMBER_RANK, $pid)) {
$recruitingstatus = getWSInfo("recruiting");
if($recruitingstatus == 0) {
if($_POST['submit']) {
$username1 = $_POST['username1'];
$password1 = $_POST['password1'];
$memid = $_POST['memid'];
$startingrank = $_POST['startingrank'];
$time = time();
$startingrank = getStartingRank();
$query = "INSERT INTO {$dbprefix}members (username, password, recruitedby, rank, lastlogin, datejoined) VALUES ('$username1', '$password1', '$memid', '$startingrank', '$time', '$time')";
$result = mysql_query($query)
or die(mysql_error());
$adderRank = getRankInfo("name", getMemberInfoByID("rank", $memid));
$adderName = getMemberInfoByID("username", $memid);
$addedUser = textFilter($username1);
LogAction("$adderRank $adderName recruited $addedUser", $time);
?>
<script language="JavaScript" type="text/javascript">
alert("Success!");
window.location.href = 'console.php';
</script>
<?PHP
}
else {
$dispconsolename = getConsoleInfoByID("displayname", $pid);
?>
<form action='console.php?pid=<?PHP echo($pid);?>' method='post'>
<table align='center' border='1' cellspacing='0' cellpadding='3' width='500' bordercolor='<?PHP echo($bgcolor);?>'>
<tr>
<td bordercolor='<?PHP echo($bordercolor);?>' background='themes/<?PHP echo($theme);?>/<?PHP echo($bgimage);?>' class='titles' align='center'>
<span style="font-weight: bold;"><?PHP echo($dispconsolename);?></span>
</td>
</tr>
<tr>
<td bordercolor='<?PHP echo($bordercolor);?>' style='border-top-width: 0px' align='center' class='main'>
<br />
<blockquote>
<table align='center' border='0' cellspacing='0' cellpadding='0' width='450'>
<tr>
<td class='main' width='150'>
<span style="font-weight: bold;">Member Name:</span>
</td>
<td class='main' width='300'>
<input type='text' name='username1' value="<?PHP echo($clantag);?>" class='form'></td>
</tr>
<tr>
<td class='main' width='150' valign='top'><b>Password:</b></td>
<td class='main' width='300'><input type='text' name='password1' class='form'></td>
</tr>
<tr>
<td colspan='2' class='main' align='center'><br><input type='submit' name='submit' value='Add Member'></td>
</tr>
</table>
</blockquote>
</td>
</tr>
</table>
</form>
<?PHP
}
}
else {
?>
<table align='center' border='0' cellspacing='0' cellpadding='0' width='400'>
<tr>
<td class='main' align='center'>
Recruiting is currently closed.
</td>
</tr>
</table>
<?PHP
}
}
else {
?>
<table align='center' border='0' cellspacing='0' cellpadding='0' width='400'>
<tr>
<td class='main' align='center'>
Your rank is not high enough to view this page
</td>
</tr>
</table>
<?PHP
}
?>RE: Fixing the horribly fucked up blue thrust scripts - KŋÏğĦ‘tRìĐě® - Aug 31 2010
Oppsy :d that was AddDownload.php not AddMember.php
my bad tho . forgot i putted AddMember.php: and it was AddDownload.php the problem.oh leaky you got aim?