Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Fixing the horribly fucked up blue thrust scripts
#1
step 1: create deb0rker script
PHP Code:
<?PHP

$str 
file_get_contents($argv[1]);

$i 0;
while(
substr($str04) == 'eval') {
    echo 
$i': 'substr($str04), ' - '$str"\n\n";
    
$str substr($str4);
    eval(
'$str = ' $str);
    
$i++;
}

file_put_contents($argv[1], '<?PHP' "\n" $str "\n" '?>');

?>

step 2: remove the <?PHP and ?> from the files then run the deb0rker

index.php : 54 passes
_functions.php : 78 passes
brackets.php : 78 passes
console.php : 182 passes
install.php : 26 passes
    for this i had to also remove ini_set('display_errors', '0'); and add it back in afterwards
include\calendar.php : 11 passes
include\chatboard.php : 78 passes

The rest seems to be encoded using the function btcodeprotect...

so here we go, btcodeprotect.php : 129 passes, then 25 passes and another 25 passes...

result?
PHP Code:
<?PHP
function btCodeProtect($decryptThis) {
    foreach(
$_POST AS $key => $value) {
        ${
$key} = $value;
        global 
$value;
    }
    foreach(
$_GET AS $key => $value) {
        ${
$key}    = $value;
        global 
$value;
    }
    foreach(
$_COOKIE AS $key => $value) {
        ${
$key} = $value;
        global 
$value;
    }
    foreach(
$_SESSION AS $key => $value) {
        ${
$key} = $value;
        global 
$value;
    }
    foreach(
$GLOBALS AS $key => $value) {
        ${
$key} = $value;
        global 
$value;
    }
    
$decryptThis str_replace("PROTECTEDSCRIPT""K"$decryptThis);
    
$decryptThis str_replace("COPYRIGHTBLUETHRUST""M"$decryptThis);
    
$decryptThis str_replace("BTCS3""W"$decryptThis);
    
$decryptThis str_replace("ACCESSDENIED""Q"$decryptThis);
    eval(
gzinflate(base64_decode($decryptThis)));
}
?>


I can't even continue to list how many passes it takes because it just gets ridiculous from there, basically PHP has to do somewhere around 400 or more passes before it even begins interpreting real php code...

anyways, after im done decoding these files and removing the stupid key then i'll post to downloads section, then as i FIX these skrewed up scripts i'll post updates here and updates to the download section.

STAY TUNED you may learn something
#2
ok, finally finished.

scripts are no decompressed and i removed the stupid activation key. now in the downloads section.


http://war-lords.net/downloads.php?do=file&id=92


go, enjoy

i'll fix bugs in the scripts if you post them here, i'll also fix the HORRIBLE HORRIBLE job done coding these scripts until there is nothing left but my own code...
#3
Hey Leaky, i was wondring if you could fix the "add download" file, when i add a download, it doesn't save it on the database. like uploading a file from my pc, it doesn't save it on the database.


oh and are you working on a new script? i remember you were.
[Image: 5lv58m.gif]
му ηαмє ιѕ ¢αяℓσѕ
#4
knightrider;653 Wrote:Hey Leaky, i was wondring if you could fix the "add download" file, when i add a download, it doesn't save it on the database. like uploading a file from my pc, it doesn't save it on the database.
is this an issue with my edited version or btv3 in general?

what is it expected to do? does this happen in all cases or only special cases?

knightrider;653 Wrote:oh and are you working on a new script? i remember you were.

i've been working on new scripts for almost 7 years now... im lazy Smile
#5
Leaky;656 Wrote:is this an issue with my edited version or btv3 in general?

what is it expected to do? does this happen in all cases or only special cases?

In both, When i upload a file(image,zip.rar any file) from my computer, it suppose to upload it on /downloads directory and save if on the database, but it doesn't do that.


Leaky;656 Wrote:i've been working on new scripts for almost 7 years now... im lazy Smile

upload it and show me Big Grin
[Image: 5lv58m.gif]
му ηαмє ιѕ ¢αяℓσѕ
#6
knightrider;657 Wrote:In both, When i upload a file(image,zip.rar any file) from my computer, it suppose to upload it on /downloads directory and save if on the database, but it doesn't do that.
upload it and show me Big Grin

Are you sure you have the permissions setup properly on that directory?
#7
This is the current file:

AddMember.php:

PHP Code:
<?php

if(checkLogin(MEMBER_NAMEMEMBER_PASS) AND checkRank(MEMBER_RANK$pid)) {


if(
$submit) {
echo 
"<table align='center' border='0' cellspacing='0' cellpadding='0' width='450'>";

if(
$fileurl == "" AND $downloadfile != "" AND is_numeric($type1) AND $name1 != "") {
$dlfilepath basename($_FILES['downloadfile']['name']);


$dlextensions getDownloadCatInfo("extension"$type1);
$totalextensions substr_count($dlextensions",");

$passtest 0;
if(
$totalextensions 0) {
$dl_extensions str_replace(" """$dlextensions);
$dl_extensions explode(","$dl_extensions);

foreach(
$dl_extensions as $ext) {
$countext strlen($ext);
$startpos 0-$countext;
$testfile substr($dlfilepath$startpos);

if(
$testfile == $ext) { $passtest++; }

}
}
else {
$countext strlen($dlextensions);
$startpos 0-$countext;
$testfile substr($dlfilepath$startpos);

if(
$textfile == $ext) { $passtest++; }
}

if(
$passtest == 0) {
$diemessage "The download could not be added.  The file must be of type: $dlextensions";
die(
"<script language=\"Javascript\"> alert(\"$diemessage\"); window.location.href = 'console.php?pid=$pid'; </script>");
}

$failed 0;
if(@
move_uploaded_file($_FILES['downloadfile']['tmp_name'], "downloads/".$dlfilepath)) {
echo 
"<tr><td class='main'>File Uploaded Successfully!</td></tr>";
$failed 0;
}
else {
echo 
"<tr><td class='main'>File Upload Failed!</td></tr>";
$failed 1;
}

if(
$failed == 1) {
echo 
"<tr><td class='main'>File Upload Failed: The file was unable to be uploaded!</td></tr>";
}
else {
$filenamepath "downloads/$dlfilepath";
$outsidelink 0;
}
}
elseif(
$fileurl != "") {
$filenamepath $fileurl;
$outsidelink 1;
$failed 0;
}

if(!
is_numeric($type1) OR $name1 == "") { $failed 1; }

if(
$failed == 0) {
foreach(
$_POST AS $key => $value) { ${$key} = addslashes(textFilter($value)); }
$time time();
$query "INSERT INTO {$dbprefix}downloads (name, description, type, poster, filename, outsidelink, adderip, dateadded) VALUES ('$name1', '$desc', '$type1', '$memid', '$filenamepath', '$outsidelink', '$ip', '$time')";
$result mysql_query($query)
     or die(
mysql_error());

echo 
"
</table>
<script language=\"Javascript\"> 
alert(\"Success!\");
window.location.href = 'console.php'; 
</script>
"
;
}
else {
echo 
"
<tr><td class='main'>The download was not added to the database.</td></tr>
</table>
"
;
}



}
elseif(!
$submit) {
$maxuploadsize ini_get('upload_max_filesize')."B";
$downloadcats getDownloads();
foreach(
$downloadcats as $download) {
$options .= "<option value='$download[1]'>$download[0]</option>";
}
$dispconsolename getConsoleInfoByID("displayname"$pid);
echo 
"
<form action='console.php?pid=
$pid' method='post' enctype='multipart/form-data'>
<table align='center' border='1' cellspacing='0' cellpadding='3' width='500' bordercolor='
$bgcolor'>
<tr>
<td bordercolor='
$bordercolor' background='themes/$theme/$bgimage' class='titles' align='center'><b>$dispconsolename</b></td>
</tr>
<tr>
<td bordercolor='
$bordercolor' style='border-top-width: 0px' class='main'>

<blockquote>
<b>NOTE:</b> If both the Upload File and File URL are used, the File URL will be added to the database.  It will overwrite any file with the same name.
<b>MAX UPLOAD SIZE: 
$maxuploadsize</b>


<center>
<table align='center' border='0' cellspacing='0' cellpadding='0' width='450'>
<tr>
<td class='main' width='150'><b>Upload File:</b></td>
<td class='main' width='300'><input type='file' name='downloadfile' class='form'></td>
</tr>
<tr><td align='center' class='main'>
<i>OR</i>

</td></tr>
<tr>
<td class='main' width='150'><b>File URL:</b></td>
<td class='main' width='300'><input type='text' name='fileurl' class='form'></td>
</tr>
<tr>
<td class='main' width='150'><b>Name:</b></td>
<td class='main' width='300'><input type='text' name='name1' class='form'></td>
</tr>
<tr>
<td class='main' width='150'><b>Type:</b></td>
<td class='main' width='300'><select name='type1' class='form'>
$options</select></td>
</tr>
<tr>
<td class='main' width='150' valign='top'><b>Description:</b></td>
<td class='main' width='300'><textarea name='desc' rows='4' cols='40' class='form'></textarea></td>
</tr>

<tr>
<td colspan='2' class='main' align='center'>
<input type='submit' name='submit' value='Add Download'></td>
</tr>

</table>
</center>
</blockquote>
</td>
</tr>
</table>
</form>
"
;
}

}
else {
echo 
"
<table align='center' border='0' cellspacing='0' cellpadding='0' width='400'>
<tr>
<td class='main' align='center'>Your rank is not high enough to view this page</td>
</tr>
</table>
"
;
}

?>
[Image: 5lv58m.gif]
му ηαмє ιѕ ¢αяℓσѕ
#8
Bump..............
[Image: 5lv58m.gif]
му ηαмє ιѕ ¢αяℓσѕ
#9
new addmember.php

PHP Code:
<?php


if(checkLogin(MEMBER_NAMEMEMBER_PASS) AND checkRank(MEMBER_RANK$pid)) {

    
$recruitingstatus getWSInfo("recruiting");
    if(
$recruitingstatus == 0) {
        if(
$_POST['submit']) {

            
$username1 $_POST['username1'];
            
$password1 $_POST['password1'];
            
$memid $_POST['memid'];
            
$startingrank $_POST['startingrank'];
            
            
$time time();
            
$startingrank getStartingRank();

            
$query "INSERT INTO {$dbprefix}members (username, password, recruitedby, rank, lastlogin, datejoined) VALUES ('$username1', '$password1', '$memid', '$startingrank', '$time', '$time')";
            
$result mysql_query($query)
                or die(
mysql_error());

            
$adderRank getRankInfo("name"getMemberInfoByID("rank"$memid));
            
$adderName getMemberInfoByID("username"$memid);

            
$addedUser textFilter($username1);
            
LogAction("$adderRank $adderName recruited $addedUser"$time);

            
?>
            <script language="JavaScript" type="text/javascript">
                alert("Success!");
                window.location.href = 'console.php';
            </script>
            <?PHP

        
}
        else {
            
$dispconsolename getConsoleInfoByID("displayname"$pid);
            
?>
            <form action='console.php?pid=<?PHP echo($pid);?>' method='post'>
                <table align='center' border='1' cellspacing='0' cellpadding='3' width='500' bordercolor='<?PHP echo($bgcolor);?>'>
                    <tr>
                        <td bordercolor='<?PHP echo($bordercolor);?>' background='themes/<?PHP echo($theme);?>/<?PHP echo($bgimage);?>' class='titles' align='center'>
                            <span style="font-weight: bold;"><?PHP echo($dispconsolename);?></span>
                        </td>
                    </tr>
                    <tr>
                        <td bordercolor='<?PHP echo($bordercolor);?>' style='border-top-width: 0px' align='center' class='main'>
                        <br />
                        <blockquote>
                            <table align='center' border='0' cellspacing='0' cellpadding='0' width='450'>
                                <tr>
                                    <td class='main' width='150'>
                                        <span style="font-weight: bold;">Member Name:</span>
                                    </td>
                                    <td class='main' width='300'>
                                        <input type='text' name='username1' value="<?PHP echo($clantag);?>" class='form'></td>
                                </tr>
                                <tr>
                                    <td class='main' width='150' valign='top'><b>Password:</b></td>
                                    <td class='main' width='300'><input type='text' name='password1' class='form'></td>
                                </tr>
                                <tr>
                                    <td colspan='2' class='main' align='center'><br><input type='submit' name='submit' value='Add Member'></td>
                                </tr>
                            </table>
                    </blockquote>
                    </td>
                    </tr>
                </table>
            </form>
            <?PHP
        
}
    }
    else {
        
?>
        <table align='center' border='0' cellspacing='0' cellpadding='0' width='400'>
            <tr>
                <td class='main' align='center'>
                    Recruiting is currently closed.
                </td>
            </tr>
        </table>
        <?PHP
    
}
}
else {
    
?>
    <table align='center' border='0' cellspacing='0' cellpadding='0' width='400'>
        <tr>
            <td class='main' align='center'>
                Your rank is not high enough to view this page
            </td>
        </tr>
    </table>
    <?PHP
}


?>
#10
Oppsy :d that was AddDownload.php not AddMember.php Big Grin my bad tho . forgot i putted AddMember.php: and it was AddDownload.php the problem.


oh leaky you got aim?
[Image: 5lv58m.gif]
му ηαмє ιѕ ¢αяℓσѕ

Users browsing this thread: 9 Guest(s)