Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Fixing the horribly fucked up blue thrust scripts
Leaky Offline

The Goddamn Batman

Aug 04 2010, 04:01 AM
#1
step 1: create deb0rker script
PHP Code:
<?PHP

$str file_get_contents($argv[1]);

$i 0;
while(substr($str04) == 'eval') {
    echo $i': 'substr($str04), ' - '$str"\n\n";
    $str substr($str4);
    eval('$str = ' $str);
    $i++;
}

file_put_contents($argv[1], '<?PHP' "\n" $str "\n" '?>');

?>

step 2: remove the <?PHP and ?> from the files then run the deb0rker

index.php : 54 passes
_functions.php : 78 passes
brackets.php : 78 passes
console.php : 182 passes
install.php : 26 passes
    for this i had to also remove ini_set('display_errors', '0'); and add it back in afterwards
include\calendar.php : 11 passes
include\chatboard.php : 78 passes

The rest seems to be encoded using the function btcodeprotect...

so here we go, btcodeprotect.php : 129 passes, then 25 passes and another 25 passes...

result?
PHP Code:
<?PHP
function btCodeProtect($decryptThis) {
    foreach($_POST AS $key => $value) {
        ${$key} = $value;
        global $value;
    }
    foreach($_GET AS $key => $value) {
        ${$key}    = $value;
        global $value;
    }
    foreach($_COOKIE AS $key => $value) {
        ${$key} = $value;
        global $value;
    }
    foreach($_SESSION AS $key => $value) {
        ${$key} = $value;
        global $value;
    }
    foreach($GLOBALS AS $key => $value) {
        ${$key} = $value;
        global $value;
    }
    $decryptThis str_replace("PROTECTEDSCRIPT""K"$decryptThis);
    $decryptThis str_replace("COPYRIGHTBLUETHRUST""M"$decryptThis);
    $decryptThis str_replace("BTCS3""W"$decryptThis);
    $decryptThis str_replace("ACCESSDENIED""Q"$decryptThis);
    eval(gzinflate(base64_decode($decryptThis)));
}
?>


I can't even continue to list how many passes it takes because it just gets ridiculous from there, basically PHP has to do somewhere around 400 or more passes before it even begins interpreting real php code...

anyways, after im done decoding these files and removing the stupid key then i'll post to downloads section, then as i FIX these skrewed up scripts i'll post updates here and updates to the download section.

STAY TUNED you may learn something
Reply
Leaky Offline

The Goddamn Batman

Aug 04 2010, 05:13 AM
#2
ok, finally finished.

scripts are no decompressed and i removed the stupid activation key. now in the downloads section.


http://war-lords.net/downloads.php?do=file&id=92


go, enjoy

i'll fix bugs in the scripts if you post them here, i'll also fix the HORRIBLE HORRIBLE job done coding these scripts until there is nothing left but my own code...
Reply
KŋÏğĦ‘tRìĐě® Offline

O'ld BNET

Aug 05 2010, 02:52 PM
#3
Hey Leaky, i was wondring if you could fix the "add download" file, when i add a download, it doesn't save it on the database. like uploading a file from my pc, it doesn't save it on the database.


oh and are you working on a new script? i remember you were.
[Image: 5lv58m.gif]
му ηαмє ιѕ ¢αяℓσѕ
Reply
Leaky Offline

The Goddamn Batman

Aug 10 2010, 12:05 AM
#4
knightrider;653 Wrote:Hey Leaky, i was wondring if you could fix the "add download" file, when i add a download, it doesn't save it on the database. like uploading a file from my pc, it doesn't save it on the database.
is this an issue with my edited version or btv3 in general?

what is it expected to do? does this happen in all cases or only special cases?

knightrider;653 Wrote:oh and are you working on a new script? i remember you were.

i've been working on new scripts for almost 7 years now... im lazy Smile
Reply
KŋÏğĦ‘tRìĐě® Offline

O'ld BNET

Aug 11 2010, 05:26 AM
#5
Leaky;656 Wrote:is this an issue with my edited version or btv3 in general?

what is it expected to do? does this happen in all cases or only special cases?

In both, When i upload a file(image,zip.rar any file) from my computer, it suppose to upload it on /downloads directory and save if on the database, but it doesn't do that.


Leaky;656 Wrote:i've been working on new scripts for almost 7 years now... im lazy Smile

upload it and show me Big Grin
[Image: 5lv58m.gif]
му ηαмє ιѕ ¢αяℓσѕ
Reply
Leaky Offline

The Goddamn Batman

Aug 13 2010, 12:23 AM
#6
knightrider;657 Wrote:In both, When i upload a file(image,zip.rar any file) from my computer, it suppose to upload it on /downloads directory and save if on the database, but it doesn't do that.
upload it and show me Big Grin

Are you sure you have the permissions setup properly on that directory?
Reply
KŋÏğĦ‘tRìĐě® Offline

O'ld BNET

Aug 13 2010, 10:07 AM
#7
This is the current file:

AddMember.php:

PHP Code:
<?php

if(checkLogin(MEMBER_NAMEMEMBER_PASS) AND checkRank(MEMBER_RANK$pid)) {


if($submit) {
echo "<table align='center' border='0' cellspacing='0' cellpadding='0' width='450'>";

if($fileurl == "" AND $downloadfile != "" AND is_numeric($type1) AND $name1 != "") {
$dlfilepath basename($_FILES['downloadfile']['name']);


$dlextensions getDownloadCatInfo("extension"$type1);
$totalextensions substr_count($dlextensions",");

$passtest 0;
if($totalextensions 0) {
$dl_extensions str_replace(" """$dlextensions);
$dl_extensions explode(","$dl_extensions);

foreach($dl_extensions as $ext) {
$countext strlen($ext);
$startpos 0-$countext;
$testfile substr($dlfilepath$startpos);

if($testfile == $ext) { $passtest++; }

}
}
else {
$countext strlen($dlextensions);
$startpos 0-$countext;
$testfile substr($dlfilepath$startpos);

if($textfile == $ext) { $passtest++; }
}

if($passtest == 0) {
$diemessage "The download could not be added.  The file must be of type: $dlextensions";
die("<script language=\"Javascript\"> alert(\"$diemessage\"); window.location.href = 'console.php?pid=$pid'; </script>");
}

$failed 0;
if(@move_uploaded_file($_FILES['downloadfile']['tmp_name'], "downloads/".$dlfilepath)) {
echo "<tr><td class='main'>File Uploaded Successfully!</td></tr>";
$failed 0;
}
else {
echo "<tr><td class='main'>File Upload Failed!</td></tr>";
$failed 1;
}

if($failed == 1) {
echo "<tr><td class='main'>File Upload Failed: The file was unable to be uploaded!</td></tr>";
}
else {
$filenamepath "downloads/$dlfilepath";
$outsidelink 0;
}
}
elseif($fileurl != "") {
$filenamepath $fileurl;
$outsidelink 1;
$failed 0;
}

if(!is_numeric($type1) OR $name1 == "") { $failed 1; }

if($failed == 0) {
foreach($_POST AS $key => $value) { ${$key} = addslashes(textFilter($value)); }
$time time();
$query "INSERT INTO {$dbprefix}downloads (name, description, type, poster, filename, outsidelink, adderip, dateadded) VALUES ('$name1', '$desc', '$type1', '$memid', '$filenamepath', '$outsidelink', '$ip', '$time')";
$result mysql_query($query)
     or die(mysql_error());

echo "
</table>
<script language=\"Javascript\"> 
alert(\"Success!\");
window.location.href = 'console.php'; 
</script>
";
}
else {
echo "
<tr><td class='main'>The download was not added to the database.</td></tr>
</table>
";
}



}
elseif(!$submit) {
$maxuploadsize ini_get('upload_max_filesize')."B";
$downloadcats getDownloads();
foreach($downloadcats as $download) {
$options .= "<option value='$download[1]'>$download[0]</option>";
}
$dispconsolename getConsoleInfoByID("displayname"$pid);
echo "
<form action='console.php?pid=$pid' method='post' enctype='multipart/form-data'>
<table align='center' border='1' cellspacing='0' cellpadding='3' width='500' bordercolor='$bgcolor'>
<tr>
<td bordercolor='$bordercolor' background='themes/$theme/$bgimage' class='titles' align='center'><b>$dispconsolename</b></td>
</tr>
<tr>
<td bordercolor='$bordercolor' style='border-top-width: 0px' class='main'>

<blockquote>
<b>NOTE:</b> If both the Upload File and File URL are used, the File URL will be added to the database.  It will overwrite any file with the same name.
<b>MAX UPLOAD SIZE: $maxuploadsize</b>


<center>
<table align='center' border='0' cellspacing='0' cellpadding='0' width='450'>
<tr>
<td class='main' width='150'><b>Upload File:</b></td>
<td class='main' width='300'><input type='file' name='downloadfile' class='form'></td>
</tr>
<tr><td align='center' class='main'>
<i>OR</i>

</td></tr>
<tr>
<td class='main' width='150'><b>File URL:</b></td>
<td class='main' width='300'><input type='text' name='fileurl' class='form'></td>
</tr>
<tr>
<td class='main' width='150'><b>Name:</b></td>
<td class='main' width='300'><input type='text' name='name1' class='form'></td>
</tr>
<tr>
<td class='main' width='150'><b>Type:</b></td>
<td class='main' width='300'><select name='type1' class='form'>$options</select></td>
</tr>
<tr>
<td class='main' width='150' valign='top'><b>Description:</b></td>
<td class='main' width='300'><textarea name='desc' rows='4' cols='40' class='form'></textarea></td>
</tr>

<tr>
<td colspan='2' class='main' align='center'>
<input type='submit' name='submit' value='Add Download'></td>
</tr>

</table>
</center>
</blockquote>
</td>
</tr>
</table>
</form>
";
}

}
else {
echo "
<table align='center' border='0' cellspacing='0' cellpadding='0' width='400'>
<tr>
<td class='main' align='center'>Your rank is not high enough to view this page</td>
</tr>
</table>
";
}

?>
[Image: 5lv58m.gif]
му ηαмє ιѕ ¢αяℓσѕ
Reply
KŋÏğĦ‘tRìĐě® Offline

O'ld BNET

Aug 21 2010, 04:57 PM
#8
Bump..............
[Image: 5lv58m.gif]
му ηαмє ιѕ ¢αяℓσѕ
Reply
Leaky Offline

The Goddamn Batman

Aug 31 2010, 03:16 AM
#9
new addmember.php

PHP Code:
<?php


if(checkLogin(MEMBER_NAMEMEMBER_PASS) AND checkRank(MEMBER_RANK$pid)) {

    $recruitingstatus getWSInfo("recruiting");
    if($recruitingstatus == 0) {
        if($_POST['submit']) {

            $username1 $_POST['username1'];
            $password1 $_POST['password1'];
            $memid $_POST['memid'];
            $startingrank $_POST['startingrank'];
            
            $time time();
            $startingrank getStartingRank();

            $query "INSERT INTO {$dbprefix}members (username, password, recruitedby, rank, lastlogin, datejoined) VALUES ('$username1', '$password1', '$memid', '$startingrank', '$time', '$time')";
            $result mysql_query($query)
                or die(mysql_error());

            $adderRank getRankInfo("name"getMemberInfoByID("rank"$memid));
            $adderName getMemberInfoByID("username"$memid);

            $addedUser textFilter($username1);
            LogAction("$adderRank $adderName recruited $addedUser"$time);

            ?>
            <script language="JavaScript" type="text/javascript">
                alert("Success!");
                window.location.href = 'console.php';
            </script>
            <?PHP

        }
        else {
            $dispconsolename getConsoleInfoByID("displayname"$pid);
            ?>
            <form action='console.php?pid=<?PHP echo($pid);?>' method='post'>
                <table align='center' border='1' cellspacing='0' cellpadding='3' width='500' bordercolor='<?PHP echo($bgcolor);?>'>
                    <tr>
                        <td bordercolor='<?PHP echo($bordercolor);?>' background='themes/<?PHP echo($theme);?>/<?PHP echo($bgimage);?>' class='titles' align='center'>
                            <span style="font-weight: bold;"><?PHP echo($dispconsolename);?></span>
                        </td>
                    </tr>
                    <tr>
                        <td bordercolor='<?PHP echo($bordercolor);?>' style='border-top-width: 0px' align='center' class='main'>
                        <br />
                        <blockquote>
                            <table align='center' border='0' cellspacing='0' cellpadding='0' width='450'>
                                <tr>
                                    <td class='main' width='150'>
                                        <span style="font-weight: bold;">Member Name:</span>
                                    </td>
                                    <td class='main' width='300'>
                                        <input type='text' name='username1' value="<?PHP echo($clantag);?>" class='form'></td>
                                </tr>
                                <tr>
                                    <td class='main' width='150' valign='top'><b>Password:</b></td>
                                    <td class='main' width='300'><input type='text' name='password1' class='form'></td>
                                </tr>
                                <tr>
                                    <td colspan='2' class='main' align='center'><br><input type='submit' name='submit' value='Add Member'></td>
                                </tr>
                            </table>
                    </blockquote>
                    </td>
                    </tr>
                </table>
            </form>
            <?PHP
        }
    }
    else {
        ?>
        <table align='center' border='0' cellspacing='0' cellpadding='0' width='400'>
            <tr>
                <td class='main' align='center'>
                    Recruiting is currently closed.
                </td>
            </tr>
        </table>
        <?PHP
    }
}
else {
    ?>
    <table align='center' border='0' cellspacing='0' cellpadding='0' width='400'>
        <tr>
            <td class='main' align='center'>
                Your rank is not high enough to view this page
            </td>
        </tr>
    </table>
    <?PHP
}


?>
Reply
KŋÏğĦ‘tRìĐě® Offline

O'ld BNET

Aug 31 2010, 10:39 PM
#10
Oppsy :d that was AddDownload.php not AddMember.php Big Grin my bad tho . forgot i putted AddMember.php: and it was AddDownload.php the problem.


oh leaky you got aim?
[Image: 5lv58m.gif]
му ηαмє ιѕ ¢αяℓσѕ
Reply
Next Oldest Next Newest

Users browsing this thread: 1 Guest(s)