Author |
Message |
ozbutcher
Worker
Joined: Jan 17, 2007
Posts: 170
|
Posted:
Wed May 23, 2007 9:00 pm |
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
Posted:
Fri May 25, 2007 4:34 am |
|
|
|
|
djmaze
Subject Matter Expert
Joined: May 15, 2004
Posts: 727
Location: http://tinyurl.com/5z8dmv
|
Posted:
Fri May 25, 2007 8:03 am |
|
download.php was uselessly compressed 43x times.
I had to create a php script that looped thru all eval() code to get the actual code.
So basicly: that script sucks hard and is a resource hog.
Here's the code i used to decode that stupidly encoded script.
Code:<?php
//eval(
$data = gzinflate(str_rot13(base64_decode('DZdUDoQGElKv4p09bwE0THDZIuec2YzINDmn00IjJLaowq/3/v3n73//KM+0/6t+v3DVp3v517av/1unHVP+ytKtxNH/FXI+FeVff3fJKGSTJ4uxRt1ebN6xmHBNoG/MI2VZqY2cbnThx0VlIBH6FYnAQC5BAqcwCgRGiIQA0QLGcizg0CInkPpL+PvapQ7Ob1/CVg0+o02xhHeB6KFglvxP9mX3KZyH3Ry5w6fh0GbAKnd6Y1rZGnTah86zwb14XW72ebnekw2pbH7MnBZbGYaAdnLZ5Nj7eYaTGiW27Fr9a2mzgoLVMcJbhpYD8Q5LoV9Cz6YMIk0aKOENBDAkIxQxh1PfaWHO7UImu5W+C4csvqssWTXGBqEaOgKmvM1119qpSErUmD+Eo9v7etUeMLs2nEc++UCCiwJPScJ+aK3GXGupz+vVB0ir/lDKyOwbYB2EaVbpOQYgsepSYUl9PQx7mC3sEQwHlxcpiJvoHzJmByXDkANYv+/AlJtktNOvLJ+AWDQp2nKsrg1B23U7bIcO3hwdAFoGkBeD7qXMKOPVVEhcytJsm/tQI4QVchWLJjLk9KKRfQ4ZI3Pob3IyLopEs2wTRIV1PgdEk/RiZZgJwukKENuS9uifMMw/9AaTxLM3xaBFliIeRYT4QARb2Yl87d029XRzYN2uBUc91UGdSCs1U8WSo8utqAOedN2r0NVuv5B/GzaafhA3HnHiMKTMZYXA0N3Kwhlek+z4UO1coZjdJR5PPYh5/JJI/G7J3y/BWDD7lmmVuMjA/eloKgSeNnxVF9r1PQQWiYwNkZxRdK9wHNvm6VomZBd0fXGt2UBjr+a7Emhn1LRZOgafu+WeAXJygjX2VKVQxhEdDTYqyplEbLO10bx3LZVyWF1mouRljJW+2RcnDVa+nLBgXrvQ+4PoyN2egXrKojSTGXzRBKfV8DnZv63D6qG3vixznaa+CVlFW+5NQdt0BPYXP+65QFTxmby5E6GghKf39+Y2KWHr6HcwuIKcUg3ii4FKuohZXKUrdBV8EMN1NN4PNNvoU7NvtpjC9EXEWbD4mwob08vjHPcVJxuTqfhzf8J7sqZg6dE5zN6mrwlN/zSTbKMR0McDKjvR2LtLHat98pnwAcrYbO2sr6PJRljX1T3lVQ3TAMzte9EMFQcqnqFDnSecwBqYwSjVvEcMxKZ6lOrM8MOxEE922/lYiY7iyHoU+X3alFAdCoPSueQorAe9OD+kxzHirUqBhyGjjBPWvBu4uo8vVFbZQvCt6V/g5TBeCDXUBq+ihgTEPArBngca+Hp9IK6AlxHD9v1FE8QVYHnunwo+ly4oiiVtGZTj734I09IDPdb+Is256hO6l7dwDaqX9zUVHbEnxrQQIoIOVMdgRyHrVQUyYJf7msjD2V736e8s5DQcyXX3Q9L35L/2R8lHnjtzrwDh+9nW8pUP+TusBmpCBfXYCX5MQ1Vpw6qxfH0nvcLSaTGQSS4RjQ4yd8IFiNHG38SwtWSByJkhSx1BMzC3pXudczyZZlwhnq9ynjRp/0n05maPYlWwV72xXhpjdBi5rIvvoT3y+FYCK5MKdT6D+ti0acU/UQPhvi4HfmrCjT/1e+YYPNu2vVkkE2xE7A1QyYypO2PAkLxb/Yf4vFJdAHmvWkFO98Q1ApXrAvttp6jwVqrl8U9hDpjOJmgBigKQ9wbBQsTqO8zuq6Ffd71QQbGiXGlujHLZOJS/WZImE8hzHYr22bM2pC3aaIXvKEXiuDUUWl1JUf5WQ6A0CEIbPY6N8zuH1CdfgsiZgqwopi5Vc1+hXPjMfLg0x+VGs8tIV/svFImzeWT0ufC1kH1j1pMR10y8FW7qtcUZWz0jVbleDeC3FS5stY9W9iQX1GWfnSgneVYRMPjiUiCkeYbSqWpXGSPGa2UZ2o+y3WSdVO4yOvfe4anN4SUdSqQzPKwwpzhHdrQ9tnuYPczLb6tQLz7Imi+OORrqwgTw8ClSV2+ChKqUHYvwEGXzoeId22XIkwtCwRiE2I7nOe2L5TRNA7DaNDTl43o8QALIiNkJR4FHnu7mTbkoi9aNKNOh0eCZAWBE/0Wj75WGfhKMuPGpEXifUFngbmGxeMq8WamH7qUH7tc8wGMn6ZDNIy36c/aLTWleMxO2ltnoy8VOrckycNvO8XPfvL7acYRDnUZKhQ1CqD5a4bpgFjuRL33lnqURtB+a8Wg9utp1mU+v84Ewy1er0nisTskKNEQOrkZnEHfNa+zmns0EC5Ce2SE05y6zsZMdzW9Gjj+v6apAqzFxwrW15H/okrSR8hHJLsrk6FJg3qtonbpk0+nnCdwygdBy5IDL0gt7lJ8IhQhnVuAKH7FMeA48hJX0QzuojoU9QtkeMUeGfjvbZcGSQqb25dtMe24iyNfLojHohOSOD7+ZLebKYSArMYHCnAHFHKsPDZ6D847VgYuCP2gSSm3+osdK92Y52sgCoBCew92FIDWT56qRtMmJFmX6fCy1tEeHPVeO/cVNQ97f8ogcXWzyQr1C+fh139KMUIKhOYl+sixcyc/zRWt9oJFaWivSSpOrA4Swa80QC6buOVfK51uTD2qI5L6OhYlPdsGn9sPqIwKoImQPWvGuxfP90jrLXexD2H4zsgzulD997lBRG2lH54WlFh3XzjnBdDo966n1SD/uPBbGi93RyQs3abN84MziTVpyQZ58qvIjYxbGknR5hPJenO5efZZ9vtdpcT0xF4MlUeXuVIDfj3LDbrffYPYlelbenX55wSi0KqNkQlQn6udBxl2TUBBqd8pQEUlZDyP8gNGDYxJ49Uo0ja18WjMBlGvkFw0pqgzpAiPrixuTpfadrEBxRQqxnPL59ZAaj3pyYvuZKFmeIUcI+t21d8R7zh18zqG/ssYQkarlQPZSvfohLD5HhHXaQe7KwBtbuGmfpuo+Y+ej9JSo8Uq31RcvVeG7vouStFy0h63reUJ/X18CXzg+RRUs4BuNYWditz4lU911Yk9Rn7jBdqnnoBM3dVSdpv6a2CAab3ysThoEFOLddQf7MqtRdMipbF1RFxYUwyjpyomj2XwWVGtVpM0pgqSDwOsw4suNNbslabt/Y9mTbtkFOTUfb765hWrDvd9suFFUXoSDx4QohwHyCj8zpJM+GstYuOF2NIqB4927aDASnmNIosXY9DAlFymrLeTc8Sq6KEMQCpnU+BKita7rakrOneWAg7msYfULbbyyJHGYXZ7e4U3npj3mRW/26lykl5pzpAVCc21O8JBaoGKiqtoJkrfuuNeShGEjIEcW2X0AyPMM+QiJ+bHHSTF2ZIR9YosFA2YRRvpyo9yGlyOVLKoBnPF4/x7udMKgvH7xOzZ3ezpv395WITN7uPY36A+Sdl73mKyg0JXQTNz+VQmyiMhoUt37u5WIw6iidyv3Zh2pB8TFpJoahjMeCI0hsZ/9Oi068ci6+QqD8vT7ybEhQXbe27EXiu62Q8staf8C+J0xrYFXICEBqeE2S4c/+k7dyze+HXIST5hZbHlPcLKC4IRGUPbTZ3ej63l5AGmRzJGteD/I0Kw20kz/G3z9sYryqnjC84qihRg3nKhKYPO1L7OJX+ylrMdgwemCmdmiqqiYzMJCq+t0BQyaKQoztIjGO2W9nMPGn11ebj+WahEuHn6kEfv0XrRmEbgAsZVYXA8AbxcqpxqVGyOXuqN1Gyb+SlLszG/l7je1Ifj0KRo8zzUhh2SHE7bj5udbf3C+JRaTsxBmuCLGGVso3HSyOEj6BwmqwHnJ9YU3mU0NlMTeFiNhqtK0V7g4qctCDrXgvTlNGaBaqGYbWvEQZbDCX29ygeuUJ8McyR6AnVwnTO+1yTsj9fqCnhhMDkIKskLBErMS2XY6X+PNUmSerEkY4K7ZVFt86JSZzLXomGKGP15YhCcLRSuXoC7Ezh9x9Avs82SHvSf1ZJbR5Rss9++rLDUE/9o5ITpOWN/op8haO3qYMsAvmYz2I3FCej5w3kVFIxEQZyl64NTmD+qjrfqljqTv9nj7YfAAakBAP7cT4u1Qt+vlW7MoV0nr+QFto0zVJ74NVOEtauptzSOP/jqAFBxTq+bhyvpSjCDmgAW6ekdbCDEQDxajDHiiAmcB9ANc9blZKQE/nVRESpj4XhtczsquVELboQOSEyHhRghEIJZ/RuFoATq0ENj9zQ4Cvg4XFuX6443rNGBmZ2P3cq503t6h3g3EpV9qeE+xukZ2CTzMly0I7+faKMWOk8tylIc5FxYqby/y4T1gMkG03oC20Rd+dQ+7ffRuqanA2R3YMfCZM95Uf6qtwbe3EHbG1QYPEvJM9ocUo5Z+SOO34K0Mr2HT+cANclbv3U5FPNuE4XAmbkwmKY9gkjm0P6z35pdntDhXXw2ddKWW1okGLrzmrovAhxOQQMljVPii8uyc5kaihVa/dsumSsWqwlxYy0aDZf5GScZHyOBEyLHAlTQA2oOJHcFq6/Q1Yv5Q4XgJHszjCzJRntVtD7CIdI3ZFQiec+ViEsR6mnvogtAZXHmHi69YAG0NLVydtmZoLffv+csAgEOfUAxQYeXsnFKOi71t50tXgoD6+TdYGcWmwZQKy/soGUbrA/IKn8kzOoHxl9DAsStVS6YGvlA6C92lGUBLDtM30J0vbVA/VpvnBLOVJn+vvhE/VpHGV4c29l0ngF5hJGYKTuS3Bwr9Ivw3wSayUR/toa/OupSpnRWk9e1+qx2TZtue/a43UslNTcxkDL3o6mmmGxdIHUSrv/YsSxPTeEm/hYbZTfUQrTeqDdYQ2eVQueuSIjcAJEfqKC2CLqGcyslUZwsFNCNxJds4F5l2cuHyH26/maa+CrBiHMD1BmOjwhrPC435YkjXyGYvLG+A4byWeMAvdJLbQj0iwGLLkjmd5z1YGuIHHJ69MudiZiNGswFN08g1vOIqiGGNefGzZHKqjpD8uU44l5sMPqap84kh0+WIAXBSStd0V1Pe0L0rls87zk1+xD+0HVsC2twGkZsXDU65AP1czOBoyRMabhGt0AfbKpGaya6vXcqfJm/Ccwkur7DfE5PjRo+d20V9td4kgSyp9cl7+n1evABYxR4ZChXPaLd1OrHBytGqJQOgn7LeH5DmPGQukelzkMoyTh5NsQAW1F8JEwMeUbobHVxvkczTmmW8V+8XMo9GdVV88+Dh1uCL+rkb6OnEAsQQBMMCnNU4n6DgxwM4bOlw7Da4EwFau/Bhp+tLd0/6+i5vxE1D/vQpbiNQYREzgnHhKRunchT7MytFG3l1OjfUc78buP3uOWF0rub1Pent7FWFZGKSzW3R0xq+3Lypgst++/vHHDunl+AX7wWr98Bd4sbgm2V7RrYRrzce/ACiwFHbJ7knopdGHEmA4ljwAs1985pV5KzXl+QRSm32ZFfGl64cguVuSvqSPEx5GgL/kHWnyXAcbsnT0YGswQ3xNa9IrcQVkTzzoOQUi0+Bq7BNXX/O+8ppvLjh/qY7Bpu4mGhx1M9kr/KVs/t9g9xM7gz9gZjJPeMnMnq1rQHajFRYq62mHfditJR2rxMxKsJmlYgGU8kom2CW5XJ3ysBDtH7Epwle/t42T28MESZvtyRFZdG5CRxzWSRJTnHoNC8C3t8jtwCn8657PqpPPPk5IBirML3cIsycgJw7EZxXWE+w6bgB3yNbe7CGY7fi0iHP2v3QrmAdENvZMvo8ACEF4UaViYB4fK8aB81KkSAs1Xrvv+UIjEWLWXivaTBO798b99FnkBJzQKiNt13nCViD+6jiIpLtaUwDkUUvusck2XwULZ5vxSMPZdVdiZZsQ1FVqqX3n8hGBnrqBxFeTHprN7PG6DIPR1EpWJNQcxErd5flPM7wUXwKoUMg6+6OhLhWkcmPnnRvDekxZh9KIn7dJdhiX/g0svR0MOrv78gvO6kfbQDwbRN99WaP9Fa4o+LP2fDy9uaDJUCvd5pihsSqJvE7kFTdVbI0npZ9XSHNrSgBxqFy8q0cCSlHMxEYxZOsSJiVNI2EiH5liAhy8k+Rl/xMF+LkOd2HeJlghOksdIpHbTBiQX2TMrTBoMCDVHD25Wuhx9Pb1nUV3cQtILFm8PFDBV6oJkhw3BifbNoNmNipIpaL1fcxlkzLa45Z/lYR6hiqo7Hy7ww06vN6U1SPqVvBLmOh16AUjsev6+THvLUIUkoIlJ9o1GAZRcusKU7cR4J9HdYhvpXqY4OjR6+bBHH+dsnBX0cZ2AaGAXkR2FjM1Z+HOnZnXG6PpBCNI9LeD27uSgj6i2VvuGfhOFQBt4a62ZweOtkTEH4e6IDmHIfYw2S/P8Qa1dmg1oiEw6H/3QUU9zPici4Bz7HFdhj3i8kvTnlKUsONCvbeQApwFGW+zdR+9NAksl0JPj2FNhL0h6RL4YaEiH4H9BkoZnLXCiueJBu6TiOxkciH0IspRlwjRnLeadjxZ6Yspp1vZ7uW0pM4nd2fnuzAAm2b+O3x5zy5oRSQ5zg54guV4WWE+TezuSzlLeKaoRAlHCWAvUKMB6ZszSR0X3bX5wNimPFovBJ13LlbEcXptWHoua/oVvB1+SZs/djDOvduvEQoDMtgwz9dyn7vsSvAVOe5Q8tM9qerQxoLqhmbNW0KWXR3JQ+eM4akpTvRh0qkg5F0y3mdkqm2ZDw6Yn0OIiXGzGiUlIElFgE3Ju/1rq77eUSzXuynKCiEr9MP0/1GJHcBZWrZkURbf+PICb811g1FDI3T1OTJtnQ+4XuK8cOCcCClT1mm5tkNgKfI8QR2ffjbP/oAzcsf6lDD4Kbf0JDgpfmK1gspNXY00nKbxoxbp679KlUZMAgXIhBQ3PsRha88gKS48Ej6rGB2GhcgKIwUH8Z1TAX1owUWDSkRi56SRT8Z98XWHFALpeQg0iLzU6/MYd5rrDXAVRbBO9P2p1yiO6lrkX0G6C1ZhCqKTYkcZ7BMEoBSGG0XBqYSmJBMfkLFx8GRQZzvKjW7YDcnItJ4eyxM5B0AR4sdOnQVLwkdG9MfaHcsyjUJUVQdprFccpU7DsIrJqgQiajskO2jwvrBzoCj/G3aNaAFdb3HAk2jw+KCclry/XVZyYuiylxjQHaeQTEKsV97jx2mx1i1fWg8A9ZZGoGPbLdE7glQU69HTIiW5RYl2MfaGNWwDZOxQzOWXjnuqUgRVbDFM4GZzY9jcs2vNYZRL101lrGJHuLyaKgvuHmqmcQhPeDjVm7klRTwHmrfBu2Ao3eiVbgQuSPhnluoNMicWo/5j5JUClmFfitChxkR6gvnVq5avr8OnaWRyGvv3cVY12XelLIn3tU8KpALajLCMtLZZz8KpIIlRxbwUzfyoX0EoV7Iyy/YxSko71VoNjW+uuAWIsRUBiJBI290kcIZ564pquRGzaEj3nO1UtuJz90FhU047pKcp9beUlyKgUddQBYeZxy+WSjZ4d5nXKod6E5BVhcOkr1/CIfjjwfdSmIycmq51bEq6nXjUk4lZXa85PF0kuKbgwr7e2Ylx5qONPA3dfpbYSzj5l9KL3uVrCbLFAHHDn2tXpQod7yjXfl2BUcZDqgvJWFernQZe9nmB3sStTCE5CqCFNXgwP2lO6eZijrCHDpPfm68V8adHCX2ZwTVicXOEVgvN1zedmN4gziEWwp5YojfEQklSPoerFwZDdiP58/Ow7E9VIFPIvd+FtMAZrsjcQC4w5BmD8fX6mxjYIRJP+ovnjsBgqKnNsrJMEX5jcL6J7vIbai3kSXnAzjK2x6+8UDmk0tV/tte4GPSKjLp2Je8oKlyaUmyPdg9ITSzv/0kYzBqN42G4zpZTq30XTin0HTUvbJClw+1pNaE+JEE4ElCNcQtrKEzVm/A9ANZvcj2zJIurvzCfdLkFtKd+y6dNSHvUSUW7DD+oq3cON/ojMqY3GGeVfPC2Osxp2Ll56+lRaFV9xtC+V14lpE0i5R/SCVp/gQwsLOY7CIs/PWteb/AEueEA2jk1YAU1wuQWNkT8XHSB/G5yqnoYLOX2yF8xsOa48xDimNXhc/V5Nro67M5M6nJUJauHGcRHyqaE7KIfzkXHlmwz2qCFmeHOldtQAY2aUMLJICKOUcM+VlFb3nCKOjxel1/owsrRqyWUi6qaGFf/gGWSTceBoJAYwUtBkYgVUknUn4UEKxB6wRE7c///J7//vHvP3//+38=')));
//);
$p = strpos($data, 'eval(');
$count = 0;
while ($p !== false)
{
$data = preg_replace('#.*eval\((.*)\);.*#s', '\\1', $data).';';
// echo (++$count).":\n".$data."\n\n";
$data = eval('return '.$data);
$p = strpos($data, 'eval(');
}
echo $data;
?>
|
|
|
|
|
|
djmaze
|
Posted:
Fri May 25, 2007 8:27 am |
|
After the decode process, did you find line 76?
Code:while (!feof($downloaders)) {
$user[] = chop(fgets($downloaders));
}
|
Good Luck!! |
|
|
|
|
ozbutcher
|
Posted:
Fri May 25, 2007 8:49 am |
|
So its a no go with this script? d***. It looked so simple I planned to use it for a clan members only section to share files.
I know there's a few others out there so I will keep searching. |
|
|
|
|
djmaze
|
Posted:
Fri May 25, 2007 9:13 am |
|
It certainly isn't a "no go". You just need to learn PHP and then understand my decoder.
After that it is just a overwrite file jobby and the script is much cleaner to use. |
|
|
|
|
ozbutcher
|
Posted:
Fri May 25, 2007 9:36 am |
|
ok I will see if I get somewhere.
any tips on how to apply your decoder? |
|
|
|
|
ozbutcher
|
Posted:
Sat May 26, 2007 6:11 am |
|
Never mind I figure that part out Here is the decoded download.php -
http://www.burnt-clan.com/downloads/decoded_download.zip
Line 76 refers to this:
Code:while (!feof($downloaders)) {
$user[] = chop(fgets($downloaders));
}
|
I upload a second test file (a image) which goes further than the 1st file (a zipped movie). After a small countdown it pops up a link to download the file which brings me to a 404 page.
I really don't have any ideas about this. If someone has the time and knowledge to look at it I would appreciate it.
I've had a look around the net and there are many other free php file hosting scripts but none I've seen offer a list of files that were uploaded. |
Last edited by ozbutcher on Sat May 26, 2007 10:00 am; edited 1 time in total |
|
|
|
Raven
|
Posted:
Sat May 26, 2007 9:23 am |
|
Just as an fyi, a 400 response code is a bit unusual. See [ Only registered users can see links on this board! Get registered or login! ] . Are you sure it's a 400 and not a 404? |
|
|
|
|
ozbutcher
|
Posted:
Sat May 26, 2007 10:00 am |
|
my mistake sorry, 404.
- edited previous post - |
|
|
|
|
ozbutcher
|
Posted:
Tue May 29, 2007 12:48 am |
|
I did some googling and found a ImageHosting mod for nuke!! Unfortunately its not a file hosting script rather image hosting but maybe can be edited. The only problem the website is in Spanish and I think I got googled banned on their site after trying to use the google language tools.
I've downloaded it and I'm gonna give it a go... will report back.
oh yeah here is the place I found it:
http://www.vecino398.com/modules.php?name=Downloads&op=getit&lid=29 |
|
|
|
|
|