I am very surprised ...
If you think it's a lie than answer me: FOR WHAT I create this topic
Ok. You want proofs I will give it.
I place part of file "functions.inc.php" from ModernBill4.3. This file was encoded by Zend. This is CORE file in ModernBill and it file certainly and always encoded !
****************** part of FUNCTIONS.INC.PHP *******************
Code: Select all
<?php
// file: d:\Program Files\Apache Group\Apache2\htdocs\mb43\include\functions.inc.php - 04/31/05 23:42:27
global $rc;
$_CONFIG["modules"]["mod_license"]["enabled"] = FALSE;
$tier2 = TRUE;
$version = $current_version = "4.3.1";
$build_type = "Commercial Product";
$version_name = "Modern Bill .:. Hosting Management System";
$mbchecksum = "ljhgerot782075ghv7092cceewwwegse3e3e4ersg987jnhg6tsdasdas3jgu9766r6f3g4f65gr89GVRCETFO";
if (function_exists("ini_get"))
{
$onoff = ini_get("register_globals");
}
else
{
$onoff = get_cfg_var("register_globals");
}
if (($onoff) != (1))
{
@ extract($HTTP_SERVER_VARS, EXTR_SKIP);
@ extract($HTTP_COOKIE_VARS, EXTR_SKIP);
@ extract($HTTP_POST_FILES, EXTR_SKIP);
@ extract($HTTP_POST_VARS, EXTR_SKIP);
@ extract($HTTP_GET_VARS, EXTR_SKIP);
@ extract($HTTP_ENV_VARS, EXTR_SKIP);
global $_SERVER;
@ extract($_SERVER, EXTR_SKIP);
global $_COOKIE;
@ extract($_COOKIE, EXTR_SKIP);
global $_POST;
@ extract($_POST, EXTR_SKIP);
global $_GET;
@ extract($_GET, EXTR_SKIP);
global $_ENV;
@ extract($_ENV, EXTR_SKIP);
}
if (($DIR && $HTTP_COOKIE_VARS[DIR]) || ($DIR && $HTTP_POST_VARS[DIR]) || ($DIR && $HTTP_GET_VARS[DIR]) || ($DIR && $_COOKIE[DIR]) || ($DIR && $_POST[DIR]) || ($DIR && $_GET[DIR]))
{
$ip = $HTTP_SERVER_VARS[REMOTE_ADDR];
$host = gethostbyaddr($ip);
$url = $HTTP_SERVER_VARS["HTTP_HOST"] . $HTTP_SERVER_VARS["REQUEST_URI"];
$admin = ($GLOBALS[SERVER_ADMIN]?$GLOBALS[SERVER_ADMIN]:"security@modernbill.com");
$body = "IP: " . $ip . "
HOST: " . $host . "
URL: " . $url . "
VER: " . $version . "
TIME: " . date("Y/m/d: h:i:s") . "
";
@ mail($admin, "Possible breakin attempt.", $body, "From: " . $admin . "
");
echo str_repeat(" ", 300) . "
";
str_repeat(" ", 300);
flush();
echo " <html><head><body><center><h3><tt><b><font color=RED>Security violation from: ";
echo $ip;
echo " @ ";
echo $host;
echo "</font></b></tt></h3></center><hr><pre>";
@ system("traceroute " . escapeshellcmd($ip) . " 2>&1");
echo "</pre><hr><center><h2><tt><b><font color=RED>The admin has been alerted.</font></b></tt></h2></center></body></html>";
exit ();
}
***************************** end of part functions.inc.php *********
Below I have placed part of bytecodes of this file
***************************** part of BYTE-CODES for functions.inc.php ***
Code: Select all
filename: d:\Program Files\Apache Group\Apache2\htdocs\include\functions.inc2.php
function name: (null)
number of ops: 1347
line # op fetch ext operands
-------------------------------------------------------------------------------
2 0 FETCH_CONSTANT tempvar1, 'FALSE'
1 FETCH_DIM_W tempvar0, $_CONFIG, 'modules'
2 FETCH_DIM_W tempvar2, tempvar0, 'mod_license'
3 FETCH_DIM_W tempvar0, tempvar2, 'enabled'
4 ASSIGN tempvar0, tempvar1
24 5 FETCH_CONSTANT tempvar0, 'TRUE'
6 ASSIGN $tier2, tempvar0
25 7 ASSIGN tempvar0, $current_version, '4.2.1'
8 ASSIGN $version, tempvar0
26 9 ASSIGN $build_type, 'DEMO:Z'
27 10 ASSIGN $version_name, 'ModernBill .:. Client Billing System'
28 11 ASSIGN $mbchecksum, 'ljhgerot782075ghv7092cceewwwegse3e3e4ersg987jnhg6tsdasdas3jgu9766r6f3g4f65gr89GVRCETFO'
42 12 INIT_FCALL_BY_NAME 'function_exists'
13 SEND_VAL 'ini_get'
14 DO_FCALL_BY_NAME 1 tempvar0, 'function_exists', 0
15 JMPZ tempvar0, ->21
43 16 INIT_FCALL_BY_NAME 'ini_get'
17 SEND_VAL 'register_globals'
18 DO_FCALL_BY_NAME 1 tempvar0, 'ini_get', 0
19 ASSIGN $onoff, tempvar0
44 20 JMP ->25
45 21 INIT_FCALL_BY_NAME 'get_cfg_var'
22 SEND_VAL 'register_globals'
23 DO_FCALL_BY_NAME 1 tempvar0, 'get_cfg_var', 0
24 ASSIGN $onoff, tempvar0
47 25 IS_NOT_EQUAL tempvar0, $onoff, 1
26 JMPZ tempvar0, ->115
48 27 BEGIN_SILENCE
28 INIT_FCALL_BY_NAME 'extract'
29 FETCH_FUNC_ARG tempvar1, 'HTTP_SERVER_VARS'
30 SEND_VAR tempvar1
31 FETCH_CONSTANT tempvar1, 'EXTR_SKIP'
32 SEND_VAL tempvar1
33 DO_FCALL_BY_NAME 2 'extract', 0
34 END_SILENCE tempvar0,
49 35 BEGIN_SILENCE
36 INIT_FCALL_BY_NAME 'extract'
37 FETCH_FUNC_ARG tempvar1, 'HTTP_COOKIE_VARS'
38 SEND_VAR tempvar1
39 FETCH_CONSTANT tempvar1, 'EXTR_SKIP'
40 SEND_VAL tempvar1
41 DO_FCALL_BY_NAME 2 'extract', 0
42 END_SILENCE tempvar0,
50 43 BEGIN_SILENCE
44 INIT_FCALL_BY_NAME 'extract'
45 FETCH_FUNC_ARG tempvar1, 'HTTP_POST_FILES'
46 SEND_VAR tempvar1
47 FETCH_CONSTANT tempvar1, 'EXTR_SKIP'
48 SEND_VAL tempvar1
49 DO_FCALL_BY_NAME 2 'extract', 0
50 END_SILENCE tempvar0,
51 51 BEGIN_SILENCE
52 INIT_FCALL_BY_NAME 'extract'
53 FETCH_FUNC_ARG tempvar1, 'HTTP_POST_VARS'
54 SEND_VAR tempvar1
55 FETCH_CONSTANT tempvar1, 'EXTR_SKIP'
56 SEND_VAL tempvar1
57 DO_FCALL_BY_NAME 2 'extract', 0
58 END_SILENCE tempvar0,
52 59 BEGIN_SILENCE
60 INIT_FCALL_BY_NAME 'extract'
61 FETCH_FUNC_ARG tempvar1, 'HTTP_GET_VARS'
62 SEND_VAR tempvar1
63 FETCH_CONSTANT tempvar1, 'EXTR_SKIP'
64 SEND_VAL tempvar1
65 DO_FCALL_BY_NAME 2 'extract', 0
66 END_SILENCE tempvar0,
53 67 BEGIN_SILENCE
68 INIT_FCALL_BY_NAME 'extract'
69 FETCH_FUNC_ARG tempvar1, 'HTTP_ENV_VARS'
70 SEND_VAR tempvar1
71 FETCH_CONSTANT tempvar1, 'EXTR_SKIP'
72 SEND_VAL tempvar1
73 DO_FCALL_BY_NAME 2 'extract', 0
74 END_SILENCE tempvar0,
54 75 BEGIN_SILENCE
76 INIT_FCALL_BY_NAME 'extract'
77 FETCH_FUNC_ARG global tempvar1, '_SERVER'
78 SEND_VAR tempvar1
79 FETCH_CONSTANT tempvar1, 'EXTR_SKIP'
80 SEND_VAL tempvar1
81 DO_FCALL_BY_NAME 2 'extract', 0
82 END_SILENCE tempvar0,
55 83 BEGIN_SILENCE
84 INIT_FCALL_BY_NAME 'extract'
85 FETCH_FUNC_ARG global tempvar1, '_COOKIE'
86 SEND_VAR tempvar1
87 FETCH_CONSTANT tempvar1, 'EXTR_SKIP'
88 SEND_VAL tempvar1
89 DO_FCALL_BY_NAME 2 'extract', 0
90 END_SILENCE tempvar0,
56 91 BEGIN_SILENCE
92 INIT_FCALL_BY_NAME 'extract'
93 FETCH_FUNC_ARG global tempvar1, '_POST'
94 SEND_VAR tempvar1
95 FETCH_CONSTANT tempvar1, 'EXTR_SKIP'
96 SEND_VAL tempvar1
97 DO_FCALL_BY_NAME 2 'extract', 0
98 END_SILENCE tempvar0,
57 99 BEGIN_SILENCE
100 INIT_FCALL_BY_NAME 'extract'
101 FETCH_FUNC_ARG global tempvar1, '_GET'
102 SEND_VAR tempvar1
103 FETCH_CONSTANT tempvar1, 'EXTR_SKIP'
104 SEND_VAL tempvar1
105 DO_FCALL_BY_NAME 2 'extract', 0
106 END_SILENCE tempvar0,
58 107 BEGIN_SILENCE
108 INIT_FCALL_BY_NAME 'extract'
109 FETCH_FUNC_ARG global tempvar1, '_ENV'
110 SEND_VAR tempvar1
111 FETCH_CONSTANT tempvar1, 'EXTR_SKIP'
112 SEND_VAL tempvar1
113 DO_FCALL_BY_NAME 2 'extract', 0
114 END_SILENCE tempvar0,
68 115 JMPZ_EX tempvar0, $DIR, ->142
116 FETCH_CONSTANT tempvar1, 'DIR'
117 FETCH_DIM_R tempvar2, $HTTP_COOKIE_VARS, tempvar1
118 JMPNZ_EX tempvar1, tempvar2, ->141
119 FETCH_CONSTANT tempvar3, 'DIR'
120 FETCH_DIM_R tempvar2, $HTTP_POST_VARS, tempvar3
121 BOOL tempvar1, tempvar2
122 JMPNZ_EX tempvar1, tempvar1, ->141
123 FETCH_CONSTANT tempvar3, 'DIR'
124 FETCH_DIM_R tempvar2, $HTTP_GET_VARS, tempvar3
125 BOOL tempvar1, tempvar2
126 JMPNZ_EX tempvar1, tempvar1, ->141
127 FETCH_CONSTANT tempvar4, 'DIR'
128 FETCH_R global tempvar3, '_COOKIE'
129 FETCH_DIM_R tempvar2, tempvar3, tempvar4
130 BOOL tempvar1, tempvar2
131 JMPNZ_EX tempvar1, tempvar1, ->141
132 FETCH_CONSTANT tempvar4, 'DIR'
133 FETCH_R global tempvar3, '_POST'
134 FETCH_DIM_R tempvar2, tempvar3, tempvar4
135 BOOL tempvar1, tempvar2
136 JMPNZ_EX tempvar1, tempvar1, ->141
137 FETCH_CONSTANT tempvar4, 'DIR'
138 FETCH_R global tempvar3, '_GET'
139 FETCH_DIM_R tempvar2, tempvar3, tempvar4
140 BOOL tempvar1, tempvar2
141 BOOL tempvar0, tempvar1
142 JMPZ tempvar0, ->221
143 FETCH_CONSTANT tempvar1, 'REMOTE_ADDR'
144 FETCH_DIM_R tempvar0, $HTTP_SERVER_VARS, tempvar1
145 ASSIGN $ip, tempvar0
146 INIT_FCALL_BY_NAME 'gethostbyaddr'
147 FETCH_FUNC_ARG tempvar0, 'ip'
148 SEND_VAR tempvar0
149 DO_FCALL_BY_NAME 1 tempvar0, 'gethostbyaddr', 0
150 ASSIGN $host, tempvar0
**************** end of part of BYTE-CODES for functions.inc.php ***
First at all we must decrypt ZEND-encoded file. And we will get BYTE_CODES.
Than (very difficult) we will RESTORE original plain text from BYTECODES.
Do you really think IT is impossible ?
Your reply. Very Thanks.
( JAM | Very interesting. But now read the rules on how to post codesnippets on the board, using the proper tags. Thank you. )