vB digishop null check please

Hoxxy

New Member
vB digishop null check please

Removed all instance of
vb-hacks and call backs

Removed the whole licence check section from vbdigishop.php rather then f*ck about with it...
PHP:
# demo Licensing Integration #5 (curl) - http:
class vbhacks_keys
{
var $license_key;
var $home_url_site = 'www.demo.com';
var $home_url_port = 80;
var $home_url_vbhacks = '/forum/vbdigishop_remote.php';
var $key_location;
var $remote_auth;
var $key_age;
var $key_data;
var $now;
var $result;
function vbhacks_keys($license_key, $remote_auth, $key_location = 'key.php', $key_age = 1296000)
{
$this->license_key = $license_key;
$this->remote_auth = $remote_auth;
$this->key_location =  $key_location;
$this->key_age =  $key_age;
$this->now = time();
if (empty($license_key))
{
$this->result = 4;
return false;
}
if (empty($remote_auth))
{
$this->result = 4;
return false;
}
if (file_exists($this->key_location))
{
$this->result = $this->read_key();
}
else
{
$this->result = $this->generate_key();
if (empty($this->result))
{
$this->result = $this->read_key();
}
}
unset($this->remote_auth);
return true;
}
function generate_key()
{		
$server_name = str_replace('www.', '', $_SERVER['SERVER_NAME']);
$new_server_name = "www.".$server_name;
$request = 'remote=licenses&type=5&license_key='.urlencode(base64_encode($this->license_key));
$request .= '&host_ip='.urlencode(base64_encode($_SERVER['SERVER_ADDR'])).'&host_name='.urlencode(base64_encode($new_server_name));
$request .= '&hash='.urlencode(base64_encode(md5($request)));
$request = $this->home_url_site.$this->home_url_vbhacks.'?'.$request;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $request);
curl_setopt($ch, CURLOPT_PORT, $home_url_port);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, 'demo (www.demo.com)');
$content = curl_exec($ch);
curl_close($ch);
if (!$content)
{
return 8;
}
$string = urldecode($content);
$exploded = explode('|', $string);
switch ($exploded[0]) 
{
case 0: 
return 8;
break;
case 2: 
return 9;
break;
case 3: 
return 5;
break;
case 10: 
return 4;
break;
}
$data['license_key'] = $exploded[1];
$data['expiry']	= $exploded[2];
$data['hostname'] = $exploded[3];
$data['ip']	= $exploded[4];
$data['timestamp'] = $this->now;
if (empty($data['hostname']))
{
$server_name = str_replace('www.', '', $_SERVER['SERVER_NAME']);
$new_server_name = "www.".$server_name;
$data['hostname'] = $new_server_name;
}
if (empty($data['ip']))
{
$data['ip'] = $_SERVER['SERVER_ADDR'];
}
$data_encoded = serialize($data);
$data_encoded = base64_encode($data_encoded);
$data_encoded = md5($this->now.$this->remote_auth).$data_encoded;
$data_encoded = strrev($data_encoded);
$data_encoded_hash = sha1($data_encoded.$this->remote_auth);
$fp = fopen($this->key_location, 'w');
if ($fp)
{
$fp_write = fwrite($fp, wordwrap($data_encoded.$data_encoded_hash, 40, "\n", true));
if (!$fp_write)
{	
return 11;
}
fclose($fp);
}
else
{
return 10;
}
}
function read_key()
{
$key = file_get_contents($this->key_location);
if ($key !== false)
{
$key = str_replace("\n", '', $key);
$key_string = substr($key, 0, strlen($key)-40);
$key_sha_hash = substr($key, strlen($key)-40, (strlen($key)));
if (sha1($key_string.$this->remote_auth) == $key_sha_hash) 
{
$key = strrev($key_string);
$key_hash = substr($key, 0, 32);
$key_data = substr($key, 32);
$key_data = base64_decode($key_data);
$key_data = unserialize($key_data);
if (md5($key_data['timestamp'].$this->remote_auth) == $key_hash) 
{					
if (($this->now - $key_data['timestamp']) >= $this->key_age)
{						
unlink($this->key_location);
$this->result = $this->generate_key();
if (empty($this->result))
{
$this->result = $this->read_key();
}
return 1;
}
else
{
$this->key_data = $key_data;
if ($key_data['license_key'] != $this->license_key)
{
return 4;
}
if ($key_data['expiry'] <= $this->now && $key_data['expiry'] != 1)
{
return 5;
}
if (substr_count($key_data['hostname'], ',') == 0)
{ 
$server_name = str_replace('www.', '', $_SERVER['SERVER_NAME']);
$new_server_name = "www.".$server_name;
if ($key_data['hostname'] != $new_server_name && !empty($key_data['hostname']))
{
return 6;
}
}
else
{ 
$hostnames = explode(',', $key_data['hostname']);
$server_name = str_replace('www.', '', $_SERVER['SERVER_NAME']);
$new_server_name = "www.".$server_name;
if (!in_array($new_server_name, $hostnames))
{
return 6;
}
}
if (substr_count($key_data['ip'], ',') == 0)
{ 
if ($key_data['ip'] != $_SERVER['SERVER_ADDR'] && !empty($key_data['ip']))
{
return 7;
}
}
else
{ 
$ips = explode(',', $key_data['ip']);
if (!in_array($_SERVER['SERVER_ADDR'], $ips))
{
return 7;
}
}
return 1;
}
}
else
{
return 3;
}
}
else
{
return 2;
}
}
else
{
return 0;
}
}
function get_data()
{
return $this->key_data;
}
}
$licensekey = $vbulletin->options['vbdigishop_license_key'];
$key_string = $licensekey;
$remote_auth = 'hg23gjhg35jhg25jhg345';
$key_location = 'vbdigishoplicense/vbdigishop_license_key2.php';
$key_age = 29348006400;
$licensing = new vbhacks_keys($key_string, $remote_auth, $key_location, $key_age);
switch ($licensing->result)
{
case 0:
$welcome = 'Unable to read key';
$navbits = array();
$navbits[$parent] = 'Licesne Error';
$navbits = construct_navbits($navbits);
eval('$navbar = "' . fetch_template('navbar') . '";');
eval('print_output("' . fetch_template('vbdigishop_main') . '");');
exit();
break;
case 1:
break;
case 2:
$welcome = 'SHA1 hash incorrect';
$navbits = array();
$navbits[$parent] = 'Licesne Error';
$navbits = construct_navbits($navbits);
eval('$navbar = "' . fetch_template('navbar') . '";');
eval('print_output("' . fetch_template('vbdigishop_main') . '");');
exit();
break;
case 3:
$welcome = 'MD5 hash incorrect';
$navbits = array();
$navbits[$parent] = 'Licesne Error';
$navbits = construct_navbits($navbits);
eval('$navbar = "' . fetch_template('navbar') . '";');
eval('print_output("' . fetch_template('vbdigishop_main') . '");');
exit();
break;
case 4:
$welcome = 'License key does not match key string in key file';
$navbits = array();
$navbits[$parent] = 'Licesne Error';
$navbits = construct_navbits($navbits);
eval('$navbar = "' . fetch_template('navbar') . '";');
eval('print_output("' . fetch_template('vbdigishop_main') . '");');
exit();
break;
case 5:
$welcome = 'License has expired';
$navbits = array();
$navbits[$parent] = 'Licesne Error';
$navbits = construct_navbits($navbits);
eval('$navbar = "' . fetch_template('navbar') . '";');
eval('print_output("' . fetch_template('vbdigishop_main') . '");');
exit();
break;
case 6:
$welcome = 'Host name does not match key file';
$navbits = array();
$navbits[$parent] = 'Licesne Error';
$navbits = construct_navbits($navbits);
eval('$navbar = "' . fetch_template('navbar') . '";');
eval('print_output("' . fetch_template('vbdigishop_main') . '");');
exit();
break;
case 7:
$welcome = 'IP does not match key file';
$navbits = array();
$navbits[$parent] = 'Licesne Error';
$navbits = construct_navbits($navbits);
eval('$navbar = "' . fetch_template('navbar') . '";');
eval('print_output("' . fetch_template('vbdigishop_main') . '");');
exit();
break;
case 8:
$welcome = 'License disabled';
$navbits = array();
$navbits[$parent] = 'Licesne Error';
$navbits = construct_navbits($navbits);
eval('$navbar = "' . fetch_template('navbar') . '";');
eval('print_output("' . fetch_template('vbdigishop_main') . '");');
exit();
break;
case 9:
$welcome = 'License suspended';
$navbits = array();
$navbits[$parent] = 'Licesne Error';
$navbits = construct_navbits($navbits);
eval('$navbar = "' . fetch_template('navbar') . '";');
eval('print_output("' . fetch_template('vbdigishop_main') . '");');
exit();
break;
case 10:
$welcome = 'Unable to open file for writing';
$navbits = array();
$navbits[$parent] = 'Licesne Error';
$navbits = construct_navbits($navbits);
eval('$navbar = "' . fetch_template('navbar') . '";');
eval('print_output("' . fetch_template('vbdigishop_main') . '");');
exit();
break;
case 11:
$welcome = 'Unable to write to file';
$navbits = array();
$navbits[$parent] = 'Licesne Error';
$navbits = construct_navbits($navbits);
eval('$navbar = "' . fetch_template('navbar') . '";');
eval('print_output("' . fetch_template('vbdigishop_main') . '");');
exit();
break;
case 12:
$welcome = 'Unable to communicate with demo.com';
$navbits = array();
$navbits[$parent] = 'Licesne Error';
$navbits = construct_navbits($navbits);
eval('$navbar = "' . fetch_template('navbar') . '";');
eval('print_output("' . fetch_template('vbdigishop_main') . '");');
exit();
break;
}

Everything seems to be working but would link a double check...:)

vbdigishopdecoded_by_hack346.rar is my null

vbdigishopdecoded_by_hack346_original.rar is obviously original non nulled for comparison
 
Top