السلام عليكم
وجدت سكربت يستخرج قيمة المتغيرات التي يحتاجها المخترق (اسم القاعدة اليوزر والباس ) من ملف comfig.php المنتدى vb المشفر بالزند او ب ionCube
وللأسف هي اداة سهلة من الممكن اي طفل من اطفال الهكر الذين انتشروا هذه الأيام استخدامها.
قمت بمراسلة الدعم الفني ل ionCube
في البداية لم يستجيبوا ولكن كتبت لهم كتابة شديدة اللهجة قلت ان نظامهم للتشفير سهل ومن الممكن اي واحد يفكه وكان التلي ردهم
Look at the script; it isn't decrypting anything, and simply includes the encoded configuration file and dumps out known variables that are defined in the script. There is not hacking involved, and it is exactly what you would expect to happen.
If you encode a script that has well known contents and that defines some global variables, the script is well protected but it will still behave the same. There is nothing to stop someone from simply including the script and then printing out the variables that have been defined. It is something that we call an "include attack".
Our main Encoder products have some features that prevent this, where you can encode a script that can only be included by other files that you have encoded, and not by someone elses script.
The online Encoder doesn't offer this, but another approach that you could use with the online Encoder is to modify how the configuration file works, and modify the VB core to work with the modified config file. For example, instead of defining variables in the configuration file, define a function with an obscure name, and pass it some magic value. In the function test the value, and if it is what you expect return the configuration data, but if not, then do something else.
e.g. in your config file, have something like this:
كود PHP:
function show_warning($mess)
{
if ($mess === 3.141) {
$config = ... // Setup the real configuration data
return $config;
} else {
echo "Warning: $mess<br>";
}
}
Now, if a hacker calls show_warning() with a string (as you might expect you would need to do) it would do what you expect. But if you call it with a special value it will do its job of returning configuration data.
So you need to do two things:
1) Change how the configuration file in VB actually works, and don't simply define global variables, at least not unless the file is called in a certain way
2) Change and encode some of VB to use the new type of configuration file and to hide how it works.
Best regards
Nick
--
ionCube Support
انتهى:
الذي فهمته ان هناك تغيير يمكن ان اجريه على ملف config يعطل عمل هذا السكربت
يا يا ليت احد يشرح لي الطريقة لأني لا افهم شئ في ال php
ولا تبخلوا علي بأي معلومات اخرى