ningmou

ningmou

telegram
HomeArchives

Wanderer Easy Payment Crack

477
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
The author came across an article about a payment code called "浪子易支付" with a bad reputation. They downloaded the source code and found that it was poorly encrypted. They suggest modifying the code or deleting it completely. They also criticize the high cost of the authorization for this payment code.

Cause
Recently, I was bored and decided to browse a certain resource website. I saw an article about the source code of a payment system called "Langzi Easy Pay". I think I've heard of this Langzi Easy Pay before, and I remember it had a bad reputation. The article was posted by the author, and when I looked at the comments below, I laughed.

image

So I became interested and downloaded the source code to take a look.

Process
I glanced at the code and there were only two files. I randomly opened one to see its structure.

define('iVEizn0925',__FILE__);
$YyBEPP=base64_decode("bjF6Yi9tYTVcdnQwaTI4LXB4dXF5KjZscmtkZzlfZWhjc3dvNCtmMzdqWHpma29GRWpwd21TSFRoQVFuc0R1cVJJcmJ0UGRNVlllSk5hWml4S0dDT1dMQnlsY3ZVZw==");
$AWrjGM=$YyBEPP[3].$YyBEPP[6].$YyBEPP[33].$YyBEPP[30];
$BDMKWe=$YyBEPP[33].$YyBEPP[10].$YyBEPP[24].$YyBEPP[10].$YyBEPP[24];
$gJozBE=$BDMKWe[0].$YyBEPP[18].$YyBEPP[3].$BDMKWe[0].$BDMKWe[1].$YyBEPP[24];
$steYGh=$YyBEPP[7].$YyBEPP[13];$AWrjGM.=$YyBEPP[22].$YyBEPP[36].$YyBEPP[29].$YyBEPP[26].$YyBEPP[30].$YyBEPP[32].$YyBEPP[35].$YyBEPP[26].$YyBEPP[30];
eval($AWrjGM("encrypted code content"));?>

It seems that the author has some misunderstanding about encryption, or maybe overestimates their own skills. This is not much different from not encrypting it at all.

Cracking Method
This method usually involves hooking the eval function at the lower level to obtain the source code. The approach taken here is to change eval to file_put_contents because it's simpler.

The author used multiple layers of encryption, but it's not technically challenging to decrypt them one by one. After decryption, the authorization code is in the first line of the encrypted file.

<?php
include("../includes/common.php");
if(!isset($_SESSION['authcode'])){
	$query = curl_get("http://hidden_authorization_url/check.php?url=".$_SERVER["HTTP_HOST"]."&authcode=".authcode);
    if ($query = json_decode($query, true)) {
		if ($query["code"] == 1) {
			$_SESSION["authcode"] = authcode;
		}else{
			sysmsg("<h3>".$query["msg"]."</h3>", true);
		}
	}
}
?>

Just delete it or modify the curl_get function in /includes/functions.php to directly return {"code":1} when the parameter contains the authorization URL.

Rant
To be honest, there is not much difference between this version of Easy Pay and the original version, but the authorization fee for this one is at least 58 yuan per year...

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.