Coding

its a long time i wasn't writing anything and today decided to do some cleanup - upgraded WordPress, installed new theme (Tiny Forge), approved old comments. Hope will be posting more interesting stuff here soon. I have tons of new and interesting code examples and products but need time to pack and document everything.

No i'm very interested in WordPress/Joomla security topics.

25 Comments

New features:

Mass category creation. Now when you click Bulk Create Categories you may enter full category path.

Example:

Arts & Entertainment/Celebrities
Arts & Entertainment/Humanities
Finance/Mutual Funds
Finance/Personal Finance
Finance/Real Estate

etc.

This will create root categories Finance and subcategories Real Estate, Personal Finance and Mutual Funds.

Download Post Corrector v 1.3

I used this to create all categories for the site www.newsenger.com in a seconds. Download sample file containing full categories structure of article directories suitable for Post Corrector.

HACKED BY SudoX -- HACK A NICE DAY.

1 Comment

As you probably know (if you are experienced PHP coder) there are several products over the net that helps to protect your code from being reverse engineered. Most of this solutions cost money, some are free. However its all known fact that this code could be easily reverse engineered. Recently i downloaded utility called dezend which perfectly decrypts most of the zend protected files. Obviously they are not pure original code but enough to make script nulled i e remove checks, licensing etc. Same situation will affect IonCube and other protectors. There are some rumors telling that IonCube are cracked as well.

So what to do will you ask? Make files extra protected will be my reply.

Some tips:

  1. Encode multipass – i e if you are coder you can run zend/ioncube/etc several times ove the same code. (its possible via include)
  2. Use wide technologies to encode code over itself (ie base64_encode, eval)

Finally your code will look like:

<?php eval(base64_decode('Y2xhcGZmMjM4IHsgZnVuY3Rpb24gXzlmMjhkNTI1')); ?>

and you can protect it again.

Of course thsi post is not an explanation, however i’ll keep working on this and if you are interested to see more results please let me know.

i can run my experimntal recoders on your files so you may see what it look like.

PS Please note that expereinced hacker wil break it anyway – but you will be protected from dummy lamerz who may download such utilities and then publish your nulled software. Professional hacker will ask money for it and untill this amount will be higher than price of your software – you’l be safe.

PPS i keep researching on how to make protection even harder

HACKED BY SudoX -- HACK A NICE DAY.

2 Comments

I’m pleased to announce close release date of one of my most popular products – Newstrack.

Newstrack is a system for feed crawling (engine that is used in NewsAlloy 2) and content reexport to external blogs. Easy setup and maintenece as release will be delivered as wordpress plugin!

Project is commercial and price will be announced in furthcoming weeks. All i need to do is to complete product documentation.

Some testimonials.

After starting 6 blogs on July on blogspot that is filled with newstrack my earnings in Adsense increased in 3.5 times (Was ~ 200 USD/month. Now they are reached ~ 750 USD/mo and keeps growing). So after installing this system in July i earned as low as $2100 USD. And ernings keeps growing. Now average income from Newstrack is about 600 USD /Mo.

News Alloy

PS. News Alloy 2 release is delayed as i focused on getting good income streams to fund development. Still no investors or purchasers. However i’m going to sell News Alloy via closed auction (not ebay). Price won’t be high.

HACKED BY SudoX -- HACK A NICE DAY.

1 Comment

Recently i met curious problem ? how to make remote post to blogger.com.

This task was really trivial before Google implemented their complex authentication mechanisms. After spending 3 hours to debug things i made simple solution which is working fine for me.

All code was written and based on GData API .

I will not comment my code below ? you must easily inderstand it yourself:

  • $arr ? array to post ( indexes ? title, subtitle, body, d_date, etc)
  • $blog ? external blog parameters. $blog['xmlrpc'] ? XML RPC URL of your blogger blog to post to (see link above)

Here we go:

$entry .= "\r\n";
$entry .= "";
$entry .= "
" . date("c", strtotime($arr['d_date'])) . "";
<![CDATA[{$arr['title']}]]> $entry .= "";

if( $arr['category'] ) {
$entry .= "";
}

if( $arr['body'] ) {
$entry .= "";
$entry .= "";
$entry .= "";
if( $arr['subtitle'] ) {
$entry .= "";
$entry .= "";
$entry .= "";
}
}elseif( $arr['subtitle'] ) {
$entry .= "";
$entry .= "";
$entry .= "";
}
if( $arr['author'] ) {
$entry .= "";
$entry .= "{$arr['author']}";
$entry .= "";
}
$entry .= "";

if( ! $this->blog_token[$this->blog_id]['Auth'] )
{
// AUTHENTICATE WITH GOOGLE !!!
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://www.google.com/accounts/ClientLogin" );
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 4);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "Email={$blog['auth_login']}&Passwd={$blog['auth_pwd']}&service=blogger&source=Nst-Nst-4.0");
curl_setopt($ch, CURLOPT_POST, true);

$this->client->auth = curl_exec($ch);

if (curl_errno($ch)) {
$this->ret = curl_error($ch);
break;
} else {
curl_close($ch);
$this->ret = 0;

if( strpos( $this->client->auth, 'Auth=') == false) {
$this->ret = 1;
$this->clent->error = "Google Unauthorized";
break;
}
preg_match_all('!(\S+)=(\S+)!msi', $this->client->auth, $o, PREG_SET_ORDER);
for($_i=0; $_i
$this->blog_token[$this->blog_id][$o[$_i][1]] = $o[$_i][2];
}
}
}

$ch = curl_init();

$headers = array( "Authorization: GoogleLogin Auth={$this->blog_token[$this->blog_id]['Auth']}", "Content-type: application/atom+xml" );
curl_setopt($ch, CURLOPT_URL, $blog['xmlrpc']);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 4);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_UNRESTRICTED_AUTH, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $entry);
curl_setopt($ch, CURLOPT_POST, true);

$this->client->message = curl_exec($ch);

if (curl_errno($ch)) {
$this->ret = curl_error($ch);
} else {
curl_close($ch);
$this->ret = 0;
}

HACKED BY SudoX -- HACK A NICE DAY.