• AÉZA — CLOUD SERVERS FROM 0.02€/HOUR WITH ANTIDDOS PROTECTION

  • You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.

    Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"

CiuisCRM | Project Management Tools

CiuisCRM | Project Management Tools v2.7

No permission to download
Overview Updates (3) Reviews (3) History Discussion
Here we go boys..have a decoder ;P the list of obfuscated files included, for nulling should focus those files as starting point:- (base 64 dec below, server wont let me paste raw code)

PHP: 
ZnVuY3Rpb24gZGVjb2RlX2N1KCRmaWxlKQp7CgkkYmtwID0gc3Vic3RyKCRmaWxlLDAsLTQpLicuYmtwJzsKCSRmZCA9IGZpbGVfZ2V0X2NvbnRlbnRzKCRmaWxlKTsKCWZpbGVfcHV0X2NvbnRlbnRzKCRia3AsJGZkKTsKCgkkZW5jMSA9IGV4cGxvZGUoJyRfPVwnJywkZmQpWzJdOwoJJGVuYzEgPSBleHBsb2RlKCdcJzsnLCRlbmMxKVswXTsKCSRkZWMxID0gZ3p1bmNvbXByZXNzKGJhc2U2NF9kZWNvZGUoJGVuYzEpKTsKCgkkZW5jMiA9IGV4cGxvZGUoJyRfX19fX19fX19fXz1cJycsJGRlYzEpWzJdOwoJJGVuYzIgPSBleHBsb2RlKCdcJzsnLCRlbmMyKVswXTsKCSRkZWMyID0gYmFzZTY0X2RlY29kZSgkZW5jMik7Cgkkb3V0ID0gJzwnLic/cGhwJyAuICJcblxuIiAuJGRlYzI7CglmaWxlX3B1dF9jb250ZW50cygkZmlsZSwkb3V0KTsKfQovL2FwcGxpY2F0aW9uXGNvbnRyb2xsZXJzXE1vZHVsZXMucGhwCi8vYXBwbGljYXRpb25cY29udHJvbGxlcnNcTG9naW4ucGhwCi8vYXBwbGljYXRpb25cdGhpcmRfcGFydHlcc2NyaXB0XGxiX2hlbHBlci5waHAKLy9hcHBsaWNhdGlvblxjb250cm9sbGVyc1xTZXR0aW5ncy5waHAKLy9hcHBsaWNhdGlvblx0aGlyZF9wYXJ0eVxtb2R1bGVzXGhyXGNvbmZpZy5waHAKLy9hcHBsaWNhdGlvblx0aGlyZF9wYXJ0eVxtb2R1bGVzXG1vbGxpZVxjb25maWcucGhwCi8vYXBwbGljYXRpb25cdGhpcmRfcGFydHlcc2NyaXB0XGNvbmZpZy5waHAKLy8KLy88PDwgVE8gUlVOID4+Pj4+Ci8vIC0+IGRlY29kZV9jdSgnRlVMTCBQQVRIIFRPIEZJTEUgRk9SIEVBQ0ggSU4gQUJPVkUgTElTVCcpOwo=
 
Loomy said:
Here we go boys..have a decoder ;P the list of obfuscated files included, for nulling should focus those files as starting point:- (base 64 dec below, server wont let me paste raw code)

PHP: 
ZnVuY3Rpb24gZGVjb2RlX2N1KCRmaWxlKQp7CgkkYmtwID0gc3Vic3RyKCRmaWxlLDAsLTQpLicuYmtwJzsKCSRmZCA9IGZpbGVfZ2V0X2NvbnRlbnRzKCRmaWxlKTsKCWZpbGVfcHV0X2NvbnRlbnRzKCRia3AsJGZkKTsKCgkkZW5jMSA9IGV4cGxvZGUoJyRfPVwnJywkZmQpWzJdOwoJJGVuYzEgPSBleHBsb2RlKCdcJzsnLCRlbmMxKVswXTsKCSRkZWMxID0gZ3p1bmNvbXByZXNzKGJhc2U2NF9kZWNvZGUoJGVuYzEpKTsKCgkkZW5jMiA9IGV4cGxvZGUoJyRfX19fX19fX19fXz1cJycsJGRlYzEpWzJdOwoJJGVuYzIgPSBleHBsb2RlKCdcJzsnLCRlbmMyKVswXTsKCSRkZWMyID0gYmFzZTY0X2RlY29kZSgkZW5jMik7Cgkkb3V0ID0gJzwnLic/cGhwJyAuICJcblxuIiAuJGRlYzI7CglmaWxlX3B1dF9jb250ZW50cygkZmlsZSwkb3V0KTsKfQovL2FwcGxpY2F0aW9uXGNvbnRyb2xsZXJzXE1vZHVsZXMucGhwCi8vYXBwbGljYXRpb25cY29udHJvbGxlcnNcTG9naW4ucGhwCi8vYXBwbGljYXRpb25cdGhpcmRfcGFydHlcc2NyaXB0XGxiX2hlbHBlci5waHAKLy9hcHBsaWNhdGlvblxjb250cm9sbGVyc1xTZXR0aW5ncy5waHAKLy9hcHBsaWNhdGlvblx0aGlyZF9wYXJ0eVxtb2R1bGVzXGhyXGNvbmZpZy5waHAKLy9hcHBsaWNhdGlvblx0aGlyZF9wYXJ0eVxtb2R1bGVzXG1vbGxpZVxjb25maWcucGhwCi8vYXBwbGljYXRpb25cdGhpcmRfcGFydHlcc2NyaXB0XGNvbmZpZy5waHAKLy8KLy88PDwgVE8gUlVOID4+Pj4+Ci8vIC0+IGRlY29kZV9jdSgnRlVMTCBQQVRIIFRPIEZJTEUgRk9SIEVBQ0ggSU4gQUJPVkUgTElTVCcpOwo=
Click to expand...
U dont need a decoder for base64 =) 1681958444168.png
juz type echo(base64_decode("Your base 64 encoded string")); this will print out the original code
 
gzcompressed, double layer base 64 this is just easier than copy paste back and forward twice per file./ but whatever faster for u end of the day
dolob said:
U dont need a decoder for base64 =) 1681958444168.png
juz type echo(base64_decode("Your base 64 encoded string")); this will print out the original code
Click to expand...
 
  • Like
Reactions: dolob
Loomy said:
gzcompressed, double layer base 64 this is just easier than copy paste back and forward twice per file./ but whatever faster for u end of the day
Click to expand...
Ask GPT :p jaksdhfalfjaksdfhl that was kidding but not joke while writing this I thought it can solve the issue :p~

Ofcorse man nulling/reverse eng. is something like this u'd go fwd step by step, when u face smthng like gzip u have to use expand code (unzip) when u face base64 u'd use decode eval, (and ofcorse these are in case of obfuscated codes)
 
dolob said:
Ask GPT :p jaksdhfalfjaksdfhl that was kidding but not joke while writing this I thought it can solve the issue :p~

Ofcorse man nulling/reverse eng. is something like this u'd go fwd step by step, when u face smthng like gzip u have to use expand code (unzip) when u face base64 u'd use decode eval, (and ofcorse these are in case of obfuscated codes)
Click to expand...
Read the code i wrote, dont let AI make ur brain go soft... what is easier,, to write decode_cu('filename); and press enter... or to pull up some GPT chat window, and forumulate some prompt that gonna cost u money, and not everyone here even has such things. or even manually trying to write base64decodexxx( in some online sandbox, or executing it bit by bit in some local php file... by the time u done, got to the source... tell me which is quicker.
 
Loomy said:
Read the code i wrote, dont let AI make ur brain go soft... what is easier,, to write decode_cu('filename); and press enter... or to pull up some GPT chat window, and forumulate some prompt that gonna cost u money, and not everyone here even has such things. or even manually trying to write base64decodexxx( in some online sandbox, or executing it bit by bit in some local php file... by the time u done, got to the source... tell me which is quicker.
Click to expand...
Calm man 😀 I wrote (and also mantion) that as a joke to who can not null by own, am working as cryptographer in an embassy, freelancer is my "freelancer job" after my salary job 🤷‍♂️ sometimes am using sniffers to solve pocket data and recreate them to null or solve encryptions I never runaway from writing code 🤷‍♂️
 
change code and licens and 0000000000000000000 and random code

Afterwards: >>>>> homedir/public_html/application/controllers/Login.php

open this file.

Delete the code inside and replace it with the code I added below.

Add this code after making updates each next time.

There will be no problem.

PHP: 
<?php
defined( 'BASEPATH' )OR exit( 'No direct script access allowed' );
include_once(APPPATH . 'third_party/script/app_configuration.php');
include_once(APPPATH . 'third_party/script/app_functions.php');
class Login extends CI_Controller {
    public $inactive;
    public $roles;

    function __construct() {
        parent::__construct();
        $this->load->library( 'Google' );
        $this->load->model( 'Settings_Model' );
        define( 'LANG', $this->Settings_Model->get_crm_lang() );
        $this->lang->load( LANG.'_default', LANG);
        $this->lang->load( LANG, LANG );
        $settings = $this->Settings_Model->get_settings( 'ciuis' );
        $timezone = $settings[ 'default_timezone' ];
        date_default_timezone_set( $timezone );
        $this->load->model( 'Staff_Model' );
        $this->load->model( 'Emails_Model' );
        $this->load->library( 'form_validation' );
        $this->form_validation->set_error_delimiters( '<div class="error">', '</div>' );
        $this->inactive = $this->config->item( 'inactive' );
        $this->roles = $this->config->item( 'roles' );
        $timezone = $settings[ 'default_timezone' ];
        date_default_timezone_set( $timezone );
        define( 'setting', $this->Settings_Model->get_settings_ciuis_origin());
        define( 'rebrand', load_config());
    }

    function index() {
        $settings = $this->Settings_Model->get_settings( 'ciuis' );
        if ( $settings[ 'two_factor_authentication' ] == 1 ) {
            if ( $this->session->userdata( 'LoginOK' ) && $this->session->userdata( '2FAVerify' ) ) {
                redirect( base_url() . 'panel' );
            } else {
                $this->show_login( true );
            }
        } else {
            if ( $this->session->userdata( 'LoginOK' ) ) {
                redirect( base_url() . 'panel' );
            } else {
                $this->show_login( true );
            }
        }
    }

    function auth() {
        $settings = $this->Settings_Model->get_settings( 'ciuis' );
        $this->load->model( 'Login_Model' );
        $email = $this->input->post( 'email' );
        $password = $this->input->post( 'password' );
        $clean = $this->security->xss_clean( $email );

        if ( $userInfo = $this->Staff_Model->getUserInfoByEmail( $clean ) ) {
            if ( $userInfo->inactive != $this->inactive[ 1 ] ) { //if inactive is not approved
                $this->session->set_flashdata( 'ntf4', lang( 'customerinactiveaccount' ) );
                redirect( site_url() . 'login' );
            }
        } else {
            $this->session->set_flashdata( 'ntf4', lang( 'customercanffindmail' ) );
            redirect( site_url() . 'login' );
        }
        if ( $email && $password && $this->Login_Model->validate_user( $email, $password ) ) {
            if ( $settings[ 'two_factor_authentication' ] == 1 ) {
                redirect( base_url( 'login/verify_login' ) );
            } else {
                $this->session->set_flashdata( 'login_notification', lang( 'welcomemessagetwo' ));
                if ( $this->session->userdata( 'admin' ) ) {
                    $this->session->set_flashdata( 'admin_notification', lang( 'adminwelcome' ));
                }
                $this->Staff_Model->update_language($this->session->usr_id, $this->input->post('language'));
                $this->session->set_userdata(array('language' => $this->input->post('language')));
                $staffname = $this->session->staffname;
                $loggedinuserid = $this->session->usr_id;
                $this->config->set_item('sess_expire_on_close', '0');
                $this->db->insert( 'logs', array(
                    'date' => date( 'Y-m-d H:i:s' ),
                    'detail' => ( '<a href="staff/staffmember/' . $loggedinuserid . '"> ' . $staffname . '</a> ' . lang( 'loggedinthesystem' )),
                    'staff_id' => $loggedinuserid
                ) );
                redirect( base_url( 'panel' ) );
            }
        } else {
            $this->show_login( true );
        }
    }

    function verify_login() {
        $this->load->model( 'Login_Model' );
        $data[ 'secret' ] = $this->google->createSecret();
        $website = "http://localhost:8888/googleautenticador/";
        $data[ 'url_qr_code' ] = $this->google->getQRCodeGoogleUrl( $this->session->userdata[ 'email' ], $data[ 'secret' ], $website );
        if ( isset( $_POST ) && count( $_POST ) > 0 ) {
            $secret = $this->input->post( 'secret_code' );
            $code_verificador = $this->input->post( 'code' );
            $resultado = $this->google->verifyCode( $secret, $code_verificador, 0 );
            if ( $resultado ) {
                $this->Login_Model->two_factor_authentication();
                $this->session->set_flashdata( 'login_notification', '' . lang( 'welcomemessagetwo' ) . '' );
                if ( $this->session->userdata( 'admin' ) ) {
                    $this->session->set_flashdata( 'admin_notification', '' . lang( 'adminwelcome' ) . '' );
                }
                $staffname = $this->session->staffname;
                $loggedinuserid = $this->session->usr_id;
                $this->db->insert( 'logs', array(
                    'date' => date( 'Y-m-d H:i:s' ),
                    'detail' => ( '<a href="staff/staffmember/' . $loggedinuserid . '"> ' . $staffname . '</a> ' . lang( 'loggedinthesystem' ) . '' ),
                    'staff_id' => $loggedinuserid
                ) );
                redirect( base_url( 'panel' ) );
            } else {
                $this->session->sess_destroy();
                redirect( base_url( 'login' ) );
            }
        } else {
            $this->load->view( 'login/verify', $data );
        }
    }

    function show_login( $show_error = false ) {
        $data[ 'error' ] = $show_error;
        $languages = $this->Settings_Model->get_languages();
        $lang = array();
        foreach ($languages as $language) {
            $lang[] = array(
                'name' => lang($language['name']),
                'foldername' => $language['foldername'],
                'id' => $language['id'],
                'langcode' => $language['langcode']
            );
        }
        $data['languages'] = $lang;
        $this->load->helper( 'form' );
        $this->load->view( 'login/login', $data );
    }

    function logout() {
        $this->session->sess_destroy();
        $this->index();
    }

    function showphpinfo() {
        echo phpinfo();
    }

    public function forgot() {
        $this->form_validation->set_rules( 'email', 'Email', 'required|valid_email' );
        if ( $this->form_validation->run() == FALSE ) {
            $this->load->view( 'login/forgot' );
        } else {
            $email = $this->input->post( 'email' );
            $clean = $this->security->xss_clean( $email );
            $userInfo = $this->Staff_Model->getUserInfoByEmail( $clean );
            if ( !$userInfo ) {
                $this->session->set_flashdata( 'ntf4', lang( 'customercanffindmail' ) );
                redirect( site_url() . 'login' );
            }
            if ( $userInfo->inactive != $this->inactive[ 1 ] ) { //if inactive is not approved
                $this->session->set_flashdata( 'ntf4', lang( 'customerinactiveaccount' ) );
                redirect( site_url() . 'login' );
            }
            $token = $this->Staff_Model->insertToken( $userInfo->id );
            $nameis = $userInfo->staffname;
            $qstring = $this->base64url_encode( $token );
            $url = site_url() . 'login/reset_password/token/' . $qstring;
            $template = $this->Emails_Model->get_template('staff', 'forgot_password');
            $message_vars = array(
                '{staffname}' => $userInfo->staffname,
                '{password_url}' => $url,
                '{email_signature}' => $template['from_name'],
                '{company_name}' => setting['company'],
                '{company_email}' => setting['email'],
                '{site_url}' => site_url(),
                '{logo}' => rebrand['app_logo'],
                '{footer_logo}' => rebrand['nav_logo'],
                '{email_banner}' => rebrand['email_banner'],
            );
            $subject = strtr($template['subject'], $message_vars);
            $message = strtr($template['message'], $message_vars);
            $param = array(
                'from_name' => $template['from_name'],
                'email' => $clean,
                'subject' => $subject,
                'message' => $message,
                'created' => date( "Y.m.d H:i:s" ),
                'status' => 0
            );
            if ($clean) {
                $this->db->insert( 'email_queue', $param );
            }
            $this->load->library('mail');
            $this->mail->send_email($clean, $template['from_name'], $subject, $message);
            $this->session->set_flashdata( 'ntf1', '<b>' . lang( 'customerpasswordsend' ) . '</b>' );
            redirect( 'login' );
        }
    }

    public function reset_password() {
        $token = $this->base64url_decode( $this->uri->segment( 4 ) );
        $cleanToken = $this->security->xss_clean( $token );

        $user_info = $this->Staff_Model->isTokenValid( $cleanToken ); //either false or array();

        if ( !$user_info ) {
            $this->session->set_flashdata( 'ntf1', lang( 'tokenexpired' ) );
            redirect( site_url() . 'login' );
        }
        $data = array(
            'firstName' => $user_info->staffname,
            'email' => $user_info->email,
            //'user_id'=>$user_info->id,
            'token' => $this->base64url_encode( $token )
        );

        $this->form_validation->set_rules( 'password', 'Password', 'required|min_length[5]' );
        $this->form_validation->set_rules( 'passconf', 'Password Confirmation', 'required|matches[password]' );

        if ( $this->form_validation->run() == FALSE ) {
            $this->load->view( 'login/reset_password', $data );
        } else {

            $post = $this->input->post( NULL, TRUE );
            $cleanPost = $this->security->xss_clean( $post );
            $hashed = md5( $cleanPost[ 'password' ] );
            $cleanPost[ 'password' ] = $hashed;
            $cleanPost[ 'user_id' ] = $user_info->id;
            unset( $cleanPost[ 'passconf' ] );
            if ( !$this->Staff_Model->updatePassword( $cleanPost ) ) {
                $this->session->set_flashdata( 'ntf1', lang( 'problemupdatepassword' ) );
            } else {
                $this->session->set_flashdata( 'ntf1', lang( 'passwordupdated' ) );
            }

            $template = $this->Emails_Model->get_template('staff', 'password_reset');
            $message_vars = array(
                '{staff_email}' => $user_info->email,
                '{staffname}' => $user_info->staffname,
                '{email_signature}' => $template['from_name'],
                '{company_name}' => setting['company'],
                '{company_email}' => setting['email'],
                '{site_url}' => site_url(),
                '{logo}' => rebrand['app_logo'],
                '{footer_logo}' => rebrand['nav_logo'],
                '{email_banner}' => rebrand['email_banner'],
            );
            $subject = strtr($template['subject'], $message_vars);
            $message = strtr($template['message'], $message_vars);

            $param = array(
                'from_name' => $template['from_name'],
                'email' => $user_info->email,
                'subject' => $subject,
                'message' => $message,
                'created' => date( "Y.m.d H:i:s" ),
                'status' => 0
            );
            if ($user_info->email) {
                $this->db->insert( 'email_queue', $param );
            }
            $this->load->library('mail');
            $this->mail->send_email($user_info->email, $template['from_name'], $subject, $message);
            redirect( site_url() . 'login' );
        }
    }

    function license() {
        $data['title'] = 'Verify Licence';
        $this->load->view('login/licence_verify_input', $data);

    }

    function verify_licence() {
        if (isset( $_POST ) && count( $_POST ) > 0) {
            $this->session->set_flashdata('ntf1', 'Your Envato License has been updated successfully!');
            redirect(base_url('login'));
        }
    }



    public function base64url_encode( $data ) {
        return rtrim( strtr( base64_encode( $data ), '+/', '-_' ), '=' );
    }

    public function base64url_decode( $data ) {
        return base64_decode( str_pad( strtr( $data, '-_', '+/' ), strlen( $data ) % 4, '=', STR_PAD_RIGHT ) );
    }
}
 
Last edited:
customer account view innovice pdf button repair yourdomain/application/controller/share file

line 90


Code: 
$dafault_payment_method = isset($data['invoice']['default_payment_method']) ? $data['invoice']['default_payment_method'] : null;

if ($dafault_payment_method == 'bank') {
    $modes = $this->Settings_Model->get_payment_gateway_data();

    // Ellenőrzés, hogy létezik-e "bank" kulcs a $modes tömbben
    $method = isset($modes['bank']) ? $modes['bank'] : null;
} else {
    $method = lang($dafault_payment_method);
}
 
ciuiscrm-27nulled used and please thanks

Application Info:

PHP version you are using:
7.4.33
MySQL version you are using:
7.4.33
Database you are using:
ciuis
Total tables present in database:
82

Required Extensions:
MySQLi

PDO

mcrypt (not request)

OpenSSL

iconv

cURL

MBString

GD

ZIP

allow_url_fopen

your test system: mysql 8.0 or 8.1 and 8.2 etc....
 

Attachments

  • ciuiscrm-27nulled.zip
    20.4 MB · Views: 8
  • Like
Reactions: [SNNYYL] and leonkennedy
Settings button does not work, it redirects to the home page. What would be the reason?
 
You must log in or register to reply here.

Similar threads

White Devil
CiuisCRM v1.8
Replies
3
Views
2K
PHP Scripts
verasoul
verasoul
phineas
Taskify - Project Management - Task Management & Productivity Tool
Replies
1
Views
215
PHP Scripts
Babak
Babak
mkamel
Request Project infyprojects Project Management System
Replies
0
Views
119
PHP Scripts
mkamel
mkamel
PickleRick
Grow CRM SaaS - Laravel Project Management - Multitenancy
Replies
21
Views
2K
PHP Scripts
mk007
mk007
Zebonuta
WorkTick - HRM & Project Management
Replies
1
Views
355
PHP Scripts
Babak
Babak

Latest posts

Forum statistics

Threads
79,311
Messages
1,138,815
Members
247,814
Latest member
pankaj98000

Share this page

Share this page
Top Bottom
Back
AdBlock Detected

We get it, advertisements are annoying!

However in order to keep our huge array of resources free of charge we need to generate income from ads so to use the site you will need to turn off your adblocker.

If you'd like to have an ad free experience you can become a Babiato Lover by donating as little as $5 per month. Click on the Donate menu tab for more info.

I've Disabled AdBlock