Active eCommerce CMS By ActiveITzone V8.7

[řåķïbweb]

Envato Elements

Envato Elements is your ultimate creative asset subscription. Visit our dedicated Help Center for support.

help.elements.envato.com

 

[Chijioke]

I accessed their site during the weekend and suspected that the bugs in the code were purposely placed there to prompt a user to contact them for customization or update.

The demo admin and demo front-end looks so perfect with the add-ons. {I wish I was a php guy, would fix all this for free and in a short time. }
------
I dunno if any one has tried the add-ons here on v4.0? dID IT WORK?

 

[Chijioke]

The backdoor that drops the database has been inserted into the routes. This opens a security vulnerability. If a malicious agent accesses that particular route in a store's system using Active eCommerce, even if the software was legitimate, it would trigger the behavior of the backdoor, erasing all data from the database.

I know a little about routes, but one that drops a whole database file. Wow, that's intense. Yes, that's not a good idea
Too bad!
In fact, the source code is on google search results. I wouldn't blame them.
----
But for business privacy, I don't support it. The backdoor shouldn't be accessible

 

[Chijioke]

Reported

Did you also purchase add-ons too?

 

[řåķïbweb]

Did you also purchase add-ons too?

no only script

 

[lifeofpros]

they delete the backdoor once its installed with valid license code . all u need to do (whoever saying purchased the script) install it will licese code in ur system , tell them that google keep suspending the site because it has some kinda social engineering script or backdoor . then they will login to ur hosting and delete the backdoor. i purchased it long time ago and i forgot the email and pass . :{

 

[lifeofpros]

they delete the backdoor once its installed with valid license code . all u need to do (whoever saying purchased the script) install it will licese code in ur system , tell them that google keep suspending the site because it has some kinda social engineering script or backdoor . then they will login to ur hosting and delete the backdoor. i purchased it long time ago and i forgot the email and pass . :{

then u can share the database and code here .

 

[Chijioke]

then u can share the database and code here .

Please share the source code with us. Thanks

 

[Chijioke]

no only script

@wonraywildsparks

I see "this is a pirated copy of Active Ecommerce on the header" . Please how can one fix this?

 

[Chijioke]

@wonraywildsparks

I see "this is a pirated copy of Active Ecommerce on the header" . Please how can one fix this?

I can't access the admin panel on the website

 

[Chijioke]

Can Anyone Null This , I Nulled But It Shows "This is A Pirated Copy Of Active E Commerce" On Menu BAR

@Babak @NullMaster

Does it still show now?

 

[wonraywildsparks]

I see "this is a pirated copy of Active Ecommerce on the header" . Please how can one fix this?

Check your public/index.php file. Usually the backdoor replaces the PHP code with static content with this message. Just restore the public/index.php file, and everything should be back to normal.

I posted what I believe to be a fix for these backdoors. Take a look at my previous posts in this thread and you will find it. Just install as instructed and it should not happen again.

 

[Chijioke]

Check your public/index.php file. Usually the backdoor replaces the PHP code with static content with this message. Just restore the public/index.php file, and everything should be back to normal.

I posted what I believe to be a fix for these backdoors. Take a look at my previous posts in this thread and you will find it. Just install as instructed and it should not happen again.

THANK YOU, MATE


I HAVE A NEW CHALLENGE WITH THE MAINTENANCE MODE - CLICKED ON THE MAINTENANCE MODE SWITCH TO ACTIVATE IT, TRIED TO DEACTIVATE IT, SEVERAL TIMES BUT IT DIDNT REFLECT ON THE FRONT END AND ALSO THE SWITCH STILL REMAINED ACTIVE EVEN AFTER REFRESHING IT. STILL SHOWS IT. what should i do? Already changed it to 0 in business_settings, didn't work as well. PLEASE HELP

 

[kasun955]

THANK YOU, MATE


I HAVE A NEW CHALLENGE WITH THE MAINTENANCE MODE - CLICKED ON THE MAINTENANCE MODE SWITCH TO ACTIVATE IT, TRIED TO DEACTIVATE IT, SEVERAL TIMES BUT IT DIDNT REFLECT ON THE FRONT END AND ALSO THE SWITCH STILL REMAINED ACTIVE EVEN AFTER REFRESHING IT. STILL SHOWS IT. what should i do? Already changed it to 0 in business_settings, didn't work as well. PLEASE HELP

try it with mysql .... variable :
SHOW VARIABLES LIKE 'sql_mode'; with this query SET GLOBAL sql_mode = 'NO_ENGINE_SUBSTITUTION';
(but you should have host right to do this )
it may work ... or else use the V3.9 settings on your cms

 

[johnc]

Look like v4.0 is not fully nulled. Its still have many callback that's why asking for verification after successfully install.

 

[tankiale11]

THANK YOU, MATE


I HAVE A NEW CHALLENGE WITH THE MAINTENANCE MODE - CLICKED ON THE MAINTENANCE MODE SWITCH TO ACTIVATE IT, TRIED TO DEACTIVATE IT, SEVERAL TIMES BUT IT DIDNT REFLECT ON THE FRONT END AND ALSO THE SWITCH STILL REMAINED ACTIVE EVEN AFTER REFRESHING IT. STILL SHOWS IT. what should i do? Already changed it to 0 in business_settings, didn't work as well. PLEASE HELP

dead dont use more broooo then borrow your database

 

[johnc]

The scripts authors are using the new methods to protect their script from null. Now its challenge for all null masters here to update their null skills further to broke their protection.
The real nulling is not only bypass license protections but also to remove all callback so script author can't get info that where their scripts is working.

 

[Chijioke]

try it with mysql .... variable :
SHOW VARIABLES LIKE 'sql_mode'; with this query SET GLOBAL sql_mode = 'NO_ENGINE_SUBSTITUTION';
(but you should have host right to do this )
it may work ... or else use the V3.9 settings on your cms

Was unable to do the first option. Got this error
SET GLOBAL sql_mode = 'NO_ENGINE_SUBSTITUTION'



MySQL said:

#1227 - Access denied; you need (at least one of) the SUPER privilege(s) for this operation.

However, I fixed it by simply running a new installation and using the database I used in xampp development.
And also credentials, I copied the settings in the previous .env file and pasted it in the new one. And also product photos, I copied all of it from public/upload/all to the new corresponding file.

Hopes this solves someone's problem too

 

[wonraywildsparks]

THANK YOU, MATE


I HAVE A NEW CHALLENGE WITH THE MAINTENANCE MODE - CLICKED ON THE MAINTENANCE MODE SWITCH TO ACTIVATE IT, TRIED TO DEACTIVATE IT, SEVERAL TIMES BUT IT DIDNT REFLECT ON THE FRONT END AND ALSO THE SWITCH STILL REMAINED ACTIVE EVEN AFTER REFRESHING IT. STILL SHOWS IT. what should i do? Already changed it to 0 in business_settings, didn't work as well. PLEASE HELP

Try php artisan up in console.

I fixed some bugs I found, added a custom page to work with the Wallet (Add or Remove credits from users), and I'm integrating MercadoPago (Payment Method from Argentina/Brazil). If anyone is interested, send a PM. I'll be glad to share.

 

[řåķïbweb]

Try php artisan up in console.

I fixed some bugs I found, added a custom page to work with the Wallet (Add or Remove credits from users), and I'm integrating MercadoPago (Payment Method from Argentina/Brazil). If anyone is interested, send a PM. I'll be glad to share.

wow please check inbox