Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Looking for Reseller Hosting with Shell
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Looking for Reseller Hosting with Shell

yokowasisyokowasis Member
edited July 2017 in Requests

20 GB Space

1 TB Bandwidth

Shell Access

Location : Very Preferably in Singapore

  • Can easily handle a Burst of Traffic in Short Amount of time without freezing my website (about 1000ish visitor)

  • Doesn't disable xmlrpc.php API (if I need to rename it to something not obvious, I can do that)

  • Doesn't disable base64 encoding / obfuscating function

  • Doesn't auto block IP for visiting / refreshing / xmlrpcing my website a few times in a short of time.

I want to use it to host Online Test for The Students :

  1. Hence the Burst of Traffic, because the students will login almost at the same time

  2. Hence the xmlrpc, because I am publishing the question using xmlrpc API

  3. Hence base64, because the developer obfuscated the code using base64

  4. Hence the auto block IP. Because about 1000 hit will come from the same IP address. I don't want it to be mistaken for DDOS Attack or something.

  5. Hence the Shell Access, because I want to type in a console like a nerd.

Thanks.

Thanked by 1CConner
«13

Comments

  • What developer uses base64 to obfuscate? It's super easy to decode FYI

  • WSSWSS Member

    @doghouch said:
    What developer uses base64 to obfuscate? It's super easy to decode FYI

    They don't. They use it to pass data via HTTP that they're too stupid to encrypt and share.

  • Maybe get a VPS and install your own panel for students?

  • get vps

  • yokowasisyokowasis Member
    edited July 2017

    @doghouch said:
    What developer uses base64 to obfuscate? It's super easy to decode FYI

    Well, apparently I have difficulty to decode it. I can't find any online service that can decode this

    http://www.heypasteit.com/clip/0IIPE7

    @dedipromo said:
    Maybe get a VPS and install your own panel for students?

    @mgilang said:
    get vps

    I already have VPS. A lot of them. But VPS don't come with cPanel. And When I sell hosting, people expect cpanel. also cPanel license is expensive af, might as well buy the reseller hosting package and get cPanel for free + I don't need to manage vps or anything.

  • mas yoko, have you try vestacp?

  • @mgilang said:
    mas yoko, have you try vestacp?

    Yes, why ?

  • @yokowasis I was able to decode it.

    Not sure if this is allowed, but here:

    https://pastebin.com/LppmgyGK
    Thanked by 1Falzo
  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @doghouch said:
    @yokowasis I was able to decode it.

    Not sure if this is allowed, but here:

    https://pastebin.com/LppmgyGK

    Sounds more like the OP is looking to host malware.

    Francisco

    Thanked by 1Falzo
  • Tried your decoded script. The script break.

    @doghouch said:
    @yokowasis I was able to decode it.

    Not sure if this is allowed, but here:

    https://pastebin.com/LppmgyGK
  • yokowasisyokowasis Member
    edited July 2017

    @Francisco said:

    @doghouch said:
    @yokowasis I was able to decode it.

    Not sure if this is allowed, but here:

    https://pastebin.com/LppmgyGK

    Sounds more like the OP is looking to host malware.

    Francisco

    Well, the script break. So it must be decoded wrong. This is an online test app.
    you can see I hosted it fine on my vps https://cbt.bimasoft.web.id/

    The developer use this website to http://www.fopo.com.ar/ encode / obfuscate the code.

    Here is the "Hello World" Script obfuscated by Fopo.

    <?php
        echo 'Hello World';
    

    https://pastebin.com/P2QbgynM

    @doghouch, can you decode it ?

    p.s. We are getting out of topic here.

  • @Francisco, Does buyshared meet my requirements, (shell access, not autoblocking 1000 request from the same ip, etc) ? If I don't get any offer from singapore, I will use yours. Just need to confirm it first. Totally legit, not malware, not spam, or any kind of shady thing. It is used by school to conduct online test.

  • That pastebin looks as a perfect decryption.
    Don't see what is wrong.

  • yokowasisyokowasis Member
    edited July 2017

    @perryoo11 said:
    That pastebin looks as a perfect decryption.
    Don't see what is wrong.

    Well, apparently that decoded script break the entire site.

    Try decoding the "Hello World" script above and you will see that everything is wrong. I mean, it even has form and other shit. Where does it come from ? The original page doesn't even have any form, (the php is encoded, but not the html output).

    @doghouch what site do you use to decode it ?

  • Now, can someone please recommend some reseller hosting provider ?

  • rskrsk Member, Patron Provider
    edited July 2017

    yokowasis said: Online Test for The Students

    yokowasis said: xmlrpc.php API

    yokowasis said: base64 encoding / obfuscating

    yokowasis said: 1000 hit will come from the same IP address

    yokowasis said: This is an online test app

    Francisco said: Sounds more like the OP is looking to host malware.

    I am with @Francisco on this one. This is fishy AF.

    Why would a student test app even remotely call an exploit db? and pick up everything in regards to OS, php, et al?

    Not worth the hassle to be honest.

  • @rsk said:

    yokowasis said: Online Test for The Students

    yokowasis said: xmlrpc.php API

    yokowasis said: base64 encoding / obfuscating

    yokowasis said: 1000 hit will come from the same IP address

    yokowasis said: This is an online test app

    Francisco said: Sounds more like the OP is looking to host malware.

    I am with @Francisco on this one. This is fishy AF.

    Why would a student test app even remotely call an exploit db? and pick up everything in regards to OS, php, et al?

    Not worth the hassle to be honest.

    This conclusion is based on what ? the decoded script ? there are 2 possibilites :

    1. The site @doghouch used is adding that shit. Because that shit totally break my sites. The script I posted is part of a few scripts that include each other. If you tried to decode the "Hello World" script above, I bet there are some shit added to it. The output is totally not "Hello World".

    2. http://www.fopo.com.ar/ is adding that shit to my script without my consent. But then again, the encoded script is working totally fine. Without any of that shit output added to it. Try outputting the encoded "Hello World" script above. It only output "Hello World". No any other shit or some kind of form.

    Which ever the case, I can assure you that the script is clean. If the provider needed to look at the unobfuscated source code, I can totally give that. Heck, if the provider think http://www.fopo.com.ar/ is fishy AF, I can use the ioncube loader. Now, are we cool ?

    Any other question of my "fishiness" feel free to ask.

    Regarding xmlrpc.

    This is not just "yet another test online app". This is a Wordpress Template. You write the questions in Microsoft Office Word. Publish it directly from Microsoft Word. The app will parse the Published HTML for the students. This software is Aimed for teachers which has difficulty using web based editor to write the question. Just admit it, Writing in Microsoft Word is Much Better, and Easier experience than any other web based editor out there. This software specifically address that. The teacher can write the questions in Microsoft Word, in their home, offline, without internet question. And then go to their school, and publish the questions that they write at home with the press of a button.

    How is that a bad thing ?

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    yokowasis said: there are 2 possibilites :

    It's simple to test. Take the unpacked version and run it back through the system. If the blob comes out the same as what you gave, then it sounds like it's an exploit.

    The DECLARE's in there all relate to wordpress exploits either way.

    Francisco

  • yokowasisyokowasis Member
    edited July 2017

    Apparently cloudflare won't let me post php code.

  • rskrsk Member, Patron Provider

    Francisco said: The DECLARE's in there all relate to wordpress exploits either way.

    >

    Exactly. Seen a lot of that recently.

    Dunno, and don't want to be involved any more. Good luck finding a host.

    /out

  • You mean the original version ?

    https://pastebin.com/ahuExFgD

    Totally legit and clean.

    And again if the provider is afraid. I can totally use ioncube loader instead, but I prefer not to incur additional cost.

    @Francisco said:

    yokowasis said: there are 2 possibilites :

    It's simple to test. Take the unpacked version and run it back through the system. If the blob comes out the same as what you gave, then it sounds like it's an exploit.

    The DECLARE's in there all relate to wordpress exploits either way.

    Francisco

  • yokowasisyokowasis Member
    edited July 2017

    @Francisco said:

    yokowasis said: there are 2 possibilites :

    It's simple to test. Take the unpacked version and run it back through the system. If the blob comes out the same as what you gave, then it sounds like it's an exploit.

    The DECLARE's in there all relate to wordpress exploits either way.

    Francisco

    @rsk said:

    Francisco said: The DECLARE's in there all relate to wordpress exploits either way.

    >

    Exactly. Seen a lot of that recently.

    Dunno, and don't want to be involved any more. Good luck finding a host.

    /out

    I have posted the original unpacked, undecoded version of the script. It totally nothing like what @doghouch posted. If you still think it's dangerous, I am speechless.

    if some shit is added to it, it is either added by the site that @doghouch used, or added by Fopo. Either way, it can be solved easily by using ioncube loader. Unless of course, if the provider also think ioncube is fishy af as well.

  • FranciscoFrancisco Top Host, Host Rep, Veteran
    edited July 2017

    @doghouch used fopo's page to decode it, just like fopo was used to encode it.

    Your "original" is 1/4 the characters as the encoded version, and given many encoders use extremely shortened function names, i'm inclined to say your users are trying to pull a fast one on you.

    Francisco

  • yokowasisyokowasis Member
    edited July 2017

    Nope, even fopo itself can't decode it without a key.

    Regarding the script size, that's how fopo works. Even a 2 lines Hello World script, will become 93 lines of script if encoded with fopo. I could say the same with ioncube loader. It will become a much longer than the original script. In the case of ioncube loader, it will become 18 lines of script (not to mention it won't work on out of the box PHP). So, it is not all about shortening the variable.

    Actualy this script is mine. I have the complete unencrypted source code, So you can rule out the users trying to pull some shit on me.

    @Francisco said:
    @doghouch used fopo's page to decode it, just like fopo was used to encode it.

    Your "original" is 1/4 the characters as the encoded version, and given many encoders use extremely shortened function names, i'm included to say your users are trying to pull a fast one on you.

    Francisco

  • @yokowasis I used a site I found after 30 seconds of Googling.

    That said, I pasted the wrong code. Sorry.

    Thanked by 1Falzo
  • I am not blaming you. Because it is clearly not your fault here. Can you link the site you use ? I just want to know whether Fopo or the site you used adding that shit to my code.

    @doghouch said:
    @yokowasis I used a site I found after 30 seconds of Googling.

    That said, I pasted the wrong code. Sorry.

    Thanked by 1Falzo
  • @yokowasis said:
    Nope, even fopo itself can't decode it without a key.

    How does it execute without the key then?

    https://27rr.com/u/175c710f.png

    Can't execute the code without knowing what code to execute...

  • yokowasisyokowasis Member
    edited July 2017

    @scaveney said:

    @yokowasis said:
    Nope, even fopo itself can't decode it without a key.

    How does it execute without the key then?

    https://27rr.com/u/175c710f.png

    Can't execute the code without knowing what code to execute...

    it execute fine. Why don't you try it ?

    the PHP can decode it just fine. But to be decoded like the original source code, even FOPO can't do it without a key.

  • My point is that it can be decoded without a key. If it couldn't be decoded, it couldn't be executed. To put it in layman's terms, how can you follow instructions you cannot read?

  • yeah right now, there is no reliable way to get the source code without having the key. Even fopo itself can't get the source code without a key

    @scaveney said:
    My point is that it can be decoded without a key. If it couldn't be decoded, it couldn't be executed. To put it in layman's terms, how can you follow instructions you cannot read?

Sign In or Register to comment.