|
solusvm的授权部分在system下面的clean.php里面。
这个文件包括两个函数,一个LicenseDecode,一个LicenseDecodePart。
那么自然,逆向他的算法即可。
因为怕dmca,我就不放解密了~
我放加密233333
- <?php
- private $_s_C_OOO_o01 = "ypO%_Y/y0#rY@KFi==@65%swYskCaCTk-52#*StP6HCsrwP!tB";
- private $_s_C_OOO_o02 = "MM=co=_prb+;XyuHkHfNtyWy/y@/FzcofZ9HqjQ9?XxSb96a.d";
- private $_s_C_OOO_o03 = "31m*R*Z!zmnDjdqovF8Wyq1-LZUAFohEKqn652kM.FGykJF7LT";
- private $_s_C_OOO_o04 = "UF*zssdx8E9Q7+tzZ%*Y#j2=/FFZOekUr1BXB6OANpO1-ivAOm";
- private $_s_C_OOO_o05 = 30;
- private $_s_C_OOO_o06 = "+";
- private $_s_C_OOO_o07 = 30;
- private $_s_C_OOO_o08 = "(";
- private $_s_C_OOO_o09 = "=============================== START KEY DATA =================================\n";
- private $_s_C_OOO_o10 = "\n================================ END KEY DATA ==================================";
- public function LicenseEncode($result)
- {
- $resulttraw = serialize($result);
- $resulttraw = base64_encode($resulttraw);
- $md5Hash = md5($resulttraw . $result['checkDate'] . $this->_s_C_OOO_o04);
- $data = $md5Hash.$resulttraw;
- $md5Hash = md5(strrev($data) . $this->_s_C_OOO_o03);
- $data = $md5Hash.strrev($data);
- $data = $this->LicenseEncodePart($data, $this->_s_C_OOO_o01);
- $data = strrev($data);
- $data = gzdeflate($data);
- $data = convert_uuencode($data);
- $data = strrev($data);
- $data = $this->LicenseEncodePart($data, $this->_s_C_OOO_o02);
- $data = strtoupper($data);
- $data = wordwrap($data, 18, "+", true);
- $data = wordwrap($data, 348, "(", true);
- $data = wordwrap($data, 80, "\n", true);
- $data = $this->_s_C_OOO_o09 . $data;
- $data = $data . $this->_s_C_OOO_o10;
- return $data;
- }
- private function LicenseEncodePart($string, $key)
- {
- $key = sha1($key);
- $strLen = strlen($string);
- $keyLen = strlen($key);
- $i = 0;
- while( $i < $strLen )
- {
- $ordStr = ord(substr($string, $i, 1));
- if( $j == $keyLen )
- {
- $j = 0;
- }
- $ordKey = ord(substr($key, $j, 1));
- $j++;
- $hash .= strrev(base_convert(dechex($ordStr + $ordKey), 16, 36));
- $i += 1;
- }
- return $hash;
- }
复制代码
授权访问的位置是 /clients/modules/servers/licensing/slbs_verify_license.php
我给一个slbs_verify_license.php的范例:
- <?php
- require "cleaned.php";
- if(isset($_POST["nodes"]) && isset($_POST["licensekey"]) && isset($_POST["domain"]) && isset($_POST["ip"]) && isset($_POST["dir"])){
- $returnarray = array( "hash" => '',
- "hash2" => '',
- "status" => 'Active',
- "productid" => 20,
- "checkDate" => date("Y-M-D"),
- "companyname" => "NagakaTech",
- "email" => "[email protected]",
- "configoptions" => "Slaves=100|Mini Slaves=100|Micro Slaves=100"
- );
- $data = LicenseEncode($returnarray);
- echo($data);
- }else{
- echo("No input");
- }
复制代码
使用的版本是1.20.03,只测试了前台网页的license正常~
附注:
solusvm服务器(需要host掉)
http://www.soluslabs.com
licensing1.soluslabs.net
licensing5.soluslabs.net
链接:
https://www.myitmx.com/470.html
https://www.loli.ren/2018/01/27/%E8%AE%B0%E4%B8%80%E6%AC%A1solusvm%E7%9A%84%E7%A0%B4%E8%A7%A3
|
|