v1.6-v1.7 PLEASE BE WARNED: My live site got warning using nulled Mypresta modules!

tuuni

Active member
Elite
Joined
Jan 2, 2020
Messages
133
Reaction score
239
Points
43
NullCash
551
[IMG='width:492px;']https://www.onlygfx.com/wp-content/uploads/2019/04/8-grunge-word-warning-cover.png[/IMG]

Hi all.

I want you to let you also know that live site got warning from the author from different mypresta.eu modules. He is saying to buy the product or take the module down or he will send you DMCA takedown act. He must be a real capitalist who is full of greed!

I suggest he has some script what crawls some certain module files locations and file names like some module js files, configuration xml files and inside top comment copyright area of client-side html files. I suggest to rename those files and remove comments if you use it on live site, then you hopefully not get monitored.

Peace out.

---

Please like the post if you find it helpful.
Post automatically merged:

 

leoseo

Member
XNullUser
Joined
Sep 14, 2020
Messages
69
Reaction score
2
Points
8
NullCash
8
Can you share with us the name of the plugin with the problem?
 

tuuni

Active member
Elite
Joined
Jan 2, 2020
Messages
133
Reaction score
239
Points
43
NullCash
551
All the mypresta modules which are frontend based. backend modules seems to be ok, like import/export modules.
 

prokill

Well-known member
Diamond
Elite
Joined
Jul 27, 2020
Messages
273
Reaction score
258
Points
63
NullCash
459
Have you checked that in the scripts, there are not php code that connect to mypresta website? (such as checking latest version or so).
 

hoodiegamers

Member
XNullUser
Joined
Jan 24, 2019
Messages
236
Reaction score
2
Points
18
NullCash
8
I think there is a code which checks the license or something like that.
 

Jan Doe

Member
XNullUser
Joined
Sep 11, 2019
Messages
437
Reaction score
10
Points
18
NullCash
21
Thanks for the warning, even though I only use 1 free module from MyPresta
 

prokill

Well-known member
Diamond
Elite
Joined
Jul 27, 2020
Messages
273
Reaction score
258
Points
63
NullCash
459
yep checked a module for example, here is the code i have found. Scripts need to be nulled! by checking the current version, it will send stats with your shop URL. please just remove those codes!
Code:
      if (ini_get("allow_url_fopen")) {
            if (function_exists("file_get_contents")) {
                $actual_version = @file_get_contents('http://dev.mypresta.eu/update/get.php?module=' . $module . "&version=" . self::encrypt($version) . "&lic=$key&u=" . self::encrypt(_PS_BASE_URL_ . __PS_BASE_URI__));
            }
        }
 

pk2res

Active member
XNullUser
Joined
Sep 23, 2020
Messages
1,308
Reaction score
5
Points
38
NullCash
5
thank you for sharing the modules
 

prokill

Well-known member
Diamond
Elite
Joined
Jul 27, 2020
Messages
273
Reaction score
258
Points
63
NullCash
459
It might also be something to do with Prestatrust protection then but the code up there I have found is enough for the developer to find out if you have paid for the license.
 

vanhostingweb.com

Member
XNullUser
Joined
Dec 22, 2019
Messages
400
Reaction score
3
Points
18
NullCash
0
yep checked a module for example, here is the code i have found. Scripts need to be nulled! by checking the current version, it will send stats with your shop URL. please just remove those codes!
Code:
      if (ini_get("allow_url_fopen")) {
            if (function_exists("file_get_contents")) {
                $actual_version = @file_get_contents('http://dev.mypresta.eu/update/get.php?module=' . $module . "&version=" . self::encrypt($version) . "&lic=$key&u=" . self::encrypt(_PS_BASE_URL_ . __PS_BASE_URI__));
            }
        }
And what is the solution if we have that part of the code? do we remove the link to de.mypresta.. or all that sentence "if" ?
 

broxit

Active member
XNullUser
Joined
Oct 8, 2020
Messages
1,425
Reaction score
12
Points
38
Location
Flower Town
NullCash
137
Better to check if there any link or lisence checker that running when website is live.
 

Edongo

Well-known member
Diamond
Elite
XNullUser
Joined
Oct 9, 2020
Messages
511
Reaction score
330
Points
63
NullCash
1,344
How I can install it I have error
 

michi

Member
XNullUser
Joined
Aug 8, 2019
Messages
276
Reaction score
1
Points
18
NullCash
4
Thanks for the warning, I'll be attentive
 

mickneo

Well-known member
Diamond
Elite
Joined
Mar 8, 2019
Messages
412
Reaction score
422
Points
63
NullCash
763
yep checked a module for example, here is the code i have found. Scripts need to be nulled! by checking the current version, it will send stats with your shop URL. please just remove those codes!
Code:
      if (ini_get("allow_url_fopen")) {
            if (function_exists("file_get_contents")) {
                $actual_version = @file_get_contents('http://dev.mypresta.eu/update/get.php?module=' . $module . "&version=" . self::encrypt($version) . "&lic=$key&u=" . self::encrypt(_PS_BASE_URL_ . __PS_BASE_URI__));
            }
        }

I confirm, this function checks the current version of the module and look for updates. The developer therefore receives all the information about your website.
Thanks for the warning!
 

axelien56

Active member
Elite
XNullUser
Joined
Jun 12, 2020
Messages
23
Reaction score
144
Points
28
NullCash
455
yep checked a module for example, here is the code i have found. Scripts need to be nulled! by checking the current version, it will send stats with your shop URL. please just remove those codes!
Code:
      if (ini_get("allow_url_fopen")) {
            if (function_exists("file_get_contents")) {
                $actual_version = @file_get_contents('http://dev.mypresta.eu/update/get.php?module=' . $module . "&version=" . self::encrypt($version) . "&lic=$key&u=" . self::encrypt(_PS_BASE_URL_ . __PS_BASE_URI__));
            }
        }
or just disable allow_url_fopen from your server configuration
 
Top