Regarding using nulled scripts you might really want to carefully read this:
-
You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.
Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"
Domain Hacked By Someone
- Thread starter FarazHussain
- Start date
Regarding using nulled scripts you might really want to carefully read this:
There are Babiato URLs that are hacked and redirect to several websites where they inject a Trojan, I send them a screenshot
This is so weird cause I cannot replicate on any environment and I cannot see from the picture what actually your mouse pointer is hovering
The pointer was above the discussion button, the only thing is that I have the option not to capture the active pointer activated, at the bottom of the image you can see where I was going.
I went through other URLs on the website but I did not capture it, the injected virus is a Trojan.clic according to the alert from my security programs that blocked my access to Babiato for security reasons
A few days ago I reported that the filebird pro plugin gave me a virus alert when trying to download it, I don't know if it has anything to do with this, because I managed to download it and analyzed it with virustotal and it didn't detect any viruses.
It's Mean All Are Wasted Nothing Is Safe And We Totally Waste Our Time Here? I Thought This Website Is For Our Help But Not It's For Hackers Who Can Steal Anything From Us, And Please Don't Mind You Are Also With Them And Helping Them Not Us
DatDudeUpStairs
Be the change that you wish to see in the world.
Staff member
Moderator
Trusted Uploader
just a quick pause. While we want you to have all the resources you need, downloading everything at once might not be the most wise approach.
Have you had a chance to look at the discussion for these resources? It can be really helpful to understand what each one offers before downloading. if you ever take a look at the active e-commerce or gojek clone app you may find that they have backdoor especially made by the original developer.
DatDudeUpStairs
Be the change that you wish to see in the world.
Staff member
Moderator
Trusted Uploader
many scripts especially the standalone script (not wp plugin) from codecanyon has backdoors or some sort of auto wiping features that cannot the fully nulled due to obvuscation/encoded files by the original developers. So I would advise everyone to do some research and read what has been discussed in this forum before actually use the script for production purposes.
I am sorry that your understandings of actual programming aren't even at basic level. This statement of yours do allow us realize how much you don't belong to this community. Come back some other time when you become wiser and more knowledgeable about the things you're talking about. And with some proofs of your statements.
In the meantime we don't want you here to create hype and havoc with unproven false accusations.
Go somewhere else from where you really get malware and viruses and remember that we were right. Not our fault that developers of the scripts want to mess with you if you don't buy their scripts.
Disrespectful and ungrateful in the same time members don't belong to this community.
In a way, I was using the HUB Responsive Wordpress theme. I also had a redirect hack. Oh, and I've had similar problems with the Nexelit script before. Every file is unreliable, of course. The best way is to buy. However, if you use software for free on this forum, you must accept the consequences. Ultimately, not every user may have good intentions.
When it comes to wordpress it's so subjective to throw fault on a specific theme or plugin just because it was nulled.
In a way, I was using the HUB Responsive Wordpress theme. I also had a redirect hack. Oh, and I've had similar problems with the Nexelit script before. Every file is unreliable, of course. The best way is to buy. However, if you use software for free on this forum, you must accept the consequences. Ultimately, not every user may have good intentions.
Because you are not using ONLY that theme or plugin without any other installed. From my own experience for a Wordpress website you use at least one theme and 6 plugins. Not you personally but most webmasters. ANY of them can be faulty. EVEN Elementor (which is a hugely distributed plugin by reputed developers) had its own issues allowing millions of sites to be hacked. It didn't matter if the plugin was nulled or officially bought. There still were consequences for ALL Elementor users.
HUB theme is a theme with its own elementor ecosystem. I don't think it is caused by a plugin. But you are right about other themes and plugins. I agree with you and I'm not saying anything to the contrary. We have been using the babiato forum for years just for exploitation purposes, just like everyone else. There is nothing we can do other than thank you.
Sorry to disappoint you but this theme still requires install of Elementor though they developed their own addons for it.
Code:
if ( defined( 'ELEMENTOR_VERSION' ) && is_callable( 'Elementor\Plugin::instance' ) ) {
include_once LD_ELEMENTOR_PATH . 'elementor/kit/kit.php';
include_once LD_ELEMENTOR_PATH . 'elementor/template-library/template-library.php';
include_once LD_ELEMENTOR_PATH . 'elementor/hooks/global-controls.php';
}
const MINIMUM_ELEMENTOR_VERSION = '3.0.0';I will take my time this weekend to analyze this theme and I would be grateful if you could provide more details privately about it (when it happened, description of the redirect behavior, a complete access log of your website for the time you discovered the issue +1 day before)
Late edit:
I don't think I need the whole weekend for it. It seems that HUB is packed with Ultimate VC Addons v3 .19.14 which is vulnerable to XSS (Cross Site Scripting) and it looks really similar to what happened to you.
Heads up: don't you ever think your website is 100% safe (even with legit bought plugins). Programming flaws happens all the time and out there are millions of scan robots that their sole purpose is to scan IPs and domains to find flaws.
Last edited:
4 days ago I completely deleted the content of the website. I figured I didn't need the hub theme anymore since I would be using the script I developed. Therefore, I will not be able to provide additional data for analysis. However, I am currently using the Hub theme on a different website. I can watch it.
No intervention is made to .htaccess files or cron sections within the theme. Since I have been spending time in front of WordPress for years, I create my designs with as few plugins as possible. So I don't even use the Woocommerce plugin unless necessary. Or I do not use SSL, SMTP, Translation plugins.
I used the Hub theme on the relevant site for 1-2 years. There were no problems. I noticed the problem 4 days ago, it directs to a site called "https://2024shopping.ru/tags/armani". I downloaded all the files and searched for "armani" in the files and codes, but I couldn't find any results. It's probably being redirected to a spam pool via XSS. Or there are codes in base64 encoded form that I missed. They prevent me from finding the problem. As a radical solution, I thought of deleting all files and temporarily maintaining the site.
Similar threads
