KeepUp01
Member
- May 19, 2022
- 43
- 12
- 8
Belloo - Complete Premium Dating Software Unlimited Domains v4.5.3.6 Untouched
- Thread starter ukgamer
- Start date
-
Welcome to Original Babiato! All Resource are Free and No downloading Limit.. Join Our Official Telegram Channel For updates Bypass All the resource restrictions/Password/Key? Read here! Read Before submitting Resource Read here! Support Our Work By Donating Click here!
mywashe
Member
- Oct 9, 2022
- 82
- 10
- 8
Natali
Member
- May 11, 2022
- 51
- 9
- 8
Dear forum users BABIATO.
Please share the library of original pictures that are installed in the demo version.
Example: https://www.belloo.date/3.5/assets/sources/uploads/5d7b123f845f8_4.png
This is for gifts - https://premiumdatingscript.com/gifts/21.png
On my test domain, they are all loaded from the developer's site.
It takes a very long time to change each picture manually, through the database.
Thank you in advance.
Please share the library of original pictures that are installed in the demo version.
Example: https://www.belloo.date/3.5/assets/sources/uploads/5d7b123f845f8_4.png
This is for gifts - https://premiumdatingscript.com/gifts/21.png
On my test domain, they are all loaded from the developer's site.
It takes a very long time to change each picture manually, through the database.
Thank you in advance.
KeepUp01
Member
- May 19, 2022
- 43
- 12
- 8
Ok but do you have rewrite module ON?
Sudo a2enmod rewrite
Also check chmod -R 775 /var/www/belloo-folder/
And chown -R www-data:www-data /var/www/belloo-folder/
Then just sudo service apache2 restart and check if it works.
KeepUp01
Member
- May 19, 2022
- 43
- 12
- 8
Download and upload all the photos to your belloo folder, then just go to database and change the link for everyone.
You don’t need to delete every single gift and create it again using local photo.
Natali
Member
- May 11, 2022
- 51
- 9
- 8
Thanks to.
Are you suggesting to do this with every picture or is there another option?
Quote: "Download and upload all the photos to your belloo folder, then just go to database and change the link for everyone."
10 pieces. in the menu + "Gifts" + Plugins ???
Where can photos be downloaded from?
Sincerely.
- May 16, 2022
- 84
- 105
- 33
About zhduli.ru Despite my CHMOD (444) restrictions, someone was again able to access the site (through vulnerabilitis in components of script and IndoXploit) and replaced the files in the root with files with its contents.
Before infected, the file 635cdaa6ab23d_f5.phtml was uploaded to the zhduli.ru/assets/sources/uploads folder, through which the attack occured. That is it is necessary to exclude the upload of this type files (extension) on website
I prevented users from uploading anything other then pictures and videos. I'll wait for result.
Before infected, the file 635cdaa6ab23d_f5.phtml was uploaded to the zhduli.ru/assets/sources/uploads folder, through which the attack occured. That is it is necessary to exclude the upload of this type files (extension) on website
Code:
112.215.151.229 - - [29/Oct/2022:10:47:11 +0300] "POST /plugins/orakuploader/orakuploader.php?filename=be.php&path=plugins/orakuploader/&main_path=storage/products&thumbnail_path=storage/products/thumb&watermark=&orakuploader_crop_to_width=0&orakuploader_crop_to_height=0&orakuploader_crop_thumb_to_width=0&orakuploader_crop_thumb_to_height=0 HTTP/2.0" 404 523 "https://www.sellwithtrust.site/post-ad" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96.0"
112.215.151.229 - - [29/Oct/2022:10:47:36 +0300] "GET /assets/sources/upload.php HTTP/2.0" 400 62 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96.0"
112.215.151.229 - - [29/Oct/2022:10:47:50 +0300] "POST /assets/sources/upload.php HTTP/2.0" 200 133 "http://indigorentacar.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96.0"
112.215.151.229 - - [29/Oct/2022:10:47:58 +0300] "GET /assets/sources/uploads/635cdaa6ab23d_f5.phtml HTTP/2.0" 200 4739 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96.0"
112.215.151.229 - - [29/Oct/2022:10:48:09 +0300] "GET /assets/sources/uploads/635cdaa6ab23d_f5.phtml?Fosforo5 HTTP/2.0" 200 8714 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96.0"
112.215.151.229 - - [29/Oct/2022:10:48:45 +0300] "GET /assets/sources/uploads/635cdaa6ab23d_f5.phtml?Fosforo5&dir=/var/www/bride/data/www/zhduli.ru/assets/sources/uploads&do=upload HTTP/2.0" 200 6327 "https://zhduli.ru/assets/sources/uploads/635cdaa6ab23d_f5.phtml?Fosforo5" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96.0"I prevented users from uploading anything other then pictures and videos. I'll wait for result.
Attachments
Last edited:
Natali
Member
- May 11, 2022
- 51
- 9
- 8
Hello, BellooRU. Please tell me how to do this, prevent users from uploading anything other than images and videos.
Sincerely.
KeepUp01
Member
- May 19, 2022
- 43
- 12
- 8
You must login into admin panel, go to Settings —> Gifts. Then right click on the website and select “Inspect Element”, go to Resources and reload the page. There you will have the resource link “belloo.date” or “premiumdatingscript.com” which contains the .png. Download everyone and upload to your website via FTP (ie /var/www/belloo-folder/new-img/). Then go to database, select GIFTS and edit everyone to “YourSite.com/new-img/GIFTnumber.png”
Natali
Member
- May 11, 2022
- 51
- 9
- 8
mywashe
Member
- Oct 9, 2022
- 82
- 10
- 8
Yes it is on, however I am unable to use the commands you suggested since I don't have persmion to use shell. Soo is there no other way to have the issue of customizing website presets fixed
Attachments
KeepUp01
Member
- May 19, 2022
- 43
- 12
- 8
Ok that's kinnda weird. I have the same virus on my virtualized system.
I have installed it (Belloo) after your comment and now i can see a folder named "wp-includes", a years.php and index.php folders and files that are not the default ones.
Also, my ".htaccess" file is empty and you can not pass the landing page in desktop or loading page in mobile.
There's also a "license.txt" file under /bello-folder/wp-includes/images/
How did i see it? Before publishing the website i gave 775 permissions to all the files that are in belloo's folder, and the new ones just have the permission 644.
Also, there's no way to login into admin panel. And idk why but virustotal does not detect any virus in any file.
Edit: since i have the dns with Cloudflare, i can see that this morning at 11:00 UTC+1 my website got 7k requests from USA and 1 attack blocked (the folders and files that I mentioned before where created today at 08:30 UTC+1)
Edit2: there are 2 files called "about.php" and "about.PHP" under /belloo-folder/assets/sounds/
Edit3: There are also 2 files called "635af140465f2_f5.phtml" and "wsoyanzorng.php" (idk if that's spanish cuz "Soy Anzo" means "I am Anzo"). And a file called "votes.php" under /belloo-folder/css/.
Last edited:
- May 16, 2022
- 84
- 105
- 33
When I find a solution that works correctly, I will publish everything.
Have you used the update archives (update-4.3.zip, update-4.3.1.zip etc)? Where do you get them from?
And what is your connect.php (where do you get it from)? I used from UKgamer on zhduli.
If someone else report about problem, then the author has begun his own war.
Last edited:
As I’ve stated a few times on here now , no one uses my files or my connect , they was all replaced by admin many many months ago
MasterX
Member
- May 21, 2022
- 82
- 24
- 8
if you are using a clean install, do the following:
1. Create a directory called "gifts" in:
Your_Site/assets/sources/uploads/
2. Upload the attached file "file_gifts"
3. Run the query below changing the text "your_site" to your full domain.
SQL:
TRUNCATE TABLE gifts;
INSERT INTO `gifts` (`id`, `gift`, `price`, `icon`) VALUES
(1, 'Treasure', 55, 'https://your_site.com/assets/sources/uploads/gifts/1.png'),
(2, 'Cake', 150, 'https://your_site.com/assets/sources/uploads/gifts/2.png'),
(3, 'Wine', 200, 'https://your_site.com/assets/sources/uploads/gifts/3.png'),
(4, 'Flowers ', 250, 'https://your_site.com/assets/sources/uploads/gifts/4.png'),
(5, 'Present', 200, 'https://your_site.com/assets/sources/uploads/gifts/5.png'),
(6, 'Heart candy', 50, 'https://your_site.com/assets/sources/uploads/gifts/6.png'),
(7, 'kiss', 100, 'https://your_site.com/assets/sources/uploads/gifts/7.png'),
(8, 'beer', 150, 'https://your_site.com/assets/sources/uploads/gifts/8.png'),
(10, 'cup', 250, 'https://your_site.com/assets/sources/uploads/gifts/10.png'),
(11, 'flower', 100, 'https://your_site.com/assets/sources/uploads/gifts/11.png'),
(12, 'crown', 1500, 'https://your_site.com/assets/sources/uploads/gifts/12.png'),
(13, 'hearts', 250, 'https://your_site.com/assets/sources/uploads/gifts/13.png'),
(14, 'hear candy 2', 200, 'https://your_site.com/assets/sources/uploads/gifts/14.png'),
(15, 'champagne', 25, 'https://your_site.com/assets/sources/uploads/gifts/15.png'),
(16, 'coffe', 25, 'https://your_site.com/assets/sources/uploads/gifts/16.png'),
(17, 'cupido', 50, 'https://your_site.com/assets/sources/uploads/gifts/17.png'),
(18, 'flowers 3', 500, 'https://your_site.com/assets/sources/uploads/gifts/18.png'),
(19, 'dairy love', 25, 'https://your_site.com/assets/sources/uploads/gifts/19.png'),
(20, 'handcops', 500, 'https://your_site.com/assets/sources/uploads/gifts/20.png'),
(21, 'heart', 25, 'https://your_site.com/assets/sources/uploads/gifts/21.png'),
(22, 'heart 2', 25, 'https://your_site.com/assets/sources/uploads/gifts/22.png'),
(23, 'heart 3', 150, 'https://your_site.com/assets/sources/uploads/gifts/23.png'),
(24, 'ring', 1000, 'https://your_site.com/assets/sources/uploads/gifts/24.png'),
(25, 'bear', 350, 'https://your_site.com/assets/sources/uploads/gifts/26.png'),
(26, 'candy', 550, 'https://your_site.com/assets/sources/uploads/gifts/26.png'),
(27, 'cake', 600, 'https://your_site.com/assets/sources/uploads/gifts/27.png'),
(28, 'honor', 750, 'https://your_site.com/assets/sources/uploads/gifts/28.png');MasterX
Member
- May 21, 2022
- 82
- 24
- 8
As I’ve stated a few times on here now , no one uses my files or my connect , they was all replaced by admin many many months ago
Great. How can we block this access? Can you give us the step-by-step, please?
MasterX
Member
- May 21, 2022
- 82
- 24
- 8
