markleon
Member
- Jan 27, 2021
- 69
- 21
- 8
the FDP said that today it would do a promotion on codecanyon and so far nothing
Foodomaa - Multi-restaurant Food Ordering, Restaurant & Delivery Application - (NULLED BY @LALBILLA) 3.5
- Thread starter Winter
- Start date
-
Welcome to Original Babiato! All Resource are Free and No downloading Limit.. Join Our Official Telegram Channel For updates Bypass All the resource restrictions/Password/Key? Read here! Read Before submitting Resource Read here! Support Our Work By Donating Click here!
markleon
Member
- Jan 27, 2021
- 69
- 21
- 8
Karen145
New member
- May 10, 2022
- 0
- 0
- 0
You don't need to curse the author, or even "prepare something for him". Revenge will lead nowhere. Here it is a community. We should help each other, think about how to remove the author's accesses etc. This topic is totally misrepresenting the matter at hand.
Administrators, take the reins, please.
Administrators, take the reins, please.
Frozenn
New member
- May 13, 2022
- 0
- 0
- 0
disetec21
Member
- Jun 24, 2020
- 69
- 12
- 8
Very true but still we now know that the code is not a secure one, so guys just think before you buy any kinda licence cos u never know.. Your data is vulnerable, even if ur support pack ends he could create problems forcing u to purchase extended support and many other things. Their are many other great authors which wont miss lead us and are secure. I guess we should stick with those. Meanwhile would try to nullify this code also. Great day guys
markleon
Member
- Jan 27, 2021
- 69
- 21
- 8
Good night, I'm here working hard to try to see what can be done with this code, I've already discovered several loopholes here, as soon as I have a solution I'll let the forum administrator take a look at my work. oh, I'll post it here only after the administrators check it out.
markleon
Member
- Jan 27, 2021
- 69
- 21
- 8
will be, if you're not a spy too, you're really hurting for him.
I think the only one here who's on his side is just you
iamanoob
Active member
- May 28, 2020
- 404
- 127
- 43
Locking this thread for 24 HOURS.
Will Unlock soon, Dont create new posts/threads related to foodmaa
Will Unlock soon, Dont create new posts/threads related to foodmaa
- Jun 16, 2020
- 185
- 213
- 43
This is google analytics (this is simply to give statistic report), and this is in "views" folder.
Most functions are in controllers.
You know that $_SERVER['SERVER_NAME'] will do the same?
Do you know the web address that you put on settings -> general -> Website URL will exposed your domain as well?
Try change the Website URL to other address and see if application will work.
script getting domain address is VERY COMMON practice, not a secret function that you have to jump through a lot of hoops to get to it, PHP make the function for it.
STOP commenting on a topic that you don't know well enough, otherwise an IDIOT will get provoked by your comment and accusing me PLANTING the google analytics (and yes, the person who accused me obviously can't read English properly)
Last edited:
loacker
New member
- Nov 18, 2020
- 24
- 6
- 3
arrocy, i think no one wants to accuse you about these things...
we have no capability to null it like you, and we're trying to understand how the author knows where is installed the script and what backdoors is using. I said that we're trying because we are not capable to code like you and some other people here in babiato... just trying and if we fail no problem... just learning from big like you. that's my point of view.
However, i made my honeypot and 0 visit without gtag... but probably because i've added a firewall rule on my VPS to ban 27.34.26.76 and 40.69.204.81
i've banned those IPs and i wrote before the reason. Since that firewall ban, no problems...
i will update you
Rishabh Chauhan
Active member
rizwanali
New member
- May 7, 2022
- 0
- 0
- 0
- Jun 16, 2020
- 185
- 213
- 43
I am sorry for storming at you @yeah2
I feel really bad about what I did to you.
But it's OK now everything got sorted out.
The accuser realized that codes were in there since before I null foodomaa.
The google analytics codes is in the untouched version as well.
To be honest with you and all of you that is wondering, the author did not get your domain from that google analytics codes (I am 99% sure), because from the reports that said after delete the file, the problem still comes back after a while.
The best solution will be blocking the ip addresses (attacker's ip addresses) from server firewall settings mentioned a few post back.
The ip blocking is not bulletproof either, I wish I can see the ioncube encrtypted files on the latest version.
Last edited:
loacker
New member
- Nov 18, 2020
- 24
- 6
- 3
I don't understand what the developer is saying:
Update to the latest 2.8.2 Version Immediately.
Spammers (mostly from Babiato forums) are creating fake users and because of a security vulnerability on the code, the OTP verification is getting bypassed. They are trying to blame it on the Foodomaa Community and the Foodomaa Team. And hence they are putting "Illegal License" on the user's name field even if you have a license.
Anyone who has disclosed their domain name anywhere is getting targeted.
i understand if this happens to who has the nulled version...
but why this could happen to OFFICIAL version???? only knowing domain name???
i thinks saurabh is climbing on mirrors as we say in italy
Foodomaa team donot have any access to anything.
Accessing our customer DB is completed unethical and we will NEVER do that.
But if a nulled version is found, we will take all actions possible. (So the code is already embedded on the Foodomaa application)
And yes it's a standard practice to kill the DB and code of the unlicensed version of any software that you have not paid for.
There are scripts on Codecanyon to do the same:
https://codecanyon.net/item/auto-php-licenser/19720092
The code you have access to all internal system including DB, if a nulled version is found, the code automatically deletes the DB.
Update to the latest 2.8.2 Version Immediately.
Spammers (mostly from Babiato forums) are creating fake users and because of a security vulnerability on the code, the OTP verification is getting bypassed. They are trying to blame it on the Foodomaa Community and the Foodomaa Team. And hence they are putting "Illegal License" on the user's name field even if you have a license.
Anyone who has disclosed their domain name anywhere is getting targeted.
i understand if this happens to who has the nulled version...
but why this could happen to OFFICIAL version???? only knowing domain name???
i thinks saurabh is climbing on mirrors as we say in italy
Foodomaa team donot have any access to anything.
Accessing our customer DB is completed unethical and we will NEVER do that.
But if a nulled version is found, we will take all actions possible. (So the code is already embedded on the Foodomaa application)
And yes it's a standard practice to kill the DB and code of the unlicensed version of any software that you have not paid for.
There are scripts on Codecanyon to do the same:
https://codecanyon.net/item/auto-php-licenser/19720092
The code you have access to all internal system including DB, if a nulled version is found, the code automatically deletes the DB.
Last edited:
And well @yeah2 whoever the accuser he is confronting that's me!
He's simply blaming us that we're spammers who's leeching purchased or licensed users database. (Inside He's indirectly updating the existing product with some trackers for tracking of illegal version & deleting illegal version's DB etc.)
As we got the clue how we can null it, so he inserted some trackers and backdoor in the code.
Once I get some clues of that, I'll simply give all the proof to Codecanyon Team, and they'll ban his product. (Cause as per Codecanyon's rule, you shouldn't use any backdoor inside the script.) So I'm just hovering the latest code for that. Once I found some backdoor for deleting the database, or some kind of bash code thing, I'll report them with the proof. Then the whole case will be closed. (Product Gone Forever)
(This message is for author: If you see this message, I know you'll simply reply for this statement that only purchased user can report so let me tell you, I've purchased your version and Now I've my power to report it Tadaa!)
