mahdi.49
New member
- Aug 14, 2022
- 18
- 1
- 3
how to ensure a file is 100% null safe?
- Thread starter mahdi.49
- Start date
-
Welcome to Original Babiato! All Resource are Free and No downloading Limit.. Join Our Official Telegram Channel For updates Bypass All the resource restrictions/Password/Key? Read here! Read Before submitting Resource Read here! Support Our Work By Donating Click here!
SaiReddy
Member
- May 7, 2022
- 60
- 40
- 18
I think we do not always trust those virustotal instead find the best source for files you want to use like babiato, for example, there are some websites that provide nulled themes but we can't discuss and share every issue we face. but in babiato anyone can discuss everything including the problems they face with files and people will help each other I hope you understand.
People use the site, but what is 100% guaranteed in life?
What prompted the question? Has the site failed you, and do you have alternatives to share with the community?
That's why we LOVE Babiato. We help each other out.
Groot
Well-known member
- Jun 17, 2020
- 412
- 415
- 63
You need have both version untouched & nulled. Then learn how to scan code to compare files on that two folder. You should see if there extra bad code in nulled.
I am Groot.
What do you use to scan and compare the "main folder," or do you scan each file at a time?
mahdi.49
New member
- Aug 14, 2022
- 18
- 1
- 3
mahdi.49
New member
- Aug 14, 2022
- 18
- 1
- 3
Because I use several files in my local environment (Windows) and am concerned that some of them may have access to sensitive data, backup assistance is always useful for the server itself.People use the site, but what is 100% guaranteed in life?
What prompted the question? Has the site failed you, and do you have alternatives to share with the community?
mahdi.49
New member
- Aug 14, 2022
- 18
- 1
- 3
Very good idea, but in most cases, I only find nulled files. a nulled file is a good way to learn new coding skills.
Groot
Well-known member
- Jun 17, 2020
- 412
- 415
- 63
Yep. But it only way to sure nulled version safe or not. I only use nulled on live sites after check, if I don't have untouched, I never use nulled.
Groot
Well-known member
- Jun 17, 2020
- 412
- 415
- 63
No, Who can scan by 'hand'?I am Groot.
What do you use to scan and compare the "main folder," or do you scan each file at a time?
There many softwares, apps for compare files on two folder.
I use Linux commands because it faster than softwares or apps.
mahdi.49
New member
- Aug 14, 2022
- 18
- 1
- 3
It is definitely important to consider security, but because no two people are alike, anything is possible.
Loomy
New member
- Jul 3, 2022
- 8
- 3
- 3
I could show u scary ways that u can embed data in files, metadata, exif, that text editor would never see or find. Tools like VirusTotal, they have a limit of certain number of lines of code, iot skips rest without telling you, and also it will only go so deep into recursive archive. its mostly useless.
Truth is if you are going to go to the effort of learning how to scan trhough files by hand, and clean them up, then might as well be developing your own stuff, or spending that same time on making some $$ whicher way and just buying the absolute essentials and those things u would be generating profit from or using commercially. I promise you that the peace of mind alone is priceless.. Bearing in mind also that Authors/Devs are human, and right this very minute there are at least 3 mainstream php based scripts that allow for upload & execution of both php & via cgi.
And what both funny & sad about it, one of them is something i wanted and would happily pay for, but has shells injected everywhere as the dumbass author uses demo server as dev as well.
And that goes back to the Virus Scanning, If Envato cant pick up shells injected into that script, and being
distributed by their file provisioning / download server, then things like VT have no hope.
One quick hack you could do, is just replace all non php based code, ie : images, css, js, html, vue, and so on, with the files from their demo, if u lucky they are the same as distribution, but occasionally it will have some featuers nerfed..
Another quicky is if there is an included package.json then just replace all vendor packages completely. or at least compare them, u will find that more than a few authors, hide code within some random vendor code.
That all said, envato themselves have seirously dropped theball, there has been virtually zero moderation on their part of submissions.. Guys are literally running around with cocks out flapping, and uploading same script/theme to 4 products with minor changes in css.. MINOR. Cant even trust legit purchases really,
Truth is if you are going to go to the effort of learning how to scan trhough files by hand, and clean them up, then might as well be developing your own stuff, or spending that same time on making some $$ whicher way and just buying the absolute essentials and those things u would be generating profit from or using commercially. I promise you that the peace of mind alone is priceless.. Bearing in mind also that Authors/Devs are human, and right this very minute there are at least 3 mainstream php based scripts that allow for upload & execution of both php & via cgi.
And what both funny & sad about it, one of them is something i wanted and would happily pay for, but has shells injected everywhere as the dumbass author uses demo server as dev as well.
And that goes back to the Virus Scanning, If Envato cant pick up shells injected into that script, and being
distributed by their file provisioning / download server, then things like VT have no hope.
One quick hack you could do, is just replace all non php based code, ie : images, css, js, html, vue, and so on, with the files from their demo, if u lucky they are the same as distribution, but occasionally it will have some featuers nerfed..
Another quicky is if there is an included package.json then just replace all vendor packages completely. or at least compare them, u will find that more than a few authors, hide code within some random vendor code.
That all said, envato themselves have seirously dropped theball, there has been virtually zero moderation on their part of submissions.. Guys are literally running around with cocks out flapping, and uploading same script/theme to 4 products with minor changes in css.. MINOR. Cant even trust legit purchases really,
Similar threads
