A php SPY program from software writers??

[another-freak]

Hey people!

I have got this strange php script (part of it) which seemed to report back
to the originator of the program with its license key!
Am I wrong?



$isSent = getSqlField("SELECT * FROM probid_gen_setts","addr_val");
if ($isSent != 1) {
$refsite=getenv("HTTP_REFERER");
$lkey = getSqlNumber("SELECT * FROM probid_gen_setts","lkey");
mail ("admin@abc.com","New Installation - ".date("M. j, Y",time()),
"A new installation was reported on:

License Key: $lkey
Admin Email Address: $setts[adminemail]
Server IP: $_SERVER[SERVER_ADDR]
Site URL: $_SERVER[SERVER_NAME]
Request URI: $_SERVER[REQUEST_URI]","From: noreply@abc.com <noreply@abc.com>");

$updAddr = mysql_query("UPDATE probid_gen_setts SET addr_val=1");
}

[.josh]

well, yeah, at face value, with what you've shown, that'd be my guess too.

[another-freak]

[quote author=Crayon Violent link=topic=109059.msg439345#msg439345 date=1158929466]
well, yeah, at face value, with what you've shown, that'd be my guess too.
[/quote]

Is it safe to remove that?

[ober]

You can remove it and see if it works... if it doesn't, stick it back in.

[.josh]

how about...changing the target email to your own email.

[another-freak]

[quote author=Crayon Violent link=topic=109059.msg439357#msg439357 date=1158930196]
how about...changing the target email to your own email.
[/quote]

Yes SIR! I will try! Many thanks!  ;D

[another-freak]

Hello brothers!

I have not tried altering the program as it was installed by the software writer;
just worried about infringing their "copyright".

I accidentally discovered this little script and now I wonder how many of those *.php
files are embeded with this little spy program. So, naturally my question will be
how to search them out since there are hundreds of files the folders.
Any client program that can do the job?

Next I am wondering is this script illegal? I am a license holder.
Is my privacy infringed in this case?

Thanks.

[.josh]

there is no way we can even begin to tell anything about this script unless we see code (please don't go posting hundreds of files). 

i suppose you could write a script that searches for things like everywhere a global is used, things like the mail function is used, url addresses, etc.. but when it comes right down to it, your going to have to look at it and determine for yourself whether it's a "spy" thing. 

[kenrbnsn]

If you are concerned about the information that is being returned to the seller of the product, why don't you contact them to find out what they do with the information collected.

Reading the code, the information is sent back once the first time the script is run after a new installation. My guess is that the information is being used to track installations of the product and to make sure noone is selling copies which all use the same license code.

Did you find the code before or after you ran the script?

Ken

[onlyican]

If you use DreamWeaver, you can search strings in folders

SO navigate to the root of this script
Then search a unique string like
"A new installation was reported on:

[Caesar]

Doesn't look like a "spy" program but, more like a way to keep track of installations. If it's licensed software, then I imagine they would like to know who is installing it. I do think it is quite dumb to do, if that code is not in an encrypted file somewhere. The fact it can be removed.....

[onlyican]

The best tracker I saw was one that required a class from a third party site
So you did not have the code in there, there was a weird protected, that it could be used, but the code could not be shown from it

For all we know, inside that class could be a function TrackThis