how to make sure the nulled files you got are safe?

Started by zurickleo, 09-02-2019

1256
9
how to make sure the nulled files you got are safe?
  09-02-2019, 04:02 AM
#1
I mean, it could have many unwanted and dangerous scripts, so could you share your tips to make sure is 100% safe?
I mean, 100% should be "buy the product", but at least 99% safe

  09-02-2019, 07:34 AM
#2
Use Google. Here's an older, but still relevant article that gives a few strategies. Another poster copied and pasted this article a while ago, it has some decent relevant material still.

If you do some research and find any articles providing valuable insight, please post a link to the actual source article because often times there's some really good comments from experienced web admins. There's some folks on here trying to take credit for articles they couldn't possibly write if their life depended on it, it's always a good idea to link to a source so everyone can benefit from the knowledge collectively and possibly have some meaningful discourse.

An even easier answer is to just get whatever Shadow releases. If you look at the sheer volume of items he has released and the fact he has zero issues....that just speaks for itself frankly. In point of fact I (and likely many other forum members) only began to frequent this forum because of his releases. No shill, just throwing facts.


n00b logo generator CoolText Logo Gen

  09-02-2019, 09:42 PM
#3
with a scan or in virtual machine :)

  09-02-2019, 09:59 PM
#4
(09-02-2019, 07:34 AM)simplefool Wrote:
Use Google.  Here's an older, but still relevant article that gives a few strategies. Another poster copied and pasted this article a while ago, it has some decent relevant material still.

If you do some research and find any articles providing valuable insight, please post a link to the actual source article because often times there's some really good comments from experienced web admins. There's some folks on here trying to take credit for articles they couldn't possibly write if their life depended on it, it's always a good idea to link to a source so everyone can benefit from the knowledge collectively and possibly have some meaningful discourse.

An even easier answer is to just get whatever Shadow releases. If you look at the sheer volume of items he has released and the fact he has zero issues....that just speaks for itself frankly. In point of fact I (and likely many other forum members) only began to frequent this forum because of his releases.  No shill, just throwing facts.

this right here

  09-02-2019, 10:27 PM
#5
typically, I only use virustotal scan. I think its not quite enough though.

  09-03-2019, 02:12 AM
#6
(09-02-2019, 10:27 PM)Linnl71 Wrote:
typically, I only use virustotal scan. I think its not quite enough though.

You're accurate in that assumption. Sometimes a theme/plugin or whatever needs to be decrypted via base64, sometimes that only happens when it gets used. Once ANY file has been decrypted (be it base64 or some other encryption), copy that plain text (from the WP console) and run it though a script or virus scanner (like virustotal) to see if it's calling another server or creating a backdoor account (or escalating an existing one). Doing this is safest in a sandboxed installation of WordPress or one installed and run on a VM with something tracking outbound network connections (like NetStat, Wireshark or Currports) or even use your home router to record/monitor those outbound connections to see if any rogue element is trying to establish an outbound connection.

Also, don't always assume a nulled element trying to "phone home" or "dial out" is a malicious connection, sometimes individuals who null WP themes and plugins need to set up a server for that element to connect to in an effort to fully unlock the retail functions of said theme or plugin. In other words, don't assume any and all unauthorized connections are malicious, even though generally that's the best assumption to make. ASK whomever nulled that element if they set up a server to unlock it. This DOES happen, it used to be rare, but it's happening more and more often now.

There's a lot of discourse on these strategies here.


n00b logo generator CoolText Logo Gen

  02-11-2020, 05:07 AM
#7
I agree with scanning and virtual machine. I would never use any nulled/hacked version for production purposes. Which means sandboxed VM with no internet or physical network access. After evaluating if you like it buy it then delete the VM.

  02-26-2020, 11:39 AM
#8
nice thread and nice answer, adding knowledge from this thread thanks a lot

  02-27-2020, 10:06 AM
#9
One of the plugins I use is "Script Locator" to find and remove harmful stuff embedded within the wordpress site.

Scam scripts like go oclasrv can easily be found and removed

I would also suggest ithemes security pro, then look up for the most updated list of ip addresses that attack wordpress sites, and add that list to the blocked section of the security plugin. Even if you are unable to find a script, the source will be blocked from viewing or accessing your site.

  02-28-2020, 02:04 PM
#10
(09-02-2019, 07:34 AM)simplefool Wrote:
Use Google.  Here's an older, but still relevant article that gives a few strategies. Another poster copied and pasted this article a while ago, it has some decent relevant material still.

If you do some research and find any articles providing valuable insight, please post a link to the actual source article because often times there's some really good comments from experienced web admins. There's some folks on here trying to take credit for articles they couldn't possibly write if their life depended on it, it's always a good idea to link to a source so everyone can benefit from the knowledge collectively and possibly have some meaningful discourse.

An even easier answer is to just get whatever Shadow releases. If you look at the sheer volume of items he has released and the fact he has zero issues....that just speaks for itself frankly. In point of fact I (and likely many other forum members) only began to frequent this forum because of his releases.  No shill, just throwing facts.

i was also concerend about it, thanks for articles :)

« Next Oldest | Next Newest »


Possibly Related Threads…
Thread Author Replies Views Last Post
Dooplay 2.4.1 Nulled (Megathread) Shadow 761 117,154 06-20-2021, 05:55 PM
Last Post: duniartips
Google sheet to nulled EA for Elementor Pro Advanced Data Table not working anom 1 61 06-19-2021, 12:20 AM
Last Post: anom
Aurora Heatmap Premium Nulled mbulingit 0 9 06-18-2021, 05:36 PM
Last Post: mbulingit
Retail vs Nulled? Alanon 179 19,804 06-18-2021, 08:03 AM
Last Post: samried
Interspire Email Marketer nulled plis leopkks 16 2,063 06-15-2021, 09:52 PM
Last Post: sr6628
Can You Null : CAOS SUPER Stealth v1.7.0 & OMGF Pro v2.3.0 ? hrshljha 0 25 06-10-2021, 06:00 AM
Last Post: hrshljha
Scrapes Plugin is not working after downloading from nulled? Peopleza 1 47 06-03-2021, 03:22 PM
Last Post: DeTrimaar
Not Nulled AnimeStream WordPress Theme iubv 40 3,822 06-03-2021, 08:32 AM
Last Post: aryanasta
Is It Safe? AndyTurner 3 101 05-05-2021, 04:35 PM
Last Post: gegebene
Retail vs Nulled usman10 2 93 04-17-2021, 03:38 PM
Last Post: usman10



1 Guest(s)