starred/SuiteCRM-SuiteCRM

Fork 0

mirror of https://github.com/SuiteCRM/SuiteCRM.git synced 2026-03-02 19:16:58 -05:00

Tracking calls in nusoap #3

New issue

Closed

opened 2026-02-20 14:13:37 -05:00 by deekerman · 5 comments

deekerman commented

2026-02-20 14:13:37 -05:00

Owner

Originally created by @judgej on GitHub (Dec 17, 2013).

I have been finding a number of places where details of the site are being tracked. If this tracking was open and clear, I would be ignoring it, but it is obfuscated, so in looks it is up to no good and should be removed.

Here is one in includes/nusoap/nusoap.php around line 9315:

            if($operation== "\x73\x75\x67\x61\x72\x48\x6f\x6d\x65" && substr_count($this->endpoint, "\x3a\x2f\x2f\x75\x70\x64\x61\x74\x65\x73\x2e\x73\x75\x67\x61\x72\x63\x72\x6d\x2e\x63\x6f\x6d\x2f\x68\x65\x61\x72\x74\x62\x65\x61\x74\x2f\x73\x6f\x61\x70\x2e\x70\x68\x70") == 0 ){
                    $c2 = new nusoapclient("\x68\x74\x74\x70\x73\x3a\x2f\x2f\x75\x70\x64\x61\x74\x65\x73\x2e\x73\x75\x67\x61\x72\x63\x72\x6d\x2e\x63\x6f\x6d\x2f\x68\x65\x61\x72\x74\x62\x65\x61\x74\x2f\x73\x6f\x61\x70\x2e\x70\x68\x70", false, false, false, false, false, 15, 15);
                    $ping = $c2->call("\x73\x75\x67\x61\x72\x50\x69\x6e\x67", array());
                    if(empty($ping) || $c2->getError()){
                            $c2 = new nusoapclient("\x68\x74\x74\x70\x3a\x2f\x2f\x75\x70\x64\x61\x74\x65\x73\x2e\x73\x75\x67\x61\x72\x63\x72\x6d\x2e\x63\x6f\x6d\x2f\x68\x65\x61\x72\x74\x62\x65\x61\x74\x2f\x73\x6f\x61\x70\x2e\x70\x68\x70", false, false, false, false, false, 15, 15);
                            $c2->call("\x73\x75\x67\x61\x72\x48\x6f\x6d\x65", $params);
                    }
            }

The hex codes translate to:

sugarHome
://updates.sugarcrm.com/heartbeat/soap.php
https://updates.sugarcrm.com/heartbeat/soap.php
sugarPing
http://updates.sugarcrm.com/heartbeat/soap.php
sugarHome

I can do a pull request, but raising it for confirmation first.

Originally created by @judgej on GitHub (Dec 17, 2013). I have been finding a number of places where details of the site are being tracked. If this tracking was open and clear, I would be ignoring it, but it is obfuscated, so in looks it is up to no good and should be removed. Here is one in includes/nusoap/nusoap.php around line 9315: ``` if($operation== "\x73\x75\x67\x61\x72\x48\x6f\x6d\x65" && substr_count($this->endpoint, "\x3a\x2f\x2f\x75\x70\x64\x61\x74\x65\x73\x2e\x73\x75\x67\x61\x72\x63\x72\x6d\x2e\x63\x6f\x6d\x2f\x68\x65\x61\x72\x74\x62\x65\x61\x74\x2f\x73\x6f\x61\x70\x2e\x70\x68\x70") == 0 ){ $c2 = new nusoapclient("\x68\x74\x74\x70\x73\x3a\x2f\x2f\x75\x70\x64\x61\x74\x65\x73\x2e\x73\x75\x67\x61\x72\x63\x72\x6d\x2e\x63\x6f\x6d\x2f\x68\x65\x61\x72\x74\x62\x65\x61\x74\x2f\x73\x6f\x61\x70\x2e\x70\x68\x70", false, false, false, false, false, 15, 15); $ping = $c2->call("\x73\x75\x67\x61\x72\x50\x69\x6e\x67", array()); if(empty($ping) || $c2->getError()){ $c2 = new nusoapclient("\x68\x74\x74\x70\x3a\x2f\x2f\x75\x70\x64\x61\x74\x65\x73\x2e\x73\x75\x67\x61\x72\x63\x72\x6d\x2e\x63\x6f\x6d\x2f\x68\x65\x61\x72\x74\x62\x65\x61\x74\x2f\x73\x6f\x61\x70\x2e\x70\x68\x70", false, false, false, false, false, 15, 15); $c2->call("\x73\x75\x67\x61\x72\x48\x6f\x6d\x65", $params); } } ``` The hex codes translate to: ``` sugarHome ://updates.sugarcrm.com/heartbeat/soap.php https://updates.sugarcrm.com/heartbeat/soap.php sugarPing http://updates.sugarcrm.com/heartbeat/soap.php sugarHome ``` I can do a pull request, but raising it for confirmation first.

deekerman

2026-02-20 14:13:37 -05:00

closed this issue
added the
Type: Bug

Status:Fix Proposed
labels

deekerman commented

2026-02-20 14:13:40 -05:00

Author

Owner

@salesagility commented on GitHub (Dec 17, 2013):

Yes I agree, this can def be removed, thanks for finding and highlighting this

@salesagility commented on GitHub (Dec 17, 2013): Yes I agree, this can def be removed, thanks for finding and highlighting this

deekerman commented

2026-02-20 14:13:40 -05:00

Author

Owner

@judgej commented on GitHub (Dec 17, 2013):

Did you mean to close this? I press the wrong button here all the time ;-)

@judgej commented on GitHub (Dec 17, 2013): Did you mean to close this? I press the wrong button here all the time ;-)

deekerman commented

2026-02-20 14:13:40 -05:00

Author

Owner

@salesagility commented on GitHub (Dec 17, 2013):

sorry no!

@salesagility commented on GitHub (Dec 17, 2013): sorry no!

deekerman commented

2026-02-20 14:13:40 -05:00

Author

Owner

@judgej commented on GitHub (Sep 25, 2014):

This is from a while back. Did this get fixed, or is it still waiting for a pull-request? I can pull my finger out and do that if required.

@judgej commented on GitHub (Sep 25, 2014): This is from a while back. Did this get fixed, or is it still waiting for a pull-request? I can pull my finger out and do that if required.

deekerman commented

2026-02-20 14:13:40 -05:00

Author

Owner

@mattlorimer commented on GitHub (Sep 25, 2014):

We have not yet addressed this issue, if you would like to contribute a fix that would be welcome, but it is something we will get around to addressing

@mattlorimer commented on GitHub (Sep 25, 2014): We have not yet addressed this issue, if you would like to contribute a fix that would be welcome, but it is something we will get around to addressing

Rows
Columns