解码评估(base64_decode))
我正在尝试解码此代码.我知道可以通过将 eval 更改为 echo 来完成.但在这种情况下,它不起作用.我有什么错误吗.这是我的encoded_file.php 代码:
我试图将 eval 更改为 echo,但它的文件不起作用.我也试过这个解码器:
但它也不能很好地工作.任何解决方案如何解码或我的解码器代码有什么问题.
解决方案以下是解码所需的步骤(注意 - 为了清楚起见,我已重命名变量/函数):
1.我们看到这个脚本读取了它自己的内容,所以我们可以假设——我们不能改变这个文件
所以让我们用这个内容创建新文件并更改这个文件:
$encoded=file('another_file.txt');
2. 然后我们可以将第一个 eval 更改为 echo 并且所有其他 eval 都应该被注释:
这是第一行:
<预> <代码>回波BASE64_DECODE( aWYoIWZ1bmN0aW9uX2V4aXN0cygiWWl1bklVWTc2YkJodWhOWUlPOCIpKXtmdW5jdGlvbiBZaXVuSVVZNzZiQmh1aE5ZSU84KCRnLCRiPTApeyRhPWltcGxvZGUoIlxuIiwkZyk7JGQ9YXJyYXkoNjU1LDIzNiw0MCk7aWYoJGI9PTApICRmPXN1YnN0cigkYSwkZFswXSwkZFsxXSk7ZWxzZWlmKCRiPT0xKSAkZj1zdWJzdHIoJGEsJGRbMF0rJGRbMV0sJGRbMl0pO2Vsc2UgJGY9dHJpbShzdWJzdHIoJGEsJGRbMF0rJGRbMV0rJGRbMl0pKTtyZXR1cm4oJGYpO319");这会给我们:
if(!function_exists("getSubString")){函数 getSubString($g,$b=0){$a=内爆("
",$g);$d=数组(655,236,40);if($b==0) $f=substr($a,$d[0],$d[1]);elseif($b==1) $f=substr($a,$d[0]+$d[1],$d[2]);否则 $f=trim(substr($a,$d[0]+$d[1]+$d[2]));返回 $f;}}
3. 现在我们可以删除第一个 echo/eval 并转到第二个:
这是第二行:
echo base64_decode(getSubString($encoded));
给我们:
if(!function_exists("decodeCode")){函数 decodeCode($a,$h){如果($h==sha1($a)){返回(gzinflate(base64_decode($a)));}别的{echo("错误:文件已修改");}}}
4.我们可以删除它并进入最后一个评估:
这里是:
echo decodeCode(getSubString($encoded,2),getSubString($encoded,1));
我们看到最终代码:
/*** @地点 #####* @版权 2010*/包括'config.php';$id=$_GET['id'];如果(isset($id)){header("内容类型:图片/jpeg");$url='http://#####/siteuploads/thumb/'.$id;$path=pathinfo($url);header('Content-Disposition: attachment; filename="'.$path['basename'].'"');$img=imagecreatefromjpeg($url);$red=imagecolorallocate($img,255,155,255);imagestring($img,2,1,2,$site,$red);回声 imagejpeg($img);}
I am trying to decode this code. I know it can be done by changing eval to echo. But in this case its not working. Is i am making any mistake. This is my encoded_file.php code:
i have tried to change eval to echo but its not working file. I also tried this decoder:
<?php
// Open and read the content of the encoded file into a variable
$file = file_get_contents('encoded_file.php');
// Strip php tags
$file = str_replace('<?php', "", $file);
$file = str_replace('<?', "", $file);
// Make sure to get rid of short tags....
$file = str_replace('?>', "", $file);
// Strip new lines
$file = str_replace("
", "", $file);
// Add semi colon to get around a parsing issue.
$file = $file.';';
// Change the Eval function
$file = str_replace('eval', 'echo ', $file);
// Function to eval the new string
function deval()
{
global $file;
ob_start();
eval($file);
$contents = ob_get_contents();
ob_end_clean();
return($contents);
}
// Run the code thru once
$file = deval();
// Counter
$cnt = 1;
// Loop it till it's decoded
while(preg_match('/^?><?php eval/', $file))
{
$file = str_replace('?><?php eval', 'echo', $file);
$file = str_replace('?><?', "", $file);
$file = deval();
$cnt;
}
//clean up some tags
$file = str_replace('?><?php', "", $file);
$file = str_replace('?><?', "", $file);
echo $cnt,' iterations<br/><br/>';
echo $file;
?>
but it also not working well. Any solution how to decode it or what's wrong in my decoder code.
解决方案Here are the steps which are needed to decode this (note - I've renamed variables/functions for clarity):
1. We see that this script reads content of itself, so we can assume - we cannot change this file
so lets create new file with this content and change this file:
$encoded=file('another_file.txt');
2. Then we can change first eval to echo and all other evals should be commented:
here is first line:
echo base64_decode("aWYoIWZ1bmN0aW9uX2V4aXN0cygiWWl1bklVWTc2YkJodWhOWUlPOCIpKXtmdW5jdGlvbiBZaXVuSVVZNzZiQmh1aE5ZSU84KCRnLCRiPTApeyRhPWltcGxvZGUoIlxuIiwkZyk7JGQ9YXJyYXkoNjU1LDIzNiw0MCk7aWYoJGI9PTApICRmPXN1YnN0cigkYSwkZFswXSwkZFsxXSk7ZWxzZWlmKCRiPT0xKSAkZj1zdWJzdHIoJGEsJGRbMF0rJGRbMV0sJGRbMl0pO2Vsc2UgJGY9dHJpbShzdWJzdHIoJGEsJGRbMF0rJGRbMV0rJGRbMl0pKTtyZXR1cm4oJGYpO319");
this will give us:
if(!function_exists("getSubString"))
{
function getSubString($g,$b=0)
{
$a=implode("
",$g);
$d=array(655,236,40);
if($b==0) $f=substr($a,$d[0],$d[1]);
elseif($b==1) $f=substr($a,$d[0]+$d[1],$d[2]);
else $f=trim(substr($a,$d[0]+$d[1]+$d[2]));
return $f;
}
}
3. Now we can remove first echo/eval and go to 2nd one:
here is 2nd line:
echo base64_decode(getSubString($encoded));
give us:
if(!function_exists("decodeCode"))
{
function decodeCode($a,$h)
{
if($h==sha1($a))
{
return(gzinflate(base64_decode($a)));
}
else
{
echo("Error: File Modified");
}
}
}
4. we can remove it and go to last eval:
here is it:
echo decodeCode(getSubString($encoded,2),getSubString($encoded,1));
and we see final code:
/**
* @site #####
* @copyright 2010
*/
include 'config.php';
$id=$_GET['id'];
if(isset($id))
{
header("Content-type: image/jpeg");
$url='http://#####/siteuploads/thumb/'.$id;
$path=pathinfo($url);
header('Content-Disposition: attachment; filename="'.$path['basename'].'"');
$img=imagecreatefromjpeg($url);
$red=imagecolorallocate($img,255,155,255);
imagestring($img,2,1,2,$site,$red);
echo imagejpeg($img);
}
相关文章