Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Simple Script how to decode :
- 1) eval(gzinflate(base64_decode(
- 2) eval(gzinflate(str_rot13(base64_decode(
- 3) eval(gzinflate(base64_decode(base64_decode(str_rot13(
- 4) eval(gzinflate(base64_decode(str_rot13(
- <?php
- /*
- This code was taken from http://wordpress.macosbrain.com/2006/08/17/decode-function-eval-gzinflate-base64_decode-str_rot13/
- Directions:
- 1. Save this code to a PHP file (e.g. decode.php)
- 2. Copy the encoded PHP code and place it in encoded.php
- 3. Execute this script by visiting decode.php in your browser
- 4. You will be prompted to download the decrypted file (e.g. decode_test.php)
- Notice:
- Do not use this to violate copyright. This is intended for educational and security purposes only.
- */
- class decode
- {
- function __construct($file)
- {
- $this->org_data = file_get_contents($file);
- $this->result = $this->org_data;
- $this->done = false;
- $this->file = $file;
- }
- function strip_php_tags($str)
- {
- $str_del = Array('');
- return str_replace($str_del,'',$str);
- }
- function strip_what_to_execute()
- {
- $possible_code = substr($this->result,0,strpos($this->result,"'"));
- $possible_code_end = strrpos($this->result,"'");
- if($this->test_possible_code($possible_code) && count($this->execute)> 0)
- {
- $possible_code_start = strlen($possible_code)+1;
- $this->result = substr($this->result,$possible_code_start,$possible_code_end-$possible_code_start);
- }
- }
- function clean_string($str)
- {
- $str = trim($str,"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f");
- $str = trim($str,"\x7f\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f\x90\x91\x92\x93\x94\x95\x96\x97\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff");
- $str = trim($str);
- return $str;
- }
- function test_possible_code($str)
- {
- $str = $this->clean_string($this->strip_php_tags($str));
- //echo $str."\n";
- $functions = explode('(',$str);
- $this->execute = array();
- if(!in_array('eval',$functions))
- {
- $this->done = true;
- return false;
- }
- foreach($functions as $function)
- {
- if($function!='' && $function!='eval')
- {
- if(!function_exists($function))
- $this->error('sorry but i can not access the function:"'.$function.'"');
- else
- $this->execute[] = $function;
- }
- }
- return true;
- }
- function execute()
- {
- $cmd_str = '';
- $cmd_end = '';
- foreach($this->execute as $cmd)
- {
- $cmd_str .= $cmd.'(';
- $cmd_end .= ')';
- }
- $eval = $cmd_str."'".$this->result."'".$cmd_end;
- eval ("\$this->result = ".$eval.";");
- }
- function error($msg)
- {
- die($msg);
- }
- function decode()
- {
- $this->strip_what_to_execute();
- if($this->done==false && count($this->execute)> 0)
- {
- $this->execute();
- $this->decode();
- }
- else
- {
- //i think this is the "decrypted", you may see two little errors, correct them.
- $this->download();
- }
- }
- function download()
- {
- header('Content-Disposition: attachment; filename="decrypted_'.$this->file.'"');
- header('Content-Type: application/php');
- header('Content-Length: '.strlen($this->result));
- die($this->result);
- }
- }
- //put your encoded PHP code in encoded.php
- $decode = new decode('encoded.php');
- $decode->decode();
- ?>
Add Comment
Please, Sign In to add comment
