Need to decode this code |
Posted: Wed Nov 17, 2010 3:06 pm |
sanczo
Beginner

Joined: Nov 17, 2010 |
Posts: 4 |
Posted: Fri Nov 19, 2010 1:28 pm |
sanczo
Beginner

Joined: Nov 17, 2010 |
Posts: 4 |
Posted: Fri Nov 19, 2010 2:21 pm |
sugianto
Advanced user

Joined: Mar 27, 2010 |
Posts: 62 |
Code: | <?php
$action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : '');
if (tep_not_null($action)) {
$pole = $_POST['pole'];
$wartosc = $_POST['wartosc'];
$opis = $_POST['opis'];
$zawartosc_pliku = '<?php' . "\n";
for ($i = 0; $i < sizeof($pole); $i++) {
if ($pole[$i] != '') {
if ($wartosc[$i] == 'true' || $wartosc[$i] == 'false') {
$war = $wartosc[$i];
} else {
$war = "'" . $wartosc[$i] . "'";
if (substr($pole[$i], 0, 9) == '**INPUT**') {
$pole[$i] = str_replace('**INPUT**', '', $pole[$i]);
$opis[$i] = '**INPUT**' . $opis[$i];
$zawartosc_pliku .= "define('" . $pole[$i] . "'," . $war . "); //" . $opis[$i] . "\n";
} else {
$zawartosc_pliku .= preg_replace("/\r\n|\n\r|\r|\n/", "", $opis[$i]) . "\n";
$zawartosc_pliku .= '?>';
$file = '../includes/configure_osc.php';
if ($fp = fopen($file, "wt")) {
flock($fp, 2);
fwrite($fp, $zawartosc_pliku);
flock($fp, 3);
tep_redirect(tep_href_link(FILENAME_CONFIGURATIONS . '?wynik=ok'));
} else {
tep_redirect(tep_href_link(FILENAME_CONFIGURATIONS . '?wynik=blad'));
require(DIR_WS_INCLUDES . 'header.php');
echo 'Dodatkowe ustawienia wyglądu';
echo tep_draw_separator('pixel_trans.gif', '80', '80');
if (isset($_GET['wynik'])) {
if ($_GET['wynik'] == 'ok') {
echo "<tr><td><script type='text/javascript' language='javascript'>okno('Dane zostały zaktualizowane')</script></td> </tr>";
if ($_GET['wynik'] == 'blad') {
echo "<tr><td><script type='text/javascript' language='javascript'>okno('Nastąpił błąd podczas zapisu. Możliwe że plik nie ma praw do zapisu !!')</script></td></tr>";
echo 'action="' . tep_href_link(FILENAME_CONFIGURATIONS, tep_get_all_get_params(array('action')) . 'action=zapisz', 'NONSSL') . '"';
$plik_dane = '../includes/configure_osc.php';
$lines = file($plik_dane);
for ($i = 0; $i < sizeof($lines); $i++) {
$lines[$i] = preg_replace("/\r\n|\n\r|\r|\n/", "", $lines[$i]);
if (substr($lines[$i], 0, 2) == '//') {
echo '<tr><td class="main" colspan="2" style="font-weight:bold;font-size:13px;color:#275628;background:#d4d4d4;border:1px solid #474747;padding-left:10px;">
' . str_replace("//", "", $lines[$i]) . '<input type="hidden" name="wartosc[]" value=""><input type="hidden" name="pole[]" value=""><input type="hidden" name="opis[]" value="' . $lines[$i] . '"></td></tr>';
} else {
if (substr($lines[$i], 0, 3) == 'def') {
$podziel_define = explode('//', $lines[$i]);
$ciag = str_replace("'", "", $podziel_define[0]);
$ciag = str_replace("(", "", $ciag);
$ciag = str_replace(")", "", $ciag);
$ciag = str_replace(";", "", $ciag);
$ciag = str_replace("define", "", $ciag);
$tablica = explode(',', $ciag);
$wartosc = trim($tablica[1]);
if ($wartosc == '1' || $wartosc == '0') {
if ($wartosc == '1') {
$ciag = '<option value="1" selected="selected">włączone</option><option value="0">wyłączone</option>';
} else {
$ciag = '<option value="1">włączone</option><option value="0" selected="selected">wyłączone</option>';
} else {
if ($wartosc == 'true') {
$ciag = '<option value="true" selected="selected">włączone</option><option value="false">wyłączone</option>';
} else {
$ciag = '<option value="true">włączone</option><option value="false" selected="selected">wyłączone</option>';
if (substr($podziel_define[1], 0, 9) == '**INPUT**') {
$select = '<input type="text" name="wartosc[]" value="' . $wartosc . '" style="width:80px;text-align:center">';
$podziel_define[1] = str_replace('**INPUT**', '', $podziel_define[1]);
$tablica[0] = '**INPUT**' . $tablica[0];
} else {
$select = '<select name="wartosc[]" style="width:80px;text-align:center">' . $ciag . '</select>';
echo '<tr><td class="main" align="center"><input type="hidden" size="20" value="' . trim($tablica[0]) . '" name="pole[]">';
echo $select . '</td>';
echo '<td class="main">' . $podziel_define[1] . '<input type="hidden" size="20" value="' . trim($podziel_define[1]) . '" name="opis[]"></td></tr>';
echo '<a href="index.php">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a> ;; ;;' . tep_image_submit('button_update.gif', IMAGE_UPDATE);
echo base64_decode(COOKIE_TMP);
echo tep_image(DIR_WS_IMAGES . 'pixel_trans.gif', '', '1', '5');
echo tep_draw_separator('pixel_trans.gif', '1', '1');
$teks_name = strpos(base64_decode(COOKIE_TMP), 'Krysiak');
$teks_firma = strpos(base64_decode(COOKIE_TMP), 'oscGold');
if ($teks_name === false || $teks_firma === false) {
echo '<script type="text/javascript" language="javascript"> function num_to_str(formi) { var str_out = ""; var num_out = formi; for(i = 0; i < num_out.length; i += 2) { num_in = parseInt(num_out.substr(i,[2])) + 23; num_in = unescape(\'%\' + num_in.toString(16)); str_out += num_in; } return unescape(str_out); }; ';
echo 'if (document.getElementById(\'bottom\')) { var ciag = document.getElementById(\'bottom\').innerHTML; if (ciag.indexOf(num_to_str("52919892827484")) == -1) { location.href=\'logoff.php\' } } else if (!document.getElementById(\'cook\') || !document.getElementById(\'bots\')) { location.href=\'logoff.php\' } else { location.href=\'logoff.php\' }</script><div id="seso"></div>';
require(DIR_WS_INCLUDES . 'application_bottom.php');
?> |
Posted: Fri Nov 19, 2010 9:53 pm |
sanczo
Beginner

Joined: Nov 17, 2010 |
Posts: 4 |
how you decode this file?
or what kind of program use to decode becouse i have more files to decode
thx |
Posted: Sat Nov 20, 2010 12:38 am |
sugianto
Advanced user

Joined: Mar 27, 2010 |
Posts: 62 |
I decode it manually
original file
change the eval to be highlight_string
would be like this
and run in local webserver
the result will be like this
add tags <? php beginning
and?> at the end
for readability enter into http://www.phpformatter.com/
and format code
the result will be like this
example to decode heredoc, like this
Code: | <?php
<\x74\162><\x74d><\163\x63r\151\x70\164 \x74\171p\x65='\x74e\x78\x74/\152\141v\141s\143\x72ip\164' \154\x61\x6e\147u\x61g\145='\152\141\166\x61s\143\x72\x69\x70\x74'>\157kn\x6f('\x44\141ne zo\x73\164\x61ł\x79 \172a\153\164\165\x61\154\x69\172\157w\141\x6e\145')</s\143\162i\x70t></\164d></tr>
?> |
mission completed |
Posted: Sat Nov 20, 2010 8:36 am |
sanczo
Beginner

Joined: Nov 17, 2010 |
Posts: 4 |
wow thx  |
