Waraxe IT Security Portal
Login or Register
July 30, 2025
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 1276
Members: 0
Total: 1276
Full disclosure
Defense in depth -- the Microsoft way (part 90): "DigitalSignature" property sheet missing without "Read ExtendedAttributes" access permission
St. Pölten UAS 20250721-0 | Multiple Vulnerabilities in Helmholz Industrial Router REX100 / mbNET.mini
APPLE-SA-07-29-2025-8 visionOS 2.6
APPLE-SA-07-29-2025-7 tvOS 18.6
APPLE-SA-07-29-2025-6 watchOS 11.6
APPLE-SA-07-29-2025-5 macOS Ventura 13.7.7
APPLE-SA-07-29-2025-4 macOS Sonoma 14.7.7
APPLE-SA-07-29-2025-3 macOS Sequoia 15.6
APPLE-SA-07-29-2025-2 iPadOS 17.7.9
APPLE-SA-07-29-2025-1 iOS 18.6 and iPadOS 18.6
Invision Community <= 4.7.20 (calendar/view.php) SQL InjectionVulnerability
CVE?2025?52187 – Stored XSS in School Management System (PHP/MySQL)
Invision Community <= 5.0.7 (oauth/callback) Reflected Cross-Site Scripting Vulnerability
Re: Multiple vulnerabilities in the web management interface of Intelbras routers
Stored XSS "Edit General Info" Functionality - seotoasterv2.5.0
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> PHP script decode requests -> Please help me decode this.
Post new topicReply to topic View previous topic :: View next topic
Please help me decode this.
PostPosted: Sat Feb 19, 2011 3:55 am Reply with quote
grinsp00n
Beginner
Beginner
Joined: Feb 19, 2011
Posts: 1




Please help me decode these file..i've tried everything and i cant do it.. ..i've change the eval to echo but seems i don't know where to go next to view all of the original code.
Code:
<?php if (!function_exists("T7FC56270E7A70FA81A5935B72EACBE29")) { function T7FC56270E7A70FA81A5935B72EACBE29($TF186217753C37B9B9F958D906208506E) { $TF186217753C37B9B9F958D906208506E = base64_decode($TF186217753C37B9B9F958D906208506E); $T7FC56270E7A70FA81A5935B72EACBE29 = 0; $T9D5ED678FE57BCCA610140957AFAB571 = 0; $T0D61F8370CAD1D412F80B84D143E1257 = 0; $TF623E75AF30E62BBD73D6DF5B50BB7B5 = (ord($TF186217753C37B9B9F958D906208506E[1]) << 8) + ord($TF186217753C37B9B9F958D906208506E[2]); $T3A3EA00CFC35332CEDF6E5E9A32E94DA = 3; $T800618943025315F869E4E1F09471012 = 0; $TDFCF28D0734569A6A693BC8194DE62BF = 16; $TC1D9F50F86825A1A2302EC2449C17196 = ""; $TDD7536794B63BF90ECCFD37F9B147D7F = strlen($TF186217753C37B9B9F958D906208506E); $TFF44570ACA8241914870AFBC310CDB85 = __FILE__; $TFF44570ACA8241914870AFBC310CDB85 = file_get_contents($TFF44570ACA8241914870AFBC310CDB85); $TA5F3C6A11B03839D46AF9FB43C97C188 = 0; preg_match(base64_decode("LyhwcmludHxzcHJpbnR8ZWNobykv"), $TFF44570ACA8241914870AFBC310CDB85, $TA5F3C6A11B03839D46AF9FB43C97C188); for (;$T3A3EA00CFC35332CEDF6E5E9A32E94DA<$TDD7536794B63BF90ECCFD37F9B147D7F;) { if (count($TA5F3C6A11B03839D46AF9FB43C97C188)) exit; if ($TDFCF28D0734569A6A693BC8194DE62BF == 0) { $TF623E75AF30E62BBD73D6DF5B50BB7B5 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) << 8); $TF623E75AF30E62BBD73D6DF5B50BB7B5 += ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]); $TDFCF28D0734569A6A693BC8194DE62BF = 16; } if ($TF623E75AF30E62BBD73D6DF5B50BB7B5 & 0x8000) { $T7FC56270E7A70FA81A5935B72EACBE29 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) << 4); $T7FC56270E7A70FA81A5935B72EACBE29 += (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA]) >> 4); if ($T7FC56270E7A70FA81A5935B72EACBE29) { $T9D5ED678FE57BCCA610140957AFAB571 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) & 0x0F) + 3; for ($T0D61F8370CAD1D412F80B84D143E1257 = 0; $T0D61F8370CAD1D412F80B84D143E1257 < $T9D5ED678FE57BCCA610140957AFAB571; $T0D61F8370CAD1D412F80B84D143E1257++) $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012+$T0D61F8370CAD1D412F80B84D143E1257] = $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012-$T7FC56270E7A70FA81A5935B72EACBE29+$T0D61F8370CAD1D412F80B84D143E1257]; $T800618943025315F869E4E1F09471012 += $T9D5ED678FE57BCCA610140957AFAB571; } else { $T9D5ED678FE57BCCA610140957AFAB571 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) << 8); $T9D5ED678FE57BCCA610140957AFAB571 += ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) + 16; for ($T0D61F8370CAD1D412F80B84D143E1257 = 0; $T0D61F8370CAD1D412F80B84D143E1257 < $T9D5ED678FE57BCCA610140957AFAB571; $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012+$T0D61F8370CAD1D412F80B84D143E1257++] = $TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA]); $T3A3EA00CFC35332CEDF6E5E9A32E94DA++; $T800618943025315F869E4E1F09471012 += $T9D5ED678FE57BCCA610140957AFAB571; } } else $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012++] = $TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]; $TF623E75AF30E62BBD73D6DF5B50BB7B5 <<= 1; $TDFCF28D0734569A6A693BC8194DE62BF--; if ($T3A3EA00CFC35332CEDF6E5E9A32E94DA == $TDD7536794B63BF90ECCFD37F9B147D7F) { $TFF44570ACA8241914870AFBC310CDB85 = implode("", $TC1D9F50F86825A1A2302EC2449C17196); $TFF44570ACA8241914870AFBC310CDB85 = "?".">".$TFF44570ACA8241914870AFBC310CDB85."<"."?"; return $TFF44570ACA8241914870AFBC310CDB85; } } } } eval(T7FC56270E7A70FA81A5935B72EACBE29("QAIAPD9waHAgABRpZighZnVuY3QAAGlvbl9leGlzdHMoJ2dldF8AAHBvc3RfdGVtcGxhdGVzJykFQCkgeyAgAqUgAi8oAhIgJHRoZW0McGVzID0CMgDTKCk7BuEBswGkY3Vycj8hZW4GIALxAhYG9QJQAuNzWwCDXVsnVAHUC2AgRmlsCRBdBUIFgCQKqwOwYXJyYXlAUSAFU2lmIChpc18BNCQNFikpOgPAABQgZm9yZWFjaCAoKAIiKQIXIGF+CXMM0AdFDdMDIQBBAmZfZGF0YQcgQGkSgAAMb2RlKCAnJywgZmlsAKACViApgTAQAyAkbmFtZQLgJycLwwnBIHByZQEAZ19tYXRjaAPQfFNpbmdsZSBQAFAX0CAPFTooW14qK10rKSR8bXTlaQXwBZYH4iwFdCkgCkEGNQCCWzESUH0LESjBICAGwiEM8HR5KAMrE/tbdHJpbQImQ7hdCuBiYXNlC5EBUBPlIA0QBYIAUWVuZCA3aWYNEXJldHVybiAZDAGhfQKBCIAm38AeJtAIC19kcm9wZG93bictAn8Ccid0Zwf+bG9iYWwHwwchCFwMcCsvIhMJcCBWA20gOV+H5hBBID0+IBf3HoEXUQQwFgIBqyA9MEMLkm0IAWV0YSgF8i0+SUQsICdfd3A2O4QBHZB0cnVlNoIkc2VsZWN0ZWQLgCUDJyAA1T0iAKUiJBB9IGVsc2U5UALawsABkgkAJG9wdAPRPACAPaAgdmFsdWUG7D0iJyAuDAwBECcBcwXVASE+ApsPsi4gFg8nPC8E8z4GcAZQZWNobyAGoRchHjAedQIHICBhZGRfEeB0ZXIoJ3MtMkS2DoC9bkYPJyUQFDBIvwK/JxIiIEivKdUoGHYZwyG+YwT3dXN0b20KAGVsFhEhlhpPGk8gGkIPASzBoYA08yQFGSkgJiZAElTVVEVNUExBVARPRVBBVEgVsCIvewMKfSINAxTwC4YbkMv0A28DbDsgFxAgNzUPxQmQGFcFMBiSYV3SKCcAI2FkbWluX21lbnUYQXB0XxphC8Qf3WJveBhCFXYB/jaUD3ATFgdlcwHAD2FkfCAHIEf/ZAcAdGFfBfFQcCrgCVAHcRbBAWFPQAagMjIE5pkBCeBfXwGQUM90ZQHAJ3B0JyApLASQwHgAMADQX2lubmVyXwyYNfAFIQLBbm9yEN9tYWwAoWhpZ2gDgBIgIBOxE+EEAAAwDzntAAS9DZBvYCAkPQNgZS/BJzxpbnB1dCAQCXR5cDXQaGlkZGVuIiAy4T0iDXAIdG5vbmNTsiIgaWQBLTkoJnBjaHB0ZUDAXwMiKCBwbHVnGrBXpl9fRklMRTEgX19eQThwIiAvOCQgIAiEbGFiZWwA+yBjbGFzcz0iCJVNgAdgZLA31iI9khXgXw8iZioiEyEVYSoQPlAE0j48YnIGhQZUQiMOBP/ATB4OVAb6CSVdVQgAGBEFBETTScUiPkJsb2f3dG+yRoscwQwmc2IWW/QExC8J0wtkC89wD6ZTb8CgeFCJkyBoYXZlICOjICgGIHlvdSAGoGNhbiB1VgAUQCBMIyAIgXMgdGhhFsB0IG0k0HQD4yzgaZPRZ+BmZWF0dXKSAI/Qb3IFVWxhBNB0cy4gSWYgc29CgCwFsndpbGxdUGUEsGVtIGFib3Yt12UuGCxwDIRWgX0m4AAwBoBfPKVzC3Bj4i2R8PEmkAEGiPEBQDEsIDJVIVJnAl1ow19pZIPw/AgNgVKzBnAAM4LjKYB2ZXJpZnkphSRfUA4/T1NUWzdRKqIuoSddLCsPKwcFk0qFBrFwEeB5IFENhIm0J3BhZ2Unc0EGViSiNaAnXY2y+R8JoAlzo7UZ8D9wYW5CsGVkaasgBCENBAZRRxH9+wNQB89AEXPUAgAFX18f0AVWCGAVIHu2BV90BsENGsWbBVAAMCRteRjxW36/DRA9IA51NI4nm1AD8PH9ttCpxQSkqSJrZXmIUkPyFdMUIZnQFcMAYV9JAYHjFLEncmV2aXOAAE+QYsQKkSAgJAPyZoBL/2mrhCcsDlAosEQB0iQCBbJfBltRI5MPMRagCNABFywgRkFMU0VsViB1cA9gZSniX8IDH/56B9MGBIx2DzIuUQwiBr9leQcQCagj8mjgIQT0IA4cZGVsZVQwA/+W8CRrZXkHEwNwADA/Pg==")); ?>
Sad Thanks in advance
View user's profile Send private message
PostPosted: Tue Mar 15, 2011 8:44 am Reply with quote
markehdotme
Regular user
Regular user
Joined: Mar 15, 2011
Posts: 7




Here is the final result:

Code:

<?php if(!function_exists('get_post_templates')) { function get_post_templates() { $themes = get_themes(); $theme = get_current_theme(); $templates = $themes[$theme]['Template Files']; $post_templates = array (); if (is_array ($templates)): foreach ((array)$templates as $template ) { $template_data = @implode( '', file( $template )); $name = ''; if ( preg_match( '|Single Post Template:([^*+]+)$|mi', $template_data, $name ) ) { $name = $name[1]; } if ( !empty( $name ) ) { $post_templates[trim( $name )] = basename( $template ); } } endif; return $post_templates; }} if(!function_exists('post_templates_dropdown')) { function post_templates_dropdown() { global $post; $post_templates = get_post_templates(); foreach ($post_templates as $template_name => $template_file) { if ($template_file == get_post_meta($post->ID, '_wp_post_template', true)) { $selected = ' selected="selected"'; } else { $selected = ''; } $opt = '<option value="' . $template_file . '"' . $selected . '>' . $template_name . '</option>'; echo $opt; } }} add_filter('single_template', 'get_post_template'); if(!function_exists('get_post_template')) { function get_post_template($template) { global $post; $custom_field = get_post_meta($post->ID, '_wp_post_template', true); if(!empty($custom_field) && file_exists(TEMPLATEPATH . "/{$custom_field}")) { $template = TEMPLATEPATH . "/{$custom_field}"; } return $template; }} add_action('admin_menu', 'pt_add_custom_box'); function pt_add_custom_box() { if(get_post_templates() && function_exists( 'add_meta_box' )) { add_meta_box( 'pt_post_templates', __( 'Single Post Template', 'pt' ), 'pt_inner_custom_box', 'post', 'normal', 'high' ); } } function pt_inner_custom_box() { global $post; echo '<input type="hidden" name="pt_noncename" id="pt_noncename" value="' . wp_create_nonce( plugin_basename(__FILE__) ) . '" />'; echo '<label class="hidden" for="post_template">' . __("Post Template", 'pt' ) . '</label><br />'; echo '<select name="_wp_post_template" id="post_template" class="dropdown">'; echo '<option value="">Blog Post</option>'; post_templates_dropdown(); echo '</select><br /><br />'; echo '<p>' . __("Some themes have custom templates you can use for single posts that might have additional features or custom layouts. If so, you will see them above.", 'pt' ) . '</p><br />'; } add_action('save_post', 'pt_save_postdata', 1, 2); function pt_save_postdata($post_id, $post) { if ( !wp_verify_nonce( $_POST['pt_noncename'], plugin_basename(__FILE__) )) { return $post->ID; } if ( 'page' == $_POST['post_type'] ) { if ( !current_user_can( 'edit_page', $post->ID )) return $post->ID; } else { if ( !current_user_can( 'edit_post', $post->ID )) return $post->ID; } $mydata['_wp_post_template'] = $_POST['_wp_post_template']; foreach ($mydata as $key => $value) { if( $post->post_type == 'revision' ) return; $value = implode(',', (array)$value); if(get_post_meta($post->ID, $key, FALSE)) { update_post_meta($post->ID, $key, $value); } else { add_post_meta($post->ID, $key, $value); } if(!$value) delete_post_meta($post->ID, $key); } } ?><?

_________________
Regards,
Markeh
View user's profile Send private message
Please help me decode this.
www.waraxe.us Forum Index -> PHP script decode requests
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
 		All times are GMT
Page 1 of 1
Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group
PCWizardHub - Helping you fix, build, and optimize your PC life
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
 Page Generation: 0.027 Seconds