 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
 |
How to decode this file? |
 |
 Posted: Fri May 06, 2011 11:51 am |
 |
|
| beyazsapka |
| Regular user |
 |
|
| Joined: May 06, 2011 |
| Posts: 5 |
|
|
|
 |
|
 |
|
|
|
|
|
|
|
|
|
| Posted: Fri May 06, 2011 2:05 pm |
|
|
| johnburn |
| Advanced user |
|
|
| Joined: Jan 14, 2011 |
| Posts: 199 |
| Location: Malaysia |
|
|
|
|
|
|
| Code: | <?php
function dirFilterByPattern($filename) {
global $config;
$patterns = $config['app']['hidden_folder_names'];
foreach($patterns as $pattern) {
$rs = patternmatch($pattern, $filename);
if (!$rs) {
continue;
}
return FALSE;
}
return TRUE;
}
function fileFilterByPattern($filename) {
global $config;
$patterns = $config['app']['hidden_file_names'];
foreach($patterns as $pattern) {
$rs = patternmatch($pattern, $filename);
if (!$rs) {
continue;
}
return FALSE;
}
return TRUE;
}
function siteRedirect($location) {
global $config;
header("Location: " . $config['url']['root'] . "/" . $location . "");
exit();
}
function newURL($oldurl = FALSE, $newParameters = array(), $ignoreList = array()) {
global $config;
if (!$oldurl) {
$oldurl = $config['url']['root'];
if ($_SERVER['REDIRECT_QUERY_STRING']) {
$oldurl.= "/?" . $_SERVER['REDIRECT_QUERY_STRING'];
} else {
$oldurl.= "/?" . $_SERVER['QUERY_STRING'];
}
}
$parsed = parse_url($oldurl);
$exploded = explode("&", $parsed['query']);
if ($newParameters['proto']) {
$parsed['scheme'] = $newParameters['proto'];
}
foreach($exploded as $val) {
$pairs = explode("=", $val);
if (!(trim($pairs[0]) != "") && !($pairs[0] != "action") && in_array($pairs[0], $ignoreList)) {
$oldData[$pairs[0]] = $pairs[1];
}
}
if (is_array($oldData) && 0 < sizeof($oldData)) {
$resulting = array_merge($oldData, $newParameters);
} else {
$resulting = $newParameters;
}
if ($parsed['port'] && $parsed['port'] != 80) {
$port = ":" . $parsed['port'];
}
$url = $parsed['scheme'] . "://" . $parsed['host'] . $port . $parsed['path'] . "?" . http_build_query($resulting);
return $url;
}
function forURL($str) {
return htmlspecialchars(rawurlencode($str), ENT_QUOTES);
}
function safeJS($str) {
return addslashes(str_replace("\n", "", str_replace("\n", "", str_replace("\r", "", $str))));
}
function safeSQL($str) {
if (!get_magic_quotes_gpc()) {
return addslashes($str);
}
return $str;
}
function HTMLforSafeJS($str) {
$str = str_replace("'", "\\'", $str);
$str = str_replace("\\'+", "'+", $str);
$str = str_replace("+\\'", "+'", $str);
$str = str_replace("\n", "", $str);
$str = str_replace("\r", "", $str);
return $str;
}
function fromHTML($input) {
global $str;
return $str->fromHTML($input);
}
function forhtml($s) {
global $str;
return $str->forHTML($s);
}
function safeHTML($str) {
return htmlspecialchars($str, ENT_QUOTES);
}
function safeHTML2($string) {
$string = str_replace("<", "<", $string);
$string = str_replace(">", ">", $string);
$string = str_replace("<", "<", $string);
$string = str_replace(">", ">", $string);
$string = str_replace("\"", """, $string);
return $string;
}
function moduleIsLoaded($moduleName) {
global $config;
if (is_array($config['modules'][$moduleName])) {
return TRUE;
}
return FALSE;
}
function percent($nr1, $nr2, $dec = 1) {
if ($nr2 < 1) {
return 0;
}
return round($nr1 * 100 / $nr2, $dec);
}
function addTrailingSlash($s) {
if ($s[sizeof($s) ] != "/") {
$s.= "/";
}
return $s;
}
function gluePath() {
$arg_list = func_get_args();
$i = 0;
for (;$i < sizeof($arg_list);++$i) {
if ($i == 0) {
$p = rtrim($arg_list[$i], "/");
} else {
$p = trim($arg_list[$i], "/");
}
if (0 < strlen($p)) {
$parts[] = $p;
}
}
return implode($parts, "/");
}
function isCfgOn($option) {
if (strtolower(ini_get($option)) == "on" || ini_get($option) == "1" || strtolower(ini_get($option)) == "yes") {
return TRUE;
}
return FALSE;
}
function bin2asc($temp) {
$len = strlen($temp);
$i = 0;
for (;$i < $len;$i+= 8) {
$data.= chr(bindec(substr($temp, $i, 8)));
}
return $data;
}
function asc2bin($temp) {
$len = strlen($temp);
$i = 0;
for (;$i < $len;++$i) {
$data.= sprintf("%08b", ord(substr($temp, $i, 1)));
}
return $data;
}
function HTMLDate2MySQL($date, $end = FALSE, $separator = "/", $order = array("y" => 2, "m" => 1, "d" => 0)) {
if (strlen($date) < 10) {
return FALSE;
}
$pieces = explode($separator, $date);
$y = $pieces[$order['y']];
$m = $pieces[$order['m']];
$d = $pieces[$order['d']];
if ($end) {
return $y . "-" . $m . "-" . $d . " 23:59:59";
}
return $y . "-" . $m . "-" . $d . " 00:00:00";
}
function MySQLDate2HTML($date, $separator = "-", $order = array("y" => 0, "m" => 1, "d" => 2)) {
$p = explode(" ", $date);
$pieces = explode($separator, $p[0]);
$y = $pieces[$order['y']];
$m = $pieces[$order['m']];
$d = $pieces[$order['d']];
return $m . "/" . $d . "/" . $y;
}
function MySQLTimeDiff($t1) {
$df = datediff(strtotime($t1), time());
if ($df[0] == "now") {
return "Right now";
}
return $df[1] . " " . $df[0] . " ago";
}
function MySQLDateToUnix($datetime) {
if ($datetime) {
$parts = explode(" ", $datetime);
}
$datebits = explode("-", $parts[0]);
if (3 != count($datebits)) {
return -1;
}
if (isset($parts[1])) {
$timebits = explode(":", $parts[1]);
if (3 != count($timebits)) {
return -1;
}
return mktime($timebits[0], $timebits[1], $timebits[2], $datebits[1], $datebits[2], $datebits[0]);
}
return mktime(0, 0, 0, $datebits[1], $datebits[2], $datebits[0]);
}
function dateDiff($t1, $t2) {
if ($t2 < $t1) {
return FALSE;
}
$d = $t2 - $t1;
if (86400 < $d) {
$p = $d / 86400;
if (2 < $p) {
$str = "days";
} else {
$str = "day";
}
} else if ($d < 8400 && 3600 < $d) {
$p = $d / 3600;
if (2 < $p) {
$str = "hours";
} else {
$str = "hour";
}
} else if ($d < 3600) {
$p = $d / 60;
if (2 < $p) {
$str = "minutes";
} else if (1 < $p && $p < 2) {
$str = "minute";
} else if ($p < 1) {
$str = "now";
}
}
return array($str, floor($p));
}
function patternMatch($pattern, $text) {
$i = 0;
for (;$i < strlen($pattern);++$i) {
if ($pattern[$i] == "*") {
$c = $i;
for (;$c < max(strlen($pattern), strlen($text));++$c) {
if (!patternmatch(substr($pattern, $i + 1), substr($text, $c))) {
continue;
}
return TRUE;
}
return FALSE;
}
if ($pattern[$i] == "[") {
$letter_set = array();
$c = $i + 1;
for (;$c < strlen($pattern);++$c) {
if (!($pattern[$c] != "]")) {
break;
}
array_push(&$letter_set, $pattern[$c]);
}
foreach($letter_set as $letter) {
if (!patternmatch($letter . substr($pattern, $c + 1), substr($text, $i))) {
continue;
}
return TRUE;
}
return FALSE;
}
if ($pattern[$i] == "?" || !($pattern[$i] != $text[$i])) {
continue;
}
return FALSE;
}
return TRUE;
}
function getMemoryLimit() {
$v_memory_limit = ini_get("memory_limit");
$v_memory_limit = trim($v_memory_limit);
$last = strtolower(substr($v_memory_limit, -1));
if ($last == "g") {
$v_memory_limit*= 1073741824;
}
if ($last == "m") {
$v_memory_limit*= 1048576;
}
if ($last == "k") {
$v_memory_limit*= 1024;
}
return $v_memory_limit;
}
function getAvailableMemory() {
return getmemorylimit() - memory_get_usage();
}
function variable_to_html($variable) {
if ($variable === TRUE) {
return "true";
}
if ($variable === FALSE) {
return "false";
}
if ($variable === NULL) {
return "null";
}
if (is_array($variable)) {
$html = "<table border=\"1\" cellspacing=\"0\">\n";
$html.= "<tbody>\n";
foreach($variable as $key => $value) {
$value = variable_to_html($value);
$html.= "<tr><td>" . $key . "</td><td>{$value}</td></tr>\n";
}
$html.= "</tbody>\n";
$html.= "</table>";
return $html;
}
return strval($variable);
}
function trim_array($a) {
foreach($a as $k => $v) {
$a[$k] = trim($v);
}
return $a;
}
if (!function_exists("symlink") || !$config['symlink_is_disabled']) {
function symlink($target, $link) {
if (is_file($target)) {
exec("mklink \"" . $link . "\" \"" . $target . "\"", &$lines, &$val);
return 0 == $val;
}
return FALSE;
}
}
if (!function_exists("http_build_query")) {
function http_build_query($formdata) {
foreach($formdata as $k => $v) {
$res[] = $k . "=" . $v;
}
return implode("&", $res);
}
}
if (!function_exists("fputcsv")) {
function fputcsv($fh, $fields, $delimiter = ",", $enclosure = "\"", $mysql_null = FALSE) {
$delimiter_esc = preg_quote($delimiter, "/");
$enclosure_esc = preg_quote($enclosure, "/");
$output = array();
foreach($fields as $field) {
if ($field === NULL && $mysql_null) {
$output[] = "NULL";
} else {
$output[] = preg_match("/(?:" . $delimiter_esc . "|{$enclosure_esc}|\\s)/", $field) ? $enclosure . str_replace($enclosure, $enclosure . $enclosure, $field) . $enclosure : $field;
}
}
return fwrite($fh, join($delimiter, $output) . "\n");
}
}
?>
|
|
|
|
|
|
|
|
|
|
| Posted: Fri May 06, 2011 2:17 pm |
|
|
| beyazsapka |
| Regular user |
|
|
| Joined: May 06, 2011 |
| Posts: 5 |
|
|
|
|
|
|
|
Thank you,
What did you decode it with? There are 100 files to be decoded. Can you share? |
|
|
|
|
| Posted: Fri May 06, 2011 9:46 pm |
|
|
| beyazsapka |
| Regular user |
|
|
| Joined: May 06, 2011 |
| Posts: 5 |
|
|
|
|
|
|
|
<?php @Zend;
4123;
/*
what is the file number 4123? 4132 seems to be some of the files have been encoded. what does it do? |
|
|
|
|
| Posted: Sat May 07, 2011 4:35 pm |
|
|
| Cyko |
| Moderator |
 |
|
| Joined: Jul 21, 2009 |
| Posts: 375 |
|
|
|
|
|
|
|
| beyazsapka wrote: | <?php @Zend;
4123;
/*
what is the file number 4123? 4132 seems to be some of the files have been encoded. what does it do? |
That just part of the header added by the Zend encoder. |
|
|
|
|
| Posted: Sat May 07, 2011 5:15 pm |
|
|
| beyazsapka |
| Regular user |
|
|
| Joined: May 06, 2011 |
| Posts: 5 |
|
|
|
|
|
|
|
Thank you cyko, 4123 by the leading names of the function is only when dezend files. in the code does not function, can cause? have a different file, define new problems and properly decode its upper side is 4132. for example, I sent my file properly dialed jhon but I've tried with different 3 different dezender but did not get the proper result. Can you help? so kind as to upload files to decompress or decode process, could you do?
thanks
sorry, English is terrible |
|
|
|
|
|
|
|
|
| Posted: Wed May 11, 2011 2:08 pm |
|
|
| beyazsapka |
| Regular user |
|
|
| Joined: May 06, 2011 |
| Posts: 5 |
|
|
|
|
|
|
|
Do you have Suggestions are zend decode application?
I tried a few of the application file is encoded in the sample file from the top line of the properly @ Zend 4132 to define new problems and this program will decode, but the top line of my files when I try to decode the file and it does not define new problems @ Zend 4123. only the name of the method of recruiting. Can you help?
English is bad:)
thanks |
|
|
|
|
www.waraxe.us Forum Index -> PHP script decode requests
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
Discussions
Tools
Content
Info
Membership:
Latest: 
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 75
Members: 0
Total: 75
