|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 148
Members: 0
Total: 148
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
please decode those ioncube files |
|
Posted: Wed Nov 07, 2012 3:36 pm |
|
|
murat6373 |
Beginner |
|
|
Joined: Nov 07, 2012 |
Posts: 2 |
|
|
|
|
|
|
|
|
|
|
|
Posted: Wed Nov 07, 2012 9:56 pm |
|
|
murat6373 |
Beginner |
|
|
Joined: Nov 07, 2012 |
Posts: 2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Thu Nov 08, 2012 11:38 am |
|
|
demon |
Moderator |
|
|
Joined: Sep 22, 2010 |
Posts: 485 |
|
|
|
|
|
|
|
there are some obfuscated variables and functions...
cmtspoiler.php
Code: | <?php
require_once("config/system_cfg.php");
require_once("constants.php");
require_once("misc.php");
require_once("cmts.php");
require_once("dhcp.php");
if (!isset($_SERVER['argv'][0]) || isset($_SERVER['REQUEST_METHOD']) || isset($_SERVER['REMOTE_ADDR'])) {
exit("Not allowed to run from a browser!");
}
if (!_obfuscate_DVs0LEAHMzk4EDkVBiUMLTQ_CzIBNQEя("/tmp")) {
exit("Cannot start cmtspoller.php. Already running?\n");
}
$dblink = _obfuscate_DRMsDxMuIj9bLTYoCz80ChNcNBQkLAEя();
_obfuscate_DQE3Dj0UFSkNChcRKRUkGDEJNigbKREя();
$query = "SELECT ip, community\r\n\t FROM rm_cmts\r\n ";
if (!($res = _obfuscate_DQcQFAw4BzQcLi8vGzYFQDMILSkfFzIя($query))) {
exit(_obfuscate_DREYMVs3DhQmHFsD0ArMAUCPhk_EDIя($dblink));
}
while ($row = _obfuscate_DSQZCSoBOwQjMisRNC0IDiouCA8xFSIя($res)) {
$cmtsip = $row[0];
$community = $row[1];
if (0 < _obfuscate_DT8kECYqXD0fFA4NDx4bPAQRKwwpHCIя($cmtsip)) {
$cmlist = _obfuscate_DScWBgINGisQHDciHhc9CzwHBhYeMTIя($cmtsip, $community, cm_reg);
if ($cmlist) {
$matchlist = _obfuscate_DT8QHyYbISo2NAw_LwgfGkA0NwUoJTIя($cmlist[0]);
_obfuscate_DRIuHA8aASgWAxEPKhEvOS9AKjEMHAEя($matchlist, $cmtsip);
_obfuscate_DTkoNwwYDhI1HSIIGw8qHCU0Mh8mATIя($cmtsip, $community, $cmlist);
}
}
}
$query = "SELECT *\r\n \t FROM rm_onlinecm1\r\n \t ";
if (!($res = _obfuscate_DQcQFAw4BzQcLi8vGzYFQDMILSkfFzIя($query))) {
exit(_obfuscate_DREYMVs3DhQmHFsD0ArMAUCPhk_EDIя($dblink));
}
$numrows = _obfuscate_DRYBBR0fGxJbGg4JOzY0MzUNETkGAyIя($res);
_obfuscate_DRoTATAYCgQQBCcqBj8ILAYyJggbEAEя($dblink);
print "Total number of online CMs: {$numrows}\n";
$pids = array();
$numproc = $numrows / cmperthread;
$i = 0;
while ($i < $numproc) {
$pids[$i] = _obfuscate_DS4lMDs_Kw8mN1wWMws8EgIwBgoVLDIя();
if (!$pids[$i]) {
$dblink = _obfuscate_DRMsDxMuIj9bLTYoCz80ChNcNBQkLAEя(true);
_obfuscate_DQ0vXBcdDgsCDzczJCwpJxMVCxY_BiIя($i);
exit();
}
++$i;
}
$i = 0;
while ($i < $numproc) {
_obfuscate_DS4BFRwIHwwPyU0Wy8hBTI5LFwaDSIя($pids[$i], $status, WUNTRACED);
++$i;
}
_obfuscate_DTEfMQgMPgQZN1wiBTgxGRMBHCMOMiIя();
?>
|
rmscheduler.php
Code: | <?php
require_once("config/system_cfg.php");
require_once("misc.php");
require_once("constants.php");
require_once("dhcp.php");
require_once("cmutex.php");
if (!isset($_SERVER['argv'][0]) || isset($_SERVER['REQUEST_METHOD']) || isset($_SERVER['REMOTE_ADDR'])) {
exit("Not allowed to run from a browser!");
}
_obfuscate_DTkiLQoaEQI3PSs5EBVcQAIIWyMiJxEя();
_obfuscate_DSo8HA4PIyc2MgIGISUeJTdbJREaNSIя();
_obfuscate_DSslHjkGNRsnLRkUNgEKJikfPxs4PiIя();
_obfuscate_DVtAMxhcOz0eMAQYPScyKyYeNRsfMxEя();
if (_obfuscate_DScQIzkXAh4IEicZBjQWATAwCjMIIQEя(mod_docsis)) {
_obfuscate_DTwIKjklBiE7AQgxBx4YCycsCyETQBEя();
}
_obfuscate_DRkjLTUJPRoHDysoAwYCFDEDDQMcJQEя();
_obfuscate_DQUMFR07CwgrGUAQDwo2KxEsKR0PJTIя(keep_syslog);
_obfuscate_DQpbHhcDE0AQEjIRHAQHQBsNJCg1HzIя(keep_connlog);
_obfuscate_DSQuDDItMig2Ew4OXBIEQ8NIz0lGiIя();
_obfuscate_DSQoLg4vORcpPCwsIQIHGQw5GzMDHyIя();
_obfuscate_DR0lPx4yF0ADWzYzPwUoETYzIjY5GTIя();
_obfuscate_DRgPGBUaHgMGMRIaKgcPKQMXQBAAzIя();
_obfuscate_DTtcFiE1DCkPNRspKC4HMhEuPCgWGxEя();
_obfuscate_DSY2PDMWOTAHAQwqNj8QOyYNARs9FxEя();
if ($GLOBALS['_emailrenew']) {
_obfuscate_DTEQAgZbEVwbCD0hJTYXKDgPRojPjIя();
}
return 0;
?>
|
|
|
_________________ Go BIG or go HOME ! |
|
|
|
|
www.waraxe.us Forum Index -> PHP script decode requests
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|