newbtophp

Im trying to create a form where I submit an encoded php file and then it gets decoded and the result is displayed. The encoded file contain an "_ENCRYPTOR_KEY_" and "_ENCRYPTED_CODE_", when the encoded file is submitted the file is analysed by decoder.php and it retrieves the key and then decodes the _ENCRYPTED_CODE_. The problem is I'm unsure what I have done wrong, the form is correct, the encoded file is correct, I guess theirs something wrong with the decoder.php I keep recieving errors and the decoded result wont display. index.php: <form method="post" action="decoder.php" enctype="multipart/form-data"> <input type="file" name="decode" value="Upload" /> <input type="submit" value="decode" /> <br /> decoder.php: <?php if (isset($_FILES['decode'])) { $file = file_get_contents($_FILES['decode']['tmp_name']); class rc4crypt { function endecrypt( $pwd, $data, $case = "encrypt" ) { if ( $case == "decrypt" ) { $data = urldecode( $data ); } $key[] = ""; $box[] = ""; $temp_swap = ""; $pwd_length = 0; $pwd_length = strlen( $pwd ); $i = 0; for ( ; $i <= 255; ++$i ) { $key[$i] = ord( substr( $pwd, $i % $pwd_length, 1 ) ); $box[$i] = $i; } $x = 0; $i = 0; for ( ; $i <= 255; ++$i ) { $x = ( $x + $box[$i] + $key[$i] ) % 256; $temp_swap = $box[$i]; $box[$i] = $box[$x]; $box[$x] = $temp_swap; } $temp = ""; $k = ""; $cipherby = ""; $cipher = ""; $a = 0; $j = 0; $i = 0; for ( ; $i < strlen( $data ); ++$i ) { $a = ( $a + 1 ) % 256; $j = ( $j + $box[$a] ) % 256; $temp = $box[$a]; $box[$a] = $box[$j]; $box[$j] = $temp; $k = $box[( $box[$a] + $box[$j] ) % 256]; $cipherby = ord( substr( $data, $i, 1 ) ) ^ $k; $cipher .= chr( $cipherby ); } if ( $case == "decrypt" ) { $cipher = urldecode( urlencode( $cipher ) ); } else { $cipher = urlencode( $cipher ); } return $cipher; } function decrypt( $key, $data ) { return $this->endecrypt( $key, base64_decode( $data ), "decrypt" ); } function encrypt( $key, $data ) { return base64_encode( $this->endecrypt( $key, $data, "encrypt" ) ); } } if ( defined( "_ENCRYPTOR_KEY_" ) && defined( "_ENCRYPTED_CODE_" ) ) { if ( strlen( _ENCRYPTOR_KEY_ ) == "32" ) { $Var_0->rc4crypt( ); $rc4 = $Var_0; eval( $rc4->decrypt( _ENCRYPTOR_KEY_.strrev( _ENCRYPTOR_KEY_ ), _ENCRYPTED_CODE_ ) ); } else { echo "Invalid key entered!"; } } else { echo "Decoding error!"; } ?> example encoded: <?php define("_ENCRYPTED_CODE_", "JTJDJTA2JTEyJTk2JUY2JTk1SyUzQSU3RnhHJTNDcUklQTglQzYlMTglQUQlN0UlOUUlMkMlODglMjZFJUU5JUJGJUFBJTFEJUYwJUJBWSUzQiVEQWglOEUlMUQlRDAlMEIlQTAlM0MlM0ElQUIlQjIlMTYlQUIlMDMlRjZmJUJGRSVCNyU4OXBLJUIyWCU4MiUxQyVENzE="); define("_ENCRYPTOR_KEY_", "cfcd208495d565ef66e7dff9f98764da"); define("_DECODER_PATH_", "decoder.php"); //You can change this path to point to the decoder file in another location, this is only needed if you want to run the decoder manually. if(file_exists(_DECODER_PATH_)){include_once(_DECODER_PATH_);} else{echo"Decoder file does not exist";} // Relative or absolute path to the decoder file ?>

Thanks solved. Thanks PHPFreaks!

A wp footer, i want to see whats within it. Theirs usually malicous code in most free wp skins. As you can see since the designer has encoded the base64 7 times, its becoming hard to decode. I might use this technique in my footer when it comes my own scripts.

Edit: Another bug, the encoded base64 is functioning/running (like a normal php script) instead of displaying the php source code. (so i can copy)

Yes thanks, that works. Whereas I tried another type of base64 string and it returned errors: Warning: fopen() [function.fopen]: Filename cannot be empty in /home/dechost/public_html/baser.php(49) : eval()'d code on line 10 Warning: fseek(): supplied argument is not a valid stream resource in /home/dechost/public_html/baser.php(49) : eval()'d code on line 11 Warning: fread(): supplied argument is not a valid stream resource in /home/dechost/public_html/baser.php(49) : eval()'d code on line 12 Warning: fclose(): supplied argument is not a valid stream resource in /home/dechost/public_html/baser.php(49) : eval()'d code on line 15 Warning: Cannot modify header information - headers already sent by (output started at /home/dechost/public_html/baser.php(49) : eval()'d code:10) in /home/dechost/public_html/baser.php(49) : eval()'d code on line 5 This is the string type im trying to decode: eval(base64_decode(strrev('$string'))) Its encoded 7 times using base64.

No I must have explained it wrong, what I mean, is the script I just posted renames eval to echo and displays the result. Except if the encoded script is nested, so base64 is encoded on top of another base64; then the result will display the first base64 layer and show the second layer as the result, I have to keep copying the output back in to the encoded_file.php until it displays the real php source. So is their a way which will automatically loop it, so it decodes all the base64 no matter how many times its encoded/layered/nested.? If you still dont understand, try encoding an encoded base64 string and submitting it to encoded_file.php, and running the above decode script, you'll see that it just displays the result as the first encoded base64 string. It dont loop/run until all source is displayed. nested = encoded numerous times using same encoding

Copying and pasting the echo result from and too encoded_file.php is driving me insane.

sorry, can you give me example to solve this please?.

Any help please?, someone suggested recursive function which runs the loop?, which i dont understand.

OK I've found a way to decode, I have to place the encoded base64 in encoded_file.php and run the below script, which then provides the source code. Except if the code is encoded numerous times, I have to place the eval...base64 in encoded_file.php, run the below script and then copy the new eval...base64 back an fourth in to encoded_file.php until the source code is displayed. Is their a way to auto run this so I just place the encoded in encoded_file.php and the results will display in the below script, without me having to keep on copying and pasting. <?php // Open and read the content of the encoded file into a variable $file = file_get_contents('encoded_file.php'); // Strip php tags $file = str_replace('<?php', "", $file); $file = str_replace('<?', "", $file); // Make sure to get rid of short tags.... $file = str_replace('?>', "", $file); // Strip new lines $file = str_replace("\n", "", $file); // Add semi colon to get around a parsing issue. $file = $file.';'; // Change the Eval function $file = str_replace('eval', 'echo ', $file); // Function to eval the new string function deval() { global $file; ob_start(); eval($file); $contents = ob_get_contents(); ob_end_clean(); return($contents); } // Run the code thru once $file = deval(); // Counter $cnt = 1; // Loop it till it's decoded while(preg_match('/^\?><\?php eval/', $file)) { $file = str_replace('?><?php eval', 'echo', $file); $file = str_replace('?><?', "", $file); $file = deval(); ++$cnt; } //clean up some tags $file = str_replace('?><?php', "", $file); $file = str_replace('?><?', "", $file); echo $cnt,' iterations<br/><br/>'; echo '<pre>'; echo $file; echo '</pre>'; ?>

<?php define('CRACK_ROOT',dirname(__FILE__ ? __FILE__ : getenv('SCRIPT_FILENAME'))); define('LOCKED_ROOT',CRACK_ROOT.'/www/'); define('CRACK_FILE',CRACK_ROOT.'/select.php'); require_once CRACK_ROOT.'/header.php'; /* Decryption function */ function www_dec_int($www_decint_code,$www_calc_key) { if ($www_calc_key == "") { // } else { $www_calc_key=base64_encode($www_calc_key); $www_k1=substr($www_calc_key, 0, 1); $www_k2 =substr($www_calc_key, 1, 1); $www_k3=substr($www_calc_key, 2, 1); $www_decint_code=str_replace("$", "$www_k1", $www_decint_code); $www_decint_code=str_replace("(", "$www_k2", $www_decint_code); $www_decint_code=str_replace(")", "$www_k3", $www_decint_code); } $www_decint_code=base64_decode($www_decint_code); return $www_decint_code; } if ($action=='decode') if ($locked_file_size>=1024*1024) { echo "files more than 1MB!"; exit; } else { $SessionKeyRoot=LOCKED_ROOT.$_SESSION['Session_key']; if (!file_exists($SessionKeyRoot)) mkdir($SessionKeyRoot,0777); } $www_name=strtolower($locked_file_name); $www_copy=copy($locked_file,$SessionKeyRoot.'/'.$www_name.'.dat'); if (!$www_copy) { echo $www_name."File upload failed!"; exit; } unlink($locked_file); /* Decrypt */ $fp = fopen($SessionKeyRoot.'/'.$www_name.'.dat', "rb"); $Skip1 = fgets($fp, 10000); $Skip2 = fgets($fp, 100000); $Skip3 = fgets($fp, 100000); $www_key_data = fread($fp, 5000000); fclose($fp); /* For decompression */ if ($_SESSION['zlib']) $www_key_data=gzinflate(base64_decode($www_key_data)); header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); header('Last-Modified:' . gmdate('D, d MYH: i: s') . ' GMT '); header('Cache-Control: private'); header('Pragma: no-cache'); header('Content-Encoding: none'); header('Content-Type: application/x-php'); echo www_dec_int($www_key_data,$_SESSION['key']); { exit; } if (!$_SESSION['next']) { exit('Access Denied'); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" /> <title></title> <script language="JavaScript" type="text/javascript"> function CheckForm(form) { var locked_file=form.locked_file.value; if (locked_file=="") { alert ("Please select a file!"); return false; } } </script> </head> <body> <div> <pre> Have successfully obtain signature. </pre> </div> <form name="Decoder" method="post" enctype="multipart/form-data" action="<?=$_SERVER["PHP_SELF"]?>" onSubmit="return CheckForm(this);"> Please upload </div> <input Type="file" name="locked_file" /> <input type="hidden" name="action" value="decode" /> <br /> <input type="submit" name="Submit" value="Decode"/> </form> </body> </html> Thanks

I've already tried that, that only works on normal eval(base64_decode, whereas these are slightly different.

How would i encode and decode base64 strings: eval(base64_decode(strtr(strrev('$code'))); & eval(base64_decode(strrev('$code'))); & eval(base64_decode(strtr('$code'))); Thanks

$www_copy=copy($locked_file,$SessionKeyRoot.'/'.$www_name.'.dat'); //Line 37

Anyone please ???

Cheers all for the awesome help. I've got another error (i so need to learn how to debug errors). Warning: copy() [function.copy]: Filename cannot be empty in /home/gamer/public_html/run.php on line 37 File upload failed! $SessionKeyRoot=LOCKED_ROOT.$_SESSION['Session_key']; if (!file_exists($SessionKeyRoot)) mkdir($SessionKeyRoot,0777); } $www_name=strtolower($locked_file_name); $www_copy=copy($locked_file,$SessionKeyRoot.'/'.$www_name.'.dat'); //Line 37 if (!$www_copy) { echo $www_name."File upload failed!"; exit; } unlink($locked_file); $fp = fopen($SessionKeyRoot.'/'.$www_name.'.dat', "rb"); $Skip1 = fgets($fp, 10000); $Skip2 = fgets($fp, 100000); $Skip3 = fgets($fp, 100000); $www_key_data = fread($fp, 5000000); fclose($fp);

Thanks alot MadTechie, ShadeSlayer, KingPhilip!!!. I've replaced apropriately, all ( with { and ) with }. Yet another error: Parse error: syntax error, unexpected ';' in /home/gamer/public_html/index.php on line 29 Heres the code: if (!file_exists($SessionKeyRoot)) { (mkdir($SessionKeyRoot, 0777); //Line 29 }

Thanks again, but ooopsie another error: Parse error: syntax error, unexpected '/' in /home/gamer/public_html/index.php on line 11 if ($action == 'www_php') ( / * Empty the SESSION * / $_SESSION['Key'] = ''; //Line 11 $_SESSION['Next'] = false; $_SESSION['Zlib'] = false; $_SESSION['Session_key'] = ''; if ($www_php_size >= 1024 * 1024)

Hmmm.. thanks for that, now i get another error: Parse error: syntax error, unexpected T_STRING, expecting T_VARIABLE or '$' in /home/gamer/public_html/index.php on line 10 if ($ action == 'www_php') //Line 10 ( / * Empty the SESSION * / $ _SESSION['Key'] = ''; $ _SESSION['Next'] = false; $ _SESSION['Zlib'] = false; $ _SESSION['Session_key'] = ''; if ($ www_php_size > = 1024 * 1024)

Im getting this error when accessing index.php: Parse error: syntax error, unexpected T_STRING in /home/gamer/public_html/index.php on line 4 This is the snippet which gives the error: <?php php define('CRACK_ROOT', dirname(__FILE__ ? __FILE__: getenv('SCRIPT_FILENAME'))); //Line 4 define('LOCKED_ROOT', CRACK_ROOT . ' / www / '); define('CRACK_FILE', CRACK_ROOT . ' / crack.php'); require_once CRACK_ROOT . ' / header.php'; if($ action == 'www_php') (/* Empty the SESSION */ $ _SESSION['Key']= ''; Can anyone please help?

Yay, fixed, found a way to do this. Thanks

Heres an update: chmod 777 folder: files, input the download urls in the $urls array and the files will be stored in /files. However the trouble is it aint storing the file/rar, its downloading the html of the download page, bypassing the awaiting limit is the issue. :-\ <?php $urls=array( 'http://hotfile.com/dl/6270357/13cd015/phpdblesson01introduction.rar.html'); $save_to='/home/dechost/public_html/files/'; $mh = curl_multi_init(); foreach ($urls as $i => $url) { $g=$save_to.basename($url); if(!is_file($g)){ $conn[$i]=curl_init($url); $fp[$i]=fopen ($g, "w"); curl_setopt ($conn[$i], CURLOPT_FILE, $fp[$i]); curl_setopt ($conn[$i], CURLOPT_HEADER ,0); curl_setopt($conn[$i],CURLOPT_CONNECTTIMEOUT,60); curl_multi_add_handle ($mh,$conn[$i]); } } do { $n=curl_multi_exec($mh,$active); } while ($active); foreach ($urls as $i => $url) { curl_multi_remove_handle($mh,$conn[$i]); curl_close($conn[$i]); fclose ($fp[$i]); } curl_multi_close($mh); ?>

I have many files hosted at www.hotfile.com. I want to have a form on my site where I input the hotfile.com download links, and then once submit is clicked the files from www.hotfile.com are uploaded to my site. PS: The reason I want to do is, I dont want the download links to be dead, and I can't be downloading the files to my computer since, I have a slow connection, uploading the files to my site will make sure thiers never a dead link. Hotfile download links look like this: http://hotfile.com/dl/6270357/13cd015/phpdblesson01introduction.rar.html If I break the hotfile.com download url down; This always stays the same: http://hotfile.com/dl/ This always changes: /6270357/13cd015/ This is the filename (always changes): /phpdblesson01introduction. This is the file format (download links can only be .rar.html or .zip.html): .rar.html Im guessing this would be done by cURL and the FTP format: [ftp=ftp://user:pass@ftp.mysite.com]ftp://user:pass@ftp.mysite.com[/ftp] Can anyone give me some help, so I can work in to the code. Thanks alot.

Hmm.. The textarea is fixed, heres my code: But it dont function. The purpose of it is a decoder for Javascript Unescape. ( Loop - hp_d01(unescape ) Example encoded: <SCRIPT LANGUAGE="JavaScript"><!-- hp_d01(unescape(">kdpcog%22lcog?%25Xqjcpg,UQ%25%22qpa?%25jvvr8--xqjcpg,uq-go`gf-ctk,rjr=wpn?"));document.write("<?php echo "$htmlurl"; ?>");hp_d01(unescape("%25%22jgkejv?702%22ukfvj?572%22ocpekljgkejv?%252%25%22ocpeklukfvj?%252%25%22dpcog`mpfgp?%252%25%22qapmnnkle?%25lm%25%3C>-kdpcog%3C>aglvgp%3C>`p%3C>`p-%3C>fkt%22qv{ng? `caiepmwlf/amnmp8%22!222222 %3C>c%22jpgd? fmulnmcf0,rjr=wpn?"));document.write("<?php echo "$htmlurl"; ?>");hp_d01(unescape(" %3C>r%22cnkel? aglvgp %22%3C>`%3C>dmlv%22amnmp? !DDDDDD %22qkxg? 6 %22dcag? Cpkcn%22@ncai %3CAnkai%22Jgpg%22vm%22fmulnmcf%22vjkq%22tkfgm>-dmlv%3C>-`%3C>-r%3C>-c%3C>-fkt%3C>-aglvgp%3C>@P%3C>-vf%3C>-vp%3C>vp%3C>vf%3C>-vf%3C>-vp%3C>-vc`ng%3C>-vf%3C>vf%3C"));//--></SCRIPT><?php include("ads/right_ad_160x600.php"); ?><SCRIPT LANGUAGE="JavaScript"><!-- code-input - Encoded = > code-output- Decoded <html> <head> <script> function hp_d01(s){ var o="",ar=new Array(),os="",ic=0; s=unescape(s); for(i=0;i<s.length;i++) { c=s.charCodeAt(i); if(c<128)c=c^2; os+=String.fromCharCode(c); if(os.length>80){ ar[ic++]=os; os=""; } } document.getElementById("code-output").\\ appendChild(document.createTextNode(ar.join("")+os)); } </script> </head> <body> <p>Input:</p> <textarea id="code-input" type="text" cols="80" rows="10"></textarea> <BR> <BR> <input type="submit" value="Decode" onClick="hp_d01(document.getElementById(''code-output'').value);"> <p>Output:</p> <textarea id="code-output" type="text" cols="80" rows="10"></textarea> </body> </html>[code]

well... Its still aint solved it.