newbtophp Posted July 2, 2009 Share Posted July 2, 2009 Im trying to create a form where I submit an encoded php file and then it gets decoded and the result is displayed. The encoded file contain an "_ENCRYPTOR_KEY_" and "_ENCRYPTED_CODE_", when the encoded file is submitted the file is analysed by decoder.php and it retrieves the key and then decodes the _ENCRYPTED_CODE_. The problem is I'm unsure what I have done wrong, the form is correct, the encoded file is correct, I guess theirs something wrong with the decoder.php I keep recieving errors and the decoded result wont display. index.php: <form method="post" action="decoder.php" enctype="multipart/form-data"> <input type="file" name="decode" value="Upload" /> <input type="submit" value="decode" /> <br /> decoder.php: <?php if (isset($_FILES['decode'])) { $file = file_get_contents($_FILES['decode']['tmp_name']); class rc4crypt { function endecrypt( $pwd, $data, $case = "encrypt" ) { if ( $case == "decrypt" ) { $data = urldecode( $data ); } $key[] = ""; $box[] = ""; $temp_swap = ""; $pwd_length = 0; $pwd_length = strlen( $pwd ); $i = 0; for ( ; $i <= 255; ++$i ) { $key[$i] = ord( substr( $pwd, $i % $pwd_length, 1 ) ); $box[$i] = $i; } $x = 0; $i = 0; for ( ; $i <= 255; ++$i ) { $x = ( $x + $box[$i] + $key[$i] ) % 256; $temp_swap = $box[$i]; $box[$i] = $box[$x]; $box[$x] = $temp_swap; } $temp = ""; $k = ""; $cipherby = ""; $cipher = ""; $a = 0; $j = 0; $i = 0; for ( ; $i < strlen( $data ); ++$i ) { $a = ( $a + 1 ) % 256; $j = ( $j + $box[$a] ) % 256; $temp = $box[$a]; $box[$a] = $box[$j]; $box[$j] = $temp; $k = $box[( $box[$a] + $box[$j] ) % 256]; $cipherby = ord( substr( $data, $i, 1 ) ) ^ $k; $cipher .= chr( $cipherby ); } if ( $case == "decrypt" ) { $cipher = urldecode( urlencode( $cipher ) ); } else { $cipher = urlencode( $cipher ); } return $cipher; } function decrypt( $key, $data ) { return $this->endecrypt( $key, base64_decode( $data ), "decrypt" ); } function encrypt( $key, $data ) { return base64_encode( $this->endecrypt( $key, $data, "encrypt" ) ); } } if ( defined( "_ENCRYPTOR_KEY_" ) && defined( "_ENCRYPTED_CODE_" ) ) { if ( strlen( _ENCRYPTOR_KEY_ ) == "32" ) { $Var_0->rc4crypt( ); $rc4 = $Var_0; eval( $rc4->decrypt( _ENCRYPTOR_KEY_.strrev( _ENCRYPTOR_KEY_ ), _ENCRYPTED_CODE_ ) ); } else { echo "Invalid key entered!"; } } else { echo "Decoding error!"; } ?> example encoded: <?php define("_ENCRYPTED_CODE_", "JTJDJTA2JTEyJTk2JUY2JTk1SyUzQSU3RnhHJTNDcUklQTglQzYlMTglQUQlN0UlOUUlMkMlODglMjZFJUU5JUJGJUFBJTFEJUYwJUJBWSUzQiVEQWglOEUlMUQlRDAlMEIlQTAlM0MlM0ElQUIlQjIlMTYlQUIlMDMlRjZmJUJGRSVCNyU4OXBLJUIyWCU4MiUxQyVENzE="); define("_ENCRYPTOR_KEY_", "cfcd208495d565ef66e7dff9f98764da"); define("_DECODER_PATH_", "decoder.php"); //You can change this path to point to the decoder file in another location, this is only needed if you want to run the decoder manually. if(file_exists(_DECODER_PATH_)){include_once(_DECODER_PATH_);} else{echo"Decoder file does not exist";} // Relative or absolute path to the decoder file ?> Quote Link to comment Share on other sites More sharing options...
newbtophp Posted July 3, 2009 Author Share Posted July 3, 2009 Anyone who can help please? Cheers Quote Link to comment Share on other sites More sharing options...
flyhoney Posted July 3, 2009 Share Posted July 3, 2009 I keep recieving errors What errors? Also, don't stick your class declaration inside of an if statement. That's just silly. It's best to break the class declaration off into it's own file and include it. Quote Link to comment Share on other sites More sharing options...
newbtophp Posted July 3, 2009 Author Share Posted July 3, 2009 I keep recieving errors What errors? Also, don't stick your class declaration inside of an if statement. That's just silly. It's best to break the class declaration off into it's own file and include it. Parse error: syntax error, unexpected $end in /home/rc4host/public_html/decoder.php on line 93 Quote Link to comment Share on other sites More sharing options...
flyhoney Posted July 3, 2009 Share Posted July 3, 2009 Yup, decoder.php does not have valid syntax. You have an if statement that you open, but never close. Also, your code doesn't really make sense. You use file_get_contents to get the contents of the file that is uploaded, but then you act as if that file was included. Quote Link to comment Share on other sites More sharing options...
newbtophp Posted July 3, 2009 Author Share Posted July 3, 2009 Yup, decoder.php does not have valid syntax. You have an if statement that you open, but never close. Also, your code doesn't really make sense. You use file_get_contents to get the contents of the file that is uploaded, but then you act as if that file was included. Can you post a solution so it acts as if the file is uploaded? Thanks Quote Link to comment Share on other sites More sharing options...
newbtophp Posted July 3, 2009 Author Share Posted July 3, 2009 Any progress? I've tried modifiying the decoder.php further but it just leads to more syntax errors, it because im still learning. So I left it as it is to avoid further errors. So I really hope someone can help me?. I learn from you Quote Link to comment Share on other sites More sharing options...
newbtophp Posted July 4, 2009 Author Share Posted July 4, 2009 OK, I've managed to fix the errors and clean up the code: Everything functions, but after I submit I dont see the decoded text, just says "Decoding error!" index.php: <form method="post" action="decoder.php" enctype="multipart/form-data"> <input type="file" name="data" value="Upload" /> <input type="submit" value="data" /> <br /> decoder.php: <?php include 'class.php'; if (isset($_FILES['data'])) { $file = file_get_contents($_FILES['data']['tmp_name']); function decrypt( $key, $data ) { return $this->endecrypt( $key, base64_decode( $data ), "decrypt" ); } function encrypt( $key, $data ) { return base64_encode( $this->endecrypt( $key, $data, "encrypt" ) ); } if ( defined( "_ENCRYPTOR_KEY_" ) && defined( "_ENCRYPTED_CODE_" ) ) { if ( strlen( _ENCRYPTOR_KEY_ ) == "32" ) { $Var_0->rc4crypt( ); $rc4 = $Var_0; eval( $rc4->decrypt( _ENCRYPTOR_KEY_.strrev( _ENCRYPTOR_KEY_ ), _ENCRYPTED_CODE_ ) ); } else { echo "Invalid key entered!"; } } else { echo "Decoding error!"; } } ?> class.php: <?php class rc4crypt { function endecrypt ($pwd, $data, $case) { if ($case == 'decrypt') { $data = urldecode($data); } $key[] = ""; $box[] = ""; $temp_swap = ""; $pwd_length = 0; $pwd_length = strlen($pwd); for ($i = 0; $i <= 255; $i++) { $key[$i] = ord(substr($pwd, ($i % $pwd_length), 1)); $box[$i] = $i; } $x = 0; for ($i = 0; $i <= 255; $i++) { $x = ($x + $box[$i] + $key[$i]) % 256; $temp_swap = $box[$i]; $box[$i] = $box[$x]; $box[$x] = $temp_swap; } $temp = ""; $k = ""; $cipherby = ""; $cipher = ""; $a = 0; $j = 0; for ($i = 0; $i < strlen($data); $i++) { $a = ($a + 1) % 256; $j = ($j + $box[$a]) % 256; $temp = $box[$a]; $box[$a] = $box[$j]; $box[$j] = $temp; $k = $box[(($box[$a] + $box[$j]) % 256)]; $cipherby = ord(substr($data, $i, 1)) ^ $k; $cipher .= chr($cipherby); } if ($case == 'decrypt') { $cipher = urldecode(urlencode($cipher)); } else { $cipher = urlencode($cipher); } return $cipher; } } ?> encoded example: <?php define("_ENCRYPTED_CODE_", "eG1mJUIwJUYyJTkyTC5nel8lM0MlMkElMDYlRjglOUYlMDklQjYlM0IlRDcwJUNEJTNEWiVCNyVGNCVBOSU1RCVCNSVBMkslMjclRDglM0ElREFjJUFFJTI2JUQz"); define("_ENCRYPTOR_KEY_", "cfcd208495d565ef66e7dff9f98764da"); define("_DECODER_PATH_", "decoder.php"); //You can change this path to point to the decoder file in another location. if(file_exists(_DECODER_PATH_)){include_once(_DECODER_PATH_);} else{echo"Decoder file does not exist";} // Relative or absolute path to the decoder file ?> Quote Link to comment Share on other sites More sharing options...
newbtophp Posted July 4, 2009 Author Share Posted July 4, 2009 Anyone can help?. The form submits and it dont show the decoded file, it shows "Decoding error!". Quote Link to comment Share on other sites More sharing options...
MadTechie Posted July 5, 2009 Share Posted July 5, 2009 Okay the _ENCRYPTED_CODE_ is invalid, it has 2 quotes at the end, so I added a little hack (line 43), this should be removed, also _ENCRYPTED_CODE_ should be the contents of the file, i'll leave that to you <form method="post" action="decoder.php" enctype="multipart/form-data"> <input type="file" name="data" value="Upload" /> <input type="submit" value="data" /> <br /> <?php define("_ENCRYPTED_CODE_", "eG1mJUIwJUYyJTkyTC5nel8lM0MlMkElMDYlRjglOUYlMDklQjYlM0IlRDcwJUNEJTNEWiVCNyVGNCVBOSU1RCVCNSVBMkslMjclRDglM0ElREFjJUFFJTI2JUQz"); define("_ENCRYPTOR_KEY_", "cfcd208495d565ef66e7dff9f98764da"); define("_DECODER_PATH_", "decoder.php"); //You can change this path to point to the decoder file in another location. if(file_exists(_DECODER_PATH_)){include_once(_DECODER_PATH_);} else{echo"Decoder file does not exist";} // Relative or absolute path to the decoder file if (isset($_FILES['data'])) { $file = file_get_contents($_FILES['data']['tmp_name']); /* $file should really be _ENCRYPTED_CODE_ but as thats defined above, i used that, but the above code is wrong! */ function decrypt( $key, $data ) { return $this->endecrypt( $key, base64_decode( $data ), "decrypt" ); } function encrypt( $key, $data ) { return base64_encode( $this->endecrypt( $key, $data, "encrypt" ) ); } if ( defined( "_ENCRYPTOR_KEY_" ) && defined( "_ENCRYPTED_CODE_" ) ) { if ( strlen( _ENCRYPTOR_KEY_ ) == "32" ) { $rc4 = new rc4crypt( ); $code = $rc4->decrypt( _ENCRYPTOR_KEY_ .strrev( _ENCRYPTOR_KEY_ ), _ENCRYPTED_CODE_ ); //as the _ENCRYPTED_CODE_ is invalid code i fixed it with the following code, this should be really br removed $code = substr( $rc4->decrypt( _ENCRYPTOR_KEY_ .strrev( _ENCRYPTOR_KEY_ ), _ENCRYPTED_CODE_ ),0,-7).'";'; eval( $code ); echo $souvik; } else { echo "Invalid key entered!"; } }else{ echo "Decoding error!"; } } class rc4crypt { function decrypt( $key, $data ) { return $this->endecrypt( $key, base64_decode( $data ), "decrypt" ); } function encrypt( $key, $data ) { return base64_encode( $this->endecrypt( $key, $data, "encrypt" ) ); } function endecrypt ($pwd, $data, $case) { if ($case == 'decrypt') { $data = urldecode($data); } $key[] = ""; $box[] = ""; $temp_swap = ""; $pwd_length = 0; $pwd_length = strlen($pwd); for ($i = 0; $i <= 255; $i++) { $key[$i] = ord(substr($pwd, ($i % $pwd_length), 1)); $box[$i] = $i; } $x = 0; for ($i = 0; $i <= 255; $i++) { $x = ($x + $box[$i] + $key[$i]) % 256; $temp_swap = $box[$i]; $box[$i] = $box[$x]; $box[$x] = $temp_swap; } $temp = ""; $k = ""; $cipherby = ""; $cipher = ""; $a = 0; $j = 0; for ($i = 0; $i < strlen($data); $i++) { $a = ($a + 1) % 256; $j = ($j + $box[$a]) % 256; $temp = $box[$a]; $box[$a] = $box[$j]; $box[$j] = $temp; $k = $box[(($box[$a] + $box[$j]) % 256)]; $cipherby = ord(substr($data, $i, 1)) ^ $k; $cipher .= chr($cipherby); } if ($case == 'decrypt') { $cipher = urldecode(urlencode($cipher)); } else { $cipher = urlencode($cipher); } return $cipher; } } ?> Quote Link to comment Share on other sites More sharing options...
newbtophp Posted July 5, 2009 Author Share Posted July 5, 2009 Thanks alot I uploaded the encoded example and it decodes fine, whereas I uploaded another encoded file and it wouldnt decode. I also got an error message: Parse error: syntax error, unexpected $end in /home/rc4host/public_html/decoder.php(46) : eval()'d code on line 1[code] Quote Link to comment Share on other sites More sharing options...
MadTechie Posted July 5, 2009 Share Posted July 5, 2009 the file your trying to decrypt isn't a valid encrypted PHP file, to view the file change eval( $code ); to echo htmlspecialchars( $code ); also remove echo $souvik; its not needed and your need the PHP isn't valid Quote Link to comment Share on other sites More sharing options...
newbtophp Posted July 5, 2009 Author Share Posted July 5, 2009 Solved. Thanks Quote Link to comment Share on other sites More sharing options...
MadTechie Posted July 5, 2009 Share Posted July 5, 2009 also _ENCRYPTED_CODE_ should be the contents of the file, i'll leave that to you Quote Link to comment Share on other sites More sharing options...
newbtophp Posted July 5, 2009 Author Share Posted July 5, 2009 also _ENCRYPTED_CODE_ should be the contents of the file, i'll leave that to you Cheers, its all functional now, thanks too you!. I recomend you!. :s Is their a way the result can be shown in a text area? and is their a way on upload the file _ENCRYPTED_CODE_ is automatically placed within the decoder .php _ENCRYPTED_CODE_ variable. So I wouldnt need to edit the file manually. Thanks again. Quote Link to comment Share on other sites More sharing options...
MadTechie Posted July 5, 2009 Share Posted July 5, 2009 By "Displaying the results" do you mean the decrypted code ? or the results from the code ? as for using the uploaded file directly try this <form method="post" action="decoder.php" enctype="multipart/form-data"> <input type="file" name="data" value="Upload" /> <input type="submit" value="data" /> <br /> <?php define("_ENCRYPTOR_KEY_", "cfcd208495d565ef66e7dff9f98764da"); define("_DECODER_PATH_", "decoder.php"); //You can change this path to point to the decoder file in another location. if(file_exists(_DECODER_PATH_)){include_once(_DECODER_PATH_);} else{echo"Decoder file does not exist";} // Relative or absolute path to the decoder file if (isset($_FILES['data'])) { $file = file_get_contents($_FILES['data']['tmp_name']); define("_ENCRYPTED_CODE_", $file); function decrypt( $key, $data ) { return $this->endecrypt( $key, base64_decode( $data ), "decrypt" ); } function encrypt( $key, $data ) { return base64_encode( $this->endecrypt( $key, $data, "encrypt" ) ); } if ( defined( "_ENCRYPTOR_KEY_" ) && defined( "_ENCRYPTED_CODE_" ) ) { if ( strlen( _ENCRYPTOR_KEY_ ) == "32" ) { $rc4 = new rc4crypt( ); $code = $rc4->decrypt( _ENCRYPTOR_KEY_ .strrev( _ENCRYPTOR_KEY_ ), _ENCRYPTED_CODE_ ); //as the _ENCRYPTED_CODE_ is invalid code i fixed it with the following code, this should be really br removed $code = substr( $rc4->decrypt( _ENCRYPTOR_KEY_ .strrev( _ENCRYPTOR_KEY_ ), _ENCRYPTED_CODE_ ),0,-7).'";'; eval( $code ); echo $souvik; } else { echo "Invalid key entered!"; } }else{ echo "Decoding error!"; } } class rc4crypt { function decrypt( $key, $data ) { return $this->endecrypt( $key, base64_decode( $data ), "decrypt" ); } function encrypt( $key, $data ) { return base64_encode( $this->endecrypt( $key, $data, "encrypt" ) ); } function endecrypt ($pwd, $data, $case) { if ($case == 'decrypt') { $data = urldecode($data); } $key[] = ""; $box[] = ""; $temp_swap = ""; $pwd_length = 0; $pwd_length = strlen($pwd); for ($i = 0; $i <= 255; $i++) { $key[$i] = ord(substr($pwd, ($i % $pwd_length), 1)); $box[$i] = $i; } $x = 0; for ($i = 0; $i <= 255; $i++) { $x = ($x + $box[$i] + $key[$i]) % 256; $temp_swap = $box[$i]; $box[$i] = $box[$x]; $box[$x] = $temp_swap; } $temp = ""; $k = ""; $cipherby = ""; $cipher = ""; $a = 0; $j = 0; for ($i = 0; $i < strlen($data); $i++) { $a = ($a + 1) % 256; $j = ($j + $box[$a]) % 256; $temp = $box[$a]; $box[$a] = $box[$j]; $box[$j] = $temp; $k = $box[(($box[$a] + $box[$j]) % 256)]; $cipherby = ord(substr($data, $i, 1)) ^ $k; $cipher .= chr($cipherby); } if ($case == 'decrypt') { $cipher = urldecode(urlencode($cipher)); } else { $cipher = urlencode($cipher); } return $cipher; } } ?> Quote Link to comment Share on other sites More sharing options...
newbtophp Posted July 5, 2009 Author Share Posted July 5, 2009 By "Displaying the results" do you mean the decrypted code ? or the results from the code ? I get an error after upload: Parse error: syntax error, unexpected '}' in /home/rc4host/public_html/decoder.php(44) : eval()'d code on line 1 For the results i mean the decrypted code. Quote Link to comment Share on other sites More sharing options...
newbtophp Posted July 8, 2009 Author Share Posted July 8, 2009 MadTechie, can you help me please? Quote Link to comment Share on other sites More sharing options...
MadTechie Posted July 8, 2009 Share Posted July 8, 2009 change eval( $code ); echo $souvik; to htmlentities( $code ); this will "display" the code not execute it Quote Link to comment Share on other sites More sharing options...
newbtophp Posted July 8, 2009 Author Share Posted July 8, 2009 Once I upload a file it says loading on the browser (like its refreshing) but then stops and doesnt show the result. The file is a valid php encoded file. Quote Link to comment Share on other sites More sharing options...
MadTechie Posted July 8, 2009 Share Posted July 8, 2009 turn on error reporting, its probably timed out Quote Link to comment Share on other sites More sharing options...
newbtophp Posted July 9, 2009 Author Share Posted July 9, 2009 Error reporting is enabled in my php.ini. The problem still occurs. Quote Link to comment Share on other sites More sharing options...
MadTechie Posted July 10, 2009 Share Posted July 10, 2009 add error_reporting(E_ALL); to the start Quote Link to comment Share on other sites More sharing options...
newbtophp Posted July 10, 2009 Author Share Posted July 10, 2009 add error_reporting(E_ALL); to the start Added it to the start of the decoder.php file, also tried placing it in php.ini. Neither work, the upload still stops after submit. Quote Link to comment Share on other sites More sharing options...
MadTechie Posted July 10, 2009 Share Posted July 10, 2009 Can you post the latest code Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.