Jump to content

Recommended Posts

Im trying to create a form where I submit an encoded php file and then it gets decoded and the result is displayed.

 

The encoded file contain an "_ENCRYPTOR_KEY_" and "_ENCRYPTED_CODE_", when the encoded file is submitted the file is analysed by decoder.php and it retrieves the key and then decodes the _ENCRYPTED_CODE_.

 

The problem is I'm unsure what I have done wrong, the form is correct, the encoded file is correct, I guess theirs something wrong with the decoder.php I keep recieving errors and the decoded result wont display.

 

 

index.php:

 

<form method="post" action="decoder.php" enctype="multipart/form-data">
<input type="file" name="decode" value="Upload" /> 
<input type="submit" value="decode" />
<br />

 

 

decoder.php:

 

<?php

if (isset($_FILES['decode'])) {
    $file = file_get_contents($_FILES['decode']['tmp_name']);

class rc4crypt
{

    function endecrypt( $pwd, $data, $case = "encrypt" )
    {
        if ( $case == "decrypt" )
        {
            $data = urldecode( $data );
        }
        $key[] = "";
        $box[] = "";
        $temp_swap = "";
        $pwd_length = 0;
        $pwd_length = strlen( $pwd );
        $i = 0;
        for ( ; $i <= 255; ++$i )
        {
            $key[$i] = ord( substr( $pwd, $i % $pwd_length, 1 ) );
            $box[$i] = $i;
        }
        $x = 0;
        $i = 0;
        for ( ; $i <= 255; ++$i )
        {
            $x = ( $x + $box[$i] + $key[$i] ) % 256;
            $temp_swap = $box[$i];
            $box[$i] = $box[$x];
            $box[$x] = $temp_swap;
        }
        $temp = "";
        $k = "";
        $cipherby = "";
        $cipher = "";
        $a = 0;
        $j = 0;
        $i = 0;
        for ( ; $i < strlen( $data ); ++$i )
        {
            $a = ( $a + 1 ) % 256;
            $j = ( $j + $box[$a] ) % 256;
            $temp = $box[$a];
            $box[$a] = $box[$j];
            $box[$j] = $temp;
            $k = $box[( $box[$a] + $box[$j] ) % 256];
            $cipherby = ord( substr( $data, $i, 1 ) ) ^ $k;
            $cipher .= chr( $cipherby );
        }
        if ( $case == "decrypt" )
        {
            $cipher = urldecode( urlencode( $cipher ) );
        }
        else
        {
            $cipher = urlencode( $cipher );
        }
        return $cipher;
    }

    function decrypt( $key, $data )
    {
        return $this->endecrypt( $key, base64_decode( $data ), "decrypt" );
    }

    function encrypt( $key, $data )
    {
        return base64_encode( $this->endecrypt( $key, $data, "encrypt" ) );
    }

}

if ( defined( "_ENCRYPTOR_KEY_" ) && defined( "_ENCRYPTED_CODE_" ) )
{
    if ( strlen( _ENCRYPTOR_KEY_ ) == "32" )
    {
        $Var_0->rc4crypt( );
        $rc4 = $Var_0;
        eval( $rc4->decrypt( _ENCRYPTOR_KEY_.strrev( _ENCRYPTOR_KEY_ ), _ENCRYPTED_CODE_ ) );
    }
    else
    {
        echo "Invalid key entered!";
    }
}
else
{
    echo "Decoding error!";
}
?>

 

 

example encoded:

 

<?php

define("_ENCRYPTED_CODE_", "JTJDJTA2JTEyJTk2JUY2JTk1SyUzQSU3RnhHJTNDcUklQTglQzYlMTglQUQlN0UlOUUlMkMlODglMjZFJUU5JUJGJUFBJTFEJUYwJUJBWSUzQiVEQWglOEUlMUQlRDAlMEIlQTAlM0MlM0ElQUIlQjIlMTYlQUIlMDMlRjZmJUJGRSVCNyU4OXBLJUIyWCU4MiUxQyVENzE=");
define("_ENCRYPTOR_KEY_", "cfcd208495d565ef66e7dff9f98764da");
define("_DECODER_PATH_", "decoder.php"); //You can change this path to point to the decoder file in another location, this is only needed if you want to run the decoder manually.

if(file_exists(_DECODER_PATH_)){include_once(_DECODER_PATH_);}
else{echo"Decoder file does not exist";} // Relative or absolute path to the decoder file 



?>

 

Link to comment
https://forums.phpfreaks.com/topic/164590-solved-result-wont-show/
Share on other sites

I keep recieving errors

 

What errors?  Also, don't stick your class declaration inside of an if statement.  That's just silly.  It's best to break the class declaration off into it's own file and include it.

 

Parse error: syntax error, unexpected $end in /home/rc4host/public_html/decoder.php on line 93

Yup, decoder.php does not have valid syntax.  You have an if statement that you open, but never close.  Also, your code doesn't really make sense.  You use file_get_contents to get the contents of the file that is uploaded, but then you act as if that file was included. 

 

Yup, decoder.php does not have valid syntax.  You have an if statement that you open, but never close.  Also, your code doesn't really make sense.  You use file_get_contents to get the contents of the file that is uploaded, but then you act as if that file was included.

 

Can you post a solution so it acts as if the file is uploaded?

 

Thanks

OK, I've managed to fix the errors and clean up the code:

 

Everything functions, but after I submit I dont see the decoded text, just says "Decoding error!"

 

index.php:

 

<form method="post" action="decoder.php" enctype="multipart/form-data">
<input type="file" name="data" value="Upload" /> 
<input type="submit" value="data" />
<br />

 

decoder.php:

 

<?php

include 'class.php';

if (isset($_FILES['data'])) {
    $file = file_get_contents($_FILES['data']['tmp_name']);

    function decrypt( $key, $data )
    {
        return $this->endecrypt( $key, base64_decode( $data ), "decrypt" );
    }

    function encrypt( $key, $data )
    {
        return base64_encode( $this->endecrypt( $key, $data, "encrypt" ) );
    }

if ( defined( "_ENCRYPTOR_KEY_" ) && defined( "_ENCRYPTED_CODE_" ) )
{
    if ( strlen( _ENCRYPTOR_KEY_ ) == "32" )
    {
        $Var_0->rc4crypt( );
        $rc4 = $Var_0;
        eval( $rc4->decrypt( _ENCRYPTOR_KEY_.strrev( _ENCRYPTOR_KEY_ ), _ENCRYPTED_CODE_ ) );
    }
    else
    {
        echo "Invalid key entered!";
    }
}
else
{
    echo "Decoding error!";
}

}

?>

 

class.php:

 

<?php

class rc4crypt {

    function endecrypt ($pwd, $data, $case) {

        if ($case == 'decrypt') {

            $data = urldecode($data);

        }

        $key[] = "";
        $box[] = "";
        $temp_swap = "";
        $pwd_length = 0;

        $pwd_length = strlen($pwd);

        for ($i = 0; $i <= 255; $i++) {

            $key[$i] = ord(substr($pwd, ($i % $pwd_length), 1));
            $box[$i] = $i;

        }

        $x = 0;

        for ($i = 0; $i <= 255; $i++) {

            $x = ($x + $box[$i] + $key[$i]) % 256;
            $temp_swap = $box[$i];

            $box[$i] = $box[$x];
            $box[$x] = $temp_swap;

        }

        $temp = "";
        $k = "";

        $cipherby = "";
        $cipher = "";

        $a = 0;
        $j = 0;

        for ($i = 0; $i < strlen($data); $i++) {

            $a = ($a + 1) % 256;
            $j = ($j + $box[$a]) % 256;

            $temp = $box[$a];
            $box[$a] = $box[$j];

            $box[$j] = $temp;

            $k = $box[(($box[$a] + $box[$j]) % 256)];
            $cipherby = ord(substr($data, $i, 1)) ^ $k;

            $cipher .= chr($cipherby);

        }

        if ($case == 'decrypt') {

            $cipher = urldecode(urlencode($cipher));

        } else {

            $cipher = urlencode($cipher);

        }

        return $cipher;

    }

}
?>

 

 

encoded example:

 

<?php

define("_ENCRYPTED_CODE_", "eG1mJUIwJUYyJTkyTC5nel8lM0MlMkElMDYlRjglOUYlMDklQjYlM0IlRDcwJUNEJTNEWiVCNyVGNCVBOSU1RCVCNSVBMkslMjclRDglM0ElREFjJUFFJTI2JUQz");
define("_ENCRYPTOR_KEY_", "cfcd208495d565ef66e7dff9f98764da");
define("_DECODER_PATH_", "decoder.php"); //You can change this path to point to the decoder file in another location.

if(file_exists(_DECODER_PATH_)){include_once(_DECODER_PATH_);}
else{echo"Decoder file does not exist";} // Relative or absolute path to the decoder file 



?>

 

Okay the _ENCRYPTED_CODE_ is invalid, it has 2 quotes at the end, so I added a little hack (line 43), this should be removed, also _ENCRYPTED_CODE_ should be the contents of the file, i'll leave that to you

 

<form method="post" action="decoder.php" enctype="multipart/form-data">
<input type="file" name="data" value="Upload" /> 
<input type="submit" value="data" />
<br />
<?php

define("_ENCRYPTED_CODE_", "eG1mJUIwJUYyJTkyTC5nel8lM0MlMkElMDYlRjglOUYlMDklQjYlM0IlRDcwJUNEJTNEWiVCNyVGNCVBOSU1RCVCNSVBMkslMjclRDglM0ElREFjJUFFJTI2JUQz");
define("_ENCRYPTOR_KEY_", "cfcd208495d565ef66e7dff9f98764da");
define("_DECODER_PATH_", "decoder.php"); //You can change this path to point to the decoder file in another location.

if(file_exists(_DECODER_PATH_)){include_once(_DECODER_PATH_);}
else{echo"Decoder file does not exist";} // Relative or absolute path to the decoder file 




if (isset($_FILES['data'])) {
    $file = file_get_contents($_FILES['data']['tmp_name']);
    /*
    $file should really be _ENCRYPTED_CODE_ but as thats defined above, i used that, but the above code is wrong!
    */
    

    function decrypt( $key, $data )
    {
        return $this->endecrypt( $key, base64_decode( $data ), "decrypt" );
    }

    function encrypt( $key, $data )
    {
        return base64_encode( $this->endecrypt( $key, $data, "encrypt" ) );
    }
    
    if ( defined( "_ENCRYPTOR_KEY_" ) && defined( "_ENCRYPTED_CODE_" ) )
	{
    if ( strlen( _ENCRYPTOR_KEY_ ) == "32" )
    {
        $rc4 = new rc4crypt( );
        
        $code = $rc4->decrypt( _ENCRYPTOR_KEY_ .strrev( _ENCRYPTOR_KEY_ ), _ENCRYPTED_CODE_ );
        
        //as the _ENCRYPTED_CODE_  is invalid code i fixed it with the following code, this should be really br removed
        $code = substr( $rc4->decrypt( _ENCRYPTOR_KEY_ .strrev( _ENCRYPTOR_KEY_ ), _ENCRYPTED_CODE_ ),0,-7).'";';
        
        
        eval( $code );
        echo $souvik;
    }
    else
    {
        echo "Invalid key entered!";
    }
}else{
    	echo "Decoding error!";
}
}


class rc4crypt {

function decrypt( $key, $data )
    {
        return $this->endecrypt( $key, base64_decode( $data ), "decrypt" );
    }

    function encrypt( $key, $data )
    {
        return base64_encode( $this->endecrypt( $key, $data, "encrypt" ) );
    }

    
    function endecrypt ($pwd, $data, $case) {

        if ($case == 'decrypt') {

            $data = urldecode($data);

        }

        $key[] = "";
        $box[] = "";
        $temp_swap = "";
        $pwd_length = 0;

        $pwd_length = strlen($pwd);

        for ($i = 0; $i <= 255; $i++) {

            $key[$i] = ord(substr($pwd, ($i % $pwd_length), 1));
            $box[$i] = $i;

        }

        $x = 0;

        for ($i = 0; $i <= 255; $i++) {

            $x = ($x + $box[$i] + $key[$i]) % 256;
            $temp_swap = $box[$i];

            $box[$i] = $box[$x];
            $box[$x] = $temp_swap;

        }

        $temp = "";
        $k = "";

        $cipherby = "";
        $cipher = "";

        $a = 0;
        $j = 0;

        for ($i = 0; $i < strlen($data); $i++) {

            $a = ($a + 1) % 256;
            $j = ($j + $box[$a]) % 256;

            $temp = $box[$a];
            $box[$a] = $box[$j];

            $box[$j] = $temp;

            $k = $box[(($box[$a] + $box[$j]) % 256)];
            $cipherby = ord(substr($data, $i, 1)) ^ $k;

            $cipher .= chr($cipherby);

        }

        if ($case == 'decrypt') {

            $cipher = urldecode(urlencode($cipher));

        } else {

            $cipher = urlencode($cipher);

        }

        return $cipher;

    }
}
?>

Thanks alot  :)

 

I uploaded the encoded example and it decodes fine, whereas I uploaded another encoded file and it wouldnt decode.

 

I also got an error message:

 

Parse error: syntax error, unexpected $end in /home/rc4host/public_html/decoder.php(46) : eval()'d code on line 1[code]

the file your trying to decrypt isn't a valid encrypted PHP file, to view the file

change

           eval( $code );

to

           echo htmlspecialchars( $code );

 

also remove

  echo $souvik;

its not needed

 

and your need the PHP isn't valid

also _ENCRYPTED_CODE_ should be the contents of the file, i'll leave that to you

 

Cheers, its all functional now, thanks too you!. I recomend you!. :s

 

Is their a way the result can be shown in a text area? and is their a way on upload the file _ENCRYPTED_CODE_ is automatically placed within the decoder .php _ENCRYPTED_CODE_ variable. So I wouldnt need to edit the file manually.

 

Thanks again.

By "Displaying the results" do you mean the decrypted code ? or the results from the code ?

 

as for using the uploaded file directly try this

 

<form method="post" action="decoder.php" enctype="multipart/form-data">
<input type="file" name="data" value="Upload" /> 
<input type="submit" value="data" />
<br />
<?php

define("_ENCRYPTOR_KEY_", "cfcd208495d565ef66e7dff9f98764da");
define("_DECODER_PATH_", "decoder.php"); //You can change this path to point to the decoder file in another location.

if(file_exists(_DECODER_PATH_)){include_once(_DECODER_PATH_);}
else{echo"Decoder file does not exist";} // Relative or absolute path to the decoder file 




if (isset($_FILES['data'])) {
    $file = file_get_contents($_FILES['data']['tmp_name']);
   define("_ENCRYPTED_CODE_", $file);

    

    function decrypt( $key, $data )
    {
        return $this->endecrypt( $key, base64_decode( $data ), "decrypt" );
    }

    function encrypt( $key, $data )
    {
        return base64_encode( $this->endecrypt( $key, $data, "encrypt" ) );
    }
    
    if ( defined( "_ENCRYPTOR_KEY_" ) && defined( "_ENCRYPTED_CODE_" ) )
      {
       if ( strlen( _ENCRYPTOR_KEY_ ) == "32" )
       {
           $rc4 = new rc4crypt( );
           
           $code = $rc4->decrypt( _ENCRYPTOR_KEY_ .strrev( _ENCRYPTOR_KEY_ ), _ENCRYPTED_CODE_ );
           
           //as the _ENCRYPTED_CODE_  is invalid code i fixed it with the following code, this should be really br removed
           $code = substr( $rc4->decrypt( _ENCRYPTOR_KEY_ .strrev( _ENCRYPTOR_KEY_ ), _ENCRYPTED_CODE_ ),0,-7).'";';
           
           
           eval( $code );
           echo $souvik;
       }
       else
       {
           echo "Invalid key entered!";
       }
   }else{
       echo "Decoding error!";
   }
}


class rc4crypt {

   function decrypt( $key, $data )
    {
        return $this->endecrypt( $key, base64_decode( $data ), "decrypt" );
    }

    function encrypt( $key, $data )
    {
        return base64_encode( $this->endecrypt( $key, $data, "encrypt" ) );
    }

    
    function endecrypt ($pwd, $data, $case) {

        if ($case == 'decrypt') {

            $data = urldecode($data);

        }

        $key[] = "";
        $box[] = "";
        $temp_swap = "";
        $pwd_length = 0;

        $pwd_length = strlen($pwd);

        for ($i = 0; $i <= 255; $i++) {

            $key[$i] = ord(substr($pwd, ($i % $pwd_length), 1));
            $box[$i] = $i;

        }

        $x = 0;

        for ($i = 0; $i <= 255; $i++) {

            $x = ($x + $box[$i] + $key[$i]) % 256;
            $temp_swap = $box[$i];

            $box[$i] = $box[$x];
            $box[$x] = $temp_swap;

        }

        $temp = "";
        $k = "";

        $cipherby = "";
        $cipher = "";

        $a = 0;
        $j = 0;

        for ($i = 0; $i < strlen($data); $i++) {

            $a = ($a + 1) % 256;
            $j = ($j + $box[$a]) % 256;

            $temp = $box[$a];
            $box[$a] = $box[$j];

            $box[$j] = $temp;

            $k = $box[(($box[$a] + $box[$j]) % 256)];
            $cipherby = ord(substr($data, $i, 1)) ^ $k;

            $cipher .= chr($cipherby);

        }

        if ($case == 'decrypt') {

            $cipher = urldecode(urlencode($cipher));

        } else {

            $cipher = urlencode($cipher);

        }

        return $cipher;

    }
}
?>

By "Displaying the results" do you mean the decrypted code ? or the results from the code ?

 

 

I get an error after upload:

 

Parse error: syntax error, unexpected '}' in /home/rc4host/public_html/decoder.php(44) : eval()'d code on line 1

 

For the results i mean the decrypted code.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.