Jump to content

Recommended Posts

I have some encoded code and if I change eval to $some, then add

$some= ereg_replace('eval', 'echo', $some);
eval ($some); 

before ?>, I get the decoded.

 

Im trying to build a little script which would do this, using $_POST, but it dont echo the decoded it just echos whats been inserted.

 

Heres the code which I've come up with:

 

<form action="index2.php" method='post'>

<textarea name='so' rows="8" cols="20"></textarea><br>


<input type='submit' name='submit' value='Submit'/><br>
</form>

<?php
$so = $_POST['so'];
$so = str_replace('?>', "", $so);
$so = str_replace('eval($_G', '$some($_G', $so);
$submit= $_POST['submit'];
if($so == "") echo "";
else {
    if($submit == "Submit") {
echo $so;
$some= ereg_replace('eval', 'echo', $some);
eval ($some);
echo "?>\n";
    }
}
?>

 

All help is greatly apreciated.

 

Thank You.

Link to comment
https://forums.phpfreaks.com/topic/171235-solved-_post-and-run/
Share on other sites

Fixed a typo:

 

<form action="index2.php" method='post'>

<textarea name='so' rows="8" cols="20"></textarea><br>


<input type='submit' name='submit' value='Submit'/><br>
</form>

<?php
$so = $_POST['so'];
$so = str_replace('?>', "", $so);
$so = str_replace('eval($_G', '$some($_G', $so);
$submit= $_POST['submit'];
if($so == "") echo "";
else {
    if($submit == "Submit") {
echo $so;
$some= ereg_replace('eval', 'echo', $some);
eval ($some);
echo "?>\n";
    }
}
?>

 

Still looking for help though  :-\

Link to comment
https://forums.phpfreaks.com/topic/171235-solved-_post-and-run/#findComment-903005
Share on other sites

Ummm.... There's a lot wrong bud. Sorry.

 

Missing a '

$so = str_replace(?>', "", $so);

 

Why are you using eval - that should be a last resort thing:

$so = str_replace('eval($_G', '$some($_G', $so);

 

Deprecated (ereg):

$some= ereg_replace('eval', 'echo', $some);

Link to comment
https://forums.phpfreaks.com/topic/171235-solved-_post-and-run/#findComment-903018
Share on other sites

Ummm.... There's a lot wrong bud. Sorry.

 

Missing a '

$so = str_replace(?>', "", $so);

 

Fixed (in my second post)

 

Why are you using eval - that should be a last resort thing:

$so = str_replace('eval($_G', '$some($_G', $so);

 

Not sure what you mean, I replaced eval with $some (see my first post)

 

Deprecated (ereg):

$some= ereg_replace('eval', 'echo', $some);

Link to comment
https://forums.phpfreaks.com/topic/171235-solved-_post-and-run/#findComment-903020
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.