newbtophp Posted November 5, 2009 Share Posted November 5, 2009 I have the following code, everything works fine, but i can't get the str_replace to work, I think its because $file doesnt contain unset, but once executed (after the eval), it then prints unset. So theirfore im unsure on where to place that line? $file = file_get_contents('code.php'); $file = str_replace('<?php', '', $file); $file = str_replace('<?', '', $file); $file = str_replace('?>', '', $file); $file = str_replace('unset', 'hello', $file); eval($file); Quote Link to comment https://forums.phpfreaks.com/topic/180467-solved-str_replace-eval/ Share on other sites More sharing options...
mikesta707 Posted November 5, 2009 Share Posted November 5, 2009 what does the file variable look like? Quote Link to comment https://forums.phpfreaks.com/topic/180467-solved-str_replace-eval/#findComment-952038 Share on other sites More sharing options...
newbtophp Posted November 5, 2009 Author Share Posted November 5, 2009 what does the file variable look like? $file = file_get_contents('code.php'); Quote Link to comment https://forums.phpfreaks.com/topic/180467-solved-str_replace-eval/#findComment-952039 Share on other sites More sharing options...
newbtophp Posted November 5, 2009 Author Share Posted November 5, 2009 content of code.php: <?php eval(base64_decode('ZWNobyAidW5zZXQiOw==')); ?> Quote Link to comment https://forums.phpfreaks.com/topic/180467-solved-str_replace-eval/#findComment-952055 Share on other sites More sharing options...
mikesta707 Posted November 5, 2009 Share Posted November 5, 2009 that is because this base64_decode('ZWNobyAidW5zZXQiOw==') which results in unset isn't executed when you call file_get_contents. the variable file looks like $file = "eval(base64_decode('ZWNobyAidW5zZXQiOw=='));"; Quote Link to comment https://forums.phpfreaks.com/topic/180467-solved-str_replace-eval/#findComment-952057 Share on other sites More sharing options...
newbtophp Posted November 5, 2009 Author Share Posted November 5, 2009 Yep, thats what i thought, but i cant modify code.php since its on a remote server (long story). So is their a work around, to some how bypass the eval?, and do the replace. Because code.php will remain the same. Quote Link to comment https://forums.phpfreaks.com/topic/180467-solved-str_replace-eval/#findComment-952060 Share on other sites More sharing options...
mikesta707 Posted November 5, 2009 Share Posted November 5, 2009 replace the base64_encoded version of unset with the base64_encoded version of hello. $file = file_get_contents('code.php'); $file = str_replace('<?php', '', $file); $file = str_replace('<?', '', $file); $file = str_replace('?>', '', $file); $file = str_replace(base64_encode('unset'), base64_encode('hello'), $file); Quote Link to comment https://forums.phpfreaks.com/topic/180467-solved-str_replace-eval/#findComment-952072 Share on other sites More sharing options...
newbtophp Posted November 5, 2009 Author Share Posted November 5, 2009 doesnt seem to work :-\ Quote Link to comment https://forums.phpfreaks.com/topic/180467-solved-str_replace-eval/#findComment-952075 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.