newbtophp Posted November 5, 2009 Share Posted November 5, 2009 I have the following code, everything works fine, but i can't get the str_replace to work, I think its because $file doesnt contain unset, but once executed (after the eval), it then prints unset. So theirfore im unsure on where to place that line? $file = file_get_contents('code.php'); $file = str_replace('<?php', '', $file); $file = str_replace('<?', '', $file); $file = str_replace('?>', '', $file); $file = str_replace('unset', 'hello', $file); eval($file); Link to comment https://forums.phpfreaks.com/topic/180467-solved-str_replace-eval/ Share on other sites More sharing options...
mikesta707 Posted November 5, 2009 Share Posted November 5, 2009 what does the file variable look like? Link to comment https://forums.phpfreaks.com/topic/180467-solved-str_replace-eval/#findComment-952038 Share on other sites More sharing options...
newbtophp Posted November 5, 2009 Author Share Posted November 5, 2009 what does the file variable look like? $file = file_get_contents('code.php'); Link to comment https://forums.phpfreaks.com/topic/180467-solved-str_replace-eval/#findComment-952039 Share on other sites More sharing options...
newbtophp Posted November 5, 2009 Author Share Posted November 5, 2009 content of code.php: <?php eval(base64_decode('ZWNobyAidW5zZXQiOw==')); ?> Link to comment https://forums.phpfreaks.com/topic/180467-solved-str_replace-eval/#findComment-952055 Share on other sites More sharing options...
mikesta707 Posted November 5, 2009 Share Posted November 5, 2009 that is because this base64_decode('ZWNobyAidW5zZXQiOw==') which results in unset isn't executed when you call file_get_contents. the variable file looks like $file = "eval(base64_decode('ZWNobyAidW5zZXQiOw=='));"; Link to comment https://forums.phpfreaks.com/topic/180467-solved-str_replace-eval/#findComment-952057 Share on other sites More sharing options...
newbtophp Posted November 5, 2009 Author Share Posted November 5, 2009 Yep, thats what i thought, but i cant modify code.php since its on a remote server (long story). So is their a work around, to some how bypass the eval?, and do the replace. Because code.php will remain the same. Link to comment https://forums.phpfreaks.com/topic/180467-solved-str_replace-eval/#findComment-952060 Share on other sites More sharing options...
mikesta707 Posted November 5, 2009 Share Posted November 5, 2009 replace the base64_encoded version of unset with the base64_encoded version of hello. $file = file_get_contents('code.php'); $file = str_replace('<?php', '', $file); $file = str_replace('<?', '', $file); $file = str_replace('?>', '', $file); $file = str_replace(base64_encode('unset'), base64_encode('hello'), $file); Link to comment https://forums.phpfreaks.com/topic/180467-solved-str_replace-eval/#findComment-952072 Share on other sites More sharing options...
newbtophp Posted November 5, 2009 Author Share Posted November 5, 2009 doesnt seem to work :-\ Link to comment https://forums.phpfreaks.com/topic/180467-solved-str_replace-eval/#findComment-952075 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.