where do I begin

[ballhogjoni]

Where do I begin with changing this code back to normal before obfuscation?

This is just the first couple of lines of the script.

 

global $HTTP_GET_VARS,$HTTP_POST_VARS,$HTTP_COOKIE_VARS; 
$O1vv=""; 
if ((file_exists("hi.cfg")) && ($O1bh= @ fopen("hi.cfg","r"))) 
{ $O1vv=fread($O1bh,filesize("hi.cfg")); fclose($O1bh); } 
if (((! isset ($GLOBALS[ua])) || ($GLOBALS[ua] == "")) && (strpos($O1vv,"no_copy_global") === FALSE)) 
	{ 
	if (is_array($HTTP_GET_VARS)) 
		{ 
		while ( list ($O1d1,$l1d2)=each($HTTP_GET_VARS)) 
			{ $GLOBALS[$O1d1]=$l1d2; 
			} 
		}

[btherl]

Just rename the variables.  You might want to adjust the formatting a little too, depending on your preferences.  It doesn't look very obfuscated to me.

[ballhogjoni]

The problem with just reneaming the variables is, is that I dont have the original variable names.

[btherl]

You'll have to make them up then.  The original programmer also made up the variable names.

 

For example, $O1bh is a file pointer for reading from "hi.cfg".  $O1vv is a buffer for reading from $O1bh.  $O1d1 and $l1d2 look like a key and value from iterating over $HTTP_GET_VARS.

 

If you're not experienced with php you'll have a lot of trouble.. but you'll also learn a lot

[ballhogjoni]

lol thanks I know a little but i am not that experienced, probably 2-3 months