Home > Article > Backend Development > How to crack PHP eval encryption_PHP tutorial
How to crack PHP eval encryption_PHP tutorial
- WBOYOriginal
- 2016-07-15 13:34:294321browse
Today we will take a deeper look at the in-depth concepts of the PHP language.
Special note: This PHP eval encryption and decryption program seems to have to be used on PHP5.
I tested eval(gzinflate(base64_decode("codes") on PHP4) )) can never be decrypted normally
The following is the code for PHP eval encryption cracking:
- < ?php
- /*
- Taken from http://www.php.net/manual/
de/function.eval.php#59862 - Directions:
- 1. Save this snippet as decrypt.php
- 2. Save encoded PHP code in coded.txt
- 3. Create a blank file called decoded.txt
(from shell do CHMOD 0666 decoded.txt) - 4. Execute this script (visit decrypt.php in
a web browser or do php decrypt.php in the shell) - 5. Open decoded.txt, the PHP should be decrypted
if not post the code on http://www.ariadoss.
com/forums/web-development/lamp - gzinflate执行PHP eval加密代码的解密方法翻译为中文后的文字
(此段汉字原始文件里面可没.嘿) - 1. 把这整段脚本保存为decrypt.php
- 2. 把需要解密的代码保存为coded.txt并且和decrypt.php在同一目录.
- 3. 创建一个空白文件命名为 decoded.txt (必须把 decoded.
txt 的权限设置为CHMOD 0666,也就是可以写入的.当然,你可以
不创建文件文件.只要文件夹有写入权限,脚本便会自动创建一个
名为decoded.txt的文档. ) - 4. 运行PHP eval加密解密脚本 (浏览器中运行decrypt.php 即访问 http:
//您的域名/存放目录/decrypt.php) - 5. 打开 decoded.txt, 代码应该已经解密完成,如果出现错误请
把代码发送到 http://www.ariadoss.com/forums/web-
development/lamp - */
- echo "nDECODE nested eval(gzinflate()) by DEBO
Jurgen <mailto:jurgen@person.benn"; - echo "1. Reading coded.txtn";
- $fp1 = fopen ("coded.txt", "r");
- $contents = fread ($fp1, filesize ("coded.txt"));
- fclose($fp1);
- echo "2. Decodingn";
- while (preg_match("/eval(gzinflate/",$contents)) {
- $contents=preg_replace("/<?|?>/", "", $contents);
eval(preg_replace("/eval/", "$contents=",
$contents)); } echo "3. Writing decoded.txtn";
$fp2 = fopen("decoded.txt","w"); fwrite($fp2,
trim($contents)); fclose($fp2); - ?>
Let’s briefly talk about how to use gzinflate,eval(gzinflate(base64_decode("codes")));decoding-eval-gzinflate-base64_decode.
Save the above program file decrypt.php, of course the file name can be Set it yourself.
Create a coded.txt in the same directory as this file. This contains the code encrypted by PHP eval, which is the codes in eval(gzinflate(base64_decode("codes"))) ;
To be clear, it is the original encryption text executed in eval(gzinflate(base64_decode("codes"))) to be decrypted. Execute the saved file decrypt.php, which will generate a txt file of decoded.txt, open this document. Inside is the original code of PHP eval encryption.