i found this function to decode the script bt it isnt working 
it always show Failed. No base64_decode anymore.\n :o any help ??
Code:
<?php
/*
* PHP LockIt! unlocker
* by Daniel Rozsnyo [ daniel@rozsnyo.com ]
*
* "a proof that security throught obscurity doesn't work"
*
*/
if( false == ($input=file_get_contents( 'gal.php' )))
echo "Could not read file.";
if (ereg( "[$]([^=]+)=[_][_]FILE[_][_][;]". "[$]([^=]+)=[_][_]LINE[_][_][;]". "[$]([^=]+)[=]([0-9]+)[;]". "eval.*(base64_decode.['][^']*['].)", $input, $x))
{
// first pass
$ifilename = $x[1];
$ilinenum = $x[2];
$ioffset = $x[3];
$offset = $x[4];
$decoder = $x[5];
// get the decoder
$decoder = eval("return $decoder;");
// decipher the decoder
ereg("[$]([^=]+)[=].*[$]([^=]+)=.base64",$decoder,$x);
$ihandle = $x[1];
$iout = $x[2];
$decoder = str_replace($iout ,'output' ,$decoder);
$decoder = str_replace($ihandle ,'handle' ,$decoder);
$decoder = str_replace($ilinenum ,'line' ,$decoder);
$decoder = str_replace($ifilename,'filename',$decoder);
// the decoder is our slave!
$decoder = str_replace('eval($output);','return $output;',$decoder);
$decoder = '$line=2;'.$decoder;
// sandbox
$next = eval($decoder);
// remove expiration time
$next = ereg_replace("^if[^;]+;",'',$next);
// some more deciphering
ereg('^[$]([^=]+)=',$next,$x);
$next = str_replace($ihandle, 'handle', $next);
$next = str_replace($ifilename,'filename',$next);
$next = str_replace($x[1] , 'output', $next);
$next = str_replace($ioffset, 'offset', $next);
// the decoder is our slave, again!
$next = str_replace('eval($output)','return $output',$next);
// final pass
$code = eval($next);
// finish
echo '<','?php',$code,'?','>',"\n";
} else die("Failed. No base64_decode anymore.\n");
?>
Originally posted by Anshul
View Post
i found this function to decode the script bt it isnt working
Code:
<?php
/*
* PHP LockIt! unlocker
* by Daniel Rozsnyo [ daniel@rozsnyo.com ]
*
* "a proof that security throught obscurity doesn't work"
*
*/
if( false == ($input=file_get_contents( 'gal.php' )))
echo "Could not read file.";
if (ereg( "[$]([^=]+)=[_][_]FILE[_][_][;]". "[$]([^=]+)=[_][_]LINE[_][_][;]". "[$]([^=]+)[=]([0-9]+)[;]". "eval.*(base64_decode.['][^']*['].)", $input, $x))
{
// first pass
$ifilename = $x[1];
$ilinenum = $x[2];
$ioffset = $x[3];
$offset = $x[4];
$decoder = $x[5];
// get the decoder
$decoder = eval("return $decoder;");
// decipher the decoder
ereg("[$]([^=]+)[=].*[$]([^=]+)=.base64",$decoder,$x);
$ihandle = $x[1];
$iout = $x[2];
$decoder = str_replace($iout ,'output' ,$decoder);
$decoder = str_replace($ihandle ,'handle' ,$decoder);
$decoder = str_replace($ilinenum ,'line' ,$decoder);
$decoder = str_replace($ifilename,'filename',$decoder);
// the decoder is our slave!
$decoder = str_replace('eval($output);','return $output;',$decoder);
$decoder = '$line=2;'.$decoder;
// sandbox
$next = eval($decoder);
// remove expiration time
$next = ereg_replace("^if[^;]+;",'',$next);
// some more deciphering
ereg('^[$]([^=]+)=',$next,$x);
$next = str_replace($ihandle, 'handle', $next);
$next = str_replace($ifilename,'filename',$next);
$next = str_replace($x[1] , 'output', $next);
$next = str_replace($ioffset, 'offset', $next);
// the decoder is our slave, again!
$next = str_replace('eval($output)','return $output',$next);
// final pass
$code = eval($next);
// finish
echo '<','?php',$code,'?','>',"\n";
} else die("Failed. No base64_decode anymore.\n");
?>
Comment