How would i encode and decode the following base64 types:

eval(base64_decode(strtr(strrev('$string')));

&

eval(base64_decode(strrev('$string')));

&

eval(base64_decode(strtr('$string')));

When decoding I've tried replacing eval with echo or print, but the code just displays as another base4 type. I'd like to know how to encode and decode like this.

Can anyone please help?

Thanks

    what are you trying to do? in the code above strtr() is being used incorrectly.

      dagon;10920083 wrote:

      what are you trying to do? in the code above strtr() is being used incorrectly.

      I've seen a few scripts encoded like this before, and always wanted to know how its encoded and decoded (i normally stick to basics), it seems more interesting then the regular eval(base64_decode.

      PS: And for the strtr, I just copied the loop from an encoded script I saw at another forum, the script seemed to run fine.

        your examples have the wrong parameter's for strtr() , see the manual page i linked to.

          OK I've found a way to decode, I have to place the encoded base64 in encoded_file.php and run the below script, which then provides the source code.

          Except if the code is encoded numerous times, I have to place the eval...base64 in encoded_file.php, run the below script and then copy the new eval...base64 back an fourth in to encoded_file.php until the source code is displayed.

          Is their a way to auto run this so I just place the encoded in encoded_file.php and the results will display in the below script, without me having to keep on copying and pasting.

          <?php

// Open and read the content of the encoded file into a variable
$file = file_get_contents('encoded_file.php');

// Strip php tags
$file = str_replace('<?php', "", $file);
$file = str_replace('<?', "", $file);   // Make sure to get rid of short tags....
$file = str_replace('?>', "", $file);

// Strip new lines
$file = str_replace("\n", "", $file);

// Add semi colon to get around a parsing issue.
$file = $file.';';

// Change the Eval function
$file = str_replace('eval', 'echo ', $file);

// Function to eval the new string
function deval()
 {
  global $file;
  ob_start();
  eval($file);
  $contents = ob_get_contents();
  ob_end_clean();
  return($contents);
 }

// Run the code thru once
$file = deval();

// Counter
$cnt = 1;

// Loop it till it's decoded
while(preg_match('/^\?><\?php eval/', $file))
 {
  $file = str_replace('?><?php eval', 'echo', $file);
  $file = str_replace('?><?', "", $file);
  $file = deval();
  ++$cnt;
 }

//clean up some tags
$file = str_replace('?><?php', "", $file);
$file = str_replace('?><?', "", $file);

echo $cnt,' iterations<br/><br/>';
echo '<pre>';
echo $file;
echo '</pre>';
?>

            you would need to write a recursive function (output of function becomes input), not sure if you can determine if a string is still base64 encoded, if you can you just run the loop till its done.

            What's the source of the strings your decoding (just curious)?

              Can you provide me the code, so I can look into it, im fairly new to php, beginner and still learning.

              PS: wp footer, (which usually contain iframes, which can cause security issues).

                Write a Reply...