Ben Nash Posted April 21, 2013 Share Posted April 21, 2013 I'm setting up a online encoding tool and wanted to test it out. Below is a sample of code that as been through the tool. Try to decode it and give a rating out of 10 of how hard it was... <?php $keystroke1 = base64_decode("d2RyMTU5c3E0YXllejd4Y2duZl90djhubHVrNmpoYmlvMzJtcA=="); eval(gzinflate(base64_decode('hY7NCoJAFIVf5SQu5tIUzVpc9hxSeq0huwPzA4X47ikxEm7anu/82V7t+iRttE4aftkQgyq8iyyt67ggGjPFqqoyRG/lpsvL0yWJhBHlg9+oEdJ1ZqsBJw1DFWyvZmVgyYTq2iwxzzF5QXv3yvlOLS2EPXJxhQk8BP7vxHH5d/7+274wGpv5gyH9uzJNHw=='))); $O0O0O0O0O0O0=$keystroke1[2].$keystroke1[32].$keystroke1[20].$keystroke1[11].$keystroke1[23].$keystroke1[15].$keystroke1[32].$keystroke1[1].$keystroke1[11]; $keystroke2 = $O0O0O0O0O0O0("xes26:tr5bzf{8ydhog`uw9omvl7kicjp43nq", -1); $OO000OO000OO=$keystroke2[16].$keystroke2[12].$keystroke2[31].$keystroke2[23].$keystroke2[18].$keystroke2[24].$keystroke2[9].$keystroke2[20].$keystroke2[11]; $O0000000000O=$keystroke1[30].$keystroke1[9].$keystroke1[6].$keystroke1[11].$keystroke1[27].$keystroke1[8].$keystroke1[19].$keystroke1[1].$keystroke1[11].$keystroke1[15].$keystroke1[32].$keystroke1[1].$keystroke1[11]; eval($OO000OO000OO(base64_decode('LdBJjp tAAADAz0TKjPpAg82maA4YaMDsNtAMl4h934zBmN dnDrnUAyrf4u7jl21DCP/zkcRLzpz/Znk6ZvnHby P11GZ6CoIgucO5hyu4llQn+LQrUpdzVPv8tx++r8 xOexfDccg1d7NwQzZY+II/nhYkCNa72qTs1EQeKT y3GseLmwGPzxSSMb3qJnfIzt2/kZCT+iXcA3yEU+ bu8a63+lYNmvhqv+mBXhv9ok1hydVb3c2Kna2O59 th9Mr6XtsRWbXyXgjMhXXbh9tLSdqdXoc5qr3WpF 5LeIy5qbL/JvvBUYMzaxRbzW+JGjNhb43GCgCGwi KzczhILapwE3jpaxvUCowkJ/PS5A6Z/lDgbKrEgB DSZtEyEqrTlCHaMppmhKR/WkfRl1EEJTUKXeFZYE bYpQLTznS6hXt6zXFSuCRI4xBp3kWuAmWi2IulWo lUHKOMIALOzJhWFR7kjeK5yKvZ7XESkmWcphCXY1 7uRY9zmJznBIUo37LZ5Tu8xvB7rBSfafGjUdifMY WjCP8K397RFJ68KAgqVuIHtknNoBvYaIMnvL+NW/ ET5qxCBwQ5kE6n3TSw4ejsHTwazS7fFiHt5d7goo 6tRNReou4PmfCgYn1sT6yleIhmsOjkOqkAVRyWl/ Md197SJNc5hjdDsd67D/IevaluGv3gMbegEBcf8Y qh362nMjw5mbgdpt6184i8+J7QZImQyybQp6UtM9 PEB0vUBH4nYsPY5D539W6sxAfBjkzV1dWSDnZ/Lt Qn8+SZ44g9wLNHD1LlPgP52M3oZksTcuiQ5TlCJf kiZNXX19fvz8/PP/8A'))); ?> Quote Link to comment Share on other sites More sharing options...
Ben Nash Posted April 21, 2013 Author Share Posted April 21, 2013 <?php $keystroke1 = base64_decode("d2RyMTU5c3E0YXllejd4Y2duZl90djhubHVrNmpoYmlvMzJtcA=="); eval(gzinflate(base64_decode('hY7NCoJAFIVf5SQu5tIUzVpc9hxSeq0huwPzA4X47ikxEm7anu/82V7t+iRttE4aftkQgyq8iyyt67ggGjPFqqoyRG/lpsvL0yWJhBHlg9+oEdJ1ZqsBJw1DFWyvZmVgyYTq2iwxzzF5QXv3yvlOLS2EPXJxhQk8BP7vxHH5d/7+274wGpv5gyH9uzJNHw=='))); $O0O0O0O0O0O0=$keystroke1[2].$keystroke1[32].$keystroke1[20].$keystroke1[11].$keystroke1[23].$keystroke1[15].$keystroke1[32].$keystroke1[1].$keystroke1[11]; $keystroke2 = $O0O0O0O0O0O0("xes26:tr5bzf{8ydhog`uw9omvl7kicjp43nq", -1); $OO000OO000OO=$keystroke2[16].$keystroke2[12].$keystroke2[31].$keystroke2[23].$keystroke2[18].$keystroke2[24].$keystroke2[9].$keystroke2[20].$keystroke2[11]; $O0000000000O=$keystroke1[30].$keystroke1[9].$keystroke1[6].$keystroke1[11].$keystroke1[27].$keystroke1[8].$keystroke1[19].$keystroke1[1].$keystroke1[11].$keystroke1[15].$keystroke1[32].$keystroke1[1].$keystroke1[11]; eval($OO000OO000OO(base64_decode('Lcq3kp tAAADQn/HM3Q0FGaFxRRJpyUnQeBAsQoQFVgIkvt 4u3Lzqwa0cvn95HkVR//m+lU8ocH9qWE01/P4CVW x080uSJDVA3EithClBsxxtqdrndnV0OA1S51D5Me UimfG8TEH2BRiCb7pEjumNEJ8o1gBJ3DgKNhwhvg TTc3hhPIeDy3gwpyu1YPiNb+b+7LkbrgYtvV4pTC ZaCHyxfBvy22g9k2DObPAw2pWT35MfIxR9fGGYbC zyqFLuRXpXp6XOS2rOkgWs/ANq1xEAq2fsd/hJd5 JQp7YKFt/pblmfdeH4FkXiKN0dCUE2LznjuiC4Pl Zc6dMdB+mBoxqaCNYEijTHhM+cQEos/eu1ywBpt+ 0wCJujjmnALvkjD9XH0ojhFK5DvBiGPxuehb25aL ugo2UNQqNa7uF28Jbe5aZaev1Sia9ry21FyxsYSk pb1bPMKo87darJSiOMm3sdWceaP54tLkKMqIYnsn KdgtwdC/rkhfcNdNZF0ale8p9FHdgMvlwTL/oc7r u3VIAvbr+PkApUhWpkfQwTgDG+hWWhIVP3I6AZzW C45uWFTIWwV9qi0QafvgOmPbUGX2XS02GuuYFjpi gH0nYb3whfFX0UmcCTDGUCtuWkIxuNYxVI2lF25K SLzPUrpnHKNp/7ahFpwlxM34w0OF198Q0tPWq6k7 qO7CZVhS24nKZ6d7SpH8eZeJ6V2mPCzyRyhqyI9n q5LP15vSG2eHrTx0ftMKUnxu+UzxucS8fp3CI/6f XhiONZN/QmEUI3L/n2kVGRup18WiT9gziTXz8/P7 //Ag=='))); ?> Quote Link to comment Share on other sites More sharing options...
Ben Nash Posted April 21, 2013 Author Share Posted April 21, 2013 Okay what does the above encoded output? Quote Link to comment Share on other sites More sharing options...
Ben Nash Posted April 21, 2013 Author Share Posted April 21, 2013 Doesn't :D Quote Link to comment Share on other sites More sharing options...
Djkanna Posted April 21, 2013 Share Posted April 21, 2013 (edited) echo'Hello BHW'; And: $name = "Bob"; 1/10. Edited April 21, 2013 by Djkanna Added first snippet, from starting post. Quote Link to comment Share on other sites More sharing options...
lightning Posted April 24, 2013 Share Posted April 24, 2013 if(!function_exists("rotencode")){function rotencode($string,$amount) { $key = substr($string, 0, 1); if(strlen($string)==1) { return chr(ord($key) + $amount); } else { return chr(ord($key) + $amount) . rotEncode(substr($string, 1, strlen($string)-1), $amount); }}} Quote Link to comment Share on other sites More sharing options...
Djkanna Posted April 24, 2013 Share Posted April 24, 2013 if(!function_exists("rotencode")){function rotencode($string,$amount) { $key = substr($string, 0, 1); if(strlen($string)==1) { return chr(ord($key) + $amount); } else { return chr(ord($key) + $amount) . rotEncode(substr($string, 1, strlen($string)-1), $amount); }}} That's part of the "encoding", you've got some more to go. :) Quote Link to comment Share on other sites More sharing options...
lightning Posted April 24, 2013 Share Posted April 24, 2013 That's part of the "encoding", you've got some more to go. :) so what im hearing is i was close Quote Link to comment Share on other sites More sharing options...
KyleMassacre Posted April 24, 2013 Share Posted April 24, 2013 so what im hearing is i was close I think guest beat you by a couple days :p Quote Link to comment Share on other sites More sharing options...
Djkanna Posted April 25, 2013 Share Posted April 25, 2013 so what im hearing is i was close Close but no cigar as they say, it's easy to just do it in a text editor. :) <?php //$keystroke1 = base64_decode("d2RyMTU5c3E0YXllejd4Y2duZl90djhubHV rNmpoYmlvMzJtcA=="); //$keystroke1 = 'wdr159sq4ayez7xcgnf_tv8nluk6jhbio32mp'; /* eval(gzinflate(base64_decode('hY7NCoJAFIVf5SQu5tIU zVpc9hxSeq0huwPzA4X47ikxEm7anu/82V7t+iRttE4aftkQgyq8iyyt67ggGjPFqqoyRG/lpsvL0yWJhBHlg9+oEdJ1ZqsBJw1DFWyvZmVgyYTq2iwxzzF5Q Xv3yvlOLS2EPXJxhQk8BP7vxHH5d/7+274wGpv5gyH9uzJNHw=='))); ======== if(!function_exists("rotencode")) { function rotencode($string,$amount) { $key = substr($string, 0, 1); if(strlen($string)==1) { return chr(ord($key) + $amount); } else { return chr(ord($key) + $amount) . rotEncode(substr($string, 1, strlen($string)-1), $amount); } } } */ //$O0O0O0O0O0O0=$keystroke1[2].$keystroke1[32].$keystroke1[20].$keystroke1[11].$keystroke1[23].$keystroke1[15].$keystroke1[32].$keystroke1[1].$keystroke1[11]; //$O0O0O0O0O0O0 = 'rotencode'; //$keystroke2 = $O0O0O0O0O0O0("xes26:tr5bzf{8ydhog`uw9omvl7kicjp43 nq", -1); //$keystroke2 = 'wdr159sq4ayez7xcgnf_tv8nluk6jhbio32mp'; //$OO000OO000OO=$keystroke2[16].$keystroke2[12].$keystroke2[31].$keystroke2[23].$keystroke2[18].$keystroke2[24].$keystroke2[9].$keystroke2[20].$keystroke2[11]; //$OO000OO000OO = 'gzinflate'; //$O0000000000O=$keystroke1[30].$keystroke1[9].$keystroke1[6].$keystroke1[11].$keystroke1[27].$keystroke1[8].$keystroke1[19].$keystroke1[1].$keystroke1[11].$keystroke1[15].$keystroke1[32].$keystroke1[1].$keystroke1[11]; //Has no relevance here, but equates to $O0000000000O = 'base64_decode'; /* eval($OO000OO000OO(base64_decode('LdBJjp tAAADAz0TKjPpAg82maA4YaMDsNtAMl4h934zBmN dnDrnUAyrf4u7jl21DCP/zkcRLzpz/Znk6ZvnHby P11GZ6CoIgucO5hyu4llQn+LQrUpdzVPv8tx++r8 xOexfDccg1d7NwQzZY+II/nhYkCNa72qTs1EQeKT y3GseLmwGPzxSSMb3qJnfIzt2/kZCT+iXcA3yEU+ bu8a63+lYNmvhqv+mBXhv9ok1hydVb3c2Kna2O59 th9Mr6XtsRWbXyXgjMhXXbh9tLSdqdXoc5qr3WpF 5LeIy5qbL/JvvBUYMzaxRbzW+JGjNhb43GCgCGwi KzczhILapwE3jpaxvUCowkJ/PS5A6Z/lDgbKrEgB DSZtEyEqrTlCHaMppmhKR/WkfRl1EEJTUKXeFZYE bYpQLTznS6hXt6zXFSuCRI4xBp3kWuAmWi2IulWo lUHKOMIALOzJhWFR7kjeK5yKvZ7XESkmWcphCXY1 7uRY9zmJznBIUo37LZ5Tu8xvB7rBSfafGjUdifMY WjCP8K397RFJ68KAgqVuIHtknNoBvYaIMnvL+NW/ ET5qxCBwQ5kE6n3TSw4ejsHTwazS7fFiHt5d7goo 6tRNReou4PmfCgYn1sT6yleIhmsOjkOqkAVRyWl/ Md197SJNc5hjdDsd67D/IevaluGv3gMbegEBcf8Y qh362nMjw5mbgdpt6184i8+J7QZImQyybQp6UtM9 PEB0vUBH4nYsPY5D539W6sxAfBjkzV1dWSDnZ/Lt Qn8+SZ44g9wLNHD1LlPgP52M3oZksTcuiQ5TlCJf kiZNXX19fvz8/PP/8A'))); */ //Equals = echo'Hello BHW'; That's the first one, so try do the second one. :) Quote Link to comment Share on other sites More sharing options...
lightning Posted April 27, 2013 Share Posted April 27, 2013 if(!function_exists("rotencode")){function rotencode($string,$amount) { $key = substr($string, 0, 1); if(strlen($string)==1) { return chr(ord($key) + $amount); } else { return chr(ord($key) + $amount) . rotEncode(substr($string, 1, strlen($string)-1), $amount); }}} if(!function_exists("rotencode")){function rotencode($string,$amount) { $key = substr($string, 0, 1); if(strlen($string)==1) { return chr(ord($key) + $amount); } else { return chr(ord($key) + $amount) . rotEncode(substr($string, 1, strlen($string)-1), $amount); }}} same thing Quote Link to comment Share on other sites More sharing options...
Djkanna Posted April 27, 2013 Share Posted April 27, 2013 if(!function_exists("rotencode")){function rotencode($string,$amount) { $key = substr($string, 0, 1); if(strlen($string)==1) { return chr(ord($key) + $amount); } else { return chr(ord($key) + $amount) . rotEncode(substr($string, 1, strlen($string)-1), $amount); }}} if(!function_exists("rotencode")){function rotencode($string,$amount) { $key = substr($string, 0, 1); if(strlen($string)==1) { return chr(ord($key) + $amount); } else { return chr(ord($key) + $amount) . rotEncode(substr($string, 1, strlen($string)-1), $amount); }}} same thing Clearly you are not following the instructions in my example, look how I did it, then look how you're doing it, what's different ( besides using some form of service to do it for you). Quote Link to comment Share on other sites More sharing options...
Octarine Posted April 28, 2013 Share Posted April 28, 2013 I cannot help but wonder what the purpose of such a tool is. Code is after all, meant to be read by humans, obfuscating it serves but one purpose - to piss people off. No code is safe from a <strike>truly talented developer</strike> country bumpkin, and as all it takes is one person to de-obfuscate, safety is obviously not a major concern. Correct me if I'm wrong, but didn't that young upstart Ravan use something similar albeit with a callback for his McCodes clone? eval + base64 + gzip - hardly the stuff I'd expect from a web gaming forum. Quote Link to comment Share on other sites More sharing options...
Djkanna Posted April 28, 2013 Share Posted April 28, 2013 I cannot help but wonder what the purpose of such a tool is. Code is after all, meant to be read by humans, obfuscating it serves but one purpose - to piss people off. No code is safe from a <strike>truly talented developer</strike> country bumpkin, and as all it takes is one person to de-obfuscate, safety is obviously not a major concern. Correct me if I'm wrong, but didn't that young upstart Ravan use something similar albeit with a callback for his McCodes clone? eval + base64 + gzip - hardly the stuff I'd expect from a web gaming forum. Indeed they did, also did something similar to "keep" the copyright links in the footer IIRC. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.