2015-08-04

PHP Law Decoding!

Decode PHP code with signature : [protected by law]
I wrote an script for reverse it.


  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
<style type="text/css">
*{
background-color: #F7F3E8;
border: 2px solid #e3e3e3;
border-radius: 8px 8px 8px 8px;
margin-bottom: 5px;
padding: 5px;
}
TD{font-family: Tahoma; font-size: 10pt;}
input,select,textarea{
border:0;
border:1px solid #900;
color:#fff;
background:#000;
margin:0;
padding:2px 4px;
}
input:hover,textarea:hover,select:hover{
background:#200;
border:1px solid #f00;
}


.red{
color:#f00;
}
.white{
color:#fff;
}
a{
text-decoration:none;
}
a:hover{
border-bottom:1px solid #900;
border-top:1px solid #900;
}
#result a{
color:#777;
}
.sign{
color:#222;
}
#box{
margin:10px 0 0 0;
}
</style>

<html>
<body>
<center><br>
<title>PHP Law DECODER BY #BHG[3H34N]</title>
<font size='3' color='#bbbbbb'>PHP Law DECODER BY #BHG[3H34N]</font><br><br>
<font size='3' color='#bbbbbb'>WebSite:<b><a href="http://nezami.info">nezami.info</a></b><br/></font><br/>
<font size='2' color='#bbbbbb'>Email:<font size='2' color='red'>me@nezami.info</font></font></br><br/>
<font size='3' color='#bbbbbb'> Example:<font size='2' color='green'>/* WARNING: This file is protected by copyright law. To reverse engineer or decode this file is strictly prohibited. */ </font></font><br><br>
<font size='3' color='#bbbbbb'>$o=<font size='2' color='green'><U>Copy This Part Of Your Code To Text Box & Press DeCode</U>;eval(base64_decode("Li4ud3d3LmJsYWNrLWhnLm9yZyBDb3B5IFJpZ2h0IEZvcjNIMz ROIC4uLi=="));return;?></font></font><br><br>



<form name="form" method="post">
<textarea name="text" cols=100 rows=20></textarea>
<input type="hidden" name="status" id="status" value="1">
<br/>
<div class="submit"><br>
<input alt="DeCode" title="Send" alt="Decode" type="image"><br>
</div>
</form>




<?php
header('Content-Type: text/html; charset=utf-8');
if (isset($_POST['text']) && isset($_POST['status']))
{
$text = get_magic_quotes_gpc() ? stripslashes($_POST['text']) : $_POST['text'];


$o="$text";
$lll=0;
$lllllllllll='base64_decode';
$ll=0;
$llllllllll='ord';
$llll=0;
$lllll=3;
$l=$lllllllllll($o);
$lllllll=0;
$llllll=($llllllllll($l[1])<<8)+$llllllllll($l[2]);
$lllllllllllll='strlen';
$lllllllll=16;
$llllllll="";
for(;$lllll<$lllllllllllll($l);){
if($lllllllll==0){
$llllll=($llllllllll($l[$lllll++])<<8);
$llllll+=$llllllllll($l[$lllll++]);
$lllllllll=16;
}
if($llllll&0x8000){
$lll=($llllllllll($l[$lllll++])<<4);
$lll+=($llllllllll($l[$lllll])>>4);
if($lll){
$ll=($llllllllll($l[$lllll++])&0x0f)+3;
for($llll=0;$llll<$ll;$llll++)
$llllllll[$lllllll+$llll]=$llllllll[$lllllll-$lll+$llll];
$lllllll+=$ll;
}
else{
$ll=($llllllllll($l[$lllll++])<<8);
$ll+=$llllllllll($l[$lllll++])+16;
for($llll=0;$llll<$ll;$llllllll[$lllllll+$llll++]=$llllllllll($l[$lllll]))
;
$lllll++;
$lllllll+=$ll;
}
}
else
$llllllll[$lllllll++]=$llllllllll($l[$lllll++]);
$llllll<<=1;
$lllllllll--;
}
$llllllllllll='chr';
$lllll=0;
$lllllllll="?".$llllllllllll(62);
$llllllllll="";
for(;$lllll<$lllllll;){$llllllllll.=$llllllllllll($llllllll[$lllll++]^0x07);}
$lllllllll.=$llllllllll.$llllllllllll(60)."?";


echo 'DECODED: <br/><textarea cols=100 rows=20>'."'$lllllllll';".PHP_EOL.'</textarea><br/>';
}
?>

<center>
</body>
<font size='3' color='#bbbbbb'><b><a href="http://nezami.info">#3H34N</a></b></font>
</html>

2 comments: