Waraxe IT Security Portal
Login or Register
March 15, 2026
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 391
Members: 0
Total: 391
Full disclosure
JSON Deserialiser Unconstrained Resource Consumption QuickOverview
Defense in depth -- the Microsoft way (part 96): yet anotherSAFER (SRPv1) and AppLocker (SRPv2) loophole
Alipay DeepLink+JSBridge Attack Chain: Silent GPS Exfiltration,17 Vulns, 6 CVEs (CVSS 9.3)
Cohesity TranZman Migration Appliance - 5 CVEs (commandinjection, LPE, unsigned patches, weak crypto)
APPLE-SA-03-11-2026-2 iOS 15.8.7 and iPadOS 15.8.7
APPLE-SA-03-11-2026-1 iOS 16.7.15 and iPadOS 16.7.15
SEC Consult SA-20260224-0 :: Multiple vulnerabilities in CPSD CryptoPro Secure Disk for BitLocker (CVE-2025-10010)
SEC Consult SA-20260218-0 :: Multiple Critical Vulnerabilities in NesterSoft WorkTime (on-prem/cloud)
[KIS-2026-04] SmarterMail <= 9518 (MailboxId) Reflected Cross-Site Scripting Vulnerability
SEC Consult SA-20260212-0 :: Multiple Vulnerabilities in various Solax Power Pocket WiFi models
[Full Disclosure] CVE-2025-69690 & CVE-2025-69691 — Authenticated RCE in Netgate pfSense CE 2.7.2 and 2.8.0
APPLE-SA-02-11-2026-9 Safari 26.3
APPLE-SA-02-11-2026-8 visionOS 26.3
APPLE-SA-02-11-2026-7 watchOS 26.3
APPLE-SA-02-11-2026-6 tvOS 26.3
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> PHP script decode requests -> Please help me decode this.
Post new topicReply to topic View previous topic :: View next topic
Please help me decode this.
PostPosted: Sat Feb 19, 2011 3:55 am Reply with quote
grinsp00n
Beginner
Beginner
Joined: Feb 19, 2011
Posts: 1




Please help me decode these file..i've tried everything and i cant do it.. ..i've change the eval to echo but seems i don't know where to go next to view all of the original code.
Code:
<?php if (!function_exists("T7FC56270E7A70FA81A5935B72EACBE29")) { function T7FC56270E7A70FA81A5935B72EACBE29($TF186217753C37B9B9F958D906208506E) { $TF186217753C37B9B9F958D906208506E = base64_decode($TF186217753C37B9B9F958D906208506E); $T7FC56270E7A70FA81A5935B72EACBE29 = 0; $T9D5ED678FE57BCCA610140957AFAB571 = 0; $T0D61F8370CAD1D412F80B84D143E1257 = 0; $TF623E75AF30E62BBD73D6DF5B50BB7B5 = (ord($TF186217753C37B9B9F958D906208506E[1]) << 8) + ord($TF186217753C37B9B9F958D906208506E[2]); $T3A3EA00CFC35332CEDF6E5E9A32E94DA = 3; $T800618943025315F869E4E1F09471012 = 0; $TDFCF28D0734569A6A693BC8194DE62BF = 16; $TC1D9F50F86825A1A2302EC2449C17196 = ""; $TDD7536794B63BF90ECCFD37F9B147D7F = strlen($TF186217753C37B9B9F958D906208506E); $TFF44570ACA8241914870AFBC310CDB85 = __FILE__; $TFF44570ACA8241914870AFBC310CDB85 = file_get_contents($TFF44570ACA8241914870AFBC310CDB85); $TA5F3C6A11B03839D46AF9FB43C97C188 = 0; preg_match(base64_decode("LyhwcmludHxzcHJpbnR8ZWNobykv"), $TFF44570ACA8241914870AFBC310CDB85, $TA5F3C6A11B03839D46AF9FB43C97C188); for (;$T3A3EA00CFC35332CEDF6E5E9A32E94DA<$TDD7536794B63BF90ECCFD37F9B147D7F;) { if (count($TA5F3C6A11B03839D46AF9FB43C97C188)) exit; if ($TDFCF28D0734569A6A693BC8194DE62BF == 0) { $TF623E75AF30E62BBD73D6DF5B50BB7B5 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) << 8); $TF623E75AF30E62BBD73D6DF5B50BB7B5 += ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]); $TDFCF28D0734569A6A693BC8194DE62BF = 16; } if ($TF623E75AF30E62BBD73D6DF5B50BB7B5 & 0x8000) { $T7FC56270E7A70FA81A5935B72EACBE29 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) << 4); $T7FC56270E7A70FA81A5935B72EACBE29 += (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA]) >> 4); if ($T7FC56270E7A70FA81A5935B72EACBE29) { $T9D5ED678FE57BCCA610140957AFAB571 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) & 0x0F) + 3; for ($T0D61F8370CAD1D412F80B84D143E1257 = 0; $T0D61F8370CAD1D412F80B84D143E1257 < $T9D5ED678FE57BCCA610140957AFAB571; $T0D61F8370CAD1D412F80B84D143E1257++) $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012+$T0D61F8370CAD1D412F80B84D143E1257] = $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012-$T7FC56270E7A70FA81A5935B72EACBE29+$T0D61F8370CAD1D412F80B84D143E1257]; $T800618943025315F869E4E1F09471012 += $T9D5ED678FE57BCCA610140957AFAB571; } else { $T9D5ED678FE57BCCA610140957AFAB571 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) << 8); $T9D5ED678FE57BCCA610140957AFAB571 += ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) + 16; for ($T0D61F8370CAD1D412F80B84D143E1257 = 0; $T0D61F8370CAD1D412F80B84D143E1257 < $T9D5ED678FE57BCCA610140957AFAB571; $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012+$T0D61F8370CAD1D412F80B84D143E1257++] = $TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA]); $T3A3EA00CFC35332CEDF6E5E9A32E94DA++; $T800618943025315F869E4E1F09471012 += $T9D5ED678FE57BCCA610140957AFAB571; } } else $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012++] = $TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]; $TF623E75AF30E62BBD73D6DF5B50BB7B5 <<= 1; $TDFCF28D0734569A6A693BC8194DE62BF--; if ($T3A3EA00CFC35332CEDF6E5E9A32E94DA == $TDD7536794B63BF90ECCFD37F9B147D7F) { $TFF44570ACA8241914870AFBC310CDB85 = implode("", $TC1D9F50F86825A1A2302EC2449C17196); $TFF44570ACA8241914870AFBC310CDB85 = "?".">".$TFF44570ACA8241914870AFBC310CDB85."<"."?"; return $TFF44570ACA8241914870AFBC310CDB85; } } } } eval(T7FC56270E7A70FA81A5935B72EACBE29("QAIAPD9waHAgABRpZighZnVuY3QAAGlvbl9leGlzdHMoJ2dldF8AAHBvc3RfdGVtcGxhdGVzJykFQCkgeyAgAqUgAi8oAhIgJHRoZW0McGVzID0CMgDTKCk7BuEBswGkY3Vycj8hZW4GIALxAhYG9QJQAuNzWwCDXVsnVAHUC2AgRmlsCRBdBUIFgCQKqwOwYXJyYXlAUSAFU2lmIChpc18BNCQNFikpOgPAABQgZm9yZWFjaCAoKAIiKQIXIGF+CXMM0AdFDdMDIQBBAmZfZGF0YQcgQGkSgAAMb2RlKCAnJywgZmlsAKACViApgTAQAyAkbmFtZQLgJycLwwnBIHByZQEAZ19tYXRjaAPQfFNpbmdsZSBQAFAX0CAPFTooW14qK10rKSR8bXTlaQXwBZYH4iwFdCkgCkEGNQCCWzESUH0LESjBICAGwiEM8HR5KAMrE/tbdHJpbQImQ7hdCuBiYXNlC5EBUBPlIA0QBYIAUWVuZCA3aWYNEXJldHVybiAZDAGhfQKBCIAm38AeJtAIC19kcm9wZG93bictAn8Ccid0Zwf+bG9iYWwHwwchCFwMcCsvIhMJcCBWA20gOV+H5hBBID0+IBf3HoEXUQQwFgIBqyA9MEMLkm0IAWV0YSgF8i0+SUQsICdfd3A2O4QBHZB0cnVlNoIkc2VsZWN0ZWQLgCUDJyAA1T0iAKUiJBB9IGVsc2U5UALawsABkgkAJG9wdAPRPACAPaAgdmFsdWUG7D0iJyAuDAwBECcBcwXVASE+ApsPsi4gFg8nPC8E8z4GcAZQZWNobyAGoRchHjAedQIHICBhZGRfEeB0ZXIoJ3MtMkS2DoC9bkYPJyUQFDBIvwK/JxIiIEivKdUoGHYZwyG+YwT3dXN0b20KAGVsFhEhlhpPGk8gGkIPASzBoYA08yQFGSkgJiZAElTVVEVNUExBVARPRVBBVEgVsCIvewMKfSINAxTwC4YbkMv0A28DbDsgFxAgNzUPxQmQGFcFMBiSYV3SKCcAI2FkbWluX21lbnUYQXB0XxphC8Qf3WJveBhCFXYB/jaUD3ATFgdlcwHAD2FkfCAHIEf/ZAcAdGFfBfFQcCrgCVAHcRbBAWFPQAagMjIE5pkBCeBfXwGQUM90ZQHAJ3B0JyApLASQwHgAMADQX2lubmVyXwyYNfAFIQLBbm9yEN9tYWwAoWhpZ2gDgBIgIBOxE+EEAAAwDzntAAS9DZBvYCAkPQNgZS/BJzxpbnB1dCAQCXR5cDXQaGlkZGVuIiAy4T0iDXAIdG5vbmNTsiIgaWQBLTkoJnBjaHB0ZUDAXwMiKCBwbHVnGrBXpl9fRklMRTEgX19eQThwIiAvOCQgIAiEbGFiZWwA+yBjbGFzcz0iCJVNgAdgZLA31iI9khXgXw8iZioiEyEVYSoQPlAE0j48YnIGhQZUQiMOBP/ATB4OVAb6CSVdVQgAGBEFBETTScUiPkJsb2f3dG+yRoscwQwmc2IWW/QExC8J0wtkC89wD6ZTb8CgeFCJkyBoYXZlICOjICgGIHlvdSAGoGNhbiB1VgAUQCBMIyAIgXMgdGhhFsB0IG0k0HQD4yzgaZPRZ+BmZWF0dXKSAI/Qb3IFVWxhBNB0cy4gSWYgc29CgCwFsndpbGxdUGUEsGVtIGFib3Yt12UuGCxwDIRWgX0m4AAwBoBfPKVzC3Bj4i2R8PEmkAEGiPEBQDEsIDJVIVJnAl1ow19pZIPw/AgNgVKzBnAAM4LjKYB2ZXJpZnkphSRfUA4/T1NUWzdRKqIuoSddLCsPKwcFk0qFBrFwEeB5IFENhIm0J3BhZ2Unc0EGViSiNaAnXY2y+R8JoAlzo7UZ8D9wYW5CsGVkaasgBCENBAZRRxH9+wNQB89AEXPUAgAFX18f0AVWCGAVIHu2BV90BsENGsWbBVAAMCRteRjxW36/DRA9IA51NI4nm1AD8PH9ttCpxQSkqSJrZXmIUkPyFdMUIZnQFcMAYV9JAYHjFLEncmV2aXOAAE+QYsQKkSAgJAPyZoBL/2mrhCcsDlAosEQB0iQCBbJfBltRI5MPMRagCNABFywgRkFMU0VsViB1cA9gZSniX8IDH/56B9MGBIx2DzIuUQwiBr9leQcQCagj8mjgIQT0IA4cZGVsZVQwA/+W8CRrZXkHEwNwADA/Pg==")); ?>
Sad Thanks in advance
View user's profile Send private message
PostPosted: Tue Mar 15, 2011 8:44 am Reply with quote
markehdotme
Regular user
Regular user
Joined: Mar 15, 2011
Posts: 7




Here is the final result:

Code:

<?php if(!function_exists('get_post_templates')) { function get_post_templates() { $themes = get_themes(); $theme = get_current_theme(); $templates = $themes[$theme]['Template Files']; $post_templates = array (); if (is_array ($templates)): foreach ((array)$templates as $template ) { $template_data = @implode( '', file( $template )); $name = ''; if ( preg_match( '|Single Post Template:([^*+]+)$|mi', $template_data, $name ) ) { $name = $name[1]; } if ( !empty( $name ) ) { $post_templates[trim( $name )] = basename( $template ); } } endif; return $post_templates; }} if(!function_exists('post_templates_dropdown')) { function post_templates_dropdown() { global $post; $post_templates = get_post_templates(); foreach ($post_templates as $template_name => $template_file) { if ($template_file == get_post_meta($post->ID, '_wp_post_template', true)) { $selected = ' selected="selected"'; } else { $selected = ''; } $opt = '<option value="' . $template_file . '"' . $selected . '>' . $template_name . '</option>'; echo $opt; } }} add_filter('single_template', 'get_post_template'); if(!function_exists('get_post_template')) { function get_post_template($template) { global $post; $custom_field = get_post_meta($post->ID, '_wp_post_template', true); if(!empty($custom_field) && file_exists(TEMPLATEPATH . "/{$custom_field}")) { $template = TEMPLATEPATH . "/{$custom_field}"; } return $template; }} add_action('admin_menu', 'pt_add_custom_box'); function pt_add_custom_box() { if(get_post_templates() && function_exists( 'add_meta_box' )) { add_meta_box( 'pt_post_templates', __( 'Single Post Template', 'pt' ), 'pt_inner_custom_box', 'post', 'normal', 'high' ); } } function pt_inner_custom_box() { global $post; echo '<input type="hidden" name="pt_noncename" id="pt_noncename" value="' . wp_create_nonce( plugin_basename(__FILE__) ) . '" />'; echo '<label class="hidden" for="post_template">' . __("Post Template", 'pt' ) . '</label><br />'; echo '<select name="_wp_post_template" id="post_template" class="dropdown">'; echo '<option value="">Blog Post</option>'; post_templates_dropdown(); echo '</select><br /><br />'; echo '<p>' . __("Some themes have custom templates you can use for single posts that might have additional features or custom layouts. If so, you will see them above.", 'pt' ) . '</p><br />'; } add_action('save_post', 'pt_save_postdata', 1, 2); function pt_save_postdata($post_id, $post) { if ( !wp_verify_nonce( $_POST['pt_noncename'], plugin_basename(__FILE__) )) { return $post->ID; } if ( 'page' == $_POST['post_type'] ) { if ( !current_user_can( 'edit_page', $post->ID )) return $post->ID; } else { if ( !current_user_can( 'edit_post', $post->ID )) return $post->ID; } $mydata['_wp_post_template'] = $_POST['_wp_post_template']; foreach ($mydata as $key => $value) { if( $post->post_type == 'revision' ) return; $value = implode(',', (array)$value); if(get_post_meta($post->ID, $key, FALSE)) { update_post_meta($post->ID, $key, $value); } else { add_post_meta($post->ID, $key, $value); } if(!$value) delete_post_meta($post->ID, $key); } } ?><?

_________________
Regards,
Markeh
View user's profile Send private message
Please help me decode this.
www.waraxe.us Forum Index -> PHP script decode requests
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
 		All times are GMT
Page 1 of 1
Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group
PCWizardHub - Helping you fix, build, and optimize your PC life
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
 Page Generation: 0.041 Seconds