Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: PHP Encryption

  1. #1

    PHP Encryption

    What type of encryption technique is used when the following nested functions are called in a PHP script?

    Code:
    eval(gzinflate(str_rot13(base64_decode('FZi3ksTWEV. . .
    In the case of the script I am looking at, there are 13260 characters of encrypted code in the parameter string.

    Can this be decrypted to make sure that there is nothing malicious in the code?

    Does anyone know of a site where I can learn about this technique?

    This is from a footer in a WordPress template.

  2. #2
    Quote Originally Posted by TopDogger View Post
    What type of encryption technique is used when the following nested functions are called in a PHP script?

    Code:
    eval(gzinflate(str_rot13(base64_decode('FZi3ksTWEV. . .
    In the case of the script I am looking at, there are 13260 characters of encrypted code in the parameter string.

    Can this be decrypted to make sure that there is nothing malicious in the code?

    Does anyone know of a site where I can learn about this technique?

    This is from a footer in a WordPress template.
    Basically you're trying to remove footer links, right?

  3. #3
    It would be nice to remove the links. Actually, I could easily do that by just replacing the footer file with the standard code from a WordPress template footer.

    One of my clients wants to use a freebie template with a footer that is loaded with spam links. These are really crappy spam links. The terms just require that the link to the designer remain in place. I have already advised the client not to use this template.

    I really am just curious about this encryption technique.

  4. #4
    Well, I really don't know much about that technique, but you could contact one of those WP theme developers and ask them about it, I'm pretty sure some might be friendly enough to teach you something about that.

  5. Quote Originally Posted by TopDogger View Post
    Code:
    eval(gzinflate(str_rot13(base64_decode('FZi3ksTWEV. . .
    In the case of the script I am looking at, there are 13260 characters of encrypted code in the parameter string.
    ROT-13 is funny. It just moves characters 13 steps up in a 26 character alphabet. The end result is that if you run it twice, you get back to where you started.

    "SEO" encrypted with ROT-13 becomes "FRB"; "FRB" encrypted with ROT-13 becomes "SEO".

    Base-64 also is an encoder, not an encrypter. You can use a quick little tool to decode Base-64.
    Submit Your Webmaster Related Sites to the NB Directory
    I swear, by my life and my love of it, that I will never live for the sake of another man, nor ask another man to live for mine.

  6. #6

    Lightbulb

    Try to replace the "eval" with "echo" and you'll get the hidden php code.
    While you get the "eval" from the "echo"ing result, keep doing the same thing, replace "eval" with "echo".

    However it's strange usually most encrypted code is just a simple HTML backlink.
    Why the original designer does not put simple HTML backlink without encrypts it.

  7. #7
    Quote Originally Posted by xrvel View Post
    Why the original designer does not put simple HTML backlink without encrypts it.
    The theme will probably not work without those links; typically there's some validation elsewhere on the code that's checking for those footer links, while encrypted, encoded or whatever not-plain, 95% of people won't be able to change that.

  8. #8
    Thanks for the info, guys. I think I have what I need to dig into this. Like I said, it is a curiosity thing. The client is now designing their own theme.

    The links in this footer are leading to such spammy sites that anyone who decides to use this theme will likely get wacked by Google. I'm curious about whether or not there is anything other than links hidden in the code.

    The terms for the original designer only require that the link to her site remain. She must be selling the spam links to someone.

    If there is code hidden somewhere else in the theme, I will find it.

  9. The encrypted code will most probably be in the functions.php file

  10. #10
    Join Date
    Apr 2010
    Location
    india
    Posts
    338

Page 1 of 2 12 LastLast

Similar Threads

  1. [WTS] Run Your Own Encryption Site & Free Hosting @ $14.99
    By sdscripts in forum Scripts
    Replies: 0
    Last Post: 8 June, 2010, 15:42 PM
  2. Advanced Footer Encryption techniques
    By Dr. Teeth in forum Programming
    Replies: 5
    Last Post: 3 May, 2010, 13:43 PM
  3. Replies: 1
    Last Post: 21 November, 2009, 01:21 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •