Results 1 to 7 of 7

Thread: Wordpress Obfuscated Code. Need to Remove It.

  1. #1
    Join Date
    Mar 2009
    If I tell you, I would have to kill you.

    Wordpress Obfuscated Code. Need to Remove It.

    Ok guys I downloaded this awesome theme from skinpress and they have obfuscated code in their header.php and functions.php.

    NOT in the footer.php. The footer has sponsored links.

    I don't mind the sponsored links but I want the code on my site clean.

    The code is in rot13 which I decoded. The obfuscated code in header.php calls the obfuscated code in functions.php to ensures that the footer link are intact.

    I think it notifies the theme owner/sponsor if any site removes the footer link. I want these codes to begone from my site.

    But when I remove them, they break the entire theme. How can I remove them??

    Obfuscated codes:


    PHP Code:
    <?php eval(str_rot13('shapgvba purpx_s_sbbgre(){vs(!(shapgvba_rkvfgf("purpx_sbbgre")&&shapgvba_rkvfgf("purpx_urnqre"))){rpub(\'Guvf gurzr vf eryrnfrq haqre perngvir pbzzbaf yvprapr, nyy yvaxf va gur sbbgre fubhyq erznva vagnpg\');qvr;}}purpx_s_sbbgre();'));eval(str_rot13('shapgvba purpx_shapgvbaf(){vs(!svyr_rkvfgf(qveanzr(__SVYR__)."/shapgvbaf.cuc")){rpub(\'Guvf gurzr vf eryrnfrq haqre perngvir pbzzbaf yvprapr, nyy yvaxf va gur sbbgre fubhyq erznva vagnpg\');qvr;}}purpx_shapgvbaf();')); ?>
    PHP Code:
    eval(str_rot13('shapgvba purpx_sbbgre(){$y=\'<o><n uers="uggc://jjj.fxvacerff.pbz/">Serr Jbeqcerff Gurzrf</n></o> Qrfvtarq ol <o><n uers="uggc://jjj.npgvirgenvy.pbz/">Rznvy Znexrgvat</n></o> naq <o><n uers="uggc://jjj.npnqrzvpnqivfbewbof.pbz/">Nqivfbe Wbof</n></o>\';$s=qveanzr(__SVYR__).\'/sbbgre.cuc\';$sq=sbcra($s,\'e\');$p=sernq($sq,svyrfvmr($s));spybfr($sq);vs(fgecbf($p,$y)==0){rpub(\'Guvf gurzr vf eryrnfrq haqre perngvir pbzzbaf yvprapr, nyy yvaxf va gur sbbgre fubhyq erznva vagnpg\');qvr;}}purpx_sbbgre();')); eval(str_rot13('shapgvba purpx_urnqre(){vs(!(shapgvba_rkvfgf("purpx_shapgvbaf")&&shapgvba_rkvfgf("purpx_s_sbbgre"))){rpub(\'Guvf gurzr vf eryrnfrq haqre perngvir pbzzbaf yvprapr, nyy yvaxf va gur sbbgre fubhyq erznva vagnpg\');qvr;}}')); 



    PHP Code:
    <?php eval(str_rot13('function check_f_footer(){if(!(function_exists("check_footer")&&function_exists("check_header"))){echo(\'This theme is released under creative commons licence, all links in the footer should remain intact\');
    riny(fge_ebg13('function check_functions(){if(!file_exists(dirname(__FILE__)."/functions.php")){echo(\'This theme is released under creative commons licence, all links in the footer should remain intact\');
    PHP Code:
    <?php eval(str_rot13('function check_footer(){$l=\'<b><a href="">Free Wordpress Themes</a></b> Designed by <b><a href="">Email Marketing</a></b> and <b><a href="">Advisor Jobs</a></b>\';
    if(strpos($c,$l)==0){echo(\'This theme is released under creative commons licence, all links in the footer should remain intact\');
    riny(fge_ebg13('function check_header(){if(!(function_exists("check_functions")&&function_exists("check_f_footer"))){echo(\'This theme is released under creative commons licence, all links in the footer should remain intact\');
    In case they cannot be removed, are they safe?? is a trustworthy site btw.
    Last edited by rome9t9; 14 December, 2010 at 16:48 PM.

  2. #2
    There is no reason to have such code in header and body, etc.
    Usually means that either links are added to your wordpress unknowingly, or there will be visitors going to sites unknown to you from your wordpress.

    Trustworthy site or not, I would not use any theme that has stuff like this.

  3. Trustworthy site or not, I would not use any theme that has stuff like this.
    I totally agree, no reason to have code in there like that.
    Need links? Try AuthorLinks where you can buy or sell links based on Authorship and Klout score. Check out my blog or like me on Facebook.

  4. #4
    There are lots of good reasons to remove obfuscated code--or refuse to use themes with encoded sections.

    Read this article and check out the links to the supporting articles.

    Malware Found in WordPress Theme – Protect Yourself Now � Lorelle on WordPress
    "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote." -- Benjamin Franklin

  5. #5
    Join Date
    Mar 2009
    If I tell you, I would have to kill you.
    I finally managed to remove the code..but found another good theme that doesnt obfuscated codes in functions.php, only in the footer.php which I removed.

    There aren't many great looking themes in the theme index, so I have to look elsewhere for some great themes.

    Thanks TopDogger for the link. Installed the Theme-Check plugin for my site.

  6. #6
    They seemed to have done this to ensure that their attribution links remained intact but it had the effect of the entire theme being deleted!

  7. #7

    Hello everybody, nice to be here, I need some help please

    I understand the reason to put some code in some themes, but I don't like see waht I don't understand.

    So, I have a "encripted" code in the footer.php in one theme I have and has no problems if you dont change the links of the author (that's ok) but the footer is a mess and don't like it.
    Maybe somebody can help me with this new (to me) encription mode.

    Lets see, I leave the content of the footer.php here and maybe somebody knows how decript this mess. Thanks for any help


Similar Threads

  1. Replies: 0
    Last Post: 29 March, 2011, 12:21 PM
  2. Replies: 13
    Last Post: 11 September, 2010, 21:26 PM
  3. Remove Category plugin ?
    By SonnyCooL in forum Wordpress
    Replies: 3
    Last Post: 19 January, 2010, 02:19 AM
  4. 2 Guest Welcome Messages. Remove One?
    By Arlind in forum Announcements and Suggestions
    Replies: 1
    Last Post: 12 August, 2009, 05:29 AM
  5. remove all spaces from string [vb]
    By ghadeer in forum Programming
    Replies: 5
    Last Post: 9 May, 2009, 05:08 AM

Tags for this Thread


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts