03-07-2013
The huge block-o-stuff is base64-encoded. Decoding it just gets you more junk. It's nested nested nestings crammed into evals crammed into evals, with all the variable names altered into garbage, so it will take much persistence and detective work to unravel. It's probably been through a mutator script. They sacrificed a lot of efficiency for this obscureness -- PHP has to undo all this doublethink step by step.
You can use the online
base64 decoder to decode that text and other text like it.
The \x78 stuff is escape sequences for ASCII characters. \x78 is 'x' for instance.
Last edited by Corona688; 03-07-2013 at 12:21 PM..
This User Gave Thanks to Corona688 For This Post:
9 More Discussions You Might Find Interesting
1. Programming
Well this year i decided to enter the International Obfuscated C Code Contest. This was my first attempt at writing obfuscated C (at least purposely), so I am sure that this is kids-stuff for the real obfuscation gurus. Anyway, the results are out, and I am not a finalist (I wasn't expecting to... (5 Replies)
Discussion started by: PxT
5 Replies
2. UNIX for Dummies Questions & Answers
Appreciate your thoughts....I m very new to this. Anyone here have the similar experience and work around. Thanks.
Use scp to send a file from HP-UX to SUN box successfully but return code randomly being generated. The majority of time reports 1 (meaning not ok) and sometime 0 (OK).
When scp... (0 Replies)
Discussion started by: huiraym
0 Replies
3. Shell Programming and Scripting
hi
please can anyone help me in decoding shell commands.
i need a way to decode the encrypted shell commands. (8 Replies)
Discussion started by: rochitsharma
8 Replies
4. IP Networking
Hi, wondering if anyone can suggest a tool to me that will let me either cut & paste hex or type it in for packet decoding.
I want to be able to decode a packet as done with tcpdump or wireshark, but I want to be able to manually input the hex myself. (2 Replies)
Discussion started by: Breakology
2 Replies
5. Ubuntu
Hi
I am new to expect. Please if any one can help on my issue its really appreciable. here is my issue:
I want expect script for random passwords and random commands generation.
please can anyone help me?
Many Thanks in advance (0 Replies)
Discussion started by: vanid
0 Replies
6. UNIX for Dummies Questions & Answers
Hi,
If my input string is 3a3b4c then my result should be aaabbbcccc. Please guide me how to achieve this in a bash script.
Thanks (18 Replies)
Discussion started by: pandeesh
18 Replies
7. Shell Programming and Scripting
ello, I am trying to remove obfuscated code in multiple files on a server, the malicious code is surronded by
/*km0ae9gr6m*//*qhk6sa6g1c*/
I had success removing from some files using this command
sed -i ':strt;s|/\*km0ae9gr6m\*/*/\*qhk6sa6g1c\*/||g;/\/\*km0ae9gr6m\*\//{N;b strt}'... (5 Replies)
Discussion started by: cuantica
5 Replies
8. Shell Programming and Scripting
Need to use dd to generate a large file from a sample file of random data. This is because I don't have /dev/urandom.
I create a named pipe then:
dd if=mynamed.fifo do=myfile.fifo bs=1024 count=1024
but when I cat a file to the fifo that's 1024 random bytes:
cat randomfile.txt >... (7 Replies)
Discussion started by: Devyn
7 Replies
9. Shell Programming and Scripting
I am trying to understand a UNIX script which FTPs certain files from a remote location to the local machine. I understand the basic FTP command but the UNIX script uses the following command:
ftp -n -i -v > $logftp_trg 2>&1 <<!
open $MFX_FTP_SERVER
user $MFX_FTP_LOGIN $MFX_FTP_PWD
Can anyone... (5 Replies)
Discussion started by: Bhavesh Sharma
5 Replies
LEARN ABOUT DEBIAN
mime::base64::urlsafe
MIME::Base64::URLSafe(3pm) User Contributed Perl Documentation MIME::Base64::URLSafe(3pm)
NAME
MIME::Base64::URLSafe - Perl version of Python's URL-safe base64 codec
SYNOPSIS
use MIME::Base64::URLSafe;
$encoded = urlsafe_b64encode('Alladdin: open sesame');
$decoded = urlsafe_b64decode($encoded);
DESCRIPTION
This module is a perl version of python's URL-safe base64 encoder / decoder.
When embedding binary data in URL, it is preferable to use base64 encoding. However, two characters ('+' and '/') used in the standard
base64 encoding have special meanings in URLs, often leading to re-encoding with URL-encoding, or worse, interoperability problems.
To overcome the problem, the module provides a variation of base64 codec compatible with python's urlsafe_b64encode / urlsafe_b64decode.
Modification rules from base64:
use '-' and '_' instead of '+' and '/'
no line feeds
no trailing equals (=)
The following functions are provided:
urlsafe_b64encode($str)
urlsafe_b64decode($str)
If you prefer not to import these routines to your namespace, you can call them as:
use MIME::Base64::URLSafe ();
$encoded = MIME::Base64::URLSafe::encode($decoded);
$decoded = MIME::Base64::URLSafe::decode($encoded);
SEE ALSO
MIME::Base64
Fore more discussion on using base64 encoding in URL applications, see: http://en.wikipedia.org/wiki/Base64#URL_Applications
AUTHOR
Kazuho Oku <kazuho ___at___ labs.cybozu.co.jp>
Copyright (C) 2006 Cybozu Labs, Inc.
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.7 or,
at your option, any later version of Perl 5 you may have available.
perl v5.8.8 2006-01-05 MIME::Base64::URLSafe(3pm)