03-07-2013
The huge block-o-stuff is base64-encoded. Decoding it just gets you more junk. It's nested nested nestings crammed into evals crammed into evals, with all the variable names altered into garbage, so it will take much persistence and detective work to unravel. It's probably been through a mutator script. They sacrificed a lot of efficiency for this obscureness -- PHP has to undo all this doublethink step by step.
You can use the online
base64 decoder to decode that text and other text like it.
The \x78 stuff is escape sequences for ASCII characters. \x78 is 'x' for instance.
Last edited by Corona688; 03-07-2013 at 12:21 PM..
This User Gave Thanks to Corona688 For This Post:
9 More Discussions You Might Find Interesting
1. Programming
Well this year i decided to enter the International Obfuscated C Code Contest. This was my first attempt at writing obfuscated C (at least purposely), so I am sure that this is kids-stuff for the real obfuscation gurus. Anyway, the results are out, and I am not a finalist (I wasn't expecting to... (5 Replies)
Discussion started by: PxT
5 Replies
2. UNIX for Dummies Questions & Answers
Appreciate your thoughts....I m very new to this. Anyone here have the similar experience and work around. Thanks.
Use scp to send a file from HP-UX to SUN box successfully but return code randomly being generated. The majority of time reports 1 (meaning not ok) and sometime 0 (OK).
When scp... (0 Replies)
Discussion started by: huiraym
0 Replies
3. Shell Programming and Scripting
hi
please can anyone help me in decoding shell commands.
i need a way to decode the encrypted shell commands. (8 Replies)
Discussion started by: rochitsharma
8 Replies
4. IP Networking
Hi, wondering if anyone can suggest a tool to me that will let me either cut & paste hex or type it in for packet decoding.
I want to be able to decode a packet as done with tcpdump or wireshark, but I want to be able to manually input the hex myself. (2 Replies)
Discussion started by: Breakology
2 Replies
5. Ubuntu
Hi
I am new to expect. Please if any one can help on my issue its really appreciable. here is my issue:
I want expect script for random passwords and random commands generation.
please can anyone help me?
Many Thanks in advance (0 Replies)
Discussion started by: vanid
0 Replies
6. UNIX for Dummies Questions & Answers
Hi,
If my input string is 3a3b4c then my result should be aaabbbcccc. Please guide me how to achieve this in a bash script.
Thanks (18 Replies)
Discussion started by: pandeesh
18 Replies
7. Shell Programming and Scripting
ello, I am trying to remove obfuscated code in multiple files on a server, the malicious code is surronded by
/*km0ae9gr6m*//*qhk6sa6g1c*/
I had success removing from some files using this command
sed -i ':strt;s|/\*km0ae9gr6m\*/*/\*qhk6sa6g1c\*/||g;/\/\*km0ae9gr6m\*\//{N;b strt}'... (5 Replies)
Discussion started by: cuantica
5 Replies
8. Shell Programming and Scripting
Need to use dd to generate a large file from a sample file of random data. This is because I don't have /dev/urandom.
I create a named pipe then:
dd if=mynamed.fifo do=myfile.fifo bs=1024 count=1024
but when I cat a file to the fifo that's 1024 random bytes:
cat randomfile.txt >... (7 Replies)
Discussion started by: Devyn
7 Replies
9. Shell Programming and Scripting
I am trying to understand a UNIX script which FTPs certain files from a remote location to the local machine. I understand the basic FTP command but the UNIX script uses the following command:
ftp -n -i -v > $logftp_trg 2>&1 <<!
open $MFX_FTP_SERVER
user $MFX_FTP_LOGIN $MFX_FTP_PWD
Can anyone... (5 Replies)
Discussion started by: Bhavesh Sharma
5 Replies
LEARN ABOUT DEBIAN
auth::yubikey_decrypter
Auth::Yubikey_Decrypter(3pm) User Contributed Perl Documentation Auth::Yubikey_Decrypter(3pm)
NAME
Auth::Yubikey_Decrypter - Decrypting the output from the yubikey token
VERSION
Version 0.07
SYNOPSIS
The decryption module does only one thing - decrypt the AES encrypted OTP from the Yubikey. To this, it requires the OTP, and the AES key.
Please note - this module does not perform authentication - it is a required component to decrypt the token first before authentication can
be performed.
#!/usr/bin/perl
use strict;
use Auth::Yubikey_Decrypter;
my $fulltoken = "dteffujehknhfjbrjnlnldnhcujvddbikngjrtgh";
my $aeskey = "ecde18dbe76fbd0c33330f1c354871db";
my ($publicID,$secretid_hex,$counter_dec,$timestamp_dec,$session_use_dec,$random_dec,$crc_dec,$crc_ok) =
Auth::Yubikey_Decrypter::yubikey_decrypt($fulltoken,$aeskey);
print "publicID : $publicID
";
print "Secret id : $secretid_hex
";
print "Counter : $counter_dec
";
print "Timestamp : $timestamp_dec
";
print "Session : $session_use_dec
";
print "Random : $random_dec
";
print "crc : $crc_dec
";
print "crc ok? : $crc_ok
";
FUNCTIONS
yubikey_decrypt
Input : token aeskey
Token - received by the Yubikey aeskey - either the modhex or hex AES key for your Yubikey (contact Yubico if you don't have the AES key)
Output :
$publicID $secretid_hex $counter_dec $timestamp_dec $session_use_dec $random_dec $crc_dec $crc_ok
yubikey_modhex_decode
Input : the modhex code Output : decoded modhex code in hex
yubikey_crc_check
Performs a crc check on the decoded data
REQUIRES
Perl 5, Crypt::Rijndael
Order your Yubikey from <http://www.yubico.com>
BUGS
Please report any bugs or feature requests to "bug-auth-yubikey_decrypter at rt.cpan.org", or through the web interface at
<http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Auth-Yubikey_Decrypter>. I will be notified, and then you'll automatically be notified of
progress on your bug as I make changes.
SUPPORT
You can find documentation for this module with the perldoc command.
perldoc Auth::Yubikey_Decrypter
You can also look for information at:
o RT: CPAN's request tracker
<http://rt.cpan.org/NoAuth/Bugs.html?Dist=Auth-Yubikey_Decrypter>
o AnnoCPAN: Annotated CPAN documentation
<http://annocpan.org/dist/Auth-Yubikey_Decrypter>
o CPAN Ratings
<http://cpanratings.perl.org/d/Auth-Yubikey_Decrypter>
o Search CPAN
<http://search.cpan.org/dist/Auth-Yubikey_Decrypter>
AUTHOR
Phil Massyn, "<phil at massyn.net>"
ACKNOWLEDGEMENTS
Based a lot on PHP code by : PHP yubikey decryptor v0.1 by Alex Skov Jensen Thanks to almut from <http://perlmonks.org> for code guidance
Thanks to Mark Foobar <http://blog.maniac.nl> for reporting the -32 bug on line 91 and 92.
COPYRIGHT & LICENSE
Copyright 2008 Phil Massyn, all rights reserved.
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
perl v5.10.1 2009-12-12 Auth::Yubikey_Decrypter(3pm)