Rebill's Blog

破解WordPress主题eval(base64_decode加密

加密方式一：eval(gzinflate(base64_decode("codes")))
破解代码：

< ?php
/*
Taken from http://www.php.net/manual/
de/function.eval.php#59862
Directions:
1. Save this snippet as decrypt.php
2. Save encoded PHP code in coded.txt
3. Create a blank file called decoded.txt 
(from shell do CHMOD 0666 decoded.txt)
4. Execute this script (visit decrypt.php in 
a web browser or do php decrypt.php in the shell)
5. Open decoded.txt, the PHP should be decrypted 
if not post the code on http://www.ariadoss.
com/forums/web-development/lamp
gzinflate执行PHP eval加密代码的解密方法翻译为中文后的文字
(此段汉字原始文件里面可没.嘿)
1. 把这整段脚本保存为decrypt.php
2. 把需要解密的代码保存为coded.txt并且和decrypt.php在同一目录.
3. 创建一个空白文件命名为 decoded.txt (必须把 decoded.
txt 的权限设置为CHMOD 0666,也就是可以写入的.当然,你可以
不创建文件文件.只要文件夹有写入权限,脚本便会自动创建一个
名为decoded.txt的文档. )
4. 运行PHP eval加密解密脚本 (浏览器中运行decrypt.php 即访问 http:
//您的域名/存放目录/decrypt.php)
5. 打开 decoded.txt, 代码应该已经解密完成，如果出现错误请
把代码发送到 http://www.ariadoss.com/forums/web-
development/lamp
*/
echo "\nDECODE nested eval(gzinflate()) by DEBO 
Jurgen /", "", $contents);
eval(preg_replace("/eval/", "\$contents=", 
$contents)); } echo "3. Writing decoded.txt\n"; 
$fp2 = fopen("decoded.txt","w"); fwrite($fp2, 
trim($contents)); fclose($fp2);

加密方式二：eval(base64_decode
破解方法：
例如：
<?php /* WARNING: This file is protected by copyright law. To reverse engineer or decode this file is strictly prohibited. */
$o="QAAADTs4d293J25pZGtyY2InLwAAU0JKV0tGU0JXRlNPJyknIACAKGVoc3NoaikCUCAuPCc4OQ0AEg0ODg07KGNucTkOAKANOwCgJwAQbmM6JWFoaHNidSUCEA0ODUQAEmh3fnVuYG9zJyFkALA8JwZzYgASZG9oJ2Nmc2IvIF4E8Dg5AYRlAARraGBuaWFoLyBpZmpiAaMhaQwAY2Z0bwOlAidjYnRkdW53c25oYABpApAJICk7ZXUnKDkNRmljdWgAAG5jZidzb2JqYidhdWhqJzsAAGYnb3ViYTolb3Nzdz0oKHAAAnBwKWJxYnV+c29uaWBmAyMpAABodWAoYWh1cmolJ3Nuc2tiKgA6JQTEJwFidAFwZnVgYnM6JVhlAj5rZmlsJTkCCzsoZg9wEXUR5AB2FhJwKiB3WBITLxRjOxWQY345AlBvc2prORAAJw0nABE=";eval(base64_decode("JGxsbD0wO2V2YWwoYmFzZTY0X2RlY29kZSgiSkd4c2JHeHNiR3hzYkd4c1BTZGlZWE5sTmpSZlpHVmpiMlJsSnpzPSIpKTskbGw9MDtldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd3OUoyOXlaQ2M3IikpOyRsbGxsPTA7JGxsbGxsPTM7ZXZhbCgkbGxsbGxsbGxsbGwoIkpHdzlKR3hzYkd4c2JHeHNiR3hzS0NSdktUcz0iKSk7JGxsbGxsbGw9MDskbGxsbGxsPSgkbGxsbGxsbGxsbCgkbFsxXSk8PDgpKyRsbGxsbGxsbGxsKCRsWzJdKTtldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd4c2JHdzlKM04wY214bGJpYzciKSk7JGxsbGxsbGxsbD0xNjskbGxsbGxsbGw9IiI7Zm9yKDskbGxsbGw8JGxsbGxsbGxsbGxsbGwoJGwpOyl7aWYoJGxsbGxsbGxsbD09MCl7JGxsbGxsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTw8OCk7JGxsbGxsbCs9JGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTskbGxsbGxsbGxsPTE2O31pZigkbGxsbGxsJjB4ODAwMCl7JGxsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTw8NCk7JGxsbCs9KCRsbGxsbGxsbGxsKCRsWyRsbGxsbF0pPj40KTtpZigkbGxsKXskbGw9KCRsbGxsbGxsbGxsKCRsWyRsbGxsbCsrXSkmMHgwZikrMztmb3IoJGxsbGw9MDskbGxsbDwkbGw7JGxsbGwrKykkbGxsbGxsbGxbJGxsbGxsbGwrJGxsbGxdPSRsbGxsbGxsbFskbGxsbGxsbC0kbGxsKyRsbGxsXTskbGxsbGxsbCs9JGxsO31lbHNleyRsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTw8OCk7JGxsKz0kbGxsbGxsbGxsbCgkbFskbGxsbGwrK10pKzE2O2ZvcigkbGxsbD0wOyRsbGxsPCRsbDskbGxsbGxsbGxbJGxsbGxsbGwrJGxsbGwrK109JGxsbGxsbGxsbGwoJGxbJGxsbGxsXSkpOyRsbGxsbCsrOyRsbGxsbGxsKz0kbGw7fX1lbHNlJGxsbGxsbGxsWyRsbGxsbGxsKytdPSRsbGxsbGxsbGxsKCRsWyRsbGxsbCsrXSk7JGxsbGxsbDw8PTE7JGxsbGxsbGxsbC0tO31ldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd4c2JEMG5ZMmh5SnpzPSIpKTskbGxsbGw9MDtldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkQwaVB5SXVKR3hzYkd4c2JHeHNiR3hzYkNnMk1pazciKSk7JGxsbGxsbGxsbGw9IiI7Zm9yKDskbGxsbGw8JGxsbGxsbGw7KXskbGxsbGxsbGxsbC49JGxsbGxsbGxsbGxsbCgkbGxsbGxsbGxbJGxsbGxsKytdXjB4MDcpO31ldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkM0OUpHeHNiR3hzYkd4c2JHd3VKR3hzYkd4c2JHeHNiR3hzYkNnMk1Da3VJajhpT3c9PSIpKTtldmFsKCRsbGxsbGxsbGwpOw=="));return;?>
首先把eval改成echo
结果将会变成：
<?php

/* WARNING: This file is protected by copyright law. To reverse engineer or decode this file is strictly prohibited. */
$o = "QAAADTs4d293J25pZGtyY2InLwAAU0JKV0tGU0JXRlNPJyknIACAKGVoc3NoaikCUCAuPCc4OQ0AEg0ODg07KGNucTkOAKANOwCgJwAQbmM6JWFoaHNidSUCEA0ODUQAEmh3fnVuYG9zJyFkALA8JwZzYgASZG9oJ2Nmc2IvIF4E8Dg5AYRlAARraGBuaWFoLyBpZmpiAaMhaQwAY2Z0bwOlAidjYnRkdW53c25oYABpApAJICk7ZXUnKDkNRmljdWgAAG5jZidzb2JqYidhdWhqJzsAAGYnb3ViYTolb3Nzdz0oKHAAAnBwKWJxYnV+c29uaWBmAyMpAABodWAoYWh1cmolJ3Nuc2tiKgA6JQTEJwFidAFwZnVgYnM6JVhlAj5rZmlsJTkCCzsoZg9wEXUR5AB2FhJwKiB3WBITLxRjOxWQY345AlBvc2prORAAJw0nABE=";
$lll = 0;
eval(base64_decode("JGxsbGxsbGxsbGxsPSdiYXNlNjRfZGVjb2RlJzs="));
$ll = 0;
eval($lllllllllll("JGxsbGxsbGxsbGw9J29yZCc7"));
$llll = 0;
$lllll = 3;
eval($lllllllllll("JGw9JGxsbGxsbGxsbGxsKCRvKTs="));
$lllllll = 0;
$llllll = ($llllllllll($l[1]) << 8) + $llllllllll($l[2]);
eval($lllllllllll("JGxsbGxsbGxsbGxsbGw9J3N0cmxlbic7"));
$lllllllll = 16;
$llllllll = "";
for (; $lllll < $lllllllllllll($l);) {
    if ($lllllllll == 0) {
        $llllll = ($llllllllll($l[$lllll++]) << 8);
        $llllll+=$llllllllll($l[$lllll++]);
        $lllllllll = 16;
    }if ($llllll & 0x8000) {
        $lll = ($llllllllll($l[$lllll++]) << 4);
        $lll+= ( $llllllllll($l[$lllll]) >> 4);
        if ($lll) {
            $ll = ($llllllllll($l[$lllll++]) & 0x0f) + 3;
            for ($llll = 0; $llll < $ll; $llll++
                )$llllllll[$lllllll + $llll] = $llllllll[$lllllll - $lll + $llll];$lllllll+=$ll;
        } else {
            $ll = ($llllllllll($l[$lllll++]) << 8);
            $ll+=$llllllllll($l[$lllll++]) + 16;
            for ($llll = 0; $llll < $ll; $llllllll[$lllllll + $llll++] = $llllllllll($l[$lllll])
                );$lllll++;
            $lllllll+=$ll;
        }
    }else
        $llllllll[$lllllll++] = $llllllllll($l[$lllll++]);$llllll<<=1;
    $lllllllll--;
}eval($lllllllllll("JGxsbGxsbGxsbGxsbD0nY2hyJzs="));
$lllll = 0;
eval($lllllllllll("JGxsbGxsbGxsbD0iPyIuJGxsbGxsbGxsbGxsbCg2Mik7"));
$llllllllll = "";
for (; $lllll < $lllllll;) {
    $llllllllll.=$llllllllllll($llllllll[$lllll++] ^ 0x07);
}eval($lllllllllll("JGxsbGxsbGxsbC49JGxsbGxsbGxsbGwuJGxsbGxsbGxsbGxsbCg2MCkuIj8iOw=="));
eval ($lllllllll);
然后把最后一句的eval换成echo或者file_put_contents ('cracked.txt', $lllllllll); 大功告成！

PS.此方法仅供参考，并不提倡大家去破解。如非特殊情况，请尊重主题作者，保留版权。

Typecho主题Prower V3发布下载(移植于WordPress主题)

下载地址:prowerV3.zip