我对脚本具有MRR权限,但此功能已过时且无法正常运行。任何人都可以将其分解为可用的功能代码,以便我可以解决问题。我认为脚本中有多个功能。
function d($s, $k = '') {
if ($k == '') {
for ($i = 0; $i < strlen($s); $i) {
$d. = chr(hexdec(substr($s, $i, 2)));
$i = (float)($i) + 2;
}
return $d;
} else {
$r = '';
$f = d('6261736536345f6465636f6465');
$u = $f('Z3ppbmZsYXRl');
$s = $u($f($s));
for ($i = 0; $i < strlen($s); $i++) {
$c = substr($s, $i, 1);
$kc = substr($k, ($i % strlen($k)) - 1, 1);
$c = chr(ord($c) - ord($kc));
$r. = $c;
}
return $r;
}
}
eval(d("lZTpbts4FIXfq2iQZJIHcGWb1GJZkdekSRxrcdo0M5gZoEU3pIkXWQtpUdZOKm6D9rHmJUZ23EHR/pq/JC9573cOj4+bEomYXcjifQNoby6hcG8MewL8+329SVJqFaJEFWC+NiEodAPPwghLRw8ecZrwoxfkgM5zN0uhT0GUk8L2KPKqDoUDp07ZfWiZnwQnCcP8uVc40YSv+iF2zDHvZyzQ1N79aqUurMRKXZSrdN4NMJ3wmj4ZDRZxzKouiZZUn/DgpN1vDQfl1h/y74EXeyjRlcUyoabecgaG6hiyMvhWY7aTuX7VqLCUznIUhWPPViDgFcC1am2Bolk+JZL+256YojG1SN0AKQvnMU5Ce454QRBUwNdb23sa2s7+7n6nC976FtTXA2ZJhWVZhmgKYmJDVMRz5qbBP3WUJ0nIdvfLm920YnIvUJI6MS8F+J5iB83aXDMrOwQ7+5T4IZLgHC8XsogjRfjKHe4CAHPymevq4NJdWEWiCDhVQKd/et7UwN7eCu7uj7BLkgiLEkrLeyqHTw93CZaARW3fb8oXJMZkJHeOGroSpDg0ZQXU6PKzCsQkydYrQKkqlfVbB3tV0S3suJzd+RxES+R9L2+0Nm2gwovG7amgbw5Dct4/31TdOIGPZZFU9YpEnBX1w5UAV5ut/9pgbuFjo9mRlbNeGtAQaXIDgoCi6JPottqzsp+MxJENN3NVSkf5LHTAOUyKzMqdFDsWlnm9NjaujY+X47VwQhMKjGShdXS+AbV54mfhbmcG36ryXJuTKGEECfpaC1BFIXYDWdZJSX2otI+Uiy4OgtCQW48Q7kTS7N+UVSwPq8ppybkOxDzH8ALmLJ/kVuY7DmrW9WeT0fXlhxef+AaslSZZn9n2U4QRZ5ZWT6wQh9HcRRJ/Mxs+GqkiZXSpaHt7O/sc9HLkEb45QB51ExIUKI3MpnokGOqPK2vh1nqNRayqs3J2186QncaBp2jVgyeQkxybOQtC0S8QBvzd1Svzgzaptet8ia7mTQtvkSTkOzp3XNh+nJNfgE/vzBKdAFs/nFFOD5/CuujOmOUvqY/AEESl3zOUEnuKRUEK2WBNw/h/VYvHqtEvVVsjeV5al/WRebb+3YDiB8vsQGS7jpHiGM1jW7HDYBoZuv2YJFAGKqjdx9Fdf1rtVJo1SO3cQ7E5dpd27JsQHm39M2nP6h0g6oozNDo4WbIyN64MIJdVkuVQtAhzF98cT0CnKp+5MeyY8vajlSZRNx2Cb9WuggNUX/k4tKCfxunBzsETKcFlBqKfqaqlAQROUEXq2KHnHQ0P9krPY4vEvD5HfmFTQ3/5xjy7Ghq+qc+AQ+1FmXWIxdlZr5MnFIVd251/6cyTRS9OC5S3+sqgfdw6Oz57Lp+cDs7bvVb/4u31tS66i4b216XZ652cXPSOe/K7P18NGzi1zAVj0VDpPXbYsdzpQ9tNgm7GVObZ+dxXPkwj7/0mGLVFmWLDPlgkaWL0BRyzi2PJZ8MeYNPNPzW2wXjLV4opxYgNJ9x8Fs3j5S0/MJw0YsAtVb5Yebk3i8cwCb4gowumqZ9mRu54gxuE74FNwsp3Yus/mINkCayr6YPWxWEcjwa9eZnqpFTH3fJ5PdJevtN0xbNLJrnGb7TYUoU6oFl+S+1sWZqkycG1+dWfMvwr6LaQj7gAAZQgO+AYjdi/", 663607275));
答案 0 :(得分:2)
$ d在第5行未定义。修复:
function d($s, $k = '') {
if ($k == '') {
$d = "";
...
为了好玩,我解码了字符串。以下是它试图评估的内容。很基本的。为什么这么混淆?
if((isset($v) AND $v==0) OR (isset($t) AND $t==false)){
die('This script is protected by G-Encoder');
}
$search = str_replace(" ", "+",$search);
$search = str_replace("'", "", $search);
// The @ is to supress the function? errors
$fp = @fopen($newsfeed, 'r');
while(!feof($fp)){
$row .= @fgets($fp, 4096);
}
@fclose($fp);
if( eregi('(.*)', $row, $rowitem ) ) {
$item = explode('', $rowitem[0]); $i=0;
While($i < $maxshow) {
eregi('', $item[$i+1], $title );
$title = str_replace("", "", $title);
eregi('(.*)', $item[$i+1], $url );
$url = str_replace("", "", $url);
eregi('(.*)', $item[$i+1], $categorie);
$categorie = str_replace("", "", $categorie);
$categorie = str_replace("<", "<", $categorie);
$categorie = str_replace(">", ">", $categorie);
echo '' . $title[1] . ' ' . $categorie[1] . '';
$i++;
} //end while loop
$search = str_replace("+", " ",$search);
echo "View all $search items on eBay";
$search = str_replace(" ", "+",$search);
} //end if eregi stmt
我忘了提到我必须将“。=”更改为“。=”无处不在。
答案 1 :(得分:2)
if的第一个分支唯一用于解码
$f = d('6261736536345f6465636f6465');
作为十六进制ASCII码的简单序列,变为:
$f = 'base64_decode';
然后使用它来解码base64字符串Z3ppbmZsYXRl,后者变为:
$u = 'gzinflate';
所以它最终确实:
$s = gzinflate(base64_decode($s));
其中$s是底部的长输入字符串。
最后,底部的for循环使用简单的替换密码进行解码,其中d()的第二个参数是密钥。但是,它有语法错误(可能是PHP用来允许它):
$r. = $c;
应该是:
$r .= $c;
这是最终的结果(Johnny Mopp很接近,但他错过了某些字符串中的HTML代码):
if((isset($v) AND $v==0) OR (isset($t) AND $t==false)){
die('This script is protected by <a style=\"color:cyan\"
href=\"http://www.gencoder.sf.net\"><b><font color=\"#330099\">G-Encoder</font></b></a>');}
$search = str_replace(" ", "+",$search);
$search = str_replace("'", "",$search);
// The @ is to supress the function\264 errors
$fp = @fopen($newsfeed, 'r');
while(!feof($fp)){
$row .= @fgets($fp, 4096);
}
@fclose($fp);
if( eregi('<item>(.*)</item>', $row, $rowitem ) ) {
$item = explode('<item>', $rowitem[0]);
$i=0;
While($i < $maxshow) {
eregi('<title>(.*)</title>', $item[$i+1], $title );
$title = str_replace("<![CDATA[", "", $title);
$title = str_replace("]]>", "", $title);
eregi('<link>(.*)</link>', $item[$i+1], $url );
$url = str_replace("<![CDATA[", "", $url);
$url = str_replace("]]>", "", $url);
eregi('<description>(.*)</description>', $item[$i+1], $categorie);
$categorie = str_replace("<![CDATA[", "", $categorie);
$categorie = str_replace("]]>", "", $categorie);
$categorie = str_replace("<", "<", $categorie);
$categorie = str_replace(">", ">", $categorie);
echo '<B><font size=2 face=verdana,arial><a href="' .
$url[1] . '" target=_blank>' . $title[1] . '</a></font></B> ' .
$categorie[1] . '<br />';
$i++;
} //end while loop
$search = str_replace("+", " ",$search);
echo"<center><BR><B><i><a href=\"http://rover.ebay.com/rover/1/711-6294-2978-0/1?PID=$cj&AID=10369614&SID=&loc=http://search.ebay.com/ws/search/SaleSearch?fsoo=1&fsop=1&fts=1&ht=0&satitle=$search\"
target=\"_blank\"><font face=verdana size=2 color=red>
View all $search items on eBay</font></a></i></b><BR><BR><BR></center>";
$search = str_replace(" ", "+",$search);
} //end if eregi stmt