情况很简单 - 以前的程序员被解雇了。他做的最好的事情 - 它混淆了PHP代码并删除了源文件。我尝试自己解码脚本,但是在我的更改后代码不起作用。也许有人可以帮忙解码?
pastebin.com/sgiEaCG0
pastebin.com/xC0q55U2
pastebin.com/pVXtk78k
为了解码我试试这个扩展:evalhook
答案 0 :(得分:9)
嗯,我只想做一个,但我有点迷上这个:) 它应该是可读的。 尝试一下,但如果没有错误,我会感到非常惊讶。但很容易猜到它现在是什么以及如何修复它。
这是第一个:(pfQtzgGx)
require_once('config.php');
if (isset($_GET['lang'])) {
$get_lang = mysql_escape_string($_GET['lang']);
} else {
$get_lang = 'ru';
}
$name1 = 'name1_'. $get_lang;
$name2 = 'name2_' . $get_lang;
$get_step = 0;
$code_len = 0;
if (isset($_GET['step'])) {
$get_step = mysql_escape_string($_GET['step']);
}
if (isset($_GET['code_len'])) {
$code_len = mysql_escape_string($_GET['code_len']);
}
if (isset($_GET['term'])) {
$get_term = mysql_escape_string($_GET['term']);
}
if ($get_step == 3 or $get_step == 4) {
$get_term_b64dec = base64_decode($get_term);
$get_term_binary = '';
for ($i = 0; $i < strlen($get_term_b64dec) - 1; $i += 2) {
$get_term_binary .= chr(hexdec($get_term_b64dec[$i] . $get_term_b64dec[$i + 1]));
}
$_9 = preg_split('/[.]/', $get_term_binary, -1, PREG_SPLIT_NO_EMPTY);
$_10 = $_9[4];
if ($get_step == 3) {
$get_step = 0;
} else {
$get_step = 1;
}
} else {
$_10 = substr($get_term, 0, strpos($get_term, '.'));
}
if ($get_step == 0) {
$query = "SELECT DISTINCT
pt_len.$name1 AS code,
pt_len.$name1 AS field
FROM feconi.pt_sort1
LEFT OUTER JOIN feconi.pt_len ON pt_sort1.id_pt_standard = pt_len.id_pt_standard
WHERE pt_sort1.id = \"$_10\"
AND pt_sort1.size1 BETWEEN pt_len.s1_min
AND pt_len.s1_max
AND pt_sort1.id_pt_type = pt_len.id_pt_type";
} else {
$query = "SELECT DISTINCT
pt_len.ID AS code,
pt_len.$name2 AS field
FROM feconi.pt_sort1
LEFT OUTER JOIN feconi.pt_len ON pt_sort1.id_pt_standard = pt_len.id_pt_standard
WHERE pt_sort1.id = \"$_10\"
AND pt_len.$name1 = \"$code_len\"
AND pt_sort1.size1
BETWEEN pt_len.s1_min AND pt_len.s1_max
AND pt_sort1.id_pt_type = pt_len.id_pt_type";
}
$result = @mysql_query($query);
if (mysql_num_rows($result) > 0) {
for ($i = 0; $i < mysql_num_rows($result); $i++) {
$row = mysql_fetch_array($result);
if (mysql_num_rows($result) == 1) {
$output = '[{"value":"' . $row['code'] . '","text":"' . $row['field'] . '"}';
} else {
if ($i == 0) {
$output = '[{"value":"' . $row['code'] . '","text":"' . $row['field'] . '"}';
} else {
$output = $output . ',{"value":"' . $row['code'] . '","text":"' . $row['field'] . '"}';
}
}
}
$output = $output . ']';
echo $_GET['jsoncallback'] . '(' . $output . ');';
}
这是第二个:wPaQ9L6Y
<?
require_once('config.php');
if (isset($_GET['term'])) {
$get_term = mysql_escape_string($_GET['term']);
}
if (isset($_GET['lvl'])) {
$get_lvl= mysql_escape_string($_GET['lvl']);
} else {
$get_lvl= 1;
}
if (isset($_GET['term1'])) {
$get_term1 = mysql_escape_string($_GET['term1']);
}
if (isset($_GET['term2'])) {
$get_term2 = mysql_escape_string($_GET['term2']);
} else {
$get_term2 = 1;
}
if ($get_term2 == 2) {
$term1_b64dec = base64_decode($get_term1);
$term1_binary = '';
for ($i = 0; $i < strlen($term1_b64dec) - 1; $i += 2) {
$term1_binary .= chr(hexdec($term1_b64dec[$i] . $term1_b64dec[$i + 1]));
}
$term1_ID = preg_split('/[.]/', $term1_binary, -1, PREG_SPLIT_NO_EMPTY);
$sort1_ID = $term1_ID[4];
if ($get_term2 == 3) {
$get_term2 = 0;
} else {
$get_term2 = 1;
}
} else {
$sort1_ID = substr($get_term1, 0, strpos($get_term1, '.'));
}
$query = "SELECT
pt_len.code_len AS code_len,
pt_len.w_min AS w_min,
pt_len.w_max AS w_max,
pt_len.l_min AS l_min,
pt_len.l_max AS l_max,
pt_len.w_step AS w_step,
pt_len.l_step AS l_step,
pt_len.width AS width,
pt_len.len AS len,
pt_len.default_w AS default_w,
pt_len.default_l AS default_l,
pt_sort1.weight AS weight,
pt_sort1.measure2 AS measure2
FROM feconi.pt_len
INNER JOIN pt_sort1 ON pt_len.id_pt_standard = pt_sort1.id_pt_standard
AND pt_len.id_pt_type = pt_sort1.id_pt_type
WHERE pt_len.ID = \"$get_term\"
AND pt_len.level <= \"$get_lvl\"
AND pt_sort1.ID = \"$sort1_ID\"";
$result = @mysql_query($query);
if (mysql_num_rows($result) > 0) {
$row = mysql_fetch_array($result);
$output = '{"code_len":"' . $row['code_len'] . '","w_min":"' . $row['w_min'] . '","w_max":"' . $row['w_max'] . '",';
$output = $output . '"l_min":"' . $row['l_min'] . '","l_max":"' . $row['l_max'] . '","w_step":"' . $row['w_step'] . '",';
$output = $output . '"l_step":"' . $row['l_step'] . '","width":"' . $row['width'] . '","len":"' . $row['len'] . '",';
$output = $output . '"default_w":"' . $row['default_w'] . '","default_l":"' . $row['default_l'] . '",';
$output = $output . '"weight":"' . $row['weight'] . '","measure2":"' . $row['measure2'] . '"}';
echo $_GET['jsoncallback'] . '(' . $output . ');';
}
?>
第三个:(sgiEaCG0)
require_once('config.php');
if (isset($_GET['lang'])) {
$get_lang = mysql_escape_string($_GET['lang']);
} else {
$get_lang = 'ru';
}
$name_lang = 'name_' . $get_lang;
$_2 = 0;
$_3 = 0;
if (isset($_GET['term'])) {
$get_term = mysql_escape_string($_GET['term']);
}
$query = "SELECT
pt_unt.$name_lang AS `text`,
pt_unt.id AS value
FROM rol_lenunt
LEFT OUTER JOIN pt_unt ON rol_lenunt.unt = pt_unt.id
RIGHT OUTER JOIN pt_len ON pt_len.code_len = rol_lenunt.len
WHERE pt_len.id = \"$get_term\"";
$result = @mysql_query($query);
if (mysql_num_rows($result) > 0) {
$output = '[';
for ($i = 0; $i < mysql_num_rows($result); $i++) {
$row = mysql_fetch_array($result);
if (strlen($output) <> 1) {
$output .= ',';
}
$output .= '{"text":"' . $row['text'] . '","value":"' . $row['value'] . '"}';
}
$output .= ']';
echo $_GET['jsoncallback'] . '(' . $output . ');';
} else {
echo 'sorry';
}
#4:(xC0q55U2)
if (isset($_GET['q'])) {
$get_q = mysql_escape_string($_GET['q']);
}
$get_q = base64_decode($get_q);
$q_binary = '';
for ($i = 0; $i < strlen($get_q) - 1; $i += 2) {
$q_binary .= chr(hexdec($get_q[$i] . $get_q[$i + 1]));
}
$q_splitted = preg_split('/[.]/', $q_binary, -1, PREG_SPLIT_NO_EMPTY);
$_4 = $q_splitted[4];
$_5 = $q_splitted[6];
$_6 = $q_splitted[15];
$_7 = $q_splitted[16];
$_8 = '{"value":"' . $_4 . '.' . $_5 . '","APclass":"' . $_6 . '","apOther":"' . $_7 . '"}';
echo $_GET['jsoncallback'] . '(' . $_8 . ');';
最后:pVXtk78k
require_once('config.php');
if (isset($_GET['q'])) {
$get_q = mysql_escape_string($_GET['q']);
}
$query = "SELECT
lc_region.adv_supplier AS adv_supplier ,
lc_region.adv_supplier_web AS adv_supplier_web ,
lc_region.adv_stock AS adv_stock ,
lc_region.adv_stock_web AS adv_stock_web ,
lc_region.adv_producer AS adv_producer ,
lc_region.adv_producer_web AS adv_producer_web
FROM lc_region
WHERE lc_region.id = $get_q";
$result = @mysql_query($query);
if (mysql_num_rows($result) > 0) {
for ($i = 0; $i < mysql_num_rows($result); $i++) {
$row = mysql_fetch_array($result);
$output = '{"trade_0_filed_2":"' . $row['adv_supplier'] .
'","trade_0_filed_2_web":"' . $row['adv_supplier_web'] .
'","trade_1_filed_2":"' . $row['adv_stock'] .
'","trade_1_filed_2_web":"' . $row['adv_stock_web'] .
'","trade_2_filed_2":"' . $row['adv_producer'] .
'","trade_2_filed_2_web":"' . $row['adv_producer_web'] . '"}';
}
echo $_GET['jsoncallback'] . '(' . $output . ');';
}