答案 0 :(得分:0)
这不会完全解码它。适应性留给你(这不是给我代码论坛):
$text = file_get_contents("b64");
while (preg_match("/([\w\(]+)['\"](.+)['\"]/ims", $text, $uu)) {
list($old, $funcs, $text) = $uu;
foreach (array_reverse(explode("(", $funcs)) as $func) {
if (in_array($func, array("base64_decode", "gzinflate", "gzdecode", "gzuncompress", "str_rot13"))) {
$text = $func($text);
}
}
print "$funcs\n";
}
print $text;
答案 1 :(得分:0)
一个非常简单的脚本http://pastebin.com/g2n8kxeZ
278后运行(约2分钟) - 原始文件 - http://pastebin.com/eyiycRkB
答案 2 :(得分:0)
它说(经过277次逃亡):
?><?php
/***************************************************************/
/* Call Custom Page Variables */
/***************************************************************/
require CWZ_FILES ."/inc/page-constants.php"; // Group Slider Gallery
/***************************************************************/
/* Call Custom Page Variables *END* */
/***************************************************************/
?>
<?php if($DYN_hidecontent!="yes") { ?>
etc.
无论那意味着什么。其余的已经posted by vlad。
使用过的脚本:
$code = file_get_contents('QmCdtDne.txt');
$done = 0; $level = 0;
while( ! $done ) {
$stuff = preg_split('/\'/', $code, 3);
$code = $stuff[1];
$decoder = preg_split('/\(/', $stuff[0]);
foreach(array_reverse($decoder) as $cmd) {
switch($cmd) {
case 'base64_decode': $code = base64_decode($code); break;
case 'str_rot13': $code = str_rot13($code); break;
case 'gzinflate': $code = gzinflate($code); break;
case '<? eval':
case '?><? eval':
printf("eval level %02d, length: %d", ++$level, strlen($code));
break;
case '': break;
default: $done = 1; break;
}
}
foreach(array_reverse($decoder) as $cmd) print(", $cmd");
print "\n";
if( ! count($decoder) || $level >= 277 ) $done = 1;
}
echo $code;
此致
RBO