localhost上的Base 64编码器?

时间:2011-09-27 17:38:10

标签: php syntax

我已将此脚本放在我的localhost上,但它似乎格式不正确(应该显示一个输入字段用于编码,一个用于解码base64。

作者的网站显然已经黑了。任何想法如何解决或获得一个新的?

<?
// PHP OBFUSCATOR
// (C)2003 Richard Fairthorne -- http://richard.fairthorne.is-a-geek.com
// --------------------------
// Permission is granted to disctibute this file UNMODIFIED from its original
// form. All other rights are reserved.

function splitByNewline($string, $length) {
    while (strlen($string)>0) {
    $newstring.=substr($string, 0, $length) . "\n";
    $string=substr($string, $length);
    }
  return $newstring;
}

echo "<big><b>Free Code Obfuscator (PHP, PERL)</b></big><br>By <a href='http://richard.fairthorne.is-a-geek.com'>Richard Fairthorne</a><hr>";

$b64_input=stripslashes($b64_input);
switch($b64_action) {
    case "perl_encode":
      $output=$b64_input;
         $output=base64_encode($output);
    $output=splitByNewline($output,40);
    $output="#!/usr/bin/perl\nuse MIME::Base64;\neval(decode_base64('\n$output'));";

    $ilength=strlen($b64_input);
    $olength=strlen($output);

    ?>
    <table border=0 width=100%><tr><td valign=top>
    <textarea rows=18 cols=60 name=done><?=$output;?></textarea>
    </td><td valign=top>
    <b>PERL code obfuscated!</b><br><br>

    Your PERL code has been obfuscated. 
    <br><br>
    <font color=maroon>
    Obfuscation-Strength: Normal (Fast code execution)<br>
    Compatibility: 100% Code compatibility<br>
    Input Length: <?=$ilength;?><br>
    Output Length: <b><?=$olength;?></b><br>
    </font>
    <br>
    To use the code, simply cut and paste it in place of the old code. You may need to update the perl path.
    It is important to understand that code obfuscation can act as a deterrant, but is not a replacement
    for encryption.<br><br>

    <a href='?'>Click here</a> to obfuscate another page.
    </td></tr></table>
    <?
  break;
    case "php_encode":
      $output=$b64_input;
         $output=gzdeflate("?>".$output."<?",9);
         $output=base64_encode($output);
    $output=splitByNewline($output,40);
    $output="<? eval(gzinflate(base64_decode('\n$output'))); ?>";

    $ilength=strlen($b64_input);
    $olength=strlen($output);

    ?>
    <table border=0 width=100%><tr><td valign=top>
    <textarea rows=18 cols=60 name=done><?=$output;?></textarea>
    </td><td valign=top>
    <b>PHP code obfuscated!</b><br><br>

    Your PHP code has been obfuscated. 
    <br><br>
    <font color=maroon>
    Obfuscation-Strength: Normal (Fast code execution)<br>
    Compatibility: Zlib Required. 100% Code compatibility<br>
    Input Length: <?=$ilength;?><br>
    Output Length: <b><?=$olength;?></b><br>
    </font>
    <br>
    To use the code, simply cut and paste it in place of the old code.
    It is important to understand that code obfuscation can act as a deterrant, but is not a replacement
    for encryption.<br><br>

    <a href='?'>Click here</a> to obfuscate another page.
    </td></tr></table>
    <?
  break;
    case "php_encode_hi":
      $output=$b64_input;
    for ($b64_counter=0; $b64_counter<10; $b64_counter++) {
          $output=gzdeflate("?>".$output."<?",9);
          $output=base64_encode($output);
      $output="<? eval(gzinflate(base64_decode('$output'))); ?>";
    }
        $output=gzdeflate("?>".$output."<?",9);
        $output=base64_encode($output);
    $output="<? eval(gzinflate(base64_decode('\n$output'))); ?>";

    $ilength=strlen($b64_input);
    $olength=strlen($output);

    ?>

    <table border=0 width=100%><tr><td valign=top>
    <textarea rows=18 cols=60 name=done><?=$output;?></textarea>
    </td><td valign=top>
    <b>PHP code obfuscated!</b><br><br>

    Your PHP code has been obfuscated. 
    <br><br>
    <font color=maroon>
    Obfuscation-Strength: Trecherous (Best Protection)<br>
    Compatibility: Zlib Required. 100% Code Compatibility.<br>
    Input Length: <?=$ilength;?><br>
    Output Length: <b><?=$olength;?></b><br>
    </font>
    <br>
    To use the code, simply cut and paste it in place of the old code.
    It is important to understand that code obfuscation can act as a deterrant, but is not a replacement
    for encryption.<br><br>

    <a href='?'>Click here</a> to obfuscate another page.
    </td></tr></table>
    <?
  break;
  // case "decode":
  //     $output=htmlentities(base64_decode($b64_input),ENT_QUOTES);
  // break;
  default:
    ?>
    <table border=0 width=100%><tr><td valign=top>
    <form method=post>
    <textarea  name=b64_input cols=60 rows=16></textarea><br>
    <SELECT name=b64_action>
    <OPTION value='php_encode'>PHP - Normal Strength - Compressed</OPTION>
    <OPTION value='php_encode_hi'>PHP - Trecherous Strength - Compressed</OPTION>
    <OPTION value='perl_encode'>PERL - Normal Strength</OPTION>
    </SELECT>
    <input type=submit name=submit value='obfuscate'>
    <!-- <input type=submit name=b64_action value=decode> -->
    </form>
    </td><td valign=top>
    <b>Free Code obfuscator</b><br><br>

    If you would like a quick way to hide your php code from prying eyes, try this PHP code obfuscator.<br><br>Copy an entire PHP page, into the obfuscator, and it will return a code that also works on any PHP server, but is not human readable.<br><br>

        With code 5k or bigger, you may notice that the obfuscated code is smaller than the original code. You can thank me later.
    </td></tr></table>
    <?  
  break;
}
?>

2 个答案:

答案 0 :(得分:1)

将所有<?更改为<?php

然后使用以下内容打破对register_globals的依赖:

// Change this
//$b64_input=stripslashes($b64_input);
// To:
$b64_input=isset($_POST['b64_input']) ? stripslashes($_POST['b64_input']) : "";

// And below it, add:
$b64_action = isset($_POST['b64_action']) ? $_POST['b64_action'] : "";

另外,修复这些短开标记依赖项:

Ln 43 - 44:
Input Length: <?php echo $ilength;?><br>
Output Length: <b><?php echo $olength;?></b><br>

Ln 67: <textarea rows=18 cols=60 name=done><?php echo $output;?></textarea>

Ln 105:  <textarea rows=18 cols=60 name=done><?php echo $output;?></textarea>

Ln 114 - 115:
Input Length: <?php echo $ilength;?><br>
Output Length: <b><?php echo $olength;?></b><br>

通过上述更改,我能够成功地混淆混淆器代码。

答案 1 :(得分:1)

老实说我从不使用这段代码。它只是糟糕的PHP和HTML代码。 (由于大写的HTML标签和对全局变量的依赖,它似乎可能已经过时了。)

如果您只想使用Base 64 Encode并进行解码,那就像它一样容易(在我的脑海中):

<!DOCTYPE html>
<html>
    <head><title>Meh</title></head>
    <body>
       <form action="" method="POST">
          <select name="action">
              <option value="encode">Base64 Encode</option>
              <option value="decode">Base64 Decode</option>
          </select><br />
          <textarea name="content"></textarea><br />
          <input type="submit" value="Base64 It!" />
       </form>

    <?php
       if($_SERVER['REQUEST_METHOD'] == "POST"){
           if($_POST['action'] == "decode")
                echo base64_decode($_POST['content']);
           else
                echo base64_encode($_POST['content'])
       }
     ?>
     </body>
</html>

这只是我刚写的一个粗略的例子,当然 - 但它应该足够了,除非你试图做更多的事情。

晒。

相关问题
最新问题