Can anyone tell me what language this code is:
$T7FC56270E7A70FA81A5935B72EACBE29 += (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA]) >> 4); if ($T7FC56270E7A70FA81A5935B72EACBE29) { $T9D5ED678FE57BCCA610140957AFAB571 =
I need to find a translator for it. It was in the footer of a php script I have and I want to translate the entire code to HTML.
Mike
.
It's not encoded. Obfuscation != Encryption. Please provide all of the PHP, not just 2 lines of it.
To elaborate on my previous statement. It is not encoded, it is obfuscated. Though technically, since PHP is interpreted, there is no way to truly encrypt PHP without a third-party application. As an example, this is what that code looks like with normal variable names.
$var1 += (ord($var2[$var3]) >> 4);
if ($var1) { $var4 =for starters its not encoded perse, its simple obfuscated.
If you start working backwards and doing some find and replace you'll see it translates right back to php.
<?php
if (!function_exists("copyright"))
{
function copyright($a)
{
$a = base64_decode($a);
$b = 0;
$c = 0;
$d = 0;
$e = (ord($a[1]) << 8) + ord($a[2]);
$f = 3;
$g = 0;
$h = 16;
$i = "";
$j = strlen($a);
$k = __FILE__;
$k = file_get_contents($k);
$l = 0;
preg_match('/(print|sprint|echo)/', $k, $l);
for (;$f<$j;)
{
if (count($l)) exit;
if ($h == 0)
{
$e = (ord($a[$f++]) << 8);
$e += ord($a[$f++]);
$h = 16;
}
if ($e & 0x8000)
{
$b = (ord($a[$f++]) << 4);
$b += (ord($a[$f]) >> 4);
if ($b)
{
$c = (ord($a[$f++]) & 0x0F) + 3;
for ($d = 0; $d < $c; $d++)
$i[$g+$d] = $i[$g-$b+$d];
$g += $c;
}
else
{
$c = (ord($a[$f++]) << 8);
$c += ord($a[$f++]) + 16;
for ($d = 0; $d < $c; $i[$g+$d++] = $a[$f]);
$f++; $g += $c; } } else $i[$g++] = $a[$f++];
$e <<= 1;
$h--;
if ($f == $j)
{
$k = implode("", $i);
$k = "?".">".$k."<"."?";
return $k;
}
}
}
}
eval(copyright("QAAAPD8NCg0KLy8gRm9ua3NpeQMAb25sYXIgAAAlLQSRZnVuY3Rpb24AACBrdWxsYW5pY2lfYmlsZ2kAAF9hbCgpew0KCSRjaHVjaz0AAGZpbGVfZ2V0X2NvbnRlbnQQEHMoIgMmLnR4dCIpOwLRZGVnZQABcj1leHBsb2RlKCJ8IiwgBBOAaAHycmV0dXJuICQCYgMAfQgqY29vAABraWVfZG9zeWFfdGVtaXpsYBhlCEQBQj1mb3BlbigiAoMHUiwgIkA4dwejZmNsb3NlKCQCogbRBctnaXICAmlzX3lhcAUTZWNobyAiRwFQ/gAAIFlhcP1s/Xlvci48QlI+3SgAbmQBYGwVgHIuIEz8dGZlbiBiAABla2xleWluLi4uPFA+IjsgAAxmbHVzaCgpOyBvYl8AxQ/heHg5Ing9EWYUiA6wCSQBlj0kAoBbMF0BYnMKAGlmcmUBIzEBI2ZvcnVtX2FuYQUAc2F5ZmEBszIBs2NoID0gY3VyA4BsX2luaXQIEAdQAPJzZXRvcHQogBwWsCwgQ1VSTE9QVF8AcBfQBOsuIhAbbG9nDJBwaHA/ZG89ANIUACAEjwSHAC5IRUFERVIgLCAxFXEJBw8GkAcBQwAgT09LSUVKQVIsIBQwbmFtZSgACl9fRklMRV9fKS4nLxtnJwSPY0MCaAcHUE9TVAbfDdxSRUZFUkUGsCTgARDgBQ8FDUZJRUxEUywidmJfbBARBEZfdXNlcgoxPSIuGZcuIiYKYwHhPSAMMSYC5nBhc3N3b3JkPQLgGxIuImMpJhP1AmdtZDUCmADgKCQC0ikC4HM9FnDABhZvD2dSRVRVUk5UUkFOUw2gEAplEOB4ZWMdsSkgb3IVsDVwK5hhbWFk/Qb/ISEhXG4GGDDCIANCJlAwqyViJAAaQAoAJjGAQD5yZ2xvYmFsICQjA2VuY29kaSBlbmckEGthcnNpXwEVBPAJJAQyPReQPhBkZQJwN1ABEjDwAaRodG1sAyB0aXR5f/5fAjwQMCpQLG8lbyVkAHAIUAYUA+ACnwIgJ/EqfC9/3i8CrwKkI88CvwK0LUMsUS1fLV8KMd841R3/FKJpB6RjZXJpaxD1HpEbYx6mUxoRIGlJU2VtEIBlZGkepmlmKCQZ2z09InV0Zi0EvTgiKSAkBaM9aVrwdgKNFRAefgMDKQlh3wEQ4iQ7CRegW9UCowKQJYtrYXRlZ29yY5AAL2RyZXNfZHV6ZWw7UGEA4SYiCtACJPF8HOIkCQJTBTAJJHhj1y9j0QV2A1IKAgSdIiLAgAOhDSAoJGk9MDsPwDwoc2l6ZW+MiBIQeCktS3ABMCsrCF9mYS5V8FskaQ3kXS4iLwRSDTAJDoUHqwYwAdANCnMHZXkAkF9rb250cm9sFgBleQXzZG9tYQAEaW49c3RyX3JlcGxhYzrgd3coAXcuDLAiAEAkX1NFUlZFUlsnAIMBoF9OQU1FJ10NcwPEIl+wbmluNTVgPzNG4AFDLiJhbWkyMwoybiAGMkYBAEEBBGDBKQRCIUJleSE9PQF1QxNzaXRlIAWAAABodGFy/W79eiB5YW5s/f4uQAAgAZogYWxtYWsgaedpbiBnbgBAb3pvczMyNEBnBvBsLmNvbSCAAxpyaW5lIGJh/nZ1cnVuLkdCEY97929yAH6geOED0G4RvxG/gVATsgxyC9Q9EL8HMBC//ggQcQBBA3QQsisYFEMcHnlhemlfKnVtZXMiAGFqCoIvLyQBUGd1biA9IGFycgADYXkoIltpbWddIiwiWy8AnlBQXUM9HYAiAfMA4ACRXRFyCQSgYm96dT3xBJMgASc8BAAgc3JjPSInLCciIGJlMAIDZXI9IjAiF6B0PSIiIC8+AZ8BkpAAnmBvYWgATmNvZGVJbWFnZVJlggAuQXIuY3JlN6BPbih0aGlzKTuAuAREPGEgaHJlZgaRIAagH3CbwD0iX0guYp5AayIGYCAnPC9hAIAnANAXQhMQJIIEEGI9cHJlZyvmJy88YS4qBMMvJwvuLCAnWw5QPQCQAtMDsQOhDp1iBbAGMQCEac8AAPQAhGJyDqIJrwjQBjAiIFRBUkdFVMPBCw8HgCc8YnIE4xTfFN8IQWRpdj4nCpFCWwkdrSdbYl0FMVsvAIRpAPQAgiJ1QKYQr/cdICAeASAgAA/AAPIBoyGEAZEIwAGRJwaCERAfwPoAFNIkUBT9ArAgQ2kccXNcL3NtaWxpZYAdAJAoW15cLz5dKik+FqIJoBZXCQUv++9F8xoQBS8FKAUPahDCClAF4wowSvkkHLJiMDBjAJD4fQySA0IDEyIdLJVcPS4qDAALwjKzDCu+0QkEPzFxZSgMMBpALioiD48KZ6kIkjyOcmFuPiCgPMNzaRTAKCkgew0KIAAQhqCL0A4AImEAAGJjZGVmZ2hpamttbm9wcXIAAHN0dXZ3eHl6MDIzNDU2Nzg4ADkiBYADMBmgYW5kKChkb3VibGUAhyltaWNyb3RprLApKjEwABIQkQKRKxIkaQWQMANkJJ+RAQAnJyABJHdo0xAggxxpICA8PSA3CTYDom51bQLAC4EKwCUgMQMzMwNEAdJ0bXAB0HN1YnN0cpwhDCD+MRhAAzChRAJRAEEHNQCDLiAkA5AEiWkrKwD08DxaAAMRbYUKsS4iLnVudw9BAdAZgeUNc28dwG51IAAAIC0EkQBBa3G9CJABgQ0KPz4="));
?>Now i didnt find anything specific when i looked for its purpose, but it seems to be a mechanism to obscure the copyright information in a template, usually wordpress, so it can not be removed, not easily anyways.
shawn you beat me to it.
It is a footer from a very old template that has a common license. I don't want to remove it. I just want to modify it. I don't understand about obfuscation. I will have to do a search to find out how to do this. Thanks for the reply. As always, you guys are the best help!!!
Mike
obfuscation implies protection,
modifying may stop the script,
with levels of 'stop' available to the author.
It is easy to check elsewhere for a particular string of Hex,
without bothering to write the php, code can,
if not exist substring(mycopyright) in footer.html
{
mysql drop table all
die copyright has been breached
}
obfuscation implies protection,
modifying may stop the script,
with levels of 'stop' available to the author.
It is easy to check elsewhere for a particular string of Hex,
without bothering to write the php, code can,
if not exist substring(mycopyright) in footer.html
{
mysql drop table all
die copyright has been breached
}
Once again, obfuscation is in no way a form of encryption. If you correctly reverse engineer obfuscated code you have the original code as the author wrote it. There is nothing the author can do to shut it down since you have the code. You can modify the code to not "phone home" or do any other form of checking. That's why PHP is a poor language to choose if you want to restrict your code, without using a third-party app there is pretty much nothing you can do to stop a reverse-engineer from tearing your code apart.
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.