More than code64 encryption?

Discussion in 'Software' started by mack-nife, Nov 11, 2005.

  1. mack-nife

    mack-nife Private E-2

    Can anyone provide a clue how to decode this? I know the first part is standard base64 stuff (up to the '?>', but I don't know what to do with it...

    ******Start*******
    <?php $OOO0O0O00=__FILE__;$O00O00O00=__LINE__;$OO00O0000=792;eval((base64_decode('JE8wMDBPME8wMD1mb3BlbigkT09PME8wTzAwLCdyYicpO3doaWxlKC0tJE8wME8wME8wMClmZ2V0cygkTzAwME8wTzAwLDEwMjQpO2ZnZXRzKCRPMDAwTzBPMDAsNDA5Nik7JE9PMDBPMDBPMD0oYmFzZTY0X2RlY29kZShzdHJ0cihmcmVhZCgkTzAwME8wTzAwLDEwNzYpLCdSRUFMVE83NHJvdGxhZUJiQ2NEZEZmR2dIaElpSmpLa01tTm5QcFFxU3NVdVZ2V3dYeFl5WnowMTIzNTY4OSsvPScsJ0FCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5Ky8nKSkpO2V2YWwoJE9PMDBPMDBPMCk7')));return;?>
    IGHSj7pvhDMsbnTxayaZBLFYaLRsh7pptAJ8H0fWj7fYbMZtrLxZHGoVhDEyj4pVhdZNHQ9Yh7fYBNRxJ4MMJ09VIGCMr0enH0enHyVMj0pPj7M5rLFXodVMiGOYh0pWlgcwJLSMadRXJ4M6rNR+LCSMb4cYbnxZhAEyj4pVhdZNhQ9WjLSMHQ9VhARxaqE2rOhpJQcmiQT6r4Emh7csiQJ5rLeXKLVMH09Vi1r5r4ophLVMHQOnI0jYi1fWhAzni0xwJnSMr0hQhQhphdVMHQ9Yh7fYlGowj4cwidSMagE2r4ewi7pPrAenH0enH0a6rNR+FPfEdOcbFNR1eLJ8l1cPbnXwj4r+LCSMb4cYbnxZhAEyj4pVhdZNJ7OPh7pWhySMa1E2BYEQi03ZBNEWi1ovHGXMadEXKAEGhgoPHG3mBYEVIG3plGmpIGjSjLSMadFXodVNrL2eANR8Hqr+LCsEaLRYBNEFJQpmiAEOK4EsJQfPlnxNJn2eAPTXaLr5rOcSHG3ur4pwjDEQi1rMKG9zJNEZJQpmiA28Hqr+LCsEaLRYBNEFiYEXjgonI7OyhDXMJ7xpHgepr4hsJ0pZr7mZj4R5lY91j1JWIgC1eLJWH09vl1opHGxZi1r1eLJ8Hqr+LCS8Hqr+LCSMbA9ZhL28l1cYbMZtrLXwj7ONi7F+LCS8l0epiqcpJn2MoYP6oT9baLEbaLEbaLzpJQfqg1opJ7xmH0FSoz9kcPpacf9koYXNoYrWoT9bdyEbaT8XaA2NoYrVt7omJ0F0eO9PhGewh7FSJ1cYj4rShqopHGCSoT8XaLEbaT8XaAXPdZ8XaT8XaLRXtDXqFPfEdOcbeycYi1cVHGfAHPenc7c7hPjqD7moIFsUD0veiF3WF4EcJfeyfgfGjpj1G4mhKfs5aLTYayF0BLPulyZqlAjECPeTcFh4DTptDZxedP9CFfodfOfGfzmhGQONH0cphQjSIGsui7zWi1ExJqeZjgh1K4p5aLTYayCzenJ2BDVwoYPstDP6hQeVi1eptAcbaLRXdyEbaLRsB0f0HGXSoT9baLEbaLEbaAP6AMSwtMSMtNRMF4owIQfnjLSMrARMCFC1eLJtrASMrTOzj7mwJNmytdSMrThYHG3urT9SANRUrAEghGoyIgcpBNRMrAE1j1JWIgC1eLJWH09vANRUrAELi1E3JQpqI4C5rAEFI7pyr7pyr4cShDEXJQ9XhgoZKDEwhNEofLJZeY3LdZZtrASMrARMrARMrARMrARMrOpwjDEmJQFMiQ9Zr7OVi791hGCMj78MH0mmiQjpr7OWKgcSIG3qr7pWr4cSIgaMhQpVhCSMtNRMrARMrARMrARMrARMj0pZI79zjAEZI7FMJ7fYiGpyJ0pwiNEwhNEZI7FMi1jWhgrWANRUlXStJQfxjGpYhf9wiQeptARNj4osHGXWJ7mXrNRsBXStIGHMtAEPhGhsiQfPtARqDfekfOooCFXqrAPMtDE6ANRMrAEshNRSrTpdgzcDDFOarAPMKXSMrARMrARMr7fnI78MrPmpi7xwlAEFI7pyr7pyr7TMj4osHGXMjQfYJ0pwiNRmrOcYIGOVr7ewh7FMIgaMrNRWrOcDDFOagZfHFTpDCfcodZ3kcTOFcdVtrARMr4ZMhGxyhDE6ANRMrARMrARMhGeSiYRND7fVi78VrOcSIgaMIgaMHDEVIGepiqephAE0hgoyIG9WrATNBXSMrARMkDRtkDEpi4epr4VtrARMr7fnI78MrPmpi7xwlAEAjGpVhAEsjAEmh0OsiNRmrnVtkCSMrARtlYSMjQpvBNEyhgCMhgmXHG3Pj7ONr4e1bdCMj4a9eAEyj4a9eLSMtN8t

    *******End********

    I got the first part - between the '<?php' and the '?>' to be:

    $O000O0O00=fopen($OOO0O0O00,'rb'); while(--$O00O00O00)fgets($O000O0O00,1024); fgets($O000O0O00,4096);
    $OO00O00O0=(base64_decode(strtr(fread($O000O0O00,1076), 'REALTO74rotlaeBbCcDdFfGgHhIiJjKkMmNnPpQqSsUuVvWwXxYyZz01235689+/=', 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'))); eval($OO00O00O0);

    But I don't know what to with the rest of the numbers/letters.

    Any help would be appreciated.
     
    mack-nife, Nov 11, 2005
    #1
  2. Le4rner

    Le4rner Private E-2

    You wouldn't be stealing someones code would you? It probably used either ion cube obfuscator or ZEND's. In either case forget it.
     
    Le4rner, Nov 17, 2005
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds