As a matter of fact, I am not so interested in the decryption of Alibaba Cloud security. I just felt uncomfortable seeing that the author encrypted the tool again. After research, decryption is not that complicated.
It's easy to use php_apd extension. There are only four sentences of code.
<?phprename_function('gzuncompress','new_gzuncompress');override_function('gzuncompress', '$arg', 'print(new_gzuncompress($arg)); return new_gzuncompress($arg);'); require_once 'decryption.php';decryption('decryption.php');
The core code of this tool: decryption. php
<? Phpfunction decryption ($ fileName) {/*** decoding function * @ param string $ str awaiting decoding string * @ param string $ whether to parse and decode flg * @ return string decoded string */function decode ($ str, $ flg = '') {if ($ flg ='') {$ ret = $ str;} else {$ ret = 'hangzhou'; $ I = 0; $ l = strlen ($ str); while ($ I ++ <$ l) {$ c = ord ($ str [$ I-1]); $ ret. = $ c <245? ($ C> 136? Chr ($ c/2): $ str [$ I-1]): "" ;}} return base64_decode ($ ret) ;}$ err = 'decoding encountered an error, contact the instructor to process the file! '; $ Str = file_get_contents ($ fileName); $ path = pathinfo ($ fileName); $ dirname = $ path ['dirname']; // file directory $ baseName = $ path ['filename']; // file name if (preg_match ('| IN_DECODE _ (\ w {32}) | s ', $ str, $ arr) {// you have already been notified of the methods to prevent yourself from being decrypted, happy $ arr [1] = '761b5f52db6dff7ce91344e99dcedab7' & die ("err: [-1]-please do not try to use this tool to decrypt this tool! ");} Else {die (" err: [-1]-No anti-DDoS features found. Are you sure this is anti-DDoS encryption? ");} // Match the subject of the Code //''; @ \ $ [\ x00-\ xff] + \ (\ '([\ x00-\ xff] + ?) \\'\. \ (Preg_match ('| \'\'; @ \ $ [\ x00-\ xff] + \ (\ '([\ x00-\ xff] + ?) \\\\\'\. \ (| S', $ str, $ arr) | die ("err: [0]-". $ err); $ code = $ arr [1]; // match the intermediate encryption part preg_match ('| \ (\' ([\ x00-\ xff] + )\', \ '| s', $ code, $ arr) | die ("err: [1]-". $ err); $ key = base64_decode (decode ($ arr [1], "decode"); $ code = preg_replace ('| \'\. [\ x00-\ xff] + \'\)\)\. \ '| s', $ key, $ code); // match the encrypted code preg_match (' | = \ '(x [\ x00-\ xff] +) \ '\); | s', $ str, $ arr) | die ("err: [2]-". $ err); $ core = $ arr [1]; // match Verify key preg_match ('| [\ w +/=] {59} = | s', $ arr [1], $ arr) | die ("err: [3]-". $ err); $ key = $ arr [0]; $ core = str_replace ($ key, '', $ core ); // remove key $ suffix = gzuncompress ($ core); // obtain the end of base64 // decodes $ code = gzuncompress (base64_decode ($ code. $ suffix); // match the clean code if (preg_match ('| <! -- <\? Php endif; \?> (<\? Php [\ r \ n] {1, 2} [\ x00-\ xff] + \?>) <\? Php \ $ GLOBALS \ [| s', $ code, $ arr) {$ code = $ arr [1];} // write to the file $ source = $ dirname. DIRECTORY_SEPARATOR. $ baseName. "_ source. php "; file_put_contents ($ source, $ code); die (" decrypted successfully, saved :". $ source );}
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
