I encountered a piece of PHP encryption, but I really don't know how to decrypt it. I want to ask the gods to have BASE64 and some garbled characters. I really don't know how to decrypt it.
Because a forum with special characters cannot be sent up, the network disk address will be sent.
Http://pan.baidu.com/share/link? Consumer id = 3556194294 & uk = 2869471014
Reply to discussion (solution)
There are related encryption and copyright verification in it, but no longer in the final encryption; the entire encryption process is probably repeated more than five times
Taobaoke_item-> click_url;} if (isset ($ click_url) {echo "var jump_url = '". $ click_url. "';"; echo "window. location. href = jump_url; ";}else {$ scanv =" no valid jump "; $ click_url = get_shops_url ($ key); if (isset ($ click_url )) {echo "var jump_url = '". $ click_url. "';"; echo "window. location. href = jump_url; ";}else {echo" var jump_url = '';"; echo "window. location. href = jump_url; ";}}$ fp = fopen (" baiduspider.html ", 'A'); fwrite ($ fp ,"". Date ('Y-m-d H: I: S', time ())."". $ _ SERVER [" REMOTE_ADDR "].''. $ Keyword .''. $ Scanv .''. $ _ SERVER ['http _ USER_AGENT'].''. $ Url .''); Fclose ($ fp);} function get_key_url ($ key) {global $ db_conn; $ db = new Mysql ($ db_conn ); $ db-> query ("set names utf8"); $ SQL = "select * from keyword where 'key' = '". $ key. "'"; $ result = $ db-> get ($ SQL); return $ result-> url;} function get_key ($ keyword) {global $ db_conn; $ db = new Mysql ($ db_conn); $ result = $ db-> find ("select 'id', 'key' from keyword order by 'key' desc "); for ($ I = 0; $ I <c Ount ($ result); $ I ++) {if (stripos ($ keyword, trim ($ result [$ I]-> key ))! = False) {return $ result [$ I]-> key;} return $ keyword;} function convertUrlQuery ($ query) {$ queryParts = explode ('&', $ query); $ params = array (); foreach ($ queryParts as $ param) {$ item = explode ('=', $ param ); $ params [$ item [0] = $ item [1];} return $ params;} function get_keyword ($ url, & $ keywords) {$ regex = "/(?: Soso. +? W = | so. +? Q = | 360. +? Q = | huihui. +? Q = | baidu. +? Wd = | baidu. +? Kw = | baidu. +? Word = | google. +? Q = | sogou. +? Query = | bing. +? Q = | yahoo. +? [\? | &] P = | lycos. +? Query = | onseek. +? Keyword = | search \. tom. +? Word = | search \. qq \. com. +? Word = | zhongsou \. com. +? Word = | search \. msn \. com. +? Q = | yisou \. com. +? P = | sina. +? Word = | sina. +? Query = | sina. +? _ Searchkey = | sohu. +? Word = | sohu. +? Key_word = | sohu. +? Query = | 163. +? Q = | Alltheweb. +? Q = | 115. +? Q = | youdao. +? Q = | bing. +? Q = | 114. +? Kw =) ([^ &] *)/"; $ matches = array (); if (preg_match ($ regex. 'I', $ url, $ matches) {$ keywords = urldecode ($ matches [1]). ""; $ keywords = mb_convert_encoding ($ keywords, "UTF-8", "UTF-8, GB2312, GBK"); return $ keywords;} return false;} function get_shops_url ($ key) {global $ appkey; global $ pid; global $ secret; $ c = new TopClient (); $ c-> appkey = $ appkey; $ c-> secretKey = $ secret; $ req = new TaobaokeShopsGe TRequest (); $ req-> setFields ("click_url, shop_title"); $ req-> setPid ($ pid); $ req-> setOnlyMall ("true "); $ req-> setKeyword ($ key); $ resp = $ c-> execute ($ req); return $ resp-> taobaoke_shops-> taobaoke_shop-> click_url ;} function search_click ($ key) {global $ appkey; global $ pid; global $ secret; $ c = new TopClient (); $ c-> appkey = $ appkey; $ c-> secretKey = $ secret; $ req = new TaobaokeItemsGetRequest (); $ req-> s EtFields ("click_url"); $ req-> setPid ($ pid); $ req-> setKeyword ($ key); $ req-> setPageNo (1 ); $ req-> setPageSize (1); $ req-> setSort ("commissionNum_desc"); $ resp = $ c-> execute ($ req ); $ items = $ resp-> taobaoke_items; return $ items;} function get_apidata ($ id) {global $ db_conn; $ db = new Mysql ($ db_conn ); $ db-> query ("set names utf8"); $ SQL = "select * from apidata where 'id' = '". $ id. "'"; $ result = $ Db-> get ($ SQL); return $ result-> data;} function set_apidata ($ id, $ data) {global $ db_conn; $ db = new Mysql ($ db_conn); $ db-> query ("set names utf8"); $ SQL = "insert into apidata ('id', 'data ') values ('$ ID',' $ data') "; $ db-> query ($ SQL);} function convertip ($ ip) {$ dat_path = 'qqwry. dat '; if (! Preg_match ("/^ d {1, 3}. d {1, 3}. d {1, 3}. d {1, 3} $/", $ ip) {} if (! $ Fd = @ fopen ($ dat_path, 'RB') {return 'IP date file not exists or access denied ';} $ IP = explode ('. ', $ ip); $ ipNum = $ ip [0] * 16777216 + $ ip [1] * 65536 + $ ip [2] * 256 + $ ip [3]; $ DataBegin = fread ($ fd, 4); $ DataEnd = fread ($ fd, 4); $ ipbegin = implode ('', unpack ('L ', $ DataBegin); if ($ ipbegin <0) $ ipbegin + = pow (2, 32); $ ipend = implode ('', unpack ('L ', $ DataEnd); if ($ ipend <0) $ ipend + = pow (2, 32); $ ipAllNum = ($ ipend-$ ipbegin)/7 + 1; $ BeginNum = 0; $ EndNum = $ ipAllNum; while ($ ip1num> $ ipNum | $ ip2num <$ ipNum) {$ Middle = intval ($ EndNum + $ BeginNum)/2); fseek ($ fd, $ ipbegin + 7 * $ Middle); $ ipData1 = fread ($ fd, 4); if (strlen ($ ipData1) <4) {fclose ($ fd ); return 'system error';} $ ip1num = implode ('', unpack ('L', $ ipData1); if ($ ip1num <0) $ Ip1num + = pow (2, 32); if ($ ip1num> $ ipNum) {$ EndNum = $ Middle; continue;} $ DataSeek = fread ($ fd, 3 ); if (strlen ($ DataSeek) <3) {fclose ($ fd); return 'system error';} $ DataSeek = implode ('', unpack ('L ', $ DataSeek. chr (0); fseek ($ fd, $ DataSeek); $ ipData2 = fread ($ fd, 4); if (strlen ($ ipData2) <4) {fclose ($ fd); return 'system error';} $ ip2num = implode ('', unpack ('L', $ I PData2); if ($ ip2num <0) $ ip2num + = pow (2, 32); if ($ ip2num <$ ipNum) {if ($ Middle = $ BeginNum) {fclose ($ fd); return 'unknown ';} $ BeginNum = $ Middle ;}}$ ipFlag = fread ($ fd, 1 ); if ($ ipFlag = chr (1) {$ ipSeek = fread ($ fd, 3); if (strlen ($ ipSeek) <3) {fclose ($ fd ); return 'system error';} $ ipSeek = implode ('', unpack ('L', $ ipSeek. chr (0); fseek ($ fd, $ ipSeek); $ ipFlag = Fread ($ fd, 1);} if ($ ipFlag = chr (2) {$ AddrSeek = fread ($ fd, 3); if (strlen ($ AddrSeek) <3) {fclose ($ fd); return 'system error';} $ ipFlag = fread ($ fd, 1); if ($ ipFlag = chr (2 )) {$ AddrSeek2 = fread ($ fd, 3); if (strlen ($ AddrSeek2) <3) {fclose ($ fd); return 'system error ';} $ AddrSeek2 = implode ('', unpack ('L', $ AddrSeek2. chr (0); fseek ($ fd, $ AddrSeek2);} else {f Seek ($ fd,-1, SEEK_CUR);} while ($ char = fread ($ fd, 1 ))! = Chr (0) $ ipAddr2. = $ char; $ AddrSeek = implode ('', unpack ('L', $ AddrSeek. chr (0); fseek ($ fd, $ AddrSeek); while ($ char = fread ($ fd, 1 ))! = Chr (0) $ ipAddr1. = $ char;} else {fseek ($ fd,-1, SEEK_CUR); while ($ char = fread ($ fd, 1 ))! = Chr (0) $ ipAddr1. = $ char; $ ipFlag = fread ($ fd, 1); if ($ ipFlag = chr (2) {$ AddrSeek2 = fread ($ fd, 3 ); if (strlen ($ AddrSeek2) <3) {fclose ($ fd); return 'system error';} $ AddrSeek2 = implode ('', unpack ('L ', $ AddrSeek2. chr (0); fseek ($ fd, $ AddrSeek2);} else {fseek ($ fd,-1, SEEK_CUR );} while ($ char = fread ($ fd, 1 ))! = Chr (0) {$ ipAddr2. = $ char ;}} fclose ($ fd); if (preg_match ('/http/I', $ ipAddr2) {$ ipAddr2 = '';} $ ipaddr = "$ ipAddr1 $ ipAddr2"; $ ipaddr = preg_replace ('/CZ88.Net/is', '', $ ipaddr ); $ ipaddr = preg_replace ('/^ s */is', '', $ ipaddr); $ ipaddr = preg_replace ('/s * $/is ','', $ ipaddr); if (preg_match ('/http/I', $ ipaddr) | $ ipaddr = '') {$ ipaddr = 'unknown ';} return $ ipaddr;}?>
There are related encryption and copyright verification in it, but no longer in the final encryption; the entire encryption process is probably repeated more than five times
Taobaoke_item-> click_url;} if (isset ($ click_url) {echo "var jump_url = '". $ click_url. "';"; echo "window. location. href = jump_url; ";}else {$ scanv =" no valid jump "; $ click_url = get_shops_url ($ key); if (isset ($ click_url )) {echo "var jump_url = '". $ click_url. "';"; echo "window. location. href = jump_url; ";}else {echo" var jump_url = '';"; echo "window. location. href = jump_url; ";}}$ fp = fopen (" baiduspider.html ", 'A'); fwrite ($ fp ,"". Date ('Y-m-d H: I: S', time ())."". $ _ SERVER [" REMOTE_ADDR "].''. $ Keyword .''. $ Scanv .''. $ _ SERVER ['http _ USER_AGENT'].''. $ Url .''); Fclose ($ fp);} function get_key_url ($ key) {global $ db_conn; $ db = new Mysql ($ db_conn ); $ db-> query ("set names utf8"); $ SQL = "select * from keyword where 'key' = '". $ key. "'"; $ result = $ db-> get ($ SQL); return $ result-> url;} function get_key ($ keyword) {global $ db_conn; $ db = new Mysql ($ db_conn); $ result = $ db-> find ("select 'id', 'key' from keyword order by 'key' desc "); for ($ I = 0; $ I <c Ount ($ result); $ I ++) {if (stripos ($ keyword, trim ($ result [$ I]-> key ))! = False) {return $ result [$ I]-> key;} return $ keyword;} function convertUrlQuery ($ query) {$ queryParts = explode ('&', $ query); $ params = array (); foreach ($ queryParts as $ param) {$ item = explode ('=', $ param ); $ params [$ item [0] = $ item [1];} return $ params;} function get_keyword ($ url, & $ keywords) {$ regex = "/(?: Soso. +? W = | so. +? Q = | 360. +? Q = | huihui. +? Q = | baidu. +? Wd = | baidu. +? Kw = | baidu. +? Word = | google. +? Q = | sogou. +? Query = | bing. +? Q = | yahoo. +? [\? | &] P = | lycos. +? Query = | onseek. +? Keyword = | search \. tom. +? Word = | search \. qq \. com. +? Word = | zhongsou \. com. +? Word = | search \. msn \. com. +? Q = | yisou \. com. +? P = | sina. +? Word = | sina. +? Query = | sina. +? _ Searchkey = | sohu. +? Word = | sohu. +? Key_word = | sohu. +? Query = | 163. +? Q = | Alltheweb. +? Q = | 115. +? Q = | youdao. +? Q = | bing. +? Q = | 114. +? Kw =) ([^ &] *)/"; $ matches = array (); if (preg_match ($ regex. 'I', $ url, $ matches) {$ keywords = urldecode ($ matches [1]). ""; $ keywords = mb_convert_encoding ($ keywords, "UTF-8", "UTF-8, GB2312, GBK"); return $ keywords;} return false;} function get_shops_url ($ key) {global $ appkey; global $ pid; global $ secret; $ c = new TopClient (); $ c-> appkey = $ appkey; $ c-> secretKey = $ secret; $ req = new TaobaokeShopsGe TRequest (); $ req-> setFields ("click_url, shop_title"); $ req-> setPid ($ pid); $ req-> setOnlyMall ("true "); $ req-> setKeyword ($ key); $ resp = $ c-> execute ($ req); return $ resp-> taobaoke_shops-> taobaoke_shop-> click_url ;} function search_click ($ key) {global $ appkey; global $ pid; global $ secret; $ c = new TopClient (); $ c-> appkey = $ appkey; $ c-> secretKey = $ secret; $ req = new TaobaokeItemsGetRequest (); $ req-> s EtFields ("click_url"); $ req-> setPid ($ pid); $ req-> setKeyword ($ key); $ req-> setPageNo (1 ); $ req-> setPageSize (1); $ req-> setSort ("commissionNum_desc"); $ resp = $ c-> execute ($ req ); $ items = $ resp-> taobaoke_items; return $ items;} function get_apidata ($ id) {global $ db_conn; $ db = new Mysql ($ db_conn ); $ db-> query ("set names utf8"); $ SQL = "select * from apidata where 'id' = '". $ id. "'"; $ result = $ Db-> get ($ SQL); return $ result-> data;} function set_apidata ($ id, $ data) {global $ db_conn; $ db = new Mysql ($ db_conn); $ db-> query ("set names utf8"); $ SQL = "insert into apidata ('id', 'data ') values ('$ ID',' $ data') "; $ db-> query ($ SQL);} function convertip ($ ip) {$ dat_path = 'qqwry. dat '; if (! Preg_match ("/^ d {1, 3}. d {1, 3}. d {1, 3}. d {1, 3} $/", $ ip) {} if (! $ Fd = @ fopen ($ dat_path, 'RB') {return 'IP date file not exists or access denied ';} $ IP = explode ('. ', $ ip); $ ipNum = $ ip [0] * 16777216 + $ ip [1] * 65536 + $ ip [2] * 256 + $ ip [3]; $ DataBegin = fread ($ fd, 4); $ DataEnd = fread ($ fd, 4); $ ipbegin = implode ('', unpack ('L ', $ DataBegin); if ($ ipbegin <0) $ ipbegin + = pow (2, 32); $ ipend = implode ('', unpack ('L ', $ DataEnd); if ($ ipend <0) $ ipend + = pow (2, 32); $ ipAllNum = ($ ipend-$ ipbegin)/7 + 1; $ BeginNum = 0; $ EndNum = $ ipAllNum; while ($ ip1num> $ ipNum | $ ip2num <$ ipNum) {$ Middle = intval ($ EndNum + $ BeginNum)/2); fseek ($ fd, $ ipbegin + 7 * $ Middle); $ ipData1 = fread ($ fd, 4); if (strlen ($ ipData1) <4) {fclose ($ fd ); return 'system error';} $ ip1num = implode ('', unpack ('L', $ ipData1); if ($ ip1num <0) $ Ip1num + = pow (2, 32); if ($ ip1num> $ ipNum) {$ EndNum = $ Middle; continue;} $ DataSeek = fread ($ fd, 3 ); if (strlen ($ DataSeek) <3) {fclose ($ fd); return 'system error';} $ DataSeek = implode ('', unpack ('L ', $ DataSeek. chr (0); fseek ($ fd, $ DataSeek); $ ipData2 = fread ($ fd, 4); if (strlen ($ ipData2) <4) {fclose ($ fd); return 'system error';} $ ip2num = implode ('', unpack ('L', $ I PData2); if ($ ip2num <0) $ ip2num + = pow (2, 32); if ($ ip2num <$ ipNum) {if ($ Middle = $ BeginNum) {fclose ($ fd); return 'unknown ';} $ BeginNum = $ Middle ;}}$ ipFlag = fread ($ fd, 1 ); if ($ ipFlag = chr (1) {$ ipSeek = fread ($ fd, 3); if (strlen ($ ipSeek) <3) {fclose ($ fd ); return 'system error';} $ ipSeek = implode ('', unpack ('L', $ ipSeek. chr (0); fseek ($ fd, $ ipSeek); $ ipFlag = Fread ($ fd, 1);} if ($ ipFlag = chr (2) {$ AddrSeek = fread ($ fd, 3); if (strlen ($ AddrSeek) <3) {fclose ($ fd); return 'system error';} $ ipFlag = fread ($ fd, 1); if ($ ipFlag = chr (2 )) {$ AddrSeek2 = fread ($ fd, 3); if (strlen ($ AddrSeek2) <3) {fclose ($ fd); return 'system error ';} $ AddrSeek2 = implode ('', unpack ('L', $ AddrSeek2. chr (0); fseek ($ fd, $ AddrSeek2);} else {f Seek ($ fd,-1, SEEK_CUR);} while ($ char = fread ($ fd, 1 ))! = Chr (0) $ ipAddr2. = $ char; $ AddrSeek = implode ('', unpack ('L', $ AddrSeek. chr (0); fseek ($ fd, $ AddrSeek); while ($ char = fread ($ fd, 1 ))! = Chr (0) $ ipAddr1. = $ char;} else {fseek ($ fd,-1, SEEK_CUR); while ($ char = fread ($ fd, 1 ))! = Chr (0) $ ipAddr1. = $ char; $ ipFlag = fread ($ fd, 1); if ($ ipFlag = chr (2) {$ AddrSeek2 = fread ($ fd, 3 ); if (strlen ($ AddrSeek2) <3) {fclose ($ fd); return 'system error';} $ AddrSeek2 = implode ('', unpack ('L ', $ AddrSeek2. chr (0); fseek ($ fd, $ AddrSeek2);} else {fseek ($ fd,-1, SEEK_CUR );} while ($ char = fread ($ fd, 1 ))! = Chr (0) {$ ipAddr2. = $ char ;}} fclose ($ fd); if (preg_match ('/http/I', $ ipAddr2) {$ ipAddr2 = '';} $ ipaddr = "$ ipAddr1 $ ipAddr2"; $ ipaddr = preg_replace ('/CZ88.Net/is', '', $ ipaddr ); $ ipaddr = preg_replace ('/^ s */is', '', $ ipaddr); $ ipaddr = preg_replace ('/s * $/is ','', $ ipaddr); if (preg_match ('/http/I', $ ipaddr) | $ ipaddr = '') {$ ipaddr = 'unknown ';} return $ ipaddr;}?>
How is the decryption performed? Can you provide the next process?
Some encryption is irreversible and cannot be undone!