Research on a php Encryption

Yesterday, I suddenly had a q, saying that I had a problem with the decryption method of a blog post I wrote. I asked him to check it out. It was too late yesterday and I had to take the test again today, so I went to bed, this afternoon, I just checked it out! In fact, this encryption is very simple!

View sourceprint? 01 <? Php

02 echo $ gkHfv = urldecode ("% 6E1% 7A % 62% 2F % 6D % 615% 5C % 76% 740% 2D % 6928% 70% 78% 75% 2A6% 6C % 71% 6B % 79% 72% 5F % 65% 68% 63% 73% 6F4% 2B % 77% 6A ");

03

04 echo $ wbW = $ gkHfv {3}. $ gkHfv {6}. $ gkHfv {33}. $ gkHfv {30 };

05

06 echo $ MojdTZRuOCts = $ gkHfv {33}. $ gkHfv {10}. $ gkHfv {24}. $ gkHfv {10}. $ gkHfv {24 };

07

08 echo $ tsIqKYinGX = $ MojdTZRuOCts {0 }. $ gkHfv {18 }. $ gkHfv {3 }. $ MojdTZRuOCts {0 }. $ MojdTZRuOCts {1 }. $ gkHfv {24 };

09

10 echo $ LSeayQNP = $ gkHfv {7}. $ gkHfv {13 };

11

12 $ wbW. = $ gkHfv {22 }. $ gkHfv {36 }. $ gkHfv {29 }. $ gkHfv {26 }. $ gkHfv {30 }. $ gkHfv {32 }. $ gkHfv {35 }. $ gkHfv {26 }. $ gkHfv {30 };

13 echo $ wbW;

14

15 // echo ($ wbW ("here is the ciphertext ");

16

17?>

Www.2cto.com
I output these variables and found that:

View sourceprint? 1 $ gkHfv n1zb/ma5 \ vt0i28-pxuqy * 6lrkdg9_ehcswo4 + f37j

2 $ wbW base

3 $ MojdTZRuOCts strtr

4 $ tsIqKYinGX substr

5 $ LSeayQNP 52

6 $ wbW base64_decode

Echo output the ciphertext:

View sourceprint? 1 eval ('?> '. $ WbW ($ Scheme ($ tsIqKYinGX ($ mclFxVrBAz, $ LSeayQNP * 2), $ tsIqKYinGX ($ scheme, $ LSeayQNP, $ LSeayQNP), $ Scheme ($ scheme, 0, $ LSeayQNP ))));

 

Replace the preceding variables with the following:

View sourceprint? 1 $ x = "ciphertext ";

2

3 eval ('?> '. Base64_decode (strtr (substr ($ x, 52*2), substr ($ x,), substr ($ x ))));

Replace eval with echo

The plain text comes out.

It's a simple encryption. After reading the plain text, it seems like a file in a php program. Which of the following is an encrypted program? You want to decrypt and change the source code!

From L. N's blog