In fact, the God Shield decryption is not so interested, just see the author of the tool and encryption, feel uncomfortable. Research, in fact, decryption is not so complicated.
With the PHP_APD extension it's easy to get this done. There are only four lines of code.
<?phprename_function (' gzuncompress ', ' new_gzuncompress '); Override_function (' gzuncompress ', ' $arg ', ' Print (new_ Gzuncompress ($arg)); Return new_gzuncompress ($arg); Require_once ' decryption.php ';d ecryption (' decryption.php ');
The core code of the tool: decryption.php
<?phpfunction decryption ($fileName) {/** * decode function * @param string $STR The string to decode * @param string $FLG parse and decode * @r Eturn String decoded strings */function decode ($str, $FLG = ') {if ($FLG = = =) {$ret = $str; } else {$ret = ' ۯ '; $i = 0; $l = strlen ($STR); while ($i + + < $l) {$c = Ord ($str [$i-1]); $ret. = $c <245? ($c >136 chr ($c/2): $str [$i-1]): ""; }} return Base64_decode ($ret); } $err = ' decoding encountered an error, please contact the guru to process the file! '; $str = file_get_contents ($fileName); $path = PathInfo ($fileName); $dirname = $path [' dirname ']; The directory where the file is located $baseName = $path [' filename ']; The file name if (Preg_match (' | In_decode_ (\w{32}) |s ', $str, $arr)) {//To prevent decryption of themselves, in fact, the method has already told you, do the decoding only Happy $arr [1] = = = ' 761b5f52db6dff7ce91344e99dcedab7 ' && die ("ERR: [-1]-do not attempt to decrypt this tool with this tool! "); } else {die ("err: [-1]-no divine shield feature found, are you sure this is the aegis encryption?" "); }//Match code Subject section//'; @\$[\x00-\xff]+\ (\ \ ' ([\x00-\xff]+?) \ \ ' \.\ (Preg_match (' |\ '; @\$[\x00-\xff]+\ (\\\\\ ') ([\x00-\xFf]+?) \\\\\ ' \.\ (|s ', $str, $arr) | | Die ("ERR: [0]-". $err); $code = $arr [1]; Match intermediate Encryption Section Preg_match (' |\ (\ ' ([\x00-\xff]+) \ ', \ ' |s ', $code, $arr) | | die ("ERR: [1]-". $err); $key = Base64_decode (Decode ($arr [1], "decode")); $code = preg_replace (' |\ ' \.[ \x00-\xff]+\ ' \) \) \.\ ' |s ', $key, $code); Matching trailing encrypted code preg_match (' |=\ ' (x[\x00-\xff]+) \) \); |s ', $str, $arr) | | Die ("ERR: [2]-". $err); $core = $arr [1]; Match verification Key Preg_match (' |[ \w+/=]{59}=|s ', $arr [1], $arr) | | Die ("ERR: [3]-". $err); $key = $arr [0]; $core = Str_replace ($key, ", $core); Remove Key $suffix = Gzuncompress ($core); Get the end part of Base64//decode $code = Gzuncompress (Base64_decode ($code. $suffix)); Match the Clean Code if (Preg_match (' |