Teach you how to decrypt the PHP Shield decryption Tool _php Tutorial

In fact, the God Shield decryption is not so interested, just see the author of the tool and encryption, feel uncomfortable. Research, in fact, decryption is not so complicated.

With the PHP_APD extension it's easy to get this done. There are only four lines of code.

<?phprename_function (' gzuncompress ', ' new_gzuncompress '); Override_function (' gzuncompress ', ' $arg ', ' Print (new_ Gzuncompress ($arg)); Return new_gzuncompress ($arg); Require_once ' decryption.php ';d ecryption (' decryption.php ');

The core code of the tool: decryption.php

<?phpfunction decryption ($fileName) {/** * decode function * @param string $STR The string to decode * @param string $FLG parse and decode * @r    Eturn String decoded strings */function decode ($str, $FLG = ') {if ($FLG = = =) {$ret = $str;      } else {$ret = ' ۯ '; $i = 0; $l = strlen ($STR);        while ($i + + < $l) {$c = Ord ($str [$i-1]); $ret. = $c <245?      ($c >136 chr ($c/2): $str [$i-1]): "";  }} return Base64_decode ($ret);  } $err = ' decoding encountered an error, please contact the guru to process the file! ';  $str = file_get_contents ($fileName);  $path = PathInfo ($fileName); $dirname = $path [' dirname ']; The directory where the file is located $baseName = $path [' filename ']; The file name if (Preg_match (' |  In_decode_ (\w{32}) |s ', $str, $arr)) {//To prevent decryption of themselves, in fact, the method has already told you, do the decoding only Happy $arr [1] = = = ' 761b5f52db6dff7ce91344e99dcedab7 ' && die ("ERR: [-1]-do not attempt to decrypt this tool with this tool!  "); } else {die ("err: [-1]-no divine shield feature found, are you sure this is the aegis encryption?"  "); }//Match code Subject section//'; @\$[\x00-\xff]+\ (\ \ ' ([\x00-\xff]+?) \ \ ' \.\ (Preg_match (' |\ '; @\$[\x00-\xff]+\ (\\\\\ ') ([\x00-\xFf]+?) \\\\\ ' \.\ (|s ', $str, $arr) | |  Die ("ERR: [0]-". $err);   $code = $arr [1];  Match intermediate Encryption Section Preg_match (' |\ (\ ' ([\x00-\xff]+) \ ', \ ' |s ', $code, $arr) | | die ("ERR: [1]-". $err);   $key = Base64_decode (Decode ($arr [1], "decode")); $code = preg_replace (' |\ ' \.[   \x00-\xff]+\ ' \) \) \.\ ' |s ', $key, $code); Matching trailing encrypted code preg_match (' |=\ ' (x[\x00-\xff]+) \) \); |s ', $str, $arr) | |  Die ("ERR: [2]-". $err);   $core = $arr [1]; Match verification Key Preg_match (' |[ \w+/=]{59}=|s ', $arr [1], $arr) | |  Die ("ERR: [3]-". $err);   $key = $arr [0]; $core = Str_replace ($key, ", $core); Remove Key $suffix = Gzuncompress ($core);   Get the end part of Base64//decode $code = Gzuncompress (Base64_decode ($code. $suffix)); Match the Clean Code if (Preg_match (' |