Can someone decode this code for me please

Discussion in 'HTML & Website Design' started by c0deD, Sep 28, 2009.

0
  1. #1
    Hi, I dont know how to decode this..Can someone help me..

    <?php 
eval(base64_decode("Pz48ZGl2IGlkPSJmb290ZXIiPiANCjxhIGhyZWY9Ijw/cGhwIGJsb2dpbmZvKCdyc3MyX3VybCcpOyA/PiIgY2xhc3M9InJzcyI+RW50cmllcyBSU1M8L2E+IHwgIDxhIGhyZWY9Ijw/cGhwIGJsb2dpbmZvKCdjb21tZW50c19yc3MyX3VybCcpOyA/PiIgY2xhc3M9InJzcyI+Q29tbWVudHMgUlNTPC9hPg0KPD9waHAgd3BfZm9vdGVyKCk7ID8+DQoNCg0KPC9kaXY+DQo8L2JvZHk+DQo8L2h0bWw+PD8=")); ?>
    PHP:

    Thanks to all that will try to help me.
     
    c0deD, Sep 28, 2009 IP
  2. deathshadow

    deathshadow Acclaimed Member

    Messages:
    9,732
    Likes Received:
    1,999
    Best Answers:
    253
    Trophy Points:
    515
    #2
    Well, I'm not DUMB ENOUGH to run that, since the only reason you usually see that done is to deliver a virus payload to a server...

    Though you can safely see what it's outputting by just changing the eval to an echo - perhaps with a PRE around it so you get formatting (if any)
    <?php 
echo '<pre>',base64_decode("Pz48ZGl2IGlkPSJmb290ZXIiPiANCjxhIGhyZWY9Ijw/cGhwIGJsb2dpbmZvKCdyc3MyX3VybCcpOyA/PiIgY2xhc3M9InJzcyI+RW50cmllcyBSU1M8L2E+IHwgIDxhIGhyZWY9Ijw/cGhwIGJsb2dpbmZvKCdjb21tZW50c19yc3MyX3VybCcpOyA/PiIgY2xhc3M9InJzcyI+Q29tbWVudHMgUlNTPC9hPg0KPD9waHAgd3BfZm9vdGVyKCk7ID8+DQoNCg0KPC9kaXY+DQo8L2JvZHk+DQo8L2h0bWw+PD8="),'</pre>'; 
?>
    Code (markup):
    That should show you what it's actually trying to do.
     
    deathshadow, Sep 28, 2009 IP
  3. zealot777

    zealot777 Peon

    Messages:
    448
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #3

    Thanks for the great tip on how to decode base64.
     
    zealot777, Sep 28, 2009 IP
  4. deathshadow

    deathshadow Acclaimed Member

    Messages:
    9,732
    Likes Received:
    1,999
    Best Answers:
    253
    Trophy Points:
    515
    #4
    Actually, let's take that one step further - a friend reminded me that could still run javascript, so let's htmlspecialchars that.

    <?php 
echo '<pre>',htmlspecialchars(base64_decode("Pz48ZGl2IGlkPSJmb290ZXIiPiANCjxhIGhyZWY9Ijw/cGhwIGJsb2dpbmZvKCdyc3MyX3VybCcpOyA/PiIgY2xhc3M9InJzcyI+RW50cmllcyBSU1M8L2E+IHwgIDxhIGhyZWY9Ijw/cGhwIGJsb2dpbmZvKCdjb21tZW50c19yc3MyX3VybCcpOyA/PiIgY2xhc3M9InJzcyI+Q29tbWVudHMgUlNTPC9hPg0KPD9waHAgd3BfZm9vdGVyKCk7ID8+DQoNCg0KPC9kaXY+DQo8L2JvZHk+DQo8L2h0bWw+PD8=")),'</pre>'; 
?>
    Code (markup):
    Turns all those pesky greater than and less thans into entities, so javascript won't run.
     
    deathshadow, Sep 28, 2009 IP