Common.php
Ce8qCeAqIOgDh-memO-8mumYv-6LuOWakOWnq-mA_-euluWNf66ul66Qhu6zu-……
某基于TP框架的订单系统公共函数的文件,被加密无法访问。出于出作者知识产权的尊重,这里对破解过程做一分析,不会贴出破解文件。
- l 11 I I 1 I l l 、 l11II1Ill、 l11II1Ill、llII1I11l ……都是混淆变量,对于没耐心和新手来说,或直接方式,替换成自己习惯的变量名称即可;
header("Content-type:text/html;charset=utf-8");
//解决google chrome 输出HTML乱码;
echo '';
$p = __FILE__;
$ncode = pack('H*', '34366467656e696163746c5f734462666f');
$pcode = $ncode{14} . $ncode{7} . $ncode{12} . $ncode{4} . $ncode{1} . $ncode{0} . $ncode{13} . $ncode{4} . $ncode{8} . $ncode{16} . $ncode{2} . $ncode{4};
- 解密eval返回值为明码;
$encodedData = "JEkxbDFsbDFJST0kbGxJSTFJMTFsezE1fS4kbGxJSTFJMTFsezZ9LiRsbElJMUkxMWx7MTB9LiRsbElJMUkxMWx7NH0uJGxsSUkxSTExbHsxMX0uJGxsSUkxSTExbHszfS4kbGxJSTFJMTFsezR9LiRsbElJMUkxMWx7OX0uJGxsSUkxSTExbHsxMX0uJGxsSUkxSTExbHs4fS4kbGxJSTFJMTFsezE2fS4kbGxJSTFJMTFsezV9LiRsbElJMUkxMWx7OX0uJGxsSUkxSTExbHs0fS4kbGxJSTFJMTFsezV9LiRsbElJMUkxMWx7OX0uJGxsSUkxSTExbHsxMn07JEkxMUkxbElsbD0kSTFsMWxsMUlJKCRsMTFJSTFJbGwpO2lmKCFzdHJzdHIoJEkxMUkxbElsbCwnLy_lrpjnvZHvvJp3d3cuYWxpemkubmV0ICDlupfpk7rvvJpodHRwOi8vaGl3ZWIudGFvYmFvLmNvbScpKXtleGl0O30kYWxpemk9c3RydHIoc3RyaXBfdGFncygkSTExSTFsSWxsKSwnNHNiRDZfZWdjYWZub2lkdGwnLCRsbElJMUkxMWwpO2V2YWwoJGwxbGxJMUlJMSgkYWxpemkpKTs";
echo "";
echo urlsafe_b64decode($encodedData);//函数调用见文末;
- 解密后,查出加密算法
$alizi= strtr(strip_tags($enstr), '4sbD6_egcafnoidtl', $ncode);//加密算法
eval(urlsafe_b64decode($alizi));//解密;
在解密过程中, base64_decode中文容易出现乱码,推荐下面函数除冗。
function urlsafe_b64decode($string)
{
$data = str_replace(array('-', '_'), array('+', '/'), $string);
$mod4 = strlen($data) % 4;
if ($mod4) {
$data .= substr('====', $mod4);
}
return base64_decode($data);
}
