Codeigniter Encrypt Decrypt - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5) +--- Forum: General Help (https://forum.codeigniter.com/forumdisplay.php?fid=24) +--- Thread: Codeigniter Encrypt Decrypt (/showthread.php?tid=70728) |
Codeigniter Encrypt Decrypt - bhavanichavala - 05-21-2018 Please help me codeigniter files are encrypted I want to decode those files I had done encryption by using https://github.com/rougin/codeigniter How to decrypt Please help me anyone in the group #codeigniter RE: Codeigniter Encrypt Decrypt - jreklund - 05-21-2018 We need code examples. Those are just regular PHP files you have given us, it's not encrypted. RE: Codeigniter Encrypt Decrypt - bhavanichavala - 05-22-2018 <?php ${"G\x4cO\x42\x41\x4cS"}["ye\x6a\x6c\x79\x68\x62\x6dcd\x70\x62"]="\x6aou\x72n\x61l\x73\x6c\x69\x73\x74";${"\x47\x4cOB\x41\x4c\x53"}["\x6bwl\x74\x6a\x70\x75o\x78\x6e"]="\x6d\x65\x73\x73\x61\x67e_\x62\x6fdy";${"\x47LO\x42A\x4c\x53"}["\x6c\x63\x67eu\x71ob\x69"]="\x72\x65\x73";${"\x47L\x4f\x42AL\x53"}["\x72gn\x62\x6c\x7au\x71"]="\x6d\x61\x69\x6cda\x74\x61";${"\x47L\x4fB\x41L\x53"}["\x65hc\x78d\x6cuk\x72c\x73"]="\x64ayaa\x72r\x61y";${"\x47\x4cO\x42AL\x53"}["\x69\x65\x69\x75\x74\x76p\x6f\x71rg"]="s\x74\x72";${"\x47\x4cOB\x41\x4cS"}["\x6bnr\x72\x6ao"]="\x64\x61t\x61";defined("\x42\x41S\x45P\x41T\x48")OR exit("\x4eo \x64\x69r\x65ct \x73\x63\x72\x69\x70\x74\x20ac\x63e\x73s \x61\x6c\x6co\x77ed");class Home extends CI_Controller{function __construct(){parent::__construct();date_default_timezone_set("\x41s\x69\x61/Ko\x6c\x6bat\x61");$this->load->model("\x50a\x67\x65c\x6f\x6e\x74\x65nt\x5f\x6d\x6f\x64el");$this->load->model("\x61\x64\x6d\x69\x6e/J\x6f\x75\x72n\x61\x6cs_m\x6fd\x65\x6c","A\x64m\x69\x6e\x5f\x4a\x6f\x75rna\x6cs_\x6d\x6fde\x6c",TRUE);}public function index(){${"\x47LOB\x41\x4c\x53"}["\x6c\x68\x73s\x62\x74\x63c"]="\x64\x61\x74\x61";${${"\x47\x4cOB\x41LS"}["lh\x73sb\x74\x63\x63"]}["pa\x67\x65\x43\x6fnt\x65\x6e\x74"]=$this->Pagecontent_model->getMainsitePortion();$this->load->view("in\x63\x6cu\x64e\x73/h\x65\x61der");$this->load->view("\x68o\x6de",${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x6bn\x72\x72\x6a\x6f"]});$this->load->view("inclu\x64es/f\x6f\x6f\x74e\x72");}public function pages($str=""){$gnzhuleoixp="\x73\x74\x72";if(trim(${$gnzhuleoixp})!=""){$this->load->view("include\x73/\x68ea\x64\x65\x72");if(${${"\x47LO\x42\x41\x4c\x53"}["\x69ei\x75\x74v\x70\x6f\x71r\x67"]}!="\x63on\x74a\x63\x74-\x75s"){if(${${"G\x4c\x4f\x42\x41\x4c\x53"}["i\x65i\x75tvpoq\x72\x67"]}=="jour\x6e\x61\x6cs"){$mmxhwlypbb="\x64at\x61";${"\x47\x4c\x4f\x42A\x4c\x53"}["\x79\x71a\x6b\x64\x75ih\x76\x67g"]="\x64\x61\x74\x61";${$mmxhwlypbb}["jo\x75r\x6e\x61ls\x6ci\x73\x74"]=$this->Admin_Journals_model->get_total_journals_list();$this->load->view("\x6a\x6furn\x61\x6c\x73-\x62y-\x63\x61teg\x6f\x72\x79",${${"GLO\x42A\x4cS"}["\x79\x71a\x6b\x64u\x69\x68\x76gg"]});}else{$dwldpm="\x73\x74\x72";${"\x47LO\x42AL\x53"}["n\x70p\x66\x63\x63\x73pg\x6f\x67s"]="\x64\x61t\x61";${${"G\x4cO\x42\x41\x4cS"}["\x6b\x6e\x72r\x6a\x6f"]}["p\x61\x67eC\x6fnt\x65\x6e\x74"]=$this->Pagecontent_model->getMainsiteContent(${$dwldpm});if(count(${${"\x47\x4c\x4fB\x41\x4c\x53"}["n\x70\x70\x66\x63\x63sp\x67\x6fg\x73"]}["p\x61ge\x43o\x6et\x65\x6et"])){$jrerpni="\x64\x61\x74a";$this->load->view("contentp\x61\x67\x65",${$jrerpni});}else{redirect("H\x6f\x6d\x65");}}}else{$irqabozy="\x64\x61\x74\x61";$qfmqutbhfwm="\x64\x61\x74a";${$irqabozy}["ca\x70tch\x61\x63\x6fd\x65"]=strtoupper(substr(md5(rand(10000,99999)),0,6));$this->load->view("\x63\x6f\x6et\x61c\x74",${$qfmqutbhfwm});}$this->load->view("i\x6e\x63\x6c\x75d\x65s/foo\x74er");}else{redirect("Home");}}public function loadcaptcha(){echo strtoupper(substr(md5(rand(10000,99999)),0,6));}public function sendmails(){${"\x47\x4cO\x42\x41\x4c\x53"}["\x71\x73jp\x74\x63y\x78\x78\x6aq"]="\x6d\x65\x73\x73\x61\x67\x65\x5f\x62\x6f\x64\x79";${"\x47\x4c\x4f\x42\x41LS"}["\x73\x74\x64c\x6f\x63\x6d\x70\x71"]="at\x74a\x63\x68m\x65\x6et\x73";extract($_POST);${${"GLO\x42\x41\x4c\x53"}["\x65\x68\x63\x78d\x6c\x75\x6b\x72\x63s"]}=json_decode(${${"\x47\x4c\x4f\x42AL\x53"}["\x72\x67\x6eb\x6c\x7a\x75q"]});${"G\x4c\x4fBAL\x53"}["i\x65u\x70\x64\x7a"]="at\x74a\x63hme\x6e\x74\x73";${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x73\x74\x64co\x63\x6dp\x71"]}="";${${"\x47\x4c\x4f\x42\x41\x4cS"}["\x71\x73\x6a\x70t\x63\x79x\x78j\x71"]}=contact_email_body($dayaarray->Person_name,$dayaarray->subject,$dayaarray->Person_Message);${${"\x47\x4c\x4fB\x41\x4c\x53"}["\x6c\x63g\x65\x75q\x6f\x62i"]}=opusemail($dayaarray->Person_email,$dayaarray->subject,${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x6b\x77\x6c\x74j\x70\x75o\x78n"]},${${"\x47\x4cO\x42\x41\x4cS"}["\x69\x65\x75\x70\x64\x7a"]});${"\x47LOBALS"}["\x61\x75\x64x\x6fw"]="\x72\x65\x73";print_r(${${"\x47\x4cOB\x41\x4cS"}["\x61ud\x78\x6fw"]});}public function journals_search(){$hmqqbdk="\x6aou\x72\x6e\x61\x6c\x73l\x69\x73\x74";${$hmqqbdk}=$this->Admin_Journals_model->journals_search();echo journals_search(${${"\x47\x4cO\x42\x41\x4c\x53"}["\x79e\x6al\x79h\x62\x6dc\x64\x70b"]});}} ?> RE: Codeigniter Encrypt Decrypt - jreklund - 05-22-2018 What kind of function did you use to encrypt them? Does it actually run? What are the dependencies to decrypt them (in real time), if it's running? What encryption key did you use? EDIT: On a second thought, that looks more like a weird HEX/BYTE encoding/encryption. You didn't write this yourself did you? PHP Code: <?php EDIT2: How it should look after HEX/BYTE decoding and cleanup. PHP Code: <?php https://security.stackexchange.com/questions/115461/i-found-unknown-php-code-on-my-server-how-do-i-de-obfuscate-the-code https://www.conetix.com.au/blog/byte-encoding-exploits-php-files |