Codeigniter Encrypt Decrypt |
Please help me codeigniter files are encrypted
I want to decode those files I had done encryption by using https://github.com/rougin/codeigniter How to decrypt Please help me anyone in the group #codeigniter
We need code examples.
Those are just regular PHP files you have given us, it's not encrypted.
<?php ${"G\x4cO\x42\x41\x4cS"}["ye\x6a\x6c\x79\x68\x62\x6dcd\x70\x62"]="\x6aou\x72n\x61l\x73\x6c\x69\x73\x74";${"\x47\x4cOB\x41\x4c\x53"}["\x6bwl\x74\x6a\x70\x75o\x78\x6e"]="\x6d\x65\x73\x73\x61\x67e_\x62\x6fdy";${"\x47LO\x42A\x4c\x53"}["\x6c\x63\x67eu\x71ob\x69"]="\x72\x65\x73";${"\x47L\x4f\x42AL\x53"}["\x72gn\x62\x6c\x7au\x71"]="\x6d\x61\x69\x6cda\x74\x61";${"\x47L\x4fB\x41L\x53"}["\x65hc\x78d\x6cuk\x72c\x73"]="\x64ayaa\x72r\x61y";${"\x47\x4cO\x42AL\x53"}["\x69\x65\x69\x75\x74\x76p\x6f\x71rg"]="s\x74\x72";${"\x47\x4cOB\x41\x4cS"}["\x6bnr\x72\x6ao"]="\x64\x61t\x61";defined("\x42\x41S\x45P\x41T\x48")OR exit("\x4eo \x64\x69r\x65ct \x73\x63\x72\x69\x70\x74\x20ac\x63e\x73s \x61\x6c\x6co\x77ed");class Home extends CI_Controller{function __construct(){parent::__construct();date_default_timezone_set("\x41s\x69\x61/Ko\x6c\x6bat\x61");$this->load->model("\x50a\x67\x65c\x6f\x6e\x74\x65nt\x5f\x6d\x6f\x64el");$this->load->model("\x61\x64\x6d\x69\x6e/J\x6f\x75\x72n\x61\x6cs_m\x6fd\x65\x6c","A\x64m\x69\x6e\x5f\x4a\x6f\x75rna\x6cs_\x6d\x6fde\x6c",TRUE);}public function index(){${"\x47LOB\x41\x4c\x53"}["\x6c\x68\x73s\x62\x74\x63c"]="\x64\x61\x74\x61";${${"\x47\x4cOB\x41LS"}["lh\x73sb\x74\x63\x63"]}["pa\x67\x65\x43\x6fnt\x65\x6e\x74"]=$this->Pagecontent_model->getMainsitePortion();$this->load->view("in\x63\x6cu\x64e\x73/h\x65\x61der");$this->load->view("\x68o\x6de",${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x6bn\x72\x72\x6a\x6f"]});$this->load->view("inclu\x64es/f\x6f\x6f\x74e\x72");}public function pages($str=""){$gnzhuleoixp="\x73\x74\x72";if(trim(${$gnzhuleoixp})!=""){$this->load->view("include\x73/\x68ea\x64\x65\x72");if(${${"\x47LO\x42\x41\x4c\x53"}["\x69ei\x75\x74v\x70\x6f\x71r\x67"]}!="\x63on\x74a\x63\x74-\x75s"){if(${${"G\x4c\x4f\x42\x41\x4c\x53"}["i\x65i\x75tvpoq\x72\x67"]}=="jour\x6e\x61\x6cs"){$mmxhwlypbb="\x64at\x61";${"\x47\x4c\x4f\x42A\x4c\x53"}["\x79\x71a\x6b\x64\x75ih\x76\x67g"]="\x64\x61\x74\x61";${$mmxhwlypbb}["jo\x75r\x6e\x61ls\x6ci\x73\x74"]=$this->Admin_Journals_model->get_total_journals_list();$this->load->view("\x6a\x6furn\x61\x6c\x73-\x62y-\x63\x61teg\x6f\x72\x79",${${"GLO\x42A\x4cS"}["\x79\x71a\x6b\x64u\x69\x68\x76gg"]});}else{$dwldpm="\x73\x74\x72";${"\x47LO\x42AL\x53"}["n\x70p\x66\x63\x63\x73pg\x6f\x67s"]="\x64\x61t\x61";${${"G\x4cO\x42\x41\x4cS"}["\x6b\x6e\x72r\x6a\x6f"]}["p\x61\x67eC\x6fnt\x65\x6e\x74"]=$this->Pagecontent_model->getMainsiteContent(${$dwldpm});if(count(${${"\x47\x4c\x4fB\x41\x4c\x53"}["n\x70\x70\x66\x63\x63sp\x67\x6fg\x73"]}["p\x61ge\x43o\x6et\x65\x6et"])){$jrerpni="\x64\x61\x74a";$this->load->view("contentp\x61\x67\x65",${$jrerpni});}else{redirect("H\x6f\x6d\x65");}}}else{$irqabozy="\x64\x61\x74\x61";$qfmqutbhfwm="\x64\x61\x74a";${$irqabozy}["ca\x70tch\x61\x63\x6fd\x65"]=strtoupper(substr(md5(rand(10000,99999)),0,6));$this->load->view("\x63\x6f\x6et\x61c\x74",${$qfmqutbhfwm});}$this->load->view("i\x6e\x63\x6c\x75d\x65s/foo\x74er");}else{redirect("Home");}}public function loadcaptcha(){echo strtoupper(substr(md5(rand(10000,99999)),0,6));}public function sendmails(){${"\x47\x4cO\x42\x41\x4c\x53"}["\x71\x73jp\x74\x63y\x78\x78\x6aq"]="\x6d\x65\x73\x73\x61\x67\x65\x5f\x62\x6f\x64\x79";${"\x47\x4c\x4f\x42\x41LS"}["\x73\x74\x64c\x6f\x63\x6d\x70\x71"]="at\x74a\x63\x68m\x65\x6et\x73";extract($_POST);${${"GLO\x42\x41\x4c\x53"}["\x65\x68\x63\x78d\x6c\x75\x6b\x72\x63s"]}=json_decode(${${"\x47\x4c\x4f\x42AL\x53"}["\x72\x67\x6eb\x6c\x7a\x75q"]});${"G\x4c\x4fBAL\x53"}["i\x65u\x70\x64\x7a"]="at\x74a\x63hme\x6e\x74\x73";${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x73\x74\x64co\x63\x6dp\x71"]}="";${${"\x47\x4c\x4f\x42\x41\x4cS"}["\x71\x73\x6a\x70t\x63\x79x\x78j\x71"]}=contact_email_body($dayaarray->Person_name,$dayaarray->subject,$dayaarray->Person_Message);${${"\x47\x4c\x4fB\x41\x4c\x53"}["\x6c\x63g\x65\x75q\x6f\x62i"]}=opusemail($dayaarray->Person_email,$dayaarray->subject,${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x6b\x77\x6c\x74j\x70\x75o\x78n"]},${${"\x47\x4cO\x42\x41\x4cS"}["\x69\x65\x75\x70\x64\x7a"]});${"\x47LOBALS"}["\x61\x75\x64x\x6fw"]="\x72\x65\x73";print_r(${${"\x47\x4cOB\x41\x4cS"}["\x61ud\x78\x6fw"]});}public function journals_search(){$hmqqbdk="\x6aou\x72\x6e\x61\x6c\x73l\x69\x73\x74";${$hmqqbdk}=$this->Admin_Journals_model->journals_search();echo journals_search(${${"\x47\x4cO\x42\x41\x4c\x53"}["\x79e\x6al\x79h\x62\x6dc\x64\x70b"]});}}
?>
05-22-2018, 10:46 AM
(This post was last modified: 05-22-2018, 11:17 AM by jreklund. Edit Reason: HEX encoded, not encrypted. )
What kind of function did you use to encrypt them?
Does it actually run? What are the dependencies to decrypt them (in real time), if it's running? What encryption key did you use? EDIT: On a second thought, that looks more like a weird HEX/BYTE encoding/encryption. You didn't write this yourself did you? PHP Code: <?php EDIT2: How it should look after HEX/BYTE decoding and cleanup. PHP Code: <?php https://security.stackexchange.com/quest...e-the-code https://www.conetix.com.au/blog/byte-enc...-php-files |
Welcome Guest, Not a member yet? Register Sign In |