• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Codeigniter Encrypt Decrypt

#1
 Please help me codeigniter files are encrypted
 I want to decode those files
I had done encryption by using https://github.com/rougin/codeigniter
 How to decrypt
Please help me anyone in the group #codeigniter
Reply

#2
We need code examples.

Those are just regular PHP files you have given us, it's not encrypted.
Reply

#3
<?php ${"G\x4cO\x42\x41\x4cS"}["ye\x6a\x6c\x79\x68\x62\x6dcd\x70\x62"]="\x6aou\x72n\x61l\x73\x6c\x69\x73\x74";${"\x47\x4cOB\x41\x4c\x53"}["\x6bwl\x74\x6a\x70\x75o\x78\x6e"]="\x6d\x65\x73\x73\x61\x67e_\x62\x6fdy";${"\x47LO\x42A\x4c\x53"}["\x6c\x63\x67eu\x71ob\x69"]="\x72\x65\x73";${"\x47L\x4f\x42AL\x53"}["\x72gn\x62\x6c\x7au\x71"]="\x6d\x61\x69\x6cda\x74\x61";${"\x47L\x4fB\x41L\x53"}["\x65hc\x78d\x6cuk\x72c\x73"]="\x64ayaa\x72r\x61y";${"\x47\x4cO\x42AL\x53"}["\x69\x65\x69\x75\x74\x76p\x6f\x71rg"]="s\x74\x72";${"\x47\x4cOB\x41\x4cS"}["\x6bnr\x72\x6ao"]="\x64\x61t\x61";defined("\x42\x41S\x45P\x41T\x48")OR exit("\x4eo \x64\x69r\x65ct \x73\x63\x72\x69\x70\x74\x20ac\x63e\x73s \x61\x6c\x6co\x77ed");class Home extends CI_Controller{function __construct(){parent::__construct();date_default_timezone_set("\x41s\x69\x61/Ko\x6c\x6bat\x61");$this->load->model("\x50a\x67\x65c\x6f\x6e\x74\x65nt\x5f\x6d\x6f\x64el");$this->load->model("\x61\x64\x6d\x69\x6e/J\x6f\x75\x72n\x61\x6cs_m\x6fd\x65\x6c","A\x64m\x69\x6e\x5f\x4a\x6f\x75rna\x6cs_\x6d\x6fde\x6c",TRUE);}public function index(){${"\x47LOB\x41\x4c\x53"}["\x6c\x68\x73s\x62\x74\x63c"]="\x64\x61\x74\x61";${${"\x47\x4cOB\x41LS"}["lh\x73sb\x74\x63\x63"]}["pa\x67\x65\x43\x6fnt\x65\x6e\x74"]=$this->Pagecontent_model->getMainsitePortion();$this->load->view("in\x63\x6cu\x64e\x73/h\x65\x61der");$this->load->view("\x68o\x6de",${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x6bn\x72\x72\x6a\x6f"]});$this->load->view("inclu\x64es/f\x6f\x6f\x74e\x72");}public function pages($str=""){$gnzhuleoixp="\x73\x74\x72";if(trim(${$gnzhuleoixp})!=""){$this->load->view("include\x73/\x68ea\x64\x65\x72");if(${${"\x47LO\x42\x41\x4c\x53"}["\x69ei\x75\x74v\x70\x6f\x71r\x67"]}!="\x63on\x74a\x63\x74-\x75s"){if(${${"G\x4c\x4f\x42\x41\x4c\x53"}["i\x65i\x75tvpoq\x72\x67"]}=="jour\x6e\x61\x6cs"){$mmxhwlypbb="\x64at\x61";${"\x47\x4c\x4f\x42A\x4c\x53"}["\x79\x71a\x6b\x64\x75ih\x76\x67g"]="\x64\x61\x74\x61";${$mmxhwlypbb}["jo\x75r\x6e\x61ls\x6ci\x73\x74"]=$this->Admin_Journals_model->get_total_journals_list();$this->load->view("\x6a\x6furn\x61\x6c\x73-\x62y-\x63\x61teg\x6f\x72\x79",${${"GLO\x42A\x4cS"}["\x79\x71a\x6b\x64u\x69\x68\x76gg"]});}else{$dwldpm="\x73\x74\x72";${"\x47LO\x42AL\x53"}["n\x70p\x66\x63\x63\x73pg\x6f\x67s"]="\x64\x61t\x61";${${"G\x4cO\x42\x41\x4cS"}["\x6b\x6e\x72r\x6a\x6f"]}["p\x61\x67eC\x6fnt\x65\x6e\x74"]=$this->Pagecontent_model->getMainsiteContent(${$dwldpm});if(count(${${"\x47\x4c\x4fB\x41\x4c\x53"}["n\x70\x70\x66\x63\x63sp\x67\x6fg\x73"]}["p\x61ge\x43o\x6et\x65\x6et"])){$jrerpni="\x64\x61\x74a";$this->load->view("contentp\x61\x67\x65",${$jrerpni});}else{redirect("H\x6f\x6d\x65");}}}else{$irqabozy="\x64\x61\x74\x61";$qfmqutbhfwm="\x64\x61\x74a";${$irqabozy}["ca\x70tch\x61\x63\x6fd\x65"]=strtoupper(substr(md5(rand(10000,99999)),0,6));$this->load->view("\x63\x6f\x6et\x61c\x74",${$qfmqutbhfwm});}$this->load->view("i\x6e\x63\x6c\x75d\x65s/foo\x74er");}else{redirect("Home");}}public function loadcaptcha(){echo strtoupper(substr(md5(rand(10000,99999)),0,6));}public function sendmails(){${"\x47\x4cO\x42\x41\x4c\x53"}["\x71\x73jp\x74\x63y\x78\x78\x6aq"]="\x6d\x65\x73\x73\x61\x67\x65\x5f\x62\x6f\x64\x79";${"\x47\x4c\x4f\x42\x41LS"}["\x73\x74\x64c\x6f\x63\x6d\x70\x71"]="at\x74a\x63\x68m\x65\x6et\x73";extract($_POST);${${"GLO\x42\x41\x4c\x53"}["\x65\x68\x63\x78d\x6c\x75\x6b\x72\x63s"]}=json_decode(${${"\x47\x4c\x4f\x42AL\x53"}["\x72\x67\x6eb\x6c\x7a\x75q"]});${"G\x4c\x4fBAL\x53"}["i\x65u\x70\x64\x7a"]="at\x74a\x63hme\x6e\x74\x73";${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x73\x74\x64co\x63\x6dp\x71"]}="";${${"\x47\x4c\x4f\x42\x41\x4cS"}["\x71\x73\x6a\x70t\x63\x79x\x78j\x71"]}=contact_email_body($dayaarray->Person_name,$dayaarray->subject,$dayaarray->Person_Message);${${"\x47\x4c\x4fB\x41\x4c\x53"}["\x6c\x63g\x65\x75q\x6f\x62i"]}=opusemail($dayaarray->Person_email,$dayaarray->subject,${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x6b\x77\x6c\x74j\x70\x75o\x78n"]},${${"\x47\x4cO\x42\x41\x4cS"}["\x69\x65\x75\x70\x64\x7a"]});${"\x47LOBALS"}["\x61\x75\x64x\x6fw"]="\x72\x65\x73";print_r(${${"\x47\x4cOB\x41\x4cS"}["\x61ud\x78\x6fw"]});}public function journals_search(){$hmqqbdk="\x6aou\x72\x6e\x61\x6c\x73l\x69\x73\x74";${$hmqqbdk}=$this->Admin_Journals_model->journals_search();echo journals_search(${${"\x47\x4cO\x42\x41\x4c\x53"}["\x79e\x6al\x79h\x62\x6dc\x64\x70b"]});}}
?>
Reply

#4
What kind of function did you use to encrypt them?
Does it actually run?
What are the dependencies to decrypt them (in real time), if it's running?
What encryption key did you use?

EDIT: On a second thought, that looks more like a weird HEX/BYTE encoding/encryption. You didn't write this yourself did you?
PHP Code:
<?php
${"GLOBALS"}["yejlyhbmcdpb"] = "journalslist";
${
"GLOBALS"}["kwltjpuoxn"]   = "message_body";
${
"GLOBALS"}["lcgeuqobi"]    = "res";
${
"GLOBALS"}["rgnblzuq"]     = "maildata";
${
"GLOBALS"}["ehcxdlukrcs"]  = "dayaarray";
${
"GLOBALS"}["ieiutvpoqrg"]  = "str";
${
"GLOBALS"}["knrrjo"]       = "data";
defined("BASEPATH") OR exit("No direct script access allowed");
class 
Home extends CI_Controller
{
    function 
__construct()
    {
        
parent::__construct();
        
date_default_timezone_set("Asia/Kolkata");
        
$this->load->model("Pagecontent_model");
        
$this->load->model("admin/Journals_model""Admin_Journals_model"TRUE);
    }
    public function 
index()
    {
        ${
"GLOBALS"}["lhssbtcc"]                   = "data";
        ${${
"GLOBALS"}["lhssbtcc"]}["pageContent"] = $this->Pagecontent_model->getMainsitePortion();
        
$this->load->view("includes/header");
        
$this->load->view("home", ${${"GLOBALS"}["knrrjo"]});
        
$this->load->view("includes/footer");
    }
    public function 
pages($str "")
    {
        
$gnzhuleoixp "str";
        if (
trim(${$gnzhuleoixp}) != "") {
            
$this->load->view("includes/header");
            if (${${
"GLOBALS"}["ieiutvpoqrg"]} != "contact-us") {
                if (${${
"GLOBALS"}["ieiutvpoqrg"]} == "journals") {
                    
$mmxhwlypbb                    "data";
                    ${
"GLOBALS"}["yqakduihvgg"]    = "data";
                    ${
$mmxhwlypbb}["journalslist"] = $this->Admin_Journals_model->get_total_journals_list();
                    
$this->load->view("journals-by-category", ${${"GLOBALS"}["yqakduihvgg"]});
                } else {
                    
$dwldpm                                  "str";
                    ${
"GLOBALS"}["nppfccspgogs"]             = "data";
                    ${${
"GLOBALS"}["knrrjo"]}["pageContent"] = $this->Pagecontent_model->getMainsiteContent(${$dwldpm});
                    if (
count(${${"GLOBALS"}["nppfccspgogs"]}["pageContent"])) {
                        
$jrerpni "data";
                        
$this->load->view("contentpage", ${$jrerpni});
                    } else {
                        
redirect("Home");
                    }
                }
            } else {
                
$irqabozy                   "data";
                
$qfmqutbhfwm                "data";
                ${
$irqabozy}["captchacode"] = strtoupper(substr(md5(rand(1000099999)), 06));
                
$this->load->view("contact", ${$qfmqutbhfwm});
            }
            
$this->load->view("includes/footer");
        } else {
            
redirect("Home");
        }
    }
    public function 
loadcaptcha()
    {
        echo 
strtoupper(substr(md5(rand(1000099999)), 06));
    }
    public function 
sendmails()
    {
        ${
"GLOBALS"}["qsjptcyxxjq"] = "message_body";
        ${
"GLOBALS"}["stdcocmpq"]   = "attachments";
        
extract($_POST);
        ${${
"GLOBALS"}["ehcxdlukrcs"]} = json_decode(${${"GLOBALS"}["rgnblzuq"]});
        ${
"GLOBALS"}["ieupdz"]         = "attachments";
        ${${
"GLOBALS"}["stdcocmpq"]}   = "";
        ${${
"GLOBALS"}["qsjptcyxxjq"]} = contact_email_body($dayaarray->Person_name$dayaarray->subject$dayaarray->Person_Message);
        ${${
"GLOBALS"}["lcgeuqobi"]}   = opusemail($dayaarray->Person_email$dayaarray->subject, ${${"GLOBALS"}["kwltjpuoxn"]}, ${${"GLOBALS"}["ieupdz"]});
        ${
"GLOBALS"}["audxow"]         = "res";
        
print_r(${${"GLOBALS"}["audxow"]});
    }
    public function 
journals_search()
    {
        
$hmqqbdk    "journalslist";
        ${
$hmqqbdk} = $this->Admin_Journals_model->journals_search();
        echo 
journals_search(${${"GLOBALS"}["yejlyhbmcdpb"]});
    }


EDIT2: How it should look after HEX/BYTE decoding and cleanup.
PHP Code:
<?php
defined
("BASEPATH") OR exit("No direct script access allowed");
class 
Home extends CI_Controller
{
    function 
__construct()
    {
        
parent::__construct();
        
date_default_timezone_set("Asia/Kolkata");
        
$this->load->model("Pagecontent_model");
        
$this->load->model("admin/Journals_model""Admin_Journals_model"TRUE);
    }
    public function 
index()
    {
        
$data["pageContent"] = $this->Pagecontent_model->getMainsitePortion();
        
$this->load->view("includes/header");
        
$this->load->view("home"$data);
        
$this->load->view("includes/footer");
    }
    public function 
pages($str "")
    {
        if (
trim($str) != "") {
            
$this->load->view("includes/header");
            if (
$str != "contact-us") {
                if (
$str == "journals") {
                    
$data["journalslist"] = $this->Admin_Journals_model->get_total_journals_list();
                    
$this->load->view("journals-by-category"$data);
                } else {
                    
$data["pageContent"] = $this->Pagecontent_model->getMainsiteContent($str);
                    if (
count($data["pageContent"])) {
                        
$this->load->view("contentpage"$data);
                    } else {
                        
redirect("Home");
                    }
                }
            } else {
                
$data["captchacode"] = strtoupper(substr(md5(rand(1000099999)), 06));
                
$this->load->view("contact"$data);
            }
            
$this->load->view("includes/footer");
        } else {
            
redirect("Home");
        }
    }
    public function 
loadcaptcha()
    {
        echo 
strtoupper(substr(md5(rand(1000099999)), 06));
    }
    public function 
sendmails()
    {
        
extract($_POST);
        
$dayaarray json_decode($maildata);
        
$attachments   "";
        
$message_body contact_email_body($dayaarray->Person_name$dayaarray->subject$dayaarray->Person_Message);
        
$res   opusemail($dayaarray->Person_email$dayaarray->subject$message_body$attachments);
        
print_r($res);
    }
    public function 
journals_search()
    {
        
$journalslist $this->Admin_Journals_model->journals_search();
        echo 
journals_search($journalslist);
    }


https://security.stackexchange.com/quest...e-the-code
https://www.conetix.com.au/blog/byte-enc...-php-files
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.