Tag

轉載本站的文章

只要在轉寄文章中註明作者名、出處,並提供回到原文的連結,則皆歡迎轉寄轉載喔!謝謝大家配合喔。

Sava As PDF

Meta

11 Feb

Decrypt WPBoxedTech footer.php step by step

Author: Eric  //  Category: Free Teaching

00. 如果對您而言真的很難,請直接複製第 10 步驟或文章最後的程式碼取代 WPBoxedTech 的 footer.php

01. 於 WPBoxedTech 的 footer.php 看到 F9a2d8ce3('RlpySHNvUFlGVkoveFRPM2l3....省略....DkvL2ZmUHYvNFA=');

02. 所以到 WPBoxedTech 的 functions.php 找到 F9a2d8ce3($V341be97d) 刪掉完全用不到的全域變數、if判斷、switch case 等,我們會得到一個變數名稱都很鳥的程式碼,拿去 run 會出現找不到 Ff6d131d9(),所以只好再去 WPBoxedTech 的 functions.php 挖寶。
// Fatal error: Call to undefined function Ff6d131d9()
// 依序找不到的 funcion name 會是 : Ff6d131d9(),Ff2380753(),Fbef92ce0(),F8c4346d7()

<?php

function F9a2d8ce3( $V341be97d ) {

$V62216a69 = explode( "|", $V341be97d );
$Vb4a88417 = "";
for( $V865c0c0b = 0; $V865c0c0b < count( $V62216a69 ); $V865c0c0b++ ) {
  $Vb4a88417 .= Ff6d131d9( $V62216a69[ $V865c0c0b ] );
  $V341be97d = ereg_replace(0x85, "...", $V341be97d);
  $V341be97d = ereg_replace(0x91, "'", $V341be97d);
  $V341be97d = ereg_replace(0x93, '"', $V341be97d);
  $V341be97d = ereg_replace(0x94, '"', $V341be97d);
}
  $Vb4a88417 = Ff6d131d9( $Vb4a88417 );
  $Vb4a88417 = Ff2380753( $Vb4a88417 );
  $Vb4a88417 = Fbef92ce0( $Vb4a88417 );
  $Vb4a88417 = F8c4346d7( $Vb4a88417 );
}

echo F9a2d8ce3('RlpySHNvUFlGVkoveFRPM2l3....省略....DkvL2ZmUHYvNFA=');
?>

03. 也是廢話一堆,重點只有 return base64_decode( $V341be97d );

<?php
function Ff6d131d9( $V341be97d ) {

  global $V542b4c0f; $V10573b87 = "SELECT ID, comment_ID, comment_content, comment_author_email, comment_author, comment_author_url, comment_date, post_title, comment_type
 FROM $V542b4c0f->comments LEFT JOIN $V542b4c0f->posts ON $V542b4c0f->posts.ID=$V542b4c0f->comments.comment_post_ID WHERE post_status IN ('publish','static')";

 return base64_decode( $V341be97d );
}
?>

04. 加上去後再 run 看看

<?php

function Ff6d131d9( $V341be97d ) {
  return base64_decode( $V341be97d );
}

function F9a2d8ce3( $V341be97d ) {

$V62216a69 = explode( "|", $V341be97d );
$Vb4a88417 = "";
for( $V865c0c0b = 0; $V865c0c0b < count( $V62216a69 ); $V865c0c0b++ ) {
  $Vb4a88417 .= Ff6d131d9( $V62216a69[ $V865c0c0b ] );
  $V341be97d = ereg_replace( 0x85, "...", $V341be97d );
  $V341be97d = ereg_replace( 0x91, "'", $V341be97d );
  $V341be97d = ereg_replace( 0x93, '"', $V341be97d );
  $V341be97d = ereg_replace( 0x94, '"', $V341be97d );
}
  $Vb4a88417 = Ff6d131d9( $Vb4a88417 );
  $Vb4a88417 = Ff2380753( $Vb4a88417 );
  $Vb4a88417 = Fbef92ce0( $Vb4a88417 );
  $Vb4a88417 = F8c4346d7( $Vb4a88417 );
}

echo F9a2d8ce3('RlpySHNvUFlGVkoveFRPM2l3....省略....DkvL2ZmUHYvNFA=');
?>

05. 這次會找不到 Ff2380753(),所以我們再去 WPBoxedTech 的 functions.php 挖寶

<?php
function Ff2380753( $V341be97d ) {
  return str_rot13( $V341be97d );
  $Ve2e39b5c = 'Anonym'; $Va9b4ab92 = 'Webseite von &lsaquo;'; $V52a106b8 = '&rsaquo; besuchen';
}
?>

06. 再加上去 run run 看,這次會找不到 Fbef92ce0,所以我們再去 WPBoxedTech 的 functions.php 挖寶

<?php
function Fbef92ce0( $V341be97d ) {
  return gzinflate( $V341be97d );
  if ( !$Vb5dc19ed ) $V10573b87 .= "AND post_password ='' "; $V10573b87 .= "AND comment_approved = '1' ORDER BY comment_ID DESC LIMIT $V2ae6568f";
}
?>

07. 再加上去 run run 看,這次會找不到 F8c4346d7,所以我們再去 WPBoxedTech 的 functions.php 挖寶
// 接連幾個例子大家應該都能上手,所以這個就直接寫去蕪存菁過後的

<?php
function F8c4346d7( $V341be97d ) {
  return eval( $V341be97d );
}
?>

08. 找完最後一個 undefined function,再 run run 看吧

<?php

function Ff6d131d9( $V341be97d ) {
  return base64_decode( $V341be97d );
}

function Ff2380753( $V341be97d ) {
  return str_rot13( $V341be97d );
}

function Fbef92ce0( $V341be97d ) {
  return gzinflate( $V341be97d );
}

function F8c4346d7( $V341be97d ) {
  return eval( $V341be97d );
}

function F9a2d8ce3( $V341be97d ) {

$V62216a69 = explode( "|", $V341be97d );
$Vb4a88417 = "";
for( $V865c0c0b = 0; $V865c0c0b < count( $V62216a69 ); $V865c0c0b++ ) {
  $Vb4a88417 .= Ff6d131d9( $V62216a69[ $V865c0c0b ] );
  $V341be97d = ereg_replace( 0x85, "...", $V341be97d );
  $V341be97d = ereg_replace( 0x91, "'", $V341be97d );
  $V341be97d = ereg_replace( 0x93, '"', $V341be97d );
  $V341be97d = ereg_replace( 0x94, '"', $V341be97d );
}
  $Vb4a88417 = Ff6d131d9( $Vb4a88417 );
  $Vb4a88417 = Ff2380753( $Vb4a88417 );
  $Vb4a88417 = Fbef92ce0( $Vb4a88417 );
  $Vb4a88417 = F8c4346d7( $Vb4a88417 );
}

echo F9a2d8ce3('RlpySHNvUFlGVkoveFRPM2l3....省略....DkvL2ZmUHYvNFA=');
?>

09. 是不是跑出了

eval(gzinflate(str_rot13(base64_decode('....省略....'))));

10. 最後用之前介紹的 eval(gzinflate(str_rot13(base64_decode('....'))));

</div>
<div id="sidebars">
  <?php get_sidebar(); ?>
  <?php include (TEMPLATEPATH . '/sidebar_right.php'); ?>
</div>
</div>

<div id="footer_box">
  <div class="box"><div class="box_outer"><div class="box_inner"><div class="box_bottom_right"><div class="box_bottom_left">
    <?php include (TEMPLATEPATH . '/bottom.php'); ?>
  </div></div></div></div></div>
</div>

<div id="footer">
  Copyright &copy; <?php echo gmdate(__('Y')); ?>. <a href="http://www.technologytricks.com/wpboxedtech-free-professional-premium-wordpress-theme/">WP BoxedTech</a> theme by <a href="http://www.onlinehealthdeals.com/">Health Coupons</a>. Supported by BlueHost <a href="http://www.bluehost.com/">Web Hosting</a>, <a href="http://www.bingodazzle.co.uk/">Free Bingo</a>, <a href="http://webhosting.reviewitonline.net/">Web Hosting</a> & <a href="http://www.photoads.co.uk/">Classified Ads</a>
</div>
</div>
</body>
</html>

12. 眼睛好點會發現下面四行沒有用,最後把他改成比較好懂的程式碼

$V341be97d = ereg_replace( 0x85, "...", $V341be97d );
$V341be97d = ereg_replace( 0x91, "'", $V341be97d );
$V341be97d = ereg_replace( 0x93, '"', $V341be97d );
$V341be97d = ereg_replace( 0x94, '"', $V341be97d );

<?php

function F9a2d8ce3( $encryptedStr ) {

  $explodedStr = explode( "|", $encryptedStr );
  $decryptedStr = ""; 

  for( $i = 0; $i < count( $explodedStr ); $i++ ) {
    $decryptedStr .= base64_decode( $explodedStr[ $i ] );
  }

  return gzinflate( str_rot13( base64_decode( $decryptedStr ) ) );

}

echo F9a2d8ce3('RlpySHNvUFlGVkoveFRPM2l3....省略....DkvL2ZmUHYvNFA=');
?>

11. 感覺怎麼樣呢? 是不是不輸線上遊戲的解謎?

ps.
01. WPBoxedTech 下面最左邊要裝 FlickrRSS Plugin;中間要有 MyBlogLog 的帳號( 填在 WPBoxedTech Settings -> MyBlogLog ID ),類似誰來我家的功能;最右邊是一堆 DiggTwitterFacebook 等 Web 2.0 的功能,如果您像我如此這般的"陽光",感覺用不到的話

以下擇一
a. 清空 WPBoxedTech 的 bottom.php 裡面的程式碼。
b. 刪掉 WPBoxedTech 的 footer.php 裡的

<?php include (TEMPLATEPATH . '/bottom.php'); ?>

2. 精簡過後的版本

</div>
<div id="sidebars">
  <?php get_sidebar(); ?>
  <?php include (TEMPLATEPATH . '/sidebar_right.php'); ?>
</div>
</div>

<div id="footer_box">
  <div class="box"><div class="box_outer"><div class="box_inner"><div class="box_bottom_right"><div class="box_bottom_left">
    <?php include (TEMPLATEPATH . '/bottom.php'); ?>
  </div></div></div></div></div>
</div>

<div id="footer">
  <p>Copyright &copy; <?php echo gmdate(__('Y')); ?>. <?php bloginfo('name'); ?> All rights reserved. Designed by <a href="http://www.technologytricks.com/wpboxedtech-free-professional-premium-wordpress-theme/" target="_blank">WP BoxedTech</a></p>
</div>
</div>
</body>
</html>

Tags: , , , , ,

2 Responses to “Decrypt WPBoxedTech footer.php step by step”

  1. Kevinex Says:
    March 18th, 2010 at 4:31 AM

    Thanks very much! :)

  2. Zaid Fuddin Says:
    April 19th, 2010 at 9:05 PM

    Your site is awesome dude! that was nice decrypt and thanks! bookmark your site!

Leave a Reply

Pages

Categories

look for