如何破解phpjm.net的混淆加密并解密

如题所述

推荐答案 2016-12-18

ãã$file = 'plugin.php'; //è¦ç ´è§£çæä»¶
ãã$fp = fopen($file, 'r');
ãã$str = fread($fp, filesize($file));
ããfclose($fp);
ããcopy($file, '0_'.$file);
ãã$n = 1;
ããwhile($n < 10){
ãã$code = strdecode($str);
ããif($n == 1){
ãã$code = str_replace("__FILE__", "'0_$file'", $code);
ãã}
ãã$replace = '$decode'.$n.'=trim';
ããif(strpos($code, 'eval(') > 0){
ãã$code = str_replace('eval(', $replace.'(', $code);
ãã}else{
ããpreg_match("/@\\$(.*)$\\$(.*),(.*)\(/isU", $code, $res);
ãã$code = str_replace($res[3], "'$replace", $code);
ãã}
ãã$code = preg_replace('/\\$(.*)=false;(.*?)\($;/', '', $code); //ä¸ä¸çæ¬
ãã$code = preg_replace('/\|\|@\\$(.*?);/', '|| print("ok");', $code);
ãã$code = destr($code);
ãã$tmp_file = 'detmp'.$n.'.php';
ããfile_put_contents($tmp_file, $code);
ããinclude($tmp_file);
ãã$val = 'decode'.$n;
ãã$str = $$val;
ããunlink($tmp_file);
ããif(strpos($str, ';?>') === 0){
ãã$decode = $str;
ããbreak;
ãã}
ãã$str = " $n++;
ãã}
ãã$decode = preg_replace("/^(.*)exit$'Access Denied'$; /", " $del = strrchr($decode, 'unset');
ãã$decode = str_replace($del, "\r\n?>", $decode);
ããfile_put_contents($file.'.de.php' ,$decode);
ããunlink('0_'.$file);
ããecho 'done';
ãã////////////
ããfunction val_replace($code, $val, $deval){
ãã$code = str_replace('$'.$val.',', '$'.$deval.',', $code);
ãã$code = str_replace('$'.$val.';', '$'.$deval.';', $code);
ãã$code = str_replace('$'.$val.'=', '$'.$deval.'=', $code);
ãã$code = str_replace('$'.$val.'(', '$'.$deval.'(', $code);
ãã$code = str_replace('$'.$val.')', '$'.$deval.')', $code);
ãã$code = str_replace('$'.$val.'.', '$'.$deval.'.', $code);
ãã$code = str_replace('$'.$val.'/', '$'.$deval.'/', $code);
ãã$code = str_replace('$'.$val.'>', '$'.$deval.'>', $code);
ãã$code = str_replace('$'.$val.'<', '$'.$deval.'<', $code);
ãã$code = str_replace('$'.$val.'^', '$'.$deval.'^', $code);
ãã$code = str_replace('$'.$val.'||', '$'.$deval.'||', $code);
ãã$code = str_replace('($'.$val.' ', '($'.$deval.' ', $code);
ããreturn $code;
ãã}
ããfunction fmt_code($code){
ããglobal $vals,$funs;
ããpreg_match_all("/\\$[0-9a-zA-Z\[\]']+(,|;)/iesU", $code, $res);
ããforeach($res[0] as $v){
ãã$val = str_replace(array('$',',',';'), '', $v);
ãã$deval = destr($val, 1);
ãã$vals[$val] = $deval;
ãã$code = val_replace($code, $val, $deval);
ãã}
ããpreg_match_all("/\\$[0-9a-zA-Z\[\]']+=/iesU", $code, $res);
ããforeach($res[0] as $v){
ãã$val = str_replace(array('$','='), '', $v);
ãã$deval = destr($val, 1);
ãã$vals[$val] = $deval;
ãã$code = val_replace($code, $val, $deval);
ãã}
ããpreg_match_all("/function\s[0-9a-zA-Z\[\]]+\(/iesU", $code, $res);
ããforeach($res[0] as $v){
ãã$val = str_replace(array('function ','('), '', $v);
ãã$deval = destr($val, 1);
ãã$funs[$val] = $deval;
ãã$code = str_replace('function '.$val.'(', 'function '.$deval.'(', $code);
ãã$code = str_replace('='.$val.'(', '='.$deval.'(', $code);
ãã$code = str_replace('return '.$val.'(', 'return '.$deval.'(', $code);
ãã}
ããreturn $code;
ãã}
ããfunction strdecode($str){
ãã$len = strlen($str);
ãã$newstr = '';
ããfor($i=0; $i<$len; $i++){
ãã$n = ord($str[$i]);
ãã$newstr .= decode($n);
ãã}
ããreturn $newstr;
ãã}
ããfunction decode($dec){
ããif(($dec > 126 || $dec<32) && $dec<>13 && $dec<>10){
ããreturn '['.$dec.']';
ãã}else{
ããreturn chr($dec);
ãã}
ãã}
ããfunction destr($str, $val=0){
ãã$k = 0;
ãã$num = '';
ãã$n = strlen($str);
ãã$code = '';
ããfor($i=0; $i<$n; $i++){
ããif($str[$i] == '[' && ($str[$i+1]==1 || $str[$i+1]==2)){
ãã$k = 1;
ãã}elseif($str[$i] == ']' && $k==1){
ãã$num = intval($num);
ããif($val==1){
ãã$num = 97 + fmod($num, 25);
ãã}
ãã$code .= chr($num);
ãã$k = 0;
ãã$num = null;
ãã}else{
ããif($k == 1){
ãã$num .= $str[$i];
ãã}else{
ãã$code .= $str[$i];
ãã}
ãã}
ãã}
ããreturn $code;
ãã}
ãã?>

温馨提示：答案为网友推荐，仅供参考

当前网址：http://99.wendadaohang.com/zd/WBWe7zX7OOzvvzOBjtt.html

相似回答

大家正在搜