Thread: Decoding Base64

    #1
  1. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2010
    Location
    North America
    Posts
    66
    Rep Power
    61

    Decoding Base64


    I'm trying to edit a php file encoded in gzinflate base64 format. From what I have gathered this type of encoding is achieved by reversing some codes to achieve base64 or so if my memory serves me right. I have tried everything possible but could not decode the code below. I was wondering if anyone knows of an alternate solution to decoding the code?

    PHP Code:
    <?php eval(stripslashes(gzinflate(base64_decode("XY5NCoMwEIX3gnd4uDAKhe6rNTfopgeQNBl1IE7EpKW9fauULspbvT/4dNc6fsB6E+O5sMEXXZ61epkW8IAKw11s4iA9PTmmWCn3EjOz7SM7uplV1ShL/IWVuv7aGifk2SbykXZDdgpQl5AmlhEs+N4OGANSwGKEPIw4GOcQw0z7UjUkjocGekM8frC7Vr8B")))); ?>
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Mar 2006
    Posts
    2,441
    Rep Power
    1688
    At the risk of sounding rather obvious, and from someone not that familiar with php ... why not stop eval-ing it and print the result instead? Real question is ... why? I would assume someone has written it this way to stop others seeing what it does, probably for a reason.
    The moon on the one hand, the dawn on the other:
    The moon is my sister, the dawn is my brother.
    The moon on my left and the dawn on my right.
    My brother, good morning: my sister, good night.
    -- Hilaire Belloc
  4. #3
  5. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2010
    Location
    North America
    Posts
    66
    Rep Power
    61
    Originally Posted by SimonJM
    At the risk of sounding rather obvious, and from someone not that familiar with php ... why not stop eval-ing it and print the result instead? Real question is ... why? I would assume someone has written it this way to stop others seeing what it does, probably for a reason.
    Well, printing the result is what I'm looking for. As for the reason why the original author encoded the file that way, I don't really know. This file is wordpress sidebar.php file - I want to edit the sidebar and add extra codes in there but cannot do so without the decoded version.

    I have given thoughts to creating a completely new sidebar file from scratch. But before doing so, I wanted to know if anyone can help with decoding this one, in case there is something important in the file required to make the whole thing work.
  6. #4
  7. No Profile Picture
    I haz teh codez!
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Dec 2003
    Posts
    2,548
    Rep Power
    2337
    You can see exactly what they're doing here. You can't figure out how to write a script to do that to the base64 string??? You can at least find out what's being eval'd.
    I ♥ ManiacDan & requinix

    This is a sig, and not necessarily a comment on the OP:
    Please don't be a help vampire!
  8. #5
  9. No Profile Picture
    Lost in code
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2004
    Posts
    8,317
    Rep Power
    7170
    Just replace the word eval with the word print then... it'll show you the decompressed source code.
    PHP FAQ

    Originally Posted by Spad
    Ah USB, the only rectangular connector where you have to make 3 attempts before you get it the right way around
  10. #6
  11. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2010
    Location
    North America
    Posts
    66
    Rep Power
    61
    Originally Posted by E-Oreo
    Just replace the word eval with the word print then... it'll show you the decompressed source code.
    I've just tried that but no luck, if it's not asking too much. If anyone can decode it and post the decoded file I will appreciate it. If not possible then going to give re-building a new sidebar a shot.
  12. #7
  13. Sarcky
    Devshed Supreme Being (6500+ posts)

    Join Date
    Oct 2006
    Location
    Pennsylvania, USA
    Posts
    10,853
    Rep Power
    6351
    If you tried it, you would have gotten:
    PHP Code:
    ?><div class="col">
    <?php if ( function_exists('dynamic_sidebar') && dynamic_sidebar('Sidebar') ) : 


    else : 
    echo 
    'Nothing in sidebar, go to panel and add something';endif; ?>
    </div><?
    For real, that's the output if you replace "eval" with "print." go find the "dynamic sidebar" function and edit it.

    -Dan
    HEY! YOU! Read the New User Guide and Forum Rules

    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin

    "The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002

    Think we're being rude? Maybe you asked a bad question or you're a Help Vampire. Trying to argue intelligently? Please read this.
  14. #8
  15. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2010
    Location
    North America
    Posts
    66
    Rep Power
    61
    Thanks Dan that is exactly what I needed, regarding changing evalto print. What I did was change it and save the file but it didn't return the decoded version when I opened the file. What did you different after changing eval to print?
  16. #9
  17. Sarcky
    Devshed Supreme Being (6500+ posts)

    Join Date
    Oct 2006
    Location
    Pennsylvania, USA
    Posts
    10,853
    Rep Power
    6351
    RUN the file. print() doesn't do anything until you run it.
    HEY! YOU! Read the New User Guide and Forum Rules

    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin

    "The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002

    Think we're being rude? Maybe you asked a bad question or you're a Help Vampire. Trying to argue intelligently? Please read this.

IMN logo majestic logo threadwatch logo seochat tools logo