• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1808
  • Last Modified:

Decrypt php file

I'm working on a website done by somebody else that is not anymore on my company. Is a real estate website done in Flash, the following is the code for a contact form, my problem is that I'm trying to edit the php script to submit the form, but is encrypted. I already read some web pages to decrypt that, but with no luck. Nothing works!

Please help me to decrypt the script step by step if possible!

Thank you!

Flash code source:
on(release){
      with(_root.shell){
            fm.nom=nom.text;
            fm.mail=mail.text;
            fm.phone=phone.text;
            fm.city=city.text;
            fm.state=state.text;
            fm.country=country.text;
            fm.msg=msg.text;
      }
      
      _root.shell.fm.sendAndLoad("mail.php", _root.shell.fm, "POST");
      
      with(_root.shell){
            fm.nom=nom.text="";
            fm.mail=mail.text="";
            fm.phone=phone.text="";
            fm.city=city.text="";
            fm.state=state.text="";
            fm.country=country.text="";
            fm.msg=msg.text="";
      }
}


Php script:

<? eval(gzinflate(base64_decode('
DZTHrqtYAgB/pXf9nliYYANHPT1P5GjAYA5hMyJnMByiv37uF5RUKtWf//7nz1/FnvS/qm8zln2yFr/SBBX0/X95kU158etvMXZVcbYiTvJ2fNk3udreWFKrOKsNypcbBg5Lpfc4fu1RlelqppOxoKjbDStRS2XmACkahnkiebdpEbbC13dg4kvt4D17wzLP/QD5ZWsKpVlaxxjyErNEfHarVxYQZsZ0YsxZ+JuLcbxVeI/sqJjhFNXdtLo4Piryzr02xjDNRJRVBqd3hUkNfBq1qBIIR7AVDsBgPLuNgu1y60KrCbVA5YDuR+YpWvWTcLRNZaceBR50jtLgywjcOV4H8DllBUeCLBLu6uho7SoX6XEraPIoO6+vvjW+7q0foa1tQw3cs/6Bim2FTE/pQKZy+EheLHtylWTXR/DYxfBc7bqg0h9TQgyfYHqJt7ij2QLHnIm7rdQzVB8j3XijrA6XYhkwPSkkNEuWOD/89dAvOS/zBUol8ORtuvL9JLWk5a9l3oxJeKllQOsO7VA+wZJj1hCjqAX0CiKaSJ+QBFYYk5WzB7i0+O/6odcb4lzMoUdJyTK/gLl/bwZRbaSDrB9m92bc1yOwpcui4jCE4mw8yyPfvvJboUSqA/0wo2e6IcW0VYQNxjx8KLnurxO9COdJm8WUUh0/M58GGud+IdipGJ+urT5brakWMs8JXLF/Ul/YE9GoKJousN29NxPobISbus8kY+jY4pHd2PPDgrG0GxbNfMk8Ofb4UDBPI5n/BAKb6EFHTsTVg2RCs44yLl+OMGa4yaNUg2d1i8FoT8SAYALqJ7t4O2RP8N9rSIOQjGjq65a0gZop+Dqp2nppqZdNIwGmJjlUuYTbwgvG24YviZ/R80frACkgPsmPVjDV9+QJMXM5Q3TVROnir8conYOwX2ToR1L31F4+E8LNkFjs9bHx4/q4ngEBXTPUAvsPFtcPspk+uqHW/Ior8LG/NRt172wySi82EWCQsQOlqzMB3hZjrWcNdf00iPct6tMIidy2Ep5XyvoQZIHUenpueSacmQAyAukz0SPotu9TyGnAEP1LxVNSEWgcafAu7Y635LJk8CkuqK1c9JHpOvPwVMcAc/XuOSikVYMhW19ZQRzpAXrvDI4CnBTfb3gu6B8V2faQuZzOrQmrSEPSD2QMmniZ6BmNJEON8rr7EkEwa81h38uzGZ4eZ4uAxpF6XnC5002+cIwriIZnAZ65fVSuz2/UzllhoRNDbVIZC/5WKr/NIjM79g46vrptHBN7dczRoDKkvO/pxL1GofcjDDTjXn/AYRXYnZVsG10KjUff9WuotNH2zqwnbl8k6EveCvgkJ+b28phNh1ImpTMP7VK5wtTd/ESL7qKA9H21LeF1rujCAp75ak7Ffczlnhx5Qqkcsl5rdTZpqRISFZlrWe4P7FbuzvdngVtIOce///79+/fvf/768zPb/wM='))); ?>

0
luigi382006
Asked:
luigi382006
  • 3
  • 2
1 Solution
 
cristi_2112Commented:
?><?


$headers="From: Website <Real@realmediterraneo.com>rn";
$msg=
"Name: ".$_POST['nom']."<br>".
"Email: ".$_POST['mail']."<br>".
"Phone: ".$_POST['phone']."<br>".
"City: ".$_POST['city']."<br>".
"State: ".$_POST['state']."<br>".
"Country: ".$_POST['country']."<br>".
"Comments: ".$_POST['msg']."<br>";

$headers.="Content-Type: text/html; charset=iso-8859-1rn";
mail("hiram.vb@gmail.com","VB_ROBOT",$msg,$headers);
mail("info@realmediterraneo.com","Real Mediterraneo - Contact",$msg,$headers);



?><?

This is the code... the page is encoded recursively like 10 times.. :)
0
 
luigi382006Author Commented:
Nice, thank you!!!

There is a way for you to tell me how to do it?
0
 
Richard QuadlingSenior Software DeveloperCommented:
Something slightly off topic. The code uses short tags. I assume hiram.vb@gmail.com is the author. Short tags are gone in PHP6, so the program being used is going to need changing.


0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
cristi_2112Commented:
How I did it - I took the code you posted, removed the eval code and put it in a php document:
<?php
var_dump(gzinflate(base64_decode('
DZTHrqtYAgB/pXf9nliYYANHPT1P5GjAYA5hMyJnMByiv37uF5RUKtWf//7nz1/FnvS/qm8zln2yFr/SBBX0/X95kU158etvMXZVcbYiTvJ2fNk3udreWFKrOKsNypcbBg5Lpfc4fu1RlelqppOxoKjbDStRS2XmACkahnkiebdpEbbC13dg4kvt4D17wzLP/QD5ZWsKpVlaxxjyErNEfHarVxYQZsZ0YsxZ+JuLcbxVeI/sqJjhFNXdtLo4Piryzr02xjDNRJRVBqd3hUkNfBq1qBIIR7AVDsBgPLuNgu1y60KrCbVA5YDuR+YpWvWTcLRNZaceBR50jtLgywjcOV4H8DllBUeCLBLu6uho7SoX6XEraPIoO6+vvjW+7q0foa1tQw3cs/6Bim2FTE/pQKZy+EheLHtylWTXR/DYxfBc7bqg0h9TQgyfYHqJt7ij2QLHnIm7rdQzVB8j3XijrA6XYhkwPSkkNEuWOD/89dAvOS/zBUol8ORtuvL9JLWk5a9l3oxJeKllQOsO7VA+wZJj1hCjqAX0CiKaSJ+QBFYYk5WzB7i0+O/6odcb4lzMoUdJyTK/gLl/bwZRbaSDrB9m92bc1yOwpcui4jCE4mw8yyPfvvJboUSqA/0wo2e6IcW0VYQNxjx8KLnurxO9COdJm8WUUh0/M58GGud+IdipGJ+urT5brakWMs8JXLF/Ul/YE9GoKJousN29NxPobISbus8kY+jY4pHd2PPDgrG0GxbNfMk8Ofb4UDBPI5n/BAKb6EFHTsTVg2RCs44yLl+OMGa4yaNUg2d1i8FoT8SAYALqJ7t4O2RP8N9rSIOQjGjq65a0gZop+Dqp2nppqZdNIwGmJjlUuYTbwgvG24YviZ/R80frACkgPsmPVjDV9+QJMXM5Q3TVROnir8conYOwX2ToR1L31F4+E8LNkFjs9bHx4/q4ngEBXTPUAvsPFtcPspk+uqHW/Ior8LG/NRt172wySi82EWCQsQOlqzMB3hZjrWcNdf00iPct6tMIidy2Ep5XyvoQZIHUenpueSacmQAyAukz0SPotu9TyGnAEP1LxVNSEWgcafAu7Y635LJk8CkuqK1c9JHpOvPwVMcAc/XuOSikVYMhW19ZQRzpAXrvDI4CnBTfb3gu6B8V2faQuZzOrQmrSEPSD2QMmniZ6BmNJEON8rr7EkEwa81h38uzGZ4eZ4uAxpF6XnC5002+cIwriIZnAZ65fVSuz2/UzllhoRNDbVIZC/5WKr/NIjM79g46vrptHBN7dczRoDKkvO/pxL1GofcjDDTjXn/AYRXYnZVsG10KjUff9WuotNH2zqwnbl8k6EveCvgkJ+b28phNh1ImpTMP7VK5wtTd/ESL7qKA9H21LeF1rujCAp75ak7Ffczlnhx5Qqkcsl5rdTZpqRISFZlrWe4P7FbuzvdngVtIOce///79+/fvf/768zPb/wM='));
?>

... and I obtain something like the text you posted:
eval(gzinflate(base64_decode(' .... ')));

I did the first step again (removed the eval and call it in a page) , until I found something readable - after aprox. 10 decodings recursively.
0
 
cristi_2112Commented:
:)))
Dear luigi,
you put 50 points for the question and you gave me a B for solving it out ?!
I mean.. I saw that the question has 50 points, but I don't post on this site for the points.
Still... I see a B, so that means that you are not satisfied with my answer.. please, tell me what's the problem !?
You know, some people offer big points for their questions, others don't, but they are at least fair with the marking evan if they give away 50 points questions... maybe you can think about it :))
Thanks for the good support ;)
0
 
luigi382006Author Commented:
Hi cristi,

I just suscribe to this forum since maybe two months ago, I really don't know how exactly works, I just paid my subscription to be able to have help on things I don't have a clue how to solve. There was a split option for the points, but I decided to give those completely to you  because your answer was the best response to my question.

Like you said, ''I don't post on this site for the points'', then be glad to know that you help somebody that you don't know, and that was your good action for the day, and don't care if you received an A,B or C. :-)

Sincerely

Luis
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now