Method to reveal hidden code in PHP

Working in mp3.gaguma.net me encontre the following extract of code in repositorio I publish Github.

The code this codified 15 times in a combination of multiple calls to functions as str_rot13, gzinflate, gzuncompress, strrev and base64_decode. Studying computation I have learned that one of the important rules but for a programmer is that you never must include hidden code in your application since is problems of security and privacy.

One of the forms to reveal the hidden code is to call each function, one by one, until it gives back the open code to you. Within repositorio there is a closed commentary that reveals the code to you but I did not see it when she was analyzing the code, but as I like a good challenge I was decided to reveal the code without the aid of tools online that specialize in this type of tasks.

For this task decidi of using a tool to execute code PHP online. Lines 22-64 are the code to reveal, copy the code and eliminate the call eval so that it showed to me what it was executed hidden.

The result showed but hidden code to me

eval (gzinflate (base64_decode (rawurldecode (‘XZXHroTgDUYfJ4lY0IamKAt67w…’))));

If the same process repeated to copy the exit code and to remove the call to eval, it gave but hidden code me

eval (base64_decode (gzuncompress (base64_decode (‘eJwVlt1iq6wWRV8JNfbbudy…’))));

Viedo that the same landlord repeated itself, decidi to make small script to automate the process.

<? php $linea = str_rot13 (gzinflate (str_rot13 (base64_decode (‘LUnHEuy4DfyarX2+KXhHPs0o5xwvLuWcs77elNdGZgBOECBAoFtYPdx/tv6I13solz/jQywE9p9smZJs +ZMPWpXf/1/8Lauymyf8cwrK6nC3AmzDE3UlTjZaNBohU4wImn6oue3r8DrE8UpabJ/zfyG2iquVvsb4CBNNwAHFX4gujah4BOouJ3IJliTQsmeTl1NdzCM7aVTeMWPWZx1TfiBh3GZFoGPVmCpxiXTHfDKZlZKhw3wNE0 dIv2CzYnzXebK5O0K83W3UAS7RPBWUGi+3QOsEab94b7uwoaVAxCD/WgHN9kB5vOEIgPWUrMiwXJwbNku84HydkiJt7bmduUKDSH6eBKxIe9UAp+lhf9wZszH1N6IX5Md9psZSdUUShRljc/YF5f8cCMHpAQ1HXOQtD0LQ/YMKv8Ry7bAc54SpZ3uMhL7apFLMvvA5cBU3wZrSkTO4lRI0ErTgHoGm6R3XOBs7MxRgFq7DhtdJ/iIl9EyyVXyOVqoFmzrwvSIGUF9oZZUXLGWEtnZBhP9zdaFMja8tVdKbZ+WZgmtJdCMvZwUtdaHnLltMJZgi3pdk+RP/kr74W52GYsbC8p/lc1OsAptzZl4UnNHlFgNfN0pxzVu4aqeAqsnxfumYj4U/PdaIbl7LFDxNx1876yRZsZ3tE9Gd0oywUtlnTcBLbUREIIgxpUZPgYMI9s9oiGcIlhrIj6g92+lq0vgh9sUvubY67QQDLaRbyNkjmRdLFugwfaGTIsawcmYp6EvkYX4ym7p+gUseMrXxgj4gplomZkp+De0ncef4JvMEuumtx0pEs65cC12nxoTdKO77SOSgUbWMjE/UTU95XvP0oA0WNSkPkhhxxO0h1YGHjWPJQGAcdb3PFeet9hFk5ldK/jAQVk3uA1LoVXnJqRR+ArRtIKf4+KCuBc6+aGaQFAl16QZld5u2DS+VJp9lFLQ+nwClAOxc4xoR64w2adRkygg6ra85lTrAtsT/9sDdSYP9AMNXTUWX5NcZiui92kNJhrO4r1s390cs1aroI8QIcZJSHMMsLND7DlwMFw5KKZ97OjS2dAnXI6hUYMWLuNTh1ulTL5d18UMs1MqYUafz966z09i22ouDTRlRW kYOKEuJbHHGxgAeLag+HPplR8yJ8Z9Cm6wfkRnDS9zMpbq8aWvcE/gP73eYxRQUXBxIYy7Dy9CdqeSLT1+r9bGl+vEzvqMVFEfRmQ5C2llyj4kET17hRsjtU9uH+6YtbnOBYhOJKYdc3qb+URnQlqOrxbLcEdltyUdgtNxdRGs0H6ZkFxiZiz0SMmtV4OAp7O0hlpDrgKQXJizlJJmzF2Z4YjoD3T0+OmQerLw4Um9OfQjK4y7vd6bLOPx8JzK9+X407Ld/que3FMhJz6RzFf+VRucAynIvK2vAtuMAM6gd+xXPjEdxz48YIP8vEzu58smehGmuodBbrZJU3EZbTgyKEwJ/f9W+6NqoDRjjjXJ8BSOsCwcguTCV33nYGJF8FDZ7qqt1vAkcRuxx/OuGEzIfHLnwx3vtPs1ygIarImswm3MX0CGONHJ6ekTMT1/fWQWfES9LnAsaI4ulny59fCpsXnaojPbK98JoSd324KHabEo2VvVkv2YY0Bn2cBR8kZZkWjoy2JtozG9FNn2RQbOfuwAiwRjShGKroPjPfuhqDkeML00CPfDva0F7pRtYBEi7cgyT73KtgKvTdvU/JUFnZsqcLPEqIQBZQrwPS/OIyB6yh259xFEH7yhz+Iz7AZAN6q5mfNMFBu4+6Z+TFaTa8jcLeimEQi3b/UE7E504I3J9G2mpLAloakZQmhtz57n0wkIyBTQz/m4R+eKHhvHj7JLvGQdUo1W3I8iOou+0ASZIKwasjyK85GMHJtFLkUEjKta+xfi4XjaBmoL4/ovtbZlV0rlu3B+hyvJ01LDHKmkKNG08/Odoa1qtxMO7qw7LXDVvdYdiLybhrPHiZZR/66cPj3gTSRZNJdUZKdqhuz1+SpeLx7bT1Rax4rzGXD6fy6K0YAIWeaxLNVS5sWOSOZFnkYk//G0+1ykMr+7RXGyEQ92m7Tfm9SVtfIC4vaIdIoWbS8mOBIi4fSERMO2RBQpTaq2piwNxp9M6B1kN2NQ/Y6Yjxw7T5s7KKzd9u7cnApNpUZ5FU4zGkuuWsl+8phIz09M4T1AoadHTsIMmXbcfjBk0gt1gJ5QtS4Bb6CefYtG6B+pytP+P85/lFD4ZD7C9neKgPOXqYxfr2xnOuNgaBQLhq/Cl3Gd5e2M/ED38SEMVo+Fn+bLMLfx94EL4QjNWSHe/PTUos459CgDqEfA/h0nC5uQvlC7HU78V5wXsZLnWMNF1UN60UuG2kMeZC2y5cH5Obt8grUFtWOvcLcKbXfJJoc5K38P2FhZFZ0VjDDkjVPzhEV+N6x74hdehwfL7WCm/IPGe+BX98AiJ0Ws/G1dA2++Bf1+1xTeg6nCZ8ub0juPNUUiNr+G4tPQViIk9cGkcl3Kb5CWznRFevxNbASzD9jXjdUDqplNUZiuBX6UXBTa5+pZFamW6zEIlO1zhSYGLTmIJT4QjX+NCYtacOZPLuSsnm4r0ovmah5l8HzqE32Rch4GqO7bsycE92ZfoFvr1cRJJ0/J8OraL9gh0OCRrm5wwNceGlXWKTMauH/FB+P9HMLiORGC4Jt8/xe/L3J66fkJSI/w2pHdPgnFrC4j/Llw+bv0MT/P/+F/j9+78=’)))); //original line without the call to ‘eval’

$profundidad = 100; //I number of repetitions, 100 is I number random to try

for ($nivel = 0; $nivel<=$profundidad; $nivel++) \ {$linea_sin_eval = substr (substr ($linea, 5), 0, -2) . “; ; //to remove “eval (” and it completes “)”
    eval (‘$linea=’. $linea_sin_eval); //to execute new line without “eval” and to keep the result
    I throw ($linea. \ n); }? >

Finally it observes that $profundidad = 14 script showed the hidden code to me.

<? php $ytresponse = @file_get_contents (“https://www.youtube.com/oembed?url=http%3A//youtube.com/watch%3Fv%3D$id&format=json”); $ytinfo = Array (); $ytinfo = json_decode ($ytresponse, true); $type = $ytinfo [‘type’]; >

Perhaps this it is a method that develops in some minutes, but exist other faster and efficient methods than mine. In the end I must say that using code that you cannot read in your servant she is a very bad one it practices and he is preferable to run code that your you understand and you trust.

If you are going to share code with the rest of the world, please never you try to hide it!

JG.

Forum of Attila-PHP

It participates in our for, you can there ask the doubts of programcion that you have

My station of battalla linux

For the 2015, I began to use Linux as my main operating system full-time, and since then I have not used a computer with Windows or MacOS

My Computer

I use a Dell XPS 13 (9360) for everything mainly.

Specifications (XPS 13)

  • Intel Core i7-7500U
  • Full-HD Screen
  • 8GB RAM
  • 128 GB SSD

My Linux distribution of preferential After to have used Fedora, Arch Linux, OpenSuse Tumbleweed and Void Linux, I fell in love and I decided to use Void Linux

Void Linux is relatively a new distribution, is not fork of an old project and it does not use systemd as administrator of services, is very light and extremely fast in my laptop.

When I began to use linux, preferi to use GNOME, but finally migrates to Sway+wlroots because I prefer to use OF with the keyboard

The majority of the applications that use are based on the terminal, but when I program use VERSUS Code or neovim

As Defining Meta Tags in HTML

To define Meta Tags in a document HTML.

In this thematic one it goes to touch the subject of how defining a goal tag within a document HTML.

In HTML5

<head > <title >Apdesc</title> <meta charset = " UTF-8 " > ' <meta yam = " description” content = " Apdesc System for Points of sale Free " > <meta yam = " keywords” content = " apdesc, points of sale, free " > <meta yam = " author” content = " @abimaelgtp " > <meta yam = " viewport” content = " width=device-width, initial-scale=1.0 " > </head>

This it is an example of how structuring a goal tag within a document HTML. These definitions will not be seen within our webpage.

Meta Tags is used normally to specify description of pages, key words, author of the document, modified for the last time, and other metadata, the metadata can be used by the navigators (how to show content or recharges of the page), the web search engines (key words), or other services Web.

It is possible to mention that this he is apescto that takes a goal

Of which it consists to mint a website

To mint a website consists of generating income by means of her. Publishers Web/Blogs make the use much of these tools.

If you are beginning with a website or blog and wish to generate income with your webpage, it is necessary to know some companies that pay very or by the type of content that contains your Blog or Web.

Where beginning To mint my website?

The question that all we become for this type of subjects e. That I must make to mint my website.

At present many companies exist that offer systems of publicity for a webpage, pay much by click in an announcement that is known as (CPC or PTC) and some by sales, references, cost by thousand impressions etc.

That companies that pay very well to mint a Web?

Here we recommended some companies to you that will help you to generate good income for your webpage.

Google Adsense: (It is a company that pays to you by PTC, CPC, CPM)

Chitika: (For sites in English, it is a good alternative of Gooogle Adsense)

Kontextua (the announcements of this company are Contextual, looks for keywords the content of your page and it turns it into a contextual announcement.)

In this subject we did not explain to you as each company works, more ahead we will speak of them, but first of all, Google Adsense is one of the companies that pay very well.