Some premium wordpress theme that we purchase often deliberately offered with Bytecode encoding by the developer (PHP files), examples are premuim wordpress theme that I got this.
Examples of my wordpress themes contained Bytecode decoding, for instance:
<?php $ _F=__FILE__$ _X='Pz48P3A5cA0KDQo3dW5jdGlvbiAwcHQ5M20zc25vMF9zM3R0aW5ncygkazN5KSB7DQoNCglnOG9iNTggJHMzdHRpbmdzOw0KDQoJMjN0dTJuICRzM3R0aW5nc1skazN5XTsNCg0KfQ0'eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIo........................
base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCdqd3ZhcmhlZmw4NzM5MjU0MDYnLCc2MDQ1MjkzNzhsZmVocmF2d2onKTskX1I9ZXJlZ19yZXBsYWNlKF9fRklMRV9fLCRfRiwkX1gpO2V2YWwoJF9SKTskX1I9MDskX1g9MDs=')) ?>
With Bytecode encoding implies it can not if we want to change the layout of a function or a specific element of the code of this theme, even if we've paid for it, we can not.
Naturally this is a bit frustrating, but it is attainable to reverse engineer the file as follows to make the modifications you require. I myself need to have two days to discover a way on the web. And here I will share with you now.
Right here are the methods you want to do to modify the PHP function that is secured by encoding Bytecode:
- The 3 element components
$ _F=__FILE__
$ _X='a-string-of-text-and-numbers'
eval(base64_decode('a-string-of-text-and-numbers')
These components are as follows:
$ _F - a holder to do the ereg_replace of the obfuscater code with the unencryption keys
$ _X - the encrypted PHP code
eval(base64_decode() - the decryption code for $ _X
- Receiving the decryption code
In our case above this would be:
echo(base64_decode(‘a-string-of-text-and-numbers’) and this offers us the decryption code for the principal $ _X values
$ _X=base64_decode($ _X)$ _X=strtr($ _X,'123456aouie','aouie123456')$ _R=ereg_replace('__FILE__',"'".$ _F."'",$ _X)eval($ _R)$ _R=$ _X=
If we break this apart into it’s core lines we have:
//decode our principal string with base64_decode
$ _X=base64_decode($ _X)
//replace obfuscater characters in the result with the appropriate ones
$ _X=strtr($ _X,'123456aouie','aouie123456')
//replace the contents of $ _R with our unencrypted file/PHP code
$ _R=ereg_replace('__FILE__',"'".$ _F."'",$ _X)
//run the contents of the unencrypted file/PHP code
eval($ _R)
//clear the contents of $ _R so you can't access it
$ _R=
//clear the contents of $ _X so you cannot access it
$ _X=
- Decrypting the encoded code
So now we just need to run the decryption code as far as it replacing the contents of $ _R with the un-encrypted result, and echo that out to the screen.
- Here’s the code:
//decode our principal string with base64_decode
$ _X=base64_decode($ _X)
//replace obfuscater characters in the outcome with the correct ones
$ _X=strtr($ _X,'123456aouie','aouie123456')
//replace the contents of $ _R with our unencrypted file/PHP code
$ _R=ereg_replace('__FILE__',"'".$ _F."'",$ _X)
//print the contents of the unencrypted file/PHP code
echo($ _R)
- Final code
<?php
$ _F=__FILE__
$ _X='a-string-of-text-and-numbers'
$ _X=base64_decode($ _X)
$ _X=strtr($ _X,'123456aouie','aouie123456')
$ _R=ereg_replace('__FILE__',"'".$ _F."'",$ _X)
echo $ _R
?>
Accomplished.. And we can now make the modifications we need to have. 
NOTE: The use of this article is not my responsibility, but entirely your personal duty
Title: Step editing PHP Function that uses Encode Bytecode
Rating: 910109 Votes
Rating: 910109 Votes
Posted by:
Admin Updated at: 5:39 AM
0 comments:
Post a Comment