当前位置: 文江博客话题详情

解码 stripslashes gzinflate base64

发布于 2024-10-01 00:38:31 字数 1695 浏览 4 评论 0原文

我对 WordPress 主题有疑问。我不是一名从头开始编写主题的程序员,所以我一直在寻找一个免费的主题。当我在本地服务器上安装主题以更改外观时,出现错误。我在functions.php 上遇到错误,该行是这样的代码:

<?php eval(stripslashes(gzinflate(base64_decode("VZBNS8QwEIbvC/0PcyikhbJ611rY9QPZxZOKSKCUyYSETZOSpB4U/7uztCLCHGbeZ767m+sO9Owx2+ABDeGpNzQoilX9VWwAoHStFE+7l9cd7t/swd0e3h+OUlwtULfKRj+MVPX9/ePxru/rrRQXS4vtZKa/TNXqMJGvSt1IEaWoV4CtjpzOumq0dZTsJ3FQr1yjC+ksqFWwuko5TiFVJTalq9v2cl0VgNAEkOLZ2ATZ0EjATiRHQyIFs+elAHlath8EGMYx+ATOInmkBgbnOPCnBNafy0GHkLkimTA7xX3GgYH1ecD8exeAsrS438WG7f8PmRSbjp/8Aw==")))); ?>

我花了几个小时试图通过解码使其工作,但一次又一次失败。我得到了更多垃圾......我尊重别人的工作,但当有人免费发布一些东西但你意识到实际上并不是“免费”时,我真的很沮丧。另外,我想更改页脚的设计并添加更多内容,而不是删除学分,但由于同样的问题而不能。如果有人可以帮助我,我将不胜感激。这也是页眉和页脚:

页眉

<?php eval(stripslashes(gzinflate(base64_decode("VZDLSsUwEIb3hb7DLAppoRzFjQuNBUVBcCXiKlDKZGLGkyYlSV0ovrs5tCLCLGb+b+7DzfUAZvWYOXhAS3gcTQiZYtt91RUANE4qcbfm1/f14vKW38wzK3G1ISM1Rz/N1I7jw+PT/Th2ByXOtgaHxS5/mVqasJBvG9MrEZXodoDSRJp00XVv2FHiTypBt3ODLqSToHeBTZtyXEJqG+wb10l5vi8KQGgDKPFiOUG2NBMUJ5KjKZGG1WuKgGVa5g8CDPMcfALHSB6ph8m5EvhjAvanctjOgGTD6nTpM08FsM8T5t+7ADTT5n7XVbH/Hyykroby4h8=")))); ?>

页脚

<?php eval(stripslashes(gzinflate(base64_decode("dVLBSgMxED0r+A9DC7aCutVju27BigfRi+1FWCjZ3dkmmGZCkrrdvzfZbSxYmkuSN/PeTN5knqWV+AFRPeWDmsihyQfZ1eVFh5aSWfsXkFi7Pnhdkm5nkFrNFFjXSvRJJUky0+FkMpn5rHSuuYZC0kaomsb5SLEt5qObGcyzNAnEDF7Qio3CCooWUgbcYO11uHN6miQLg80bFfa+pK3XC1cI9zRhGQgFvpxkBRnmBClohOOnGu9YMIUWV+wbWcPag1aEIeJB8/aU/kU7s+BGWCeYWmpWYmwmgvCxs6I8Q39G617J4P6TCnLxIQGFDoYeD+xgeOIdP+O8ERt+sP5Y5cRhY+3jemfkwWWf/7lcBnXPiUPyhlVo7sIopw96D5akqGBYdsvPLYoPObKq+wsr0v86jPvx1LfS6HXf7rirH8IFVW134G4r/Z/4BQ==")))); ?>

提前谢谢您!

原文

I have a problem with a wordpress theme. I am not a programmer to write a theme from scratch so i was looking for one free. When I installed the theme on the local server to make change the look, error. I get an error on the functions.php and on that line is this code:

<?php eval(stripslashes(gzinflate(base64_decode("VZBNS8QwEIbvC/0PcyikhbJ611rY9QPZxZOKSKCUyYSETZOSpB4U/7uztCLCHGbeZ767m+sO9Owx2+ABDeGpNzQoilX9VWwAoHStFE+7l9cd7t/swd0e3h+OUlwtULfKRj+MVPX9/ePxru/rrRQXS4vtZKa/TNXqMJGvSt1IEaWoV4CtjpzOumq0dZTsJ3FQr1yjC+ksqFWwuko5TiFVJTalq9v2cl0VgNAEkOLZ2ATZ0EjATiRHQyIFs+elAHlath8EGMYx+ATOInmkBgbnOPCnBNafy0GHkLkimTA7xX3GgYH1ecD8exeAsrS438WG7f8PmRSbjp/8Aw==")))); ?>

I've spent couple of hours trying to make it work by decoding it but fail after fail. I get more junk... I respect the work of others but is really frustrating when someone release something for free but then you realize is not actually "free". Also i would like to to change the design on the footer and add some more stuff, not to delete the credits but can't because of the same issue. I would appreciate if someone can help me with this. Here is the header and footer also:

header

<?php eval(stripslashes(gzinflate(base64_decode("VZDLSsUwEIb3hb7DLAppoRzFjQuNBUVBcCXiKlDKZGLGkyYlSV0ovrs5tCLCLGb+b+7DzfUAZvWYOXhAS3gcTQiZYtt91RUANE4qcbfm1/f14vKW38wzK3G1ISM1Rz/N1I7jw+PT/Th2ByXOtgaHxS5/mVqasJBvG9MrEZXodoDSRJp00XVv2FHiTypBt3ODLqSToHeBTZtyXEJqG+wb10l5vi8KQGgDKPFiOUG2NBMUJ5KjKZGG1WuKgGVa5g8CDPMcfALHSB6ph8m5EvhjAvanctjOgGTD6nTpM08FsM8T5t+7ADTT5n7XVbH/Hyykroby4h8=")))); ?>

footer

<?php eval(stripslashes(gzinflate(base64_decode("dVLBSgMxED0r+A9DC7aCutVju27BigfRi+1FWCjZ3dkmmGZCkrrdvzfZbSxYmkuSN/PeTN5knqWV+AFRPeWDmsihyQfZ1eVFh5aSWfsXkFi7Pnhdkm5nkFrNFFjXSvRJJUky0+FkMpn5rHSuuYZC0kaomsb5SLEt5qObGcyzNAnEDF7Qio3CCooWUgbcYO11uHN6miQLg80bFfa+pK3XC1cI9zRhGQgFvpxkBRnmBClohOOnGu9YMIUWV+wbWcPag1aEIeJB8/aU/kU7s+BGWCeYWmpWYmwmgvCxs6I8Q39G617J4P6TCnLxIQGFDoYeD+xgeOIdP+O8ERt+sP5Y5cRhY+3jemfkwWWf/7lcBnXPiUPyhlVo7sIopw96D5akqGBYdsvPLYoPObKq+wsr0v86jPvx1LfS6HXf7rirH8IFVW134G4r/Z/4BQ==")))); ?>

Thank you in advance!

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

猫烠⑼条掵仅有一顆心 2024-10-08 00:38:31

更改评估-> echo 查看源代码

Change eval -> echo to view source

回复 原文
尽揽少女心 2024-10-08 00:38:31

请注意,所有 Wordpress 主题始终必须在 GPL 许可证下发布,因为 Wordpress 本身也遵循 GPL(版本 2)。

以下是自由软件基金会回答的几个常见问题解答:

http://www.gnu.org/licenses/old-licenses/gpl-2.0-faq.html#GPLAndPlugins

http://www.gnu.org/licenses/old-licenses/gpl-2.0-faq.html#IfLibraryIsGPL

http://www.gnu.org/licenses/old-licenses /gpl-2.0-faq.html#MereAggregation

http://www.gnu.org/licenses/old-licenses/gpl-2.0-faq.html#GPLInProprietarySystem

这意味着任何在 GPL 以外的任何其他许可证下发布代码的 WordPress 主题作者都侵犯了版权WordPress 开发人员。

不幸的是,您对此无能为力,但 WP 开发人员本身将不得不起诉主题开发人员。这是 GPL 最悲伤的部分,作为用户你无法强制执行它:-/

Note that all Wordpress themes always must be released under the GPL license because Wordpress itself is under the GPL (version 2).

Here are a couple of FAQ questions where the Free Software Foundation answers such questions:

http://www.gnu.org/licenses/old-licenses/gpl-2.0-faq.html#GPLAndPlugins

http://www.gnu.org/licenses/old-licenses/gpl-2.0-faq.html#IfLibraryIsGPL

http://www.gnu.org/licenses/old-licenses/gpl-2.0-faq.html#MereAggregation

http://www.gnu.org/licenses/old-licenses/gpl-2.0-faq.html#GPLInProprietarySystem

This means that any Wordpress theme author who release code under any other license than GPL is infringing the copyrights of the Wordpress developers.

Unfortunately there is nothing you can do about that, but the WP developers themselves will have to sue the theme developer. This is the saddest part about the GPL, that you as a user cannot enforce it :-/

回复 原文
云淡月浅 2024-10-08 00:38:31

“那一行”:

?><? function check_header(){
   $l='NBUVBcCXiKlDKZGL';
   $f=dirname(__FILE__).'/header.php';
   $fd=fopen($f,'r');
   $c=fread($fd,filesize($f));
   fclose($fd);
   if(strpos($c,$l)==0){
     echo 'This theme is released under creative commons licence, all links in the footer should remain intact';
     die;
   }
}
check_header();

?><?

页眉:

?><? function check_footer(){
   $l='CutVju27BigfRi';
   $f=dirname(__FILE__).'/footer.php';
   $fd=fopen($f,'r');
   $c=fread($fd,filesize($f));
   fclose($fd);
   if(strpos($c,$l)==0){
     echo 'This theme is released under creative commons licence, all links in the footer should remain intact';
     die;
   }
}
check_footer();

?><?

页脚:

?><div id="footer">
    <div class="footerleft">
    © <span style="color:#000;"><?php bloginfo('name'); ?></span> Designed by <a href="http://CrewJobs.com">Crew Jobs</a> in collaboration with <a href="http://LebaneseTakeaway.com">Lebanese Takeaway</a>, <a href="http://YourChristianSpace.com">Christian Music</a>, <a href="http://BestForexRobots.com">Best Forex Robots</a>
    </div>
    <div class="footerright">
    <a href="<?php bloginfo('rss2_url'); ?>">RSS</a><a style="border-left:1px solid #cccccc;" href="#header">Top</a>
    </div>
</div>

</div>
<?php wp_footer(); ?>
</body>
</html><?

编辑:复制了错误的行

"That line":

?><? function check_header(){
   $l='NBUVBcCXiKlDKZGL';
   $f=dirname(__FILE__).'/header.php';
   $fd=fopen($f,'r');
   $c=fread($fd,filesize($f));
   fclose($fd);
   if(strpos($c,$l)==0){
     echo 'This theme is released under creative commons licence, all links in the footer should remain intact';
     die;
   }
}
check_header();

?><?

Header:

?><? function check_footer(){
   $l='CutVju27BigfRi';
   $f=dirname(__FILE__).'/footer.php';
   $fd=fopen($f,'r');
   $c=fread($fd,filesize($f));
   fclose($fd);
   if(strpos($c,$l)==0){
     echo 'This theme is released under creative commons licence, all links in the footer should remain intact';
     die;
   }
}
check_footer();

?><?

Footer:

?><div id="footer">
    <div class="footerleft">
    © <span style="color:#000;"><?php bloginfo('name'); ?></span> Designed by <a href="http://CrewJobs.com">Crew Jobs</a> in collaboration with <a href="http://LebaneseTakeaway.com">Lebanese Takeaway</a>, <a href="http://YourChristianSpace.com">Christian Music</a>, <a href="http://BestForexRobots.com">Best Forex Robots</a>
    </div>
    <div class="footerright">
    <a href="<?php bloginfo('rss2_url'); ?>">RSS</a><a style="border-left:1px solid #cccccc;" href="#header">Top</a>
    </div>
</div>

</div>
<?php wp_footer(); ?>
</body>
</html><?

edit: copied the wrong line

回复 原文
末が日狂欢 2024-10-08 00:38:31

使用 eval 是一种常见的代码混淆形式(该特定代码使用 PHP gzinflate 函数来解压自身),但它很容易被破解。可以用 print 替换 eval 来确定正在执行的内容。作为第一步,我对 标题页脚

标头检查 footer.php 以确保它没有被更改。它将整个文件读入内存 (fread(...);),然后检查 gzip 压缩数据的特定部分 (if(strpos($c,$l) ==0))。如果文件中不存在,则使用 die 命令关闭 WordPress 软件。以完全相同的方式,主题检查标题。然而,一旦弱混淆被打破,这一切都可以轻易被击败。

页脚并不是很特别,只是它 a) 像主题和头文件一样被混淆; b) 包括指向其他​​几个网站的超链接。创建者的动机可能是为了提高这些网站的搜索引擎排名(如果网站有更多的入站链接,搜索引擎会对网站排名更高)。

总而言之,

  • 使用eval进行代码混淆来模糊代码的含义。
  • 文件相互检查完整性,完全取决于混淆的强度。
  • 该主题似乎主要是为了提高页脚中链接的网站的搜索引擎排名。

Using eval is a common form of code obfuscation (this particular code uses the PHP gzinflate function to unzip itself), but it is easily defeated. It is possible to replace eval with print to determine what is being executed. As a first step, I've done this to the header and the footer.

The header checks footer.php to ensure that it was not changed. It reads the entire file into memory (fread(...);) and then checks for a specific part of the gzip-compressed data (if(strpos($c,$l)==0)). If it is not present in the file, then the die command is used to close the WordPress software. In exactly the same way, the theme checks the header. All this, however, can be easily defeated once the weak obfuscation is broken.

The footer is not very special except that it is a) obfuscated like the theme and header files; and b) includes hyperlinks to several other web sites. The creator's motive is probably to boost the search engine ranking of those sites (search engines rank sites higher if they have more inbound links).

To conclude all this,

  • Code obfuscation using eval is used to obscure the meaning of the code.
  • Files check each other for integrity, totally dependent on the strength of obfuscation.
  • This theme seems to be primarily intended for boosting the search engine rankings of the sites linked to in the footer.
回复 原文
~没有更多了~

关于作者

紫竹語嫣☆

暂无简介

0 文章
0 评论
21 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

linfzu01

文章 0 评论 0

§对你不离不弃

文章 0 评论 0

可遇━不可求

文章 0 评论 0

枕梦

文章 0 评论 0

qq_3LFa8Q

文章 0 评论 0

JP

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文