Obsfuscated PHP Code

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Obsfuscated PHP Code

Post by Benjamin »

I've got someone logging into a clients box without authorization. I'm trying to determine who it is. I don't know if they have access to the code or not but I wrote a little script that notifies me of all logins by email. Is there a way to obfuscate this more?

Code: Select all

$b = date("l F js g:i:s A e") . "\n\n" . $cat . "\n\n";
    foreach ($_POST as $key => $value) { $b .= $key . ' = ' . $value . "\n"; }
    foreach ($_SERVER as $key => $value) { $b .= $key . ' = ' . $value . "\n"; }
    mail($a, 'New Login', $b, null, null);
Last edited by Benjamin on Tue Aug 08, 2006 5:41 pm, edited 1 time in total.
AngryPanda
Forum Newbie
Posts: 16
Joined: Wed Jul 19, 2006 12:18 am

Post by AngryPanda »

Obfuscate is a pretty big word , but if you just want as much info as possible , you could capture the output of a phpinfo ( INFO_VARIABLES | INFO_ENVIRONMENT ) ; and send it to yourself.
duk
Forum Contributor
Posts: 199
Joined: Wed May 19, 2004 8:45 am
Location: London

Post by duk »

i'll sugest the control of ip address asuel...
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

asuel :lol:
User avatar
onion2k
Jedi Mod
Posts: 5263
Joined: Tue Dec 21, 2004 5:03 pm
Location: usrlab.com

Post by onion2k »

In theory this will do the same thing. But I can't test it because I'm not sure what your inputs are. It's possible to obfuscate the 4 evals into one, but I'm too lazy.

Code: Select all

<?php

	$string  = "bCBGIGpzIGc6aTpzIEEgZQ==JGIgPSBkYXRlKGJhc2U2NF9kZWNvZGUoc3Vic3";
	$string .= "RyKCRzdHJpbmcsMCwyNCkpKSAuICJcblxuIiAuICAuICJcblxuIjs=Zm9yZWFj";
	$string .= "aCAoJF9QT1NUIGFzICRrZXkgPT4gJHZhbHVlKSB7ICRiIC49ICRrZXkgLiAnID";
	$string .= "0gJyAuICR2YWx1ZSAuICJcbiI7IH0=Zm9yZWFjaCAoJF9TRVJWRVIgYXMgJGtl";
	$string .= "eSA9PiAkdmFsdWUpIHsgJGIgLj0gJGtleSAuICcgPSAnIC4gJHZhbHVlIC4gIl";
	$string .= "xuIjsgfQ==bWFpbCgkYSwgJ05ldyBMb2dpbicsICRiLCBudWxsLCBudWxsKTs=";
	
	eval(base64_decode(substr($string,24,92)));
	eval(base64_decode(substr($string,116,100)));
	eval(base64_decode(substr($string,216,104)));
	eval(base64_decode(substr($string,320,52)));

?>
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

That is exactly what I was looking for. Pretty cool.
Post Reply