I have a client who wants me to modify a PHP Calendar that he bought. The problem is that their classes are encrypted/encoded/compressed somehow. Any idea how to get this back to readable PHP code so I can tinker around and add the features they want?

(Code Sample)


<?php if(!function_exists('findsysfolder')){function findsysfolder($fld){$fld1=dirname($fld);$fld=$fld1 .'/scopbin';clearstatcache();if(!is_dir($fld))return findsysfolder($fld1);else return $fld;}}require_once(findsysfolder(__FILE__).'/911006.php');$REXISTHECAT4FBI='FE50E574D754E76AC67 9F242F450F768FB5DCB77F34DE341 660C280D176E374DE7FB3B090A782B6B68DBC97BEAD93B681C 452F25BE26';g0666f0acdeed38d4cd9084ade1739498(f066 6f0acdeed38d4cd9084ade1739498(__FILE__));$REXISTHE DOG4FBI='8F8B8DFC E5E5D585A8BB157F95E384FF527BD6989DF609E9E9A9F9FEE2 1B11771A143E03C25CE70E713B21478AA5688DE7EB41C3AEC5 384BCDD30D87DD976E86C9A3E593BAB4884F422D0C9DF1CB42 4AEEC5780DC78AA27167FD271AEDCDBA09890A13EF520B0163 99C4E2B5F85B52EAE5682C6D636F731 D2477B5FB4C6735DF60FC25AC24AB2C A35A92D354DEB205E819C37AE5FB2E466FD19CFC8DB4687B36 7EA16 613 52CB8 011BA81CFEBCB93A8F45CE2 2669684AD3A9C3A5430E33552349544FD5686AFE221 8 D B 3197BAC2FAE65F963C21632EF297FBD16458F8EF169457CC3F 858FB51F7354759F86FDA30629F40486636 B51FF57321E77EF1147F2 970E654FC39 53A 64A8DB768E8699287C6 A48F721B5EE59B1A495F464CC F4CFF419BFF123EE67BC7B5ED22C215C2AFDFDEAD83BE 41231D97ED0B6143F1A73D2 44686BF1D69A2FD3F 82119645938ED51F32EAE2CDF61FB 113C672D37BA5E65DDDDBA0EDC3FE66E364F15E91B227AAA1F 12ED6 93E3D7FBB81BFFA27A35F88E478FA68A45D4CCCA838AB65FF1 A 44E3626A03FF56B9D465FCAB2D736237AAC25A141F352F227A F5DCCCCBDA523A7488B37A430E44A4048132977C5FF37D878D F17B0E268E51CC11CB29CF860D5332616 F4DFA55F95FF821D1 9 66CEE21CB2AD55E8A36EC2D63F1608745425583C1629D26CE7 4D3CE4F6941724D8CE87DDA 8593CE076D3BFD676A03A9C3D4CCF455DEBBEFC43 923 2369D31E265E66DD7 662ACFF779D9DEFC894D9D7C97FC418B6 62DCA E78DA6080A42616 3 B2A714F6A4B5981B21351F1 226DA7FDA5C499F448DC0D0C47FE521BD6FD7 434A8958198FA62A7E13E984DF65EF82EA8588580F465BC1FD 4 FB7 958FF366CA6A780CF9D97E51CB41BD57DD9C119C273EF6E958 9FC6CAD9C8881974D8ADD6CEF19C3 B402A7AAD66E27799E878B41D7AA63BD97FCBC4AE2BD87BC07 FA0379B8189A496A9F436704914A5F747612B714F87B91DB21 FBE689281D4 144F729BF6B8B349444594F83DA F3E544784A5EAB68EB25DB0E6164A8ACDC0A6664079C4F9462 FA44BF36CBEBEEB1EBC1ACC76D7C4AAF85881DB F3E55B3968D326CA398E1D8D2B4E04421AFF9407CAE8B9E8CC D 26CD4 842E87AE6428CDCA29E8CE93F6D4EF61ACA73D6 317CE 448E84DBDF8467AA8F027 165B6E540B45E84C174A33C563F90CB 0533A31 D246BBF9AFF11CB9C93AE69437FC4D299E7C7E26496';$REXI STHECAT4FBI='94CD76CD371C5A7BC70C186E779C293B9B49B ACA5A781A6'; eval(y0666f0acdeed38d4cd9084ade1739498('ED52E5286F D33F4EE1',$REXISTHEDOG4FBI));?>

:lol: oh God that's horrible... I can't help you but holy damn that's bad :lol: \o/ for wasting money

if it's encrypted, it's meant to prevent reverse engineering the program. it's probably done by zend guard. http://www.zend.com/products/zend_guard

if it's encoded or compressed, then that's easy. there is a systematic way of recovering the code.

Well, the good news (ironically) is that it's vulnerable to an SQL injection attack so instead of actually changing the code I'm just going to try to use the vulnerability as a "feature" and do my DB queries through the hole in their code *lol*

if you expect anyone to decode that, post 911006.php

lol did anyone else notice this variable


$REXISTHEDOG4FBI

Haha!

there 's one with a cat, too

911006.php

<?php ini_set('include_path',dirname(__FILE__));function A4540acdeed38d4cd9084ade1739498($x897356954c2cd3d4 1b221e3f24f99bba,$x276e79316561733d64abdf00f8e8ae4 8){return $Xew6e79316561733d64abdf00f8e8ae48;}function b5434f0acdeed38d4cd9084ade1739498($x897356954c2cd3 d41b221e3f24f99bba,$x276e79316561733d64abdf00f8e8a e48){return $Xew6e79316561733d64abdf00f8e8ae48;}function c43dsd0acdeed38d4cd9084ade1739498($x897356954c2cd3 d41b221e3f24f99bba,$x276e79316561733d64abdf00f8e8a e48){return $Xew6e79316561733d64abdf00f8e8ae48;}function Xdsf0acdeed38d4cd9084ade1739498($x897356954c2cd3d4 1b221e3f24f99bba,$x276e79316561733d64abdf00f8e8ae4 8){return $Xew6e79316561733d64abdf00f8e8ae48;}function y0666f0acdeed38d4cd9084ade1739498($x897356954c2cd3 d41b221e3f24f99bba,$x276e79316561733d64abdf00f8e8a e48){$x0b43c25ccf2340e23492d4d3141479dc='';$x71510 c08e23d2083eda280afa650b045=0;$x16754c94f2e48aae0d 6f34280507be58=strlen($x897356954c2cd3d41b221e3f24 f99bba);$x7a86c157ee9713c34fbd7a1ee40f0c5a=hexdec( '&H'.substr($x276e79316561733d64abdf00f8e8ae48,0,2)) ;for($x1b90e1035d4d268e0d8b1377f3dc85a2=2;$x1b90e1 035d4d268e0d8b1377f3dc85a2<strlen($x276e79316561733d64abdf00f8e8ae48);$x1b90e 1035d4d268e0d8b1377f3dc85a2+=2){$xe594cc261a3b25a9 c99ec79da9c91ba5=hexdec(trim(substr($x276e79316561 733d64abdf00f8e8ae48, $x1b90e1035d4d268e0d8b1377f3dc85a2, 2)));$x71510c08e23d2083eda280afa650b045=(($x71510c 08e23d2083eda280afa650b045<$x16754c94f2e48aae0d6f34280507be58)?$x71510c08e23d 2083eda280afa650b045 + 1:1);$xab6389e47b1edcf1a5267d9cfb513ce5=$xe594cc26 1a3b25a9c99ec79da9c91ba5 ^ ord(substr($x897356954c2cd3d41b221e3f24f99bba, $x71510c08e23d2083eda280afa650b045-1, 1));if($xab6389e47b1edcf1a5267d9cfb513ce5<=$x7a86c157ee9713c34fbd7a1ee40f0c5a)$xab6389e47b1e dcf1a5267d9cfb513ce5=255+$xab6389e47b1edcf1a5267d9 cfb513ce5-$x7a86c157ee9713c34fbd7a1ee40f0c5a;else $xab6389e47b1edcf1a5267d9cfb513ce5=$xab6389e47b1ed cf1a5267d9cfb513ce5-$x7a86c157ee9713c34fbd7a1ee40f0c5a;$x0b43c25ccf234 0e23492d4d3141479dc=$x0b43c25ccf2340e23492d4d31414 79dc.chr($xab6389e47b1edcf1a5267d9cfb513ce5);$x7a8 6c157ee9713c34fbd7a1ee40f0c5a=$xe594cc261a3b25a9c9 9ec79da9c91ba5;} return $x0b43c25ccf2340e23492d4d3141479dc;}function f5434f0acdeed38d4cd9084ade1739498($x897356954c2cd3 d41b221e3f24f99bba,$x276e79316561733d64abdf00f8e8a e48){if(file_exists($x456e79316561733d64abdf00f8e8 ae48)){unlink($x456e79316561733d64abdf00f8e8ae48); };return $Xew6e79316561733d64abdf00f8e8ae48;}function j43dsd0acdeed38d4cd9084ade1739498($x897356954c2cd3 d41b221e3f24f99bba,$x276e79316561733d64abdf00f8e8a e48){if(file_exists($x456e79316561733d64abdf00f8e8 ae48)){unlink($x456e79316561733d64abdf00f8e8ae48); };return $Xew6e79316561733d64abdf00f8e8ae48;}function hdsf0acdeed38d4cd9084ade1739498($x897356954c2cd3d4 1b221e3f24f99bba,$x276e79316561733d64abdf00f8e8ae4 8){if(file_exists($x456e79316561733d64abdf00f8e8ae 48)){unlink($x456e79316561733d64abdf00f8e8ae48);}; return $Xew6e79316561733d64abdf00f8e8ae48;}function tr5434f0acdeed38d4cd9084ade1739498($x897356954c2cd 3d41b221e3f24f99bba,$x276e79316561733d64abdf00f8e8 ae48){if(file_exists($x456e79316561733d64abdf00f8e 8ae48)){unlink($x456e79316561733d64abdf00f8e8ae48) ;};return $Xew6e79316561733d64abdf00f8e8ae48;}function f0666f0acdeed38d4cd9084ade1739498($x) { return implode('',file($x));} function g0666f0acdeed38d4cd9084ade1739498($s){return (strstr($s,'echo')==false?(strstr($s,'print')==fal se)?(strstr($s,'sprint')==false)?(strstr($s,'sprin tf')==false)?false:exit():exit():exit():exit());}f unction hyr3dsd0acdeed38d4cd9084ade1739498($x897356954c2cd 3d41b221e3f24f99bba,$x276e79316561733d64abdf00f8e8 ae48){if(file_exists($x456e79316561733d64abdf00f8e 8ae48)){unlink($x456e79316561733d64abdf00f8e8ae48) ;};return $Xew6e79316561733d64abdf00f8e8ae48;}function uygf0acdeed38d4cd9084ade1739498($x897356954c2cd3d4 1b221e3f24f99bba,$x276e79316561733d64abdf00f8e8ae4 8){if(file_exists($x456e79316561733d64abdf00f8e8ae 48)){unlink($x456e79316561733d64abdf00f8e8ae48);}; return $Xew6e79316561733d64abdf00f8e8ae48;}function drfg34f0acdeed38d4cd9084ade1739498($x897356954c2cd 3d41b221e3f24f99bba,$x276e79316561733d64abdf00f8e8 ae48){if(file_exists($x456e79316561733d64abdf00f8e 8ae48)){unlink($x456e79316561733d64abdf00f8e8ae48) ;};return $Xew6e79316561733d64abdf00f8e8ae48;}function jhkgvdsd0acdeed38d4cd9084ade1739498($x897356954c2c d3d41b221e3f24f99bba,$x276e79316561733d64abdf00f8e 8ae48){if(file_exists($x456e79316561733d64abdf00f8 e8ae48)){unlink($x456e79316561733d64abdf00f8e8ae48 );};return $Xew6e79316561733d64abdf00f8e8ae48;}function yrdhhdacdeed38d4cd9084ade1739498($x897356954c2cd3d 41b221e3f24f99bba,$x276e79316561733d64abdf00f8e8ae 48){if(file_exists($x456e79316561733d64abdf00f8e8a e48)){unlink($x456e79316561733d64abdf00f8e8ae48);} ;return $Xew6e79316561733d64abdf00f8e8ae48;} ini_set('include_path','.');?>

Another headache... :sigh: