Since I was just dealing with an encrypted footer.php file for the theme I use, I thought I would post how to decode encrypted Php files. This took me a few hours to find a source that actually worked. The most common way to decode a file is to create three files, decrypt.php, encode.txt, and decode.txt, to bad this didn’t work for me, and time consuming trying to figure out why it didn’t work. So as a result I found an easier way to get the information from encrypted php files.
I am posting this for legal use, if you use this for illegal use, keep it to yourself, because that’s not the reason I am putting this on here. I am posting it to keep WP theme creators honest, and not loading up the footer with links to webpages you do not support. In the case of this theme, they had lots of links to online casino and gambling websites. I have no problem keeping a link on my page to the theme creators website and Wordpress.org, but anything else is pushing it.
Update - Try this method before proceeding to the code below. Change the php encrypted code from eval to Echo and then open the file in a browser, when the page comes up, goto view, page source, and this should be the exact code for the encrypted information. If this did not work, then try the code entered below.
Note: If the code is $_F=__FILE__;$, this is another type of encoding that will not work with this code, it is encoded using Source Cop.
This is the easiest way I found to get the encoded information
Copy this code into notepad, or whatever editor you prefer to use.
<?php
$a = ‘Copy the encrypted code here’;
function a($a){ return gzinflate(base64_decode($a));}
while(!$b){
if(substr($a,0,4) == ‘eval’ || !$count){
$a = a(str_replace(Array(’eval(gzinflate(base64_decode(\”,’\')));’),”,$a));
$count++;
}else
$b = true;
}
echo $a;
?>
Now you want to copy the encrypted code after the 2nd line from the top where it says $a=’
Note: You want to copy everything between - <?php eval(gzinflate(base64_decode(’ and ‘)));?> Everything between ‘ and ‘.
Example of how it should look.
<?php
$a = ‘lVJNT8MwDD3TX2HCZUi0FVdIM8EEAgkJhKZxnLLWXSK1cUjSVfDrS
dvxJeBATo797Pf8MRcJr/QOdFWwmiigYyI5gPgSAG4Fr8kE8PoVC3bKoJZl
NFboKmnkCVw4LZsTuMFmh0GX0eOl8alHp2smHqhHhxVsXoBLUA7rgqk
Q7Fme9+Qq69D7zDpisLxd3l0V7NohwtN7CJYKW/Rsr6GkhlzBjhbjY+ITlw
xyJzDPB6zguRQZLBzKEPkvf+Hv+2wr202DijqPWUnth4qVLGXQZOARTZD
NnwLuTaMNTuwL6bWhb+yXjrqtCr92H9l7G0bFdex5oM8ZBB2aON3/D+B
H7x+m3S+TH6Yp8LlVFrBUBFsMa9O16+curgr97Pgc5gL2v2yPDLpFt/aB7
Ox0AngsyVQRkKZi6PuA5/F4xFj9aDqfMZR89XdG79B5hEzVGNcxAUaG3q
6nrNlxLD+kbah6iSeZq9A2YgQl8AY=’;function a($a){ return gzinflate(base64_decode($a));}
while(!$b){
if(substr($a,0,4) == ‘eval’ || !$count){
$a = a(str_replace(Array(’eval(gzinflate(base64_decode(\”,’\')));’),”,$a));
$count++;
}else
$b = true;
}
echo $a;
?>
Now save the file as run.php, and upload it to your website. Now you want to type in www.yourdomain.com/run.php
You will get a page with the code decrypted. Now you want to go to View then pagesource and you will see the code that is used to create the page, Php database calls, divs, etc. In the case of my Wordpress theme, I just open up footer.php and deleted all the code, and pasted in the code I copied from Page source, and then proceeded to remove the links to Casinos, banks, porn sites, etc.
20 Comments
Great stuff. I don’t like those kind of wp-theme creators who lock their php code too. Thanks for sharing this
___________
Daniel
[Reply]
Trying to keep the Theme creators honest, but in my case the theme for this website had some fairly unsavory outbound links. Luckily I had a few hours to spend to get rid of them, even though I prefer to do other things with my time.
[Reply]
Can you paste the entire code you are trying to decrypt, everything from < ?php to the end ?>, to the Howbits Forum, Blogs and website General section. http://forum.howbits.com
[Reply]
Please Help….! to decode this php code
[Reply]
Can you post on the http://forum.howbits.com ?
[Reply]
Djames, you’re awesome!
I visited the howbits forum and your response to user “qtx” worked for me! I mean, I used the same footer.php you decoded for him and it worked for my WP theme. I suspected it was made by the same author because it had these links to ‘free degrees’ and other links, just like qtx theme, and both themes are very similar.
Just wanted to say … thanks!
[Reply]
Hey brett, can you post that on http://forum.howbits.com , posting it on the comments causes it go way off screen.
[Reply]
I used your formulas to remove some very annoying links.
Thanks for the help.
[Reply]
hey thanks for the help. of course i am only using it to see the code… not to change it…
[Reply]
I need to decode this kind of code
$_F=__FILE__;$
Where do I find the help
[Reply]
Do I have to register to paste my code in the forum. Can’t find a way out.
[Reply]
Hey Djames,
I posted some code in your forum.. think you can help us out with it… the footer is over 2000 characters, we had to split it into 3 posts, and is not only slowing the blog dow but also has the sidebar2 loaded into it which we need to make changes to…
thanks again!
P.S. I tried the script above with no luck,.. i think since our encrypted file is slightly different than you example.
[Reply]
i been looking for a decoder for this script and i can’t seem to find a program or a website to be able to decode this script if someone can decode it for me that would be great thanks
*Code Truncated*
[Reply]
Post the code into forum.howbits.com, I can help you there. When you paste code into the comment section it’s get weird spacings and margins causing it to break.
[Reply]
ok .. that was awesome,,, but i am still having trouble with this code:
c5pNg+PQSWidRMpQ9c9Uf+eyJLhF9r/qv/M1l45Or+fZx8L5t47rIN6ffqxeVCaqkZYudtgV3dg
can you help me out?
[Reply]
Can you post the entire code including the < ? to the ?> right now that is a broken code and I can’t help you decode it.
[Reply]
hey mate,
I have posted the footer which I want to decode..
Please help me out. I have spent hours to find ways to decode it, but have not got any success yet.
[Reply]
Wow! Thanks for the code! It worked!!!
It feels good to customized my templates and be in control. Your tip is very well explained.
Thanks again.
[Reply]
Your welcome, if you need any more help just let me know.
[Reply]
Bless you!! It took a while but I decoded the little bastard.
[Reply]