Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php // hmm, want a flag? ? ? flag{iknowhowtoreadsource} // note remove: FOR PRODUCTI..

Decoded Output download

<?php
// hmm, want a flag? ? ?  flag{iknowhowtoreadsource}
// note remove:  FOR PRODUCTION REMOVE SRSLY DONT FORGET...
// flag in ../flag01.php
// flag in /flag02.php 
// flag in /etc/flag.txt
// cat /etc/shadow, 4 users. what are those 4 users?

function clean($v) {
     $v=str_replace("", "", $v);
     $o=$v;
     do {
        $v=preg_replace("|/\.*/|", "/", $v);
        $v=preg_replace("|^/|", "", $v);
     } while($o!=$v && $o=$v);
     return $v;
}

if(!isset($_REQUEST['file'])){
	echo "<ul>
";
	foreach(glob("*.*") as $file){
		$fn = basename(__FILE__);
		if(!stristr($file,".php")){
			echo "<li><a href=\"$fn?file=$file\">$file</a></li>
";
		}
	}
	echo "</ul>
";
} else {
	$file = $_SERVER["DOCUMENT_ROOT"] . DIRECTORY_SEPARATOR . $_REQUEST['file'];
	header("Pragma: public");
	//header("Content-Type: application/force-download");
	//header( "Content-Disposition: attachment; filename=".basename($file));
	echo file_get_contents($file);
	die();
}

Did this file decode correctly?

Original Code

<?php
// hmm, want a flag? ? ?  flag{iknowhowtoreadsource}
// note remove:  FOR PRODUCTION REMOVE SRSLY DONT FORGET...
// flag in ../flag01.php
// flag in /flag02.php 
// flag in /etc/flag.txt
// cat /etc/shadow, 4 users. what are those 4 users?

function clean($v) {
     $v=str_replace("\0", "", $v);
     $o=$v;
     do {
        $v=preg_replace("|/\.*/|", "/", $v);
        $v=preg_replace("|^/|", "", $v);
     } while($o!=$v && $o=$v);
     return $v;
}

if(!isset($_REQUEST['file'])){
	echo "<ul>\n";
	foreach(glob("*.*") as $file){
		$fn = basename(__FILE__);
		if(!stristr($file,".php")){
			echo "<li><a href=\"$fn?file=$file\">$file</a></li>\n";
		}
	}
	echo "</ul>\n";
} else {
	$file = $_SERVER["DOCUMENT_ROOT"] . DIRECTORY_SEPARATOR . $_REQUEST['file'];
	header("Pragma: public");
	//header("Content-Type: application/force-download");
	//header( "Content-Disposition: attachment; filename=".basename($file));
	echo file_get_contents($file);
	die();
}

Function Calls

glob 1

Variables

None

Stats

MD5 7426849001e415b066299a12dc40c847
Eval Count 0
Decode Time 52 ms