Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto rjJoj; l5p8t: $variable = str_replace("\143\x68\141\154\154\145\x6e\147\x6..
Decoded Output download
<?php
goto rjJoj;
l5p8t:
$variable = str_replace("challengefox", '', $variable);
goto MGxdQ;
lIReG:
function echec()
{
goto jCY0w;
Dm3Uc:
source();
goto pj4hI;
jCY0w:
echo "Echec. <br />";
goto Dm3Uc;
pj4hI:
exit;
goto gPDe0;
gPDe0:
}
goto lbiZM;
bOncl:
if ($variable === "challengefox") {
echo "- Si ce texte apparait, tu valide la premiere etape! <br>";
if (isset($_GET["challenge_fox"])) {
echo "- Deuxieme etape valide! <br>";
if (hash("md2", $_GET["variable2"]) == "0") {
echo "- Troisieme etape valide! <br>";
if (hash("sha1", $_GET["variable3"]) == $_GET["variable3"]) {
echo "- Okay, voici le flag : " . $secretflag . "<br>";
}
}
}
}
goto nKESF;
HVY3V:
echo "<p>Analyser le code ci dessous et trouver le moyen d afficher le flag.<p>";
goto g9hQi;
lbiZM:
$variable = $_GET["variable"];
goto l5p8t;
Oz2JG:
echo "<title>Challenge Fox</title>";
goto E0h5E;
MGxdQ:
$query = urldecode($_SERVER["QUERY_STRING"]);
goto Z_G58;
MYfqC:
function source()
{
goto nUBkJ;
pqZ02:
highlight_string(file_get_contents(__FILE__));
goto P9KZ3;
nUBkJ:
echo "<br><code>";
goto pqZ02;
P9KZ3:
echo "</code>";
goto NTzIV;
NTzIV:
}
goto lIReG;
E0h5E:
echo "<b>Challenge Fox</b>";
goto HVY3V;
Z_G58:
if (preg_match("/ |_/", $query)) {
echec();
}
goto bOncl;
g9hQi:
echo "<br><HR><br>";
goto MYfqC;
rjJoj:
include "flag.php";
goto Oz2JG;
nKESF:
source(); ?>
Did this file decode correctly?
Original Code
<?php
goto rjJoj;
l5p8t:
$variable = str_replace("\143\x68\141\154\154\145\x6e\147\x65\146\x6f\x78", '', $variable);
goto MGxdQ;
lIReG:
function echec()
{
goto jCY0w;
Dm3Uc:
source();
goto pj4hI;
jCY0w:
echo "\x45\143\x68\x65\143\x2e\x20\74\x62\x72\40\57\76";
goto Dm3Uc;
pj4hI:
exit;
goto gPDe0;
gPDe0:
}
goto lbiZM;
bOncl:
if ($variable === "\143\x68\141\x6c\154\145\156\147\145\146\157\x78") {
echo "\x2d\x20\123\x69\40\143\145\x20\x74\x65\170\164\x65\x20\x61\x70\x70\x61\x72\x61\151\164\54\x20\x74\165\40\166\x61\154\x69\x64\x65\40\x6c\x61\x20\160\x72\x65\x6d\151\x65\162\x65\40\x65\x74\141\x70\x65\41\40\74\x62\x72\76";
if (isset($_GET["\143\150\x61\x6c\154\x65\x6e\147\x65\137\x66\157\x78"])) {
echo "\x2d\x20\104\145\165\x78\151\x65\155\x65\40\145\x74\141\160\145\x20\x76\141\154\x69\x64\145\41\x20\x3c\x62\162\x3e";
if (hash("\155\x64\x32", $_GET["\x76\141\x72\151\141\x62\x6c\x65\x32"]) == "\60") {
echo "\55\x20\124\x72\x6f\151\163\x69\x65\155\145\x20\145\164\141\160\x65\40\166\x61\x6c\151\x64\145\x21\x20\74\142\x72\x3e";
if (hash("\x73\x68\141\x31", $_GET["\166\x61\x72\x69\141\x62\154\145\x33"]) == $_GET["\x76\x61\x72\151\141\142\154\145\63"]) {
echo "\55\40\x4f\153\x61\171\x2c\40\x76\x6f\151\x63\151\40\154\145\x20\146\154\x61\147\40\x3a\x20" . $secretflag . "\74\142\x72\x3e";
}
}
}
}
goto nKESF;
HVY3V:
echo "\74\x70\x3e\x41\x6e\x61\x6c\171\x73\x65\x72\x20\154\x65\x20\143\157\x64\145\40\143\151\40\x64\x65\x73\x73\x6f\x75\163\x20\145\x74\x20\x74\x72\157\165\166\145\x72\x20\x6c\145\40\x6d\x6f\x79\x65\x6e\40\x64\40\x61\x66\x66\x69\x63\x68\x65\x72\x20\x6c\x65\x20\x66\154\141\x67\x2e\74\160\76";
goto g9hQi;
lbiZM:
$variable = $_GET["\166\141\x72\x69\141\142\154\145"];
goto l5p8t;
Oz2JG:
echo "\x3c\164\151\x74\154\145\76\x43\x68\x61\154\154\145\156\147\x65\40\x46\157\x78\x3c\x2f\164\151\x74\154\x65\76";
goto E0h5E;
MGxdQ:
$query = urldecode($_SERVER["\x51\x55\x45\122\x59\x5f\123\x54\122\x49\x4e\x47"]);
goto Z_G58;
MYfqC:
function source()
{
goto nUBkJ;
pqZ02:
highlight_string(file_get_contents(__FILE__));
goto P9KZ3;
nUBkJ:
echo "\x3c\x62\162\76\x3c\143\x6f\144\145\76";
goto pqZ02;
P9KZ3:
echo "\74\x2f\x63\157\144\145\76";
goto NTzIV;
NTzIV:
}
goto lIReG;
E0h5E:
echo "\74\x62\x3e\x43\150\x61\154\154\x65\x6e\x67\x65\40\106\157\x78\74\x2f\x62\76";
goto HVY3V;
Z_G58:
if (preg_match("\x2f\x20\174\137\x2f", $query)) {
echec();
}
goto bOncl;
g9hQi:
echo "\74\142\x72\76\x3c\110\x52\76\x3c\142\162\76";
goto MYfqC;
rjJoj:
include "\146\x6c\x61\147\x2e\160\150\x70";
goto Oz2JG;
nKESF:
source();
Function Calls
None |
Stats
MD5 | a81aeb75bff1539c23295ae62f05d0d7 |
Eval Count | 0 |
Decode Time | 43 ms |