Para themes que empiezan con $o=
Usar este sitio:
http://ottodestruct.com/decoder.php
Hay que pegar el texto indicado en rojo aquí:
<?php $o="encrypted text";eval(base64_decode('rubbish'));return;?>
El texto se pega sin espacios, sin comillas y cada bloque tiene que terminar en ‘==’ (sin comillas), si no termina con ello simplimente incluirlo.
Para el resto:
Hopefully this will help some people, and avoid posts to the forum about encrypted theme files. Use these tools to decode them yourself.
Better yet, avoid encrypted themes entirely. They're always malicious in some fashion. There is no legitimate reason for a theme author to encrypt a theme file.
This page will let you decode the encryption that seems most commonplace, the one that looks like $o=whatever:
http://ottodestruct.com/decoder.php
I based the interface for it off of this one, which will decode the type of encryption that starts with $_F=__FILE__:
http://www.tareeinternet.com/scripts/byterun.php
Another one is here, for those that look like eval(gzinflate(base64_decode('...')));:
http://www.tareeinternet.com/scripts/decrypt.php
This site supports a whole lot of different decoding methods, and he's adding new ones all the time. All you have to do is upload the encoded file and it spits out the decoded one:
http://cyko.decodethe.net/
(Yes, I know they're not really "encrypted", they're obfuscated. Semantics.)
No comments:
Post a Comment