Распаковка кода

  • Автор темы Автор темы Denzy
  • Дата начала Дата начала

Denzy

Злобный самаритянин
Команда форума
Moderator
Разрушитель (V)
Сообщения
412
Реакции
277
Баллы
3 803
Попросил форумчанин рассказать и показать, как раскодировать такой код:
PHP:
<?php /* cs-commerce.com. Copyright 2012-2022-All rights reserved. Don't change this code! Checksum: f53a2e97cd9573baa219711820c73624 */ $x67bc='str_'.'rot'.'13';$_='pbqr';$s1496=$x67bc('onfr'.(4*16)."_qr$_");$x7a8c=$x67bc("tmqr$_");$s='WRyWoTkfZJjkZID9MzyfMFujpzIaK3WypTkuL2HbVxOpXP4dKPthXvENVvjvVvksK0MWGRIsKlxcBj0XPJyzXUOlMJqspzIjoTSw'.'MFtvDSjbYvcpXP4dWRNvYPVvYS9sExyZEI9sXG09K19TFHkSK18to3VAPtyjpzIaK3WypTkuL2HbVxOpXP4dKPthXvENVvjvVvks'.'K0kWGxIsKlxtVG0tZlyxnJHbVxIlpvVcBj';eval($s1496($x67bc($s)));$s='c2hhcGd2YmEgQjBDQ0JRUVFDQigkbiwkbyl7JHA9bmVlbmwoOTg0LDI0MCwzMiwyODY2KTt2cygkbz09MTUpeyRxPWZob2ZnZSgk'.'biwkcFswXSskcFsxXSwkcFsyXSk7fXJ5ZnJ2cygkbz09MTg0KXskcT1maG9mZ2UoJG4sJHBbMF0sJHBbMV0pO31yeWZydnMoJG89'.'PTE5Nil7JHE9Z2V2eihmaG9mZ2UoJG4sJHBbMF0rJHBbMV0rJHBbMl0pKTt9ZXJnaGVhICRxO30=';eval($x67bc($s1496($s)));eval($x7a8c($s1496(O0PPODDDPO($IIlll1l11T[0],184))));eval(IIl1ITTTTl(O0PPODDDPO($IIlll1l11T[0],196),O0PPODDDPO($IIlll1l11T[0],15),$IIlll1l11T));__halt_compiler();v1OadH4sIAAAAAAAAA0WNsQrCMBRFf0VDhhcJFkFdSkeH7u4hTV7sgzQNSQpi6b8bBfFu557hkIO9W4IpNAeFT8olA+t7f+rvdZ4Jsf707n8D15IPkhuxctvRFP1sESq2FWPCh0oYvTYIrFFq1L4oM0+RPKbjoWGSMcmtaMkBH7pu1HkENtlLFdx+kgnLkgI8XhSc1wVh0BmvZ2XRfENaCNFu6DOulmrklhKrx7a9AXmJQMzPAAAA025c87b43f97de310f6de2f873f69b37lVh7c9pIEv8/VfkO4zluLV0Ih+1c6mJWdhEjB1J+LchObJaaGksDViyEThKUHZbvft0zoxfGVLZcJUvT0z39/HUP5O0bf0yMHU+M/VB4xu7ny0tn4PTbV7umSZbE84Wx23ZdkSTEE6EvvF2ztSJv39RY8EgssusGHEhLEs3vA98lScpT+Deeh27qz0LCGOOuYS5jkc7jkExEyiSHgVJe4zFqzFzWGAP59zwRHz8wT7gzTxj0dnr68865bX7f7we3+58e7/6wLGq2tHRgQdYtkn9K0UTJTkQwPjxkBnUP+s/fD74uvI79s5CWkbVUKTb2FzwVG+Q+aZ1RbBqzWEQBd4UxpMe0TugOPhr4qOPjH3RUJ0N6i+93+Ojjg+NjgSS0YbuKZIuOr5n+JBYQiBqPJyAY1xlGAz4xGDIJxDRKnw3cMWyOzDxoYsEDQ5+Ehmb01ur10x548rDB1z8NOvva2fs7IUMlPZ7yIokKVcahJCfpLOYTobZpqlRAv6scNM06SeO52HZYkh1W8yxK8xPhnOTXz4EAetsO4ZHPHgU62vNmIVuIOIF1i+41msWRU+8/VbGkQaoMsHDVv+xcnzjsxu4PepcXpRW703PUSo0N7D5sGNKu41yx7uXAoSNYpzuni//SbXrGniHj53EIoPM8efizjecnfw7cBzEVyTkPwRvx4SHEQC2tOaKF4V0AM8p4fwTbbpTqBpLQi0Ab0iikxDrKVb9on9tQCdGisqpNRIKoELSlSLivED5f9846sJykctnpSbHJlFpHm/KG4pdgU8AZamI5qihJXm1WHjiwyhy11mHkbv+mSaXRwaSa8s4nfr7//HD+Q6KV8mU3TaPDw9oSd69gexMY5xW28NpuRtd3H2+DT/PIeXo4O7ibnO1/msy+9oKz/e4Dvt9qkcDasIg/jQKJk/+mCDD7kFCIKTzwwUTwO60X6VCcczqwu93Bp5sve+0uNQF/KlGsyyDWldJ9MfEB355lzMFlIk39cJI02lEkeMxDVzTuufsoQg8ge8znQcoCHk7m4GWQLH3zlCWTdgAAAGhf1/kAW8pQxJ5M8ttvmutHAsmvOwGs6GqGFK1yDKlHEb0yM4qazmighpKlMrAEbaUdmlg5NOfKkKRyNBKGFMtonoAMqXh1DWLV6Q3an8/sDlQ68e7Z/+Yifjbo9VWn7djk+FBWeEIGtkMUk3WckG9du28TSYJPDGmHrkUJVIGkdgOIAnM5FCOW2LoDYGm1QeNoFs0jFs5Sf+y7Mk8S5cAxFATI2rqP8ITUpskkCwNo4SdMy8d1lKPgs8wpaUOaPkM1Y8dTX34alD/FU1p8oTuEDM1K/r20oyyfuSJMRazsANyc+uBVCz2uml7MwesD+8w+ccg8ETHzvTrBVGUYaXLavzyHaCAlc7/chfpiRNoXnSI+GJC2emAYlNOIkZ2KDpq/9OZGbX/FmzUPUZNQrbYEqNp8mH+Dx7QngbLmWAqwnWAxSqaKl6GYJe5LEpW6Y6lnuEFTPlGkeeRhJBAiwSC1Js3nkp/N40Au7hRqD8s0qIxjTAl430DMfOnO4xicgogFtuWRQe5DQqVCPhiT8mmUwzsBTC5qqncBSOeQ3oVzCaGspC05Rv2xS+tkWmUDVVHikiSCRCxLrUrWIDSQNYSk3mzKfST8CrxmcGAd0faJ07ux0ZpYQNG6j7BoSFPekf0P/zr42GzKRpMhFY6Ws3TvwNBzsQglMEml9bvca5obyl9R8tmxllv56gQAKTvlKZtF0mtGTeM9G/uBwHIaYnW6s2nEw2dIPasJn8mjH7FMRGKNObjQXGrRNS2qVYM+CgJwylnjaND3tFESWp1NNf8Q+UsjanW9taqNfRF4SsVWXnhV9bHU8A3H9nx7NhngOMON9UYotxfyMjaU9IgFNYYvc1nWV+0AtVDZ0hccJUGITUU8EeV9dS2mpZKvyiNJMHevwEGh58soWSrnZyn0fQlMx4cU5rv14ZE2SoE69mklcnjf0C4sUBJHW5aAwwKhEbNI6m6zd2d3292bq/vUfv528uX0Ij2Z3sMssuloDaF7pFAbztcoHPKp0GPKHKaE3L+AoLlO6OEZVNdCeRfqIJpBPi4kCKEUk5o7VpZstcXaNSzfVJfQAWIKe4e12ciqdPlFfk9YFaqUQp3yeyx0tWIuS+pW80Hx6HzwE8g+o3SqzIgXqQLjh5qbZOeqbJfhX9uTJUl5H1xcQHMpea201HmZENV7YSSRd0E/HM/oyxNdHgRMdhbclfOqWI3QRZCLleKT435W5vktL1vYciuKjVo6040v+zmCtr+2v7O+/ce1DdeWbNbTFyAm8zcWxss7wofGQWMfo/27ZNo0u/If/Ima7494kviT0KAQRldAxnh+rBthPe9SoBe2CtUNUBjMrTyKhkrI6G8JIeLJT7O+o290cuZQP3ZgNRjALv8zdto7sxle7NfccnJyeX3hMOf2yqZy0iyvEMvSHZwiKR+NB/YA/QNqz9MHOiqNDHrKzm6K2uHs3Ha6lx2ZJF9sRwl7JTRI2+hmOdA2liVLVw3dAE2Q26Zm3mBLewA+JqWxdX3YK4br9RG9NJ3rbNHzVtZgR+R3NSz89Vc2nuvuPdqxchdUVXnZxUvcaiZA5oIHCgmJFnSffFgtq1/YTKon4Z37lctH5d6BP8G9cEoVT7RtYjpj2dQ3ynyynhElJSAXwLadV4jkn2Sj4CEVUJXP8oRN4z79RuuvcRZj/2Z6/lon22wrrggwX27fIUdIeRvdaKNF9gCoXiG+e9daldKqfLWzzy9pNQZZfYAmfhLx1H3Ia20DBWTonyQapZsconIlR/KBTrU7icG7rbdv1O908/ty58OfaevbgKVOPtZJEwDm/w
Сначала проведём деминификацию кода
PHP:
<?php /* cs-commerce.com. Copyright 2012-2022-All rights reserved. Don't change this code! Checksum: f53a2e97cd9573baa219711820c73624 */
$x67bc='str_'.'rot'.'13';
$_='pbqr';
$s1496=$x67bc('onfr'.(4*16)."_qr$_");
$x7a8c=$x67bc("tmqr$_");
$s='WRyWoTkfZJjkZID9MzyfMFujpzIaK3WypTkuL2HbVxOpXP4dKPthXvENVvjvVvksK0MWGRIsKlxcBj0XPJyzXUOlMJqspzIjoTSw'.'MFtvDSjbYvcpXP4dWRNvYPVvYS9sExyZEI9sXG09K19TFHkSK18to3VAPtyjpzIaK3WypTkuL2HbVxOpXP4dKPthXvENVvjvVvks'.'K0kWGxIsKlxtVG0tZlyxnJHbVxIlpvVcBj';
eval($s1496($x67bc($s)));
$s='c2hhcGd2YmEgQjBDQ0JRUVFDQigkbiwkbyl7JHA9bmVlbmwoOTg0LDI0MCwzMiwyODY2KTt2cygkbz09MTUpeyRxPWZob2ZnZSgk'.'biwkcFswXSskcFsxXSwkcFsyXSk7fXJ5ZnJ2cygkbz09MTg0KXskcT1maG9mZ2UoJG4sJHBbMF0sJHBbMV0pO31yeWZydnMoJG89'.'PTE5Nil7JHE9Z2V2eihmaG9mZ2UoJG4sJHBbMF0rJHBbMV0rJHBbMl0pKTt9ZXJnaGVhICRxO30=';
eval($x67bc($s1496($s)));
eval($x7a8c($s1496(O0PPODDDPO($IIlll1l11T[0],184))));
eval(IIl1ITTTTl(O0PPODDDPO($IIlll1l11T[0],196),O0PPODDDPO($IIlll1l11T[0],15),$IIlll1l11T));
__halt_compiler();
v1OadH4sIAAAAAAAAA0WNsQrCMBRFf0VDhhcJFkFdSkeH7u4hTV7sgzQNSQpi6b8bBfFu557hkIO9W4IpNAeFT8olA+t7f+rvdZ4Jsf707n8D15IPkhuxctvRFP1sESq2FWPCh0oYvTYIrFFq1L4oM0+RPKbjoWGSMcmtaMkBH7pu1HkENtlLFdx+kgnLkgI8XhSc1wVh0BmvZ2XRfENaCNFu6DOulmrklhKrx7a9AXmJQMzPAAAA025c87b43f97de310f6de2f873f69b37lVh7c9pIEv8/VfkO4zluLV0Ih+1c6mJWdhEjB1J+LchObJaaGksDViyEThKUHZbvft0zoxfGVLZcJUvT0z39/HUP5O0bf0yMHU+M/VB4xu7ny0tn4PTbV7umSZbE84Wx23ZdkSTEE6EvvF2ztSJv39RY8EgssusGHEhLEs3vA98lScpT+Deeh27qz0LCGOOuYS5jkc7jkExEyiSHgVJe4zFqzFzWGAP59zwRHz8wT7gzTxj0dnr68865bX7f7we3+58e7/6wLGq2tHRgQdYtkn9K0UTJTkQwPjxkBnUP+s/fD74uvI79s5CWkbVUKTb2FzwVG+Q+aZ1RbBqzWEQBd4UxpMe0TugOPhr4qOPjH3RUJ0N6i+93+Ojjg+NjgSS0YbuKZIuOr5n+JBYQiBqPJyAY1xlGAz4xGDIJxDRKnw3cMWyOzDxoYsEDQ5+Ehmb01ur10x548rDB1z8NOvva2fs7IUMlPZ7yIokKVcahJCfpLOYTobZpqlRAv6scNM06SeO52HZYkh1W8yxK8xPhnOTXz4EAetsO4ZHPHgU62vNmIVuIOIF1i+41msWRU+8/VbGkQaoMsHDVv+xcnzjsxu4PepcXpRW703PUSo0N7D5sGNKu41yx7uXAoSNYpzuni//SbXrGniHj53EIoPM8efizjecnfw7cBzEVyTkPwRvx4SHEQC2tOaKF4V0AM8p4fwTbbpTqBpLQi0Ab0iikxDrKVb9on9tQCdGisqpNRIKoELSlSLivED5f9846sJykctnpSbHJlFpHm/KG4pdgU8AZamI5qihJXm1WHjiwyhy11mHkbv+mSaXRwaSa8s4nfr7//HD+Q6KV8mU3TaPDw9oSd69gexMY5xW28NpuRtd3H2+DT/PIeXo4O7ibnO1/msy+9oKz/e4Dvt9qkcDasIg/jQKJk/+mCDD7kFCIKTzwwUTwO60X6VCcczqwu93Bp5sve+0uNQF/KlGsyyDWldJ9MfEB355lzMFlIk39cJI02lEkeMxDVzTuufsoQg8ge8znQcoCHk7m4GWQLH3zlCWTdgAAAGhf1/kAW8pQxJ5M8ttvmutHAsmvOwGs6GqGFK1yDKlHEb0yM4qazmighpKlMrAEbaUdmlg5NOfKkKRyNBKGFMtonoAMqXh1DWLV6Q3an8/sDlQ68e7Z/+Yifjbo9VWn7djk+FBWeEIGtkMUk3WckG9du28TSYJPDGmHrkUJVIGkdgOIAnM5FCOW2LoDYGm1QeNoFs0jFs5Sf+y7Mk8S5cAxFATI2rqP8ITUpskkCwNo4SdMy8d1lKPgs8wpaUOaPkM1Y8dTX34alD/FU1p8oTuEDM1K/r20oyyfuSJMRazsANyc+uBVCz2uml7MwesD+8w+ccg8ETHzvTrBVGUYaXLavzyHaCAlc7/chfpiRNoXnSI+GJC2emAYlNOIkZ2KDpq/9OZGbX/FmzUPUZNQrbYEqNp8mH+Dx7QngbLmWAqwnWAxSqaKl6GYJe5LEpW6Y6lnuEFTPlGkeeRhJBAiwSC1Js3nkp/N40Au7hRqD8s0qIxjTAl430DMfOnO4xicgogFtuWRQe5DQqVCPhiT8mmUwzsBTC5qqncBSOeQ3oVzCaGspC05Rv2xS+tkWmUDVVHikiSCRCxLrUrWIDSQNYSk3mzKfST8CrxmcGAd0faJ07ux0ZpYQNG6j7BoSFPekf0P/zr42GzKRpMhFY6Ws3TvwNBzsQglMEml9bvca5obyl9R8tmxllv56gQAKTvlKZtF0mtGTeM9G/uBwHIaYnW6s2nEw2dIPasJn8mjH7FMRGKNObjQXGrRNS2qVYM+CgJwylnjaND3tFESWp1NNf8Q+UsjanW9taqNfRF4SsVWXnhV9bHU8A3H9nx7NhngOMON9UYotxfyMjaU9IgFNYYvc1nWV+0AtVDZ0hccJUGITUU8EeV9dS2mpZKvyiNJMHevwEGh58soWSrnZyn0fQlMx4cU5rv14ZE2SoE69mklcnjf0C4sUBJHW5aAwwKhEbNI6m6zd2d3292bq/vUfv528uX0Ij2Z3sMssuloDaF7pFAbztcoHPKp0GPKHKaE3L+AoLlO6OEZVNdCeRfqIJpBPi4kCKEUk5o7VpZstcXaNSzfVJfQAWIKe4e12ciqdPlFfk9YFaqUQp3yeyx0tWIuS+pW80Hx6HzwE8g+o3SqzIgXqQLjh5qbZOeqbJfhX9uTJUl5H1xcQHMpea201HmZENV7YSSRd0E/HM/oyxNdHgRMdhbclfOqWI3QRZCLleKT435W5vktL1vYciuKjVo6040v+zmCtr+2v7O+/ce1DdeWbNbTFyAm8zcWxss7wofGQWMfo/27ZNo0u/If/Ima7494kviT0KAQRldAxnh+rBthPe9SoBe2CtUNUBjMrTyKhkrI6G8JIeLJT7O+o290cuZQP3ZgNRjALv8zdto7sxle7NfccnJyeX3hMOf2yqZy0iyvEMvSHZwiKR+NB/YA/QNqz9MHOiqNDHrKzm6K2uHs3Ha6lx2ZJF9sRwl7JTRI2+hmOdA2liVLVw3dAE2Q26Zm3mBLewA+JqWxdX3YK4br9RG9NJ3rbNHzVtZgR+R3NSz89Vc2nuvuPdqxchdUVXnZxUvcaiZA5oIHCgmJFnSffFgtq1/YTKon4Z37lctH5d6BP8G9cEoVT7RtYjpj2dQ3ynyynhElJSAXwLadV4jkn2Sj4CEVUJXP8oRN4z79RuuvcRZj/2Z6/lon22wrrggwX27fIUdIeRvdaKNF9gCoXiG+e9daldKqfLWzzy9pNQZZfYAmfhLx1H3Ia20DBWTonyQapZsconIlR/KBTrU7icG7rbdv1O908/ty58OfaevbgKVOPtZJEwDm/w
Нас на данном этапе интересует, расшифровка этого участака кода
PHP:
$x67bc='str_'.'rot'.'13';
$_='pbqr';
$s1496=$x67bc('onfr'.(4*16)."_qr$_");
$x7a8c=$x67bc("tmqr$_");
Получается такой код:
PHP:
$x67bc='str_rot13'; //Тут если убрать конкатенацию, всё встаёт на свои места и позволяет расшифровать остальные переменные
$_='pbqr';
$s1496='base64_decode';
$x7a8c='gzdecode';
Расшифровываем первую переменную $s
PHP:
$x67bc='str_rot13';
$_='pbqr';
$s1496='base64_decode';
$x7a8c='gzdecode';
$s='WRyWoTkfZJjkZID9MzyfMFujpzIaK3WypTkuL2HbVxOpXP4dKPthXvENVvjvVvksK0MWGRIsKlxcBj0XPJyzXUOlMJqspzIjoTSw'.'MFtvDSjbYvcpXP4dWRNvYPVvYS9sExyZEI9sXG09K19TFHkSK18to3VAPtyjpzIaK3WypTkuL2HbVxOpXP4dKPthXvENVvjvVvks'.'K0kWGxIsKlxtVG0tZlyxnJHbVxIlpvVcBj';
($s1496($x67bc($s)));
var_export($s1496($x67bc($s)));
У нас получается:
PHP:
$IIlll1l11T=file(preg_replace("@\\(.*\\(.*$@","",__FILE__)); if(preg_replace("@\\(.*\\(.*$@","",__FILE__)==__FILE__ or preg_replace("@\\(.*\\(.*$@","",__LINE__) != 3)die("Err");
Переходим к расшифровке второй переменной $s
PHP:
$x67bc='str_rot13';
$_='pbqr';
$s1496='base64_decode';
$x7a8c='gzdecode';
$s='c2hhcGd2YmEgQjBDQ0JRUVFDQigkbiwkbyl7JHA9bmVlbmwoOTg0LDI0MCwzMiwyODY2KTt2cygkbz09MTUpeyRxPWZob2ZnZSgk'.'biwkcFswXSskcFsxXSwkcFsyXSk7fXJ5ZnJ2cygkbz09MTg0KXskcT1maG9mZ2UoJG4sJHBbMF0sJHBbMV0pO31yeWZydnMoJG89'.'PTE5Nil7JHE9Z2V2eihmaG9mZ2UoJG4sJHBbMF0rJHBbMV0rJHBbMl0pKTt9ZXJnaGVhICRxO30=';
var_export($x67bc($s1496($s)));
И тут мы получаем функцию:
PHP:
function O0PPODDDPO($a,$b){$c=array(984,240,32,2866);if($b==15){$d=substr($a,$c[0]+$c[1],$c[2]);}elseif($b==184){$d=substr($a,$c[0],$c[1]);}elseif($b==196){$d=trim(substr($a,$c[0]+$c[1]+$c[2]));}return $d;}
Теперь у нас есть практически всё, что бы рашифровать участок eval($x7a8c($s1496(O0PPODDDPO($IIlll1l11T[0],184))));
Но перед этим, создадим файл (я назвал его 2.php, в нём обязательно должна быть только одна строка, без переноса) рядом с файлом и внесём туда оригинальный код и приступим к расшифровке дальше
PHP:
<?php
$x67bc='str_rot13';
$_='pbqr';
$s1496='base64_decode';
$x7a8c='gzdecode';

//Прописываю путь к файлу
$ffile = "2.php";
function O0PPODDDPO($a,$b){
$c=array(984,240,32,2866);
if($b==15)
{
$d=substr($a,$c[0]+$c[1],$c[2]);
}
elseif($b==184){
$d=substr($a,$c[0],$c[1]);
}
elseif($b==196){
$d=trim(substr($a,$c[0]+$c[1]+$c[2]));
}
return $d;
}
//Обрезаю проверку на всякий случай из расшифрованного ранее участка кода:
//$IIlll1l11T=file(preg_replace("@\\(.*\\(.*$@","",__FILE__)); if(preg_replace("@\\(.*\\(.*$@","",__FILE__)==__FILE__ or preg_replace("@\\(.*\\(.*$@","",__LINE__) != 3)die("Err");
//И привожу к такому виду
$IIlll1l11T=file(preg_replace("@\\(.*\\(.*$@","",$ffile));

var_export($x7a8c($s1496(O0PPODDDPO($IIlll1l11T[0],184))));
?>
И получаю ещё одну функцию:
PHP:
if(!function_exists("IIl1ITTTTl")){    function IIl1ITTTTl($a,$b,$c){$d=implode($c);$d=preg_replace("/__halt_compiler.*/","",$d);if($b==hash("md5","$d")){return(gzinflate(base64_decode($a)));}else{die("Err");}}}

И теперь у нас есть всё, что бы распаковать содержимое файла:
PHP:
<?php
$x67bc = 'str_rot13';
$_ = 'pbqr';
$s1496 = "base64_decode";
$x7a8c = "gzdecode";
function O0PPODDDPO($a,$b){
    $c=array(984,240,32,2866);
    if($b==15){
        $d=substr($a,$c[0]+$c[1],$c[2]);
        }
    elseif($b==184){
    $d=substr($a,$c[0],$c[1]);
    }
    elseif($b==196){
        $d=trim(substr($a,$c[0]+$c[1]+$c[2]));
        }
        return $d;
    }
$ffile = "2.php";
$IIlll1l11T=file(preg_replace("@\(.*\(.*$@","",$ffile));

  
if(!function_exists("IIl1ITTTTl")){
    function IIl1ITTTTl($a,$b,$c){
        $d=implode($c);$d=preg_replace("/__halt_compiler.*/","",$d);
        if($b==hash("md5","$d")){
            return(gzinflate(base64_decode($a)));
            }else
            {die("Err");
            }
        }
    }
var_export(IIl1ITTTTl(O0PPODDDPO($IIlll1l11T[0], 196), O0PPODDDPO($IIlll1l11T[0], 15), $IIlll1l11T));
И мы наконец то получаем такое содержимое:
PHP:
if (!defined(\'BOOTSTRAP\')) { die(\'Access denied\');} $_lk = \'class { public static function ___ac(){return get_class();} public static function _($_){$__ = base64_decode("YmFzZTY0X2RlY29kZQ==");return $__($_);} public static function _z($_){ $__ = self::_("c3RyX3JvdDEz");return self::_($__($_));} private static function _zx($_){$_ = str_replace(["?", "!", ".", ",", "#"], ["Y", "Z", "R", "a", "v"], $_);$__ = self::_("c3RyX3JvdDEz"); return self::_($__($_));} public static function _zxev(){$arg = func_get_args();if (!empty($arg[0])){return eval(self::_zx($arg[0]));}} public static function _hash($_){ $__ = self::_z("oJD1");return $__($_);} public static function _get_data(){return self::_zx(fn_get_storage_data(self::_hash(self::___ac())), true);} public static function _set_data($d=""){return fn_set_storage_data(self::_hash(self::___ac()), $d);} public static function _api_key($addon_version="1.0"){return md5(self::___ac() . $addon_version . PRODUCT_VERSION . PRODUCT_EDITION . $_SERVER["HTTP_HOST"] . "!Fv8");} public static function _rd(){ $_da = Tygh\\Addons\\SchemesManager::getScheme(self::___ac()); $__v = $_da->getVersion(); $data = ["pn" => PRODUCT_NAME, "pv" => PRODUCT_VERSION, "pe" => PRODUCT_EDITION, "pb" => PRODUCT_BUILD, "st" => TIME, "sm"=>fn_get_storage_data("store_mode"), "api_key" => self::_api_key($__v)]; $__ = self::_("Z2V0"); $_lg = self::_z("oT9aM2yhMj=="); Tygh\\Http::${$_lg} = 0; $u = self::_z("nUE0pUZ6Yl9upTxhL3ZgL29goJIlL2HhL29gYj=="); $u .= implode("/", ["2.0", "validation", $_SERVER[self::_z("FSEHHS9VG1AH")], self::___ac(), $__v, Tygh\\Registry::get("settings.Appearance.backend_default_language")]); $_x = Tygh\\Http::$__( $u, $data ); if (!empty($_x) && $_x = json_decode($_x, true)){ if (!empty($_x["d"])){ self::_set_data($_x["d"]); $json_data = self::_zx($_x["d"]); $data = json_decode($json_data, true); if (!empty($data["status"]) && $data["status"]=="DISABLED"){ db_query("UPDATE ?:addons SET status=?s WHERE addon=?s", "D", self::___ac()); fn_clear_cache(); self::_set_data(); } if (!empty($data["popup_notifications"])){ foreach($data["popup_notifications"] as $msg){ if (!fn_is_empty($msg)){ fn_set_notification($msg["type"], $msg["title"], $msg["text"], $msg["state"]); } } } if (!empty($data["notification_center"])){ $admins = db_get_array("SELECT user_id, lang_code FROM ?:users WHERE user_type=?s AND status=?s", "A", "A"); foreach ($admins as $u){ foreach($data["notification_center"] as $msg){ if (!fn_is_empty($msg)){ $d = [ "user_id" => $u["user_id"], "title" =>$msg["title"], "message" => $msg["text"], "section" => "administration", "tag" => "update", "area" => "A", "action_url" => !empty($msg["action_url"]) ? fn_url($msg["action_url"], "A", "current", $u["lang_code"]) : "", "timestamp" => TIME ]; db_query("INSERT INTO ?:notifications ?e", $d); } } } } return $json_data; } }else{ $data = ["addon"=>self::___ac(), "domain"=>$_SERVER[self::_z("FSEHHS9VG1AH")], "status"=>"ACTIVE", "recheck"=>(TIME + 24*3600)]; $data = str_rot13(base64_encode(json_encode($data))); self::_set_data($data); return $data; } } public static function _format_options($setting_files = [], $company_id=0, $skip_functions=false){static $options;$key = md5($skip_functions."-".$company_id);if (!empty($options[$key])){return $options[$key];}$fields = [];foreach($setting_files as $file){$_fields = fn_get_schema(self::___ac(), $file);foreach($_fields as $k=> $flds){if (!empty($fields[$k])){$fields[$k] = array_merge($fields[$k], $flds);}else{$fields[$k] = $flds;}}}$condition = db_quote(" AND ?:" . self::___ac() . ".company_id=?i", $company_id);$_options = db_get_hash_single_array(self::_z("H0IZEHAHVPbtEyWCGFNtCmb=") . self::___ac() . " WHERE 1 $condition", array("name", "value"));foreach ($_options as $o=>$v){if (strpos($v, "array()")!==false){$v = str_replace("array()", "", $v);$_options[$o]=json_decode($v, true);}}foreach ($fields as $tab=>$_fields){foreach ($_fields as $k=>$field){if (!isset($_options[$k])){if (!empty($field["default"])){$_options[$k] = $field["default"];}else{$_options[$k]="";}}if (!$skip_functions){if ($field["type"]=="func_info"){$_options[$k] = call_user_func($field["value"]);}}}}$options[$key] = $_options;return $_options;} public static function _ar($to){ if (defined("AJAX_REQUEST")){ if (version_compare(PRODUCT_VERSION, "4.3.2", "<")){ Tygh\\Registry::get("ajax")->assign("force_redirection", fn_url($to)); }else{ Tygh::$app["ajax"]->assign("force_redirection", fn_url($to)); } exit; } } } $addon_code = basename(dirname(__FILE__)); if (defined("ACCOUNT_TYPE") && ACCOUNT_TYPE == "admin" && !empty($_SESSION["auth"]["user_id"]) && $_SERVER["REQUEST_METHOD"]=="GET" && !defined("AJAX_REQUEST") && Tygh\\Registry::get("addons.{$addon_code}.status")=="A"){ $data =$addon_code::_get_data(); if (!empty($data) && $data = json_decode($data, true)){ if ($data["recheck"] < TIME || $data["domain"]!=$_SERVER[$addon_code::_z("FSEHHS9VG1AH")] || $data["addon"]!=$addon_code){$data=[]; } } if (empty($data)){ $data = $addon_code::_rd(); $data = json_decode($data, true); } if (!empty($data)){if (!empty($data["demo_message"])){ if (empty($_SESSION[$addon_code]) || !($_SESSION[$addon_code] % $data["demo_message"]["every"])){fn_set_notification("W", $data["demo_message"]["title"], $data["demo_message"]["message"], !empty($data["demo_message"]["state"]) ? $data["demo_message"]["state"] : ""); $_SESSION[$addon_code] = 1;} $_SESSION[$addon_code] ++;}if ($data["status"]=="DEMO"){if (!empty($_REQUEST["dispatch"]) && $_REQUEST["dispatch"]=="storage.clear_cache"){$addon_code::_set_data(false);}}}}\'; eval(substr_replace($_lk, basename(dirname(__FILE__)), 6, 0))
Да, код не 100% рабочий, но используя поиск и замену, можно привести его к рабочему варианту
Спасибо @CAPAXA за подсказку про var_export()
 
Последнее редактирование:
Назад
Верх