CodeSOD: edoced_46esab

, Software Pundits
This post was originally published on this site

The Daily WTF

Rick is supporting a Magento-based e-commerce site. As many such sites, it uses a lot of third party plugins. One of those third party plugins wants to make sure no one “steals” its code, and thus obfuscates the code.

$_F=__FILE__;$_X=”JF9GPV9f…oJF9EKCRfWCkpOw==”;$_D=strrev(‘edoced_46esab’);eval($_D($_X));

This stores the actual code inside that Base64 encoded string. And it “cleverly” hides the fact that it’s Base64 encoded by reversing the name of the decode function into “edoced_46esab”.

But now, as clever hackers, you might be wondering: what is the actual code?

$_F=__FILE__;$_X=”JF9GPV9fRklMRV9fOyR…RfRCgkX1gpKTs=”;$_D=strrev(‘edoced_46esab’);eval($_D($_X));

It’s not a quine, it’s another Base64 encoded string, surrounded by decoding code. And when you decode that?

$_F=__FILE__;$_X=”LyoqDQogKiBA…KCdPSycpOyB9IH0=”;$_D=strrev(‘edoced_46esab’);eval($_D($_X));

Look familiar? When you decode it one more time, it outputs code. But that code has also been altered, so that all the variable names are $_0e91566a8fd5270e1fde008c1f93b7c9.

Every file in the plugin has been run through this obfuscator. It includes many files. So

To read the full article click on the 'post' link at the top.

Date

You May Also Like

A Tapestry of Threads

Error'd: Are You Old Enough to Know Better?

Perfect Uptime

Classic WTF: Working Around, Over and Through the Process

CodeSOD: Constantly Magic

CodeSOD: In House Refactoring

More Posts From: Software Pundits

Error'd: No Time Like the Present

CodeSOD: Don't Date Me

CodeSOD: Expressing a Leak

Representative Line: Broken Up With

COGNOS: Fast, Private & On-Demand Answers for Business Operations

CodeSOD: Where is the Validation At?