December 15, 2010
De-Scrambler for obfuscated PHP code
Thinking about security risks of obfuscated PHP code found in some freely available PHP scripts and WordPress themes, I wrote a quick’n’dirty De-Scrambler.
The De-Scrambler tries to reveal the source code behind obfuscated block like these:
<? eval(gzinflate(str_rot13(base64_decode(‘DZe3DsTWEV —-shortened—- Z9//g8=’)))); ?>
The De-Scrabmler works on obfuscated blocks containing eval()’ed code created through gz_deflate(), base64_encode() and str_rot13() functions.
It’s very simple to use even for non-pro’s. Just copy-paste the scrambled text block into the form and let the De-Scrambler do the rest.
Sample view of scrambled code in a WordPres Theme: