I, I couldnt do it, please help me:
http://wordpress.pastebin.ca/1863373
thanks
After alot of research and looking around I can’t find a way to decode this BASE64 footer. I think it’s double encoded, can anyone help out:
[link moderated] As the opening post says, use a pastebin.
Thanks for any help you guys can offer
Hi,
Theres an encoded functions file in this theme I’ve got;
http://pastebin.com/pZPLZeEm
Its a superb theme but I want to wigitize it and edit the custom settings page that the functions add to the admin panel.
If someone could decrypt it I’d be most appreciative, I tried to decrypt it but couldn’t get the entire file π
thanks
Looks like WordPress itself is now posting themes with encrypted code.
If that’s not the case, I would appreciate if someone can decrypt functions.php from veryplaintxt before the guy from the theme starts stealing Paypal passwords from everybody who runs the theme.
@originalconcept:
Your theme was obfuscated. In decoded form it can be seen at http://wordpress.pastebin.ca/1869595
@mailcatala
Post the file on pastebin and I’ll help you in decoding it.
@kevin
you sir, are a legend. Thank You! much appreciated π
Hi guys, first thanks for your instructions and time. I’ve tried different way to decode this footer but it is clearly over my head now. If somebody could help me out with this one, I’d highly appreciate it, thanks in advance
http://wordpress.pastebin.com/djsJP3M6
I’ve seen Kevin decode one of these before, so I am crossing my fingers and hoping he can tackle another templatelite template.php-
http://wordpress.pastebin.com/1WdNkhNf
@i1000a
The file has been tampered with. It is a variation of PHPLockIt which can be easily decoded. Make sure you are providing the un-tampered file.
@kevin
http://pastebin.com/JidG0W0N
That’s the encoded part, let me know if you need the full file
Thanks!!
@mailcatala
That’s not PHP encoded. It seems to be something related to form. PKCS7 is used to sign and/or encrypt messages under a PKI. It can also be used for certificate dissemination. Maybe the site using this is ensuring that the page hasn’t been tampered with.