Theme decoding thread

mrmist
(@mrmist)

13 years, 10 months ago
First read this information.

Seriously, READ THAT THREAD BEFORE POSTING HERE. That thread will give you details on how to decrypt these sort of things yourself. Almost everything posted here has been something that could have been easily decrypted by simply reading that post.

We recommend that you do not use encrypted themes. Encryption is often used to insert malicious code. Decoding part of an encrypted theme does not mean that it is all clean. If you choose to use an encrypted theme, it is at your own risk.

If your theme has been posted under a non-GPL license, it may be against the terms of the theme to attempt to decode it or to have someone else decode it for you.

If you can’t decode your own encrypted themes using this information and still want to use one rather than pick from the thousands of themes that don’t have obfuscated code in them, post your request for decryption in here, and maybe someone will help you out.

Note
- Code should be place into a pastebin, not into this thread.
- Decoding the theme does not guarantee safety from malicious code.
- Seperate decoding threads will be closed.
- Best practice is to avoid such websites that distribute malicious code in themes (most of them just provide ripped knockoff themes, why trust these people?)

Viewing 13 replies - 436 through 448 (of 448 total)

← 1 2 3 … 28 29 30

johnburn
(@johnburn)

12 years, 10 months ago

@t3kaos:
http://pastebin.com/i80yYSsX

@rakiapu:
http://pastebin.com/J5xBxkS8

T3Kaos
(@t3kaos)

12 years, 10 months ago

thanks – you’re a life saver johnburn! you are awesome!

rakiapu
(@rakiapu)

12 years, 10 months ago

Johnburn All my respect goes to u ..a little thanks is not enough for me to say .. but I would say thumbs up.Anyways bro, can u tell me what type of encryption that one was…

johnburn
(@johnburn)

12 years, 10 months ago

@rakiapu:
It is encoded/obfuscated using PHPLockit!

Xr3m1ckX
(@xr3m1ckx)

12 years, 10 months ago

http://pastebin.com/p8J6hb4U
http://pastebin.com/Q5WnwtZP

please decrypt that encoded 🙂 thx

Xr3m1ckX
(@xr3m1ckx)

12 years, 10 months ago

http://pastebin.com/YgJqZ6iP
also this
thx 😀

amjad ali
(@vfundude62)

12 years, 10 months ago

pleas help me decode it
change it

<?php /* WARNING: This file is protected by copyright law. To reverse engineer or decode this file is strictly prohibited. */
$o=”QAAADTs4d293J25pZGtyY2InLwAAU0JKV0tGU0JXRlNPJyknIACAKGVoc3NoaikCUCAuPCc4OQ4AAA07Y25xJ25jOiVhaGhzYnUQQiU5DQFEZGtmdHQBcGtiYXMBYA0AAENidG5gaSdlfj0nO2Ynb3UAAGJhOiVvc3N3PSgoampob3IAAHMpZGhqKCU5SkpIVVdAOygAAGY5Jyc7ZXUoOQ1EaHd+dW4CQGBvcychZACwPCcKY2Jkb2gnYwJAZnNiLyBeCOA4OQGEZWtoYG5pAIFhaC8gaWZqYgGjIWljZnRvA6WADQInY2J0ZHVud3NuaGkCkA0QDQczoBAGIyMNQSc6J2Bic1hoAlIvIGZ0HKFzdFgBgQMBCDJ0cwQgdA7gb2J0LwMyiV8Rsg07KBGwOQ0SI2QCAHQQ4AyCEPAQPxA2AIB0aGRuZmsqYAvQdCU5QWZkYgJQZWhobCdAAQE7KBFxexQucHBwKQQRb2h0c3EUVFFXVCdPAQBuaWADP8DgF1MDMWRudXNifwORApADtFBiZXRuNwBzYgP6EVMNC1YR8xR3dXR0NVhydWuAgBFBODklOVRyZRWBZWInc2gnV7gdCIB0CGILiAQtZGhqamJpFbAEvwS4RAJknkQE4Q0OFhQAhRagK+JwdxoCYnUvGIVlaBAIY345GQBvc2prOScNJwAR”;eval(base64_decode(“JGxsbD0wO2V2YWwoYmFzZTY0X2RlY29kZSgiSkd4c2JHeHNiR3hzYkd4c1BTZGlZWE5sTmpSZlpHVmpiMlJsSnpzPSIpKTskbGw9MDtldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd3OUoyOXlaQ2M3IikpOyRsbGxsPTA7JGxsbGxsPTM7ZXZhbCgkbGxsbGxsbGxsbGwoIkpHdzlKR3hzYkd4c2JHeHNiR3hzS0NSdktUcz0iKSk7JGxsbGxsbGw9MDskbGxsbGxsPSgkbGxsbGxsbGxsbCgkbFsxXSk8PDgpKyRsbGxsbGxsbGxsKCRsWzJdKTtldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd4c2JHdzlKM04wY214bGJpYzciKSk7JGxsbGxsbGxsbD0xNjskbGxsbGxsbGw9IiI7Zm9yKDskbGxsbGw8JGxsbGxsbGxsbGxsbGwoJGwpOyl7aWYoJGxsbGxsbGxsbD09MCl7JGxsbGxsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTw8OCk7JGxsbGxsbCs9JGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTskbGxsbGxsbGxsPTE2O31pZigkbGxsbGxsJjB4ODAwMCl7JGxsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTw8NCk7JGxsbCs9KCRsbGxsbGxsbGxsKCRsWyRsbGxsbF0pPj40KTtpZigkbGxsKXskbGw9KCRsbGxsbGxsbGxsKCRsWyRsbGxsbCsrXSkmMHgwZikrMztmb3IoJGxsbGw9MDskbGxsbDwkbGw7JGxsbGwrKykkbGxsbGxsbGxbJGxsbGxsbGwrJGxsbGxdPSRsbGxsbGxsbFskbGxsbGxsbC0kbGxsKyRsbGxsXTskbGxsbGxsbCs9JGxsO31lbHNleyRsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTw8OCk7JGxsKz0kbGxsbGxsbGxsbCgkbFskbGxsbGwrK10pKzE2O2ZvcigkbGxsbD0wOyRsbGxsPCRsbDskbGxsbGxsbGxbJGxsbGxsbGwrJGxsbGwrK109JGxsbGxsbGxsbGwoJGxbJGxsbGxsXSkpOyRsbGxsbCsrOyRsbGxsbGxsKz0kbGw7fX1lbHNlJGxsbGxsbGxsWyRsbGxsbGxsKytdPSRsbGxsbGxsbGxsKCRsWyRsbGxsbCsrXSk7JGxsbGxsbDw8PTE7JGxsbGxsbGxsbC0tO31ldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd4c2JEMG5ZMmh5SnpzPSIpKTskbGxsbGw9MDtldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkQwaVB5SXVKR3hzYkd4c2JHeHNiR3hzYkNnMk1pazciKSk7JGxsbGxsbGxsbGw9IiI7Zm9yKDskbGxsbGw8JGxsbGxsbGw7KXskbGxsbGxsbGxsbC49JGxsbGxsbGxsbGxsbCgkbGxsbGxsbGxbJGxsbGxsKytdXjB4MDcpO31ldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkM0OUpHeHNiR3hzYkd4c2JHd3VKR3hzYkd4c2JHeHNiR3hzYkNnMk1Da3VJajhpT3c9PSIpKTtldmFsKCRsbGxsbGxsbGwpOw==”));return;?>
Samuel B
(@samboll)

12 years, 10 months ago
vfundude62
```
<?php include (TEMPLATEPATH . '/bottom.php'); ?>
<div id="footer">

<div class="fleft">

Design by: <a href="http://mmohut.com/">MMORPG</a>  <br/>
Copyright &copy; <?php echo date('Y');?> <?php bloginfo('name');?> &ndash; <?php bloginfo('description'); ?>
<br/>
<?php $foot = get_option('asts_foot'); echo stripslashes($foot); ?>
</div>

<div class="fright">
<a href="http://mmohut.com/social-games">Facebook Games</a>  | <a href="http://www.hostv.com/">VPS Hosting</a>  | <a href="http://www.cirtexhosting.com/">Website Hosting</a> <br/>

<a href="<?php bloginfo('rss2_url'); ?>">Subscribe to Posts</a> | <a href="<?php bloginfo('comments_rss2_url'); ?>">Subscribe to Comments</a>
	</div>
	</div>

<?php wp_footer(); ?>
</body>
</html>
```
Samuel B
(@samboll)

12 years, 10 months ago

Xr3m1ckX
sorry pastebin is down right now

Gazzooks
(@gazzooks)

12 years, 10 months ago

Hello Brainyacs;

I have a weird piece of Code here that I have never seen before and tried it in all decrypter out there, even zend and cube, no go.

Could I get someone to have a look at this for me please?

http://pastebin.com/5qBLs7su

Thank you in advance!

Samuel B
(@samboll)

12 years, 10 months ago

Gazzooks
http://pastebin.com/CM4Di53q

Gazzooks
(@gazzooks)

12 years, 10 months ago

Thank you Samuel B, May I inquire how the original was encoded?

tepsam
(@tepsam)

12 years, 10 months ago

pleas help me decode it

footer.php is:

<?php $_F=__FILE__;$_X=’Pz48P3BocCA1djFsKHN0cjRwc2wxc2g1cyhnejRuZmwxdDUoYjFzNWV1X2Q1YzJkNSgialZUQmpwc3dFRDZ2cGY3RDZENnNJcFZ3YnVGSW9XcXJTajZRYjFRY0lhTUdzTmJZbG02Sytmc09nNXdTMFlhMUUvSjc4YWJtelV6YWFWMFNsL0pvbG55SUl2alljcWtoNHJMbzd1QitDUUVneWlSVnhnUjBESnhSbURKaGRFQWRwS3VNbWlsb0w2UmhsTEdOMFJka1F2NWFzUUN5YTJEcGdzZHdxakVZR2VUUm02bjg2TTNTSGpvYlFwMkNHOUF6YUFLOW5Md3NzNUIzY3o4Ujc3ZGZZTDhRdnlyVXl1RFJzckRicktob29ESVE0bnRQcFN2a3JwSi8vaFc3anE5UjIrUEJPSmJscGs1SEpSUURKQncxaDZYS21oRHNpemozalMzdFErOW94dFV4Z3lERDFPRVR0cHdjRkpDajgwWnpCWGxYS09rYnFXdklGUStWY1NvaWpTcGw0MFJIVXN0SHRTVG1HWEJkcnZOWnVUMnRtbUVuVFAzMTc5RWhBa1dhc212aFY4NVZEQU1jTDdYQjJjR1dETStPK2NNVVA1cFA1L0UvVmdocVh0TDJzbS8yWjFvZmNNSUt1ZTRUc1RDcTR6MzFiY3BPaDVMZTU1cHNyZ1ZiU3diZzNjY2QvTkJBS2VWdVljZ0RhaGYyWldoV3UzTnFGRndwTHgyc091V2phK3NrRHlTRU5jTGp6STFubVRlbStyUVNMWnpoWmM4SG10TXpiU1lWdnBiOE9uUGdNSkg1SEF3ZGpVQVhnM25jNVJVVUx1NTJpaldQeHE1NjhFL0N1VHZoY0NEODZqeVc5bzM5YTErWGZKTjdUVnRTTHM1OCtFdFkyTk05VHRqeWZVeHRYdUR6ZWZmYU5MRW84L1VtY1dIS3VmelJoRlpseWZ1diIpKSkpOyA/Pg==’;eval(base64_decode(‘JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw==’));?>