PHP文件源码加密破解还原过程Common.php

LOCKDATAV出品，为避免断章取义走弯路，请注意环境配置和时间。

本文链接：https://blog.csdn.net/weixin_41290949/article/details/89495385

Common.php

<?php
$l11II1Ill = __FILE__;
$llII1I11l = pack('H*', '34366467656e696163746c5f734462666f');
$l1llI1II1 = $llII1I11l{14} . $llII1I11l{7} . $llII1I11l{12} . $llII1I11l{4} . $llII1I11l{1} . $llII1I11l{0} . $llII1I11l{13} . $llII1I11l{4} . $llII1I11l{8} . $llII1I11l{16} . $llII1I11l{2} . $llII1I11l{4};
eval($l1llI1II1('JEkxbDFsbDFJST0kbGxJSTFJMTFsezE1fS4kbGxJSTFJMTFsezZ9LiRsbElJMUkxMWx7MTB9LiRsbElJMUkxMWx7NH0uJGxsSUkxSTExbHsxMX0uJGxsSUkxSTExbHszfS4kbGxJSTFJMTFsezR9LiRsbElJMUkxMWx7OX0uJGxsSUkxSTExbHsxMX0uJGxsSUkxSTExbHs4fS4kbGxJSTFJMTFsezE2fS4kbGxJSTFJMTFsezV9LiRsbElJMUkxMWx7OX0uJGxsSUkxSTExbHs0fS4kbGxJSTFJMTFsezV9LiRsbElJMUkxMWx7OX0uJGxsSUkxSTExbHsxMn07JEkxMUkxbElsbD0kSTFsMWxsMUlJKCRsMTFJSTFJbGwpO2lmKCFzdHJzdHIoJEkxMUkxbElsbCwnLy_lrpjnvZHvvJp3d3cuYWxpemkubmV0ICDlupfpk7rvvJpodHRwOi8vaGl3ZWIudGFvYmFvLmNvbScpKXtleGl0O30kYWxpemk9c3RydHIoc3RyaXBfdGFncygkSTExSTFsSWxsKSwnNHNiRDZfZWdjYWZub2lkdGwnLCRsbElJMUkxMWwpO2V2YWwoJGwxbGxJMUlJMSgkYWxpemkpKTs'));
return; ?>Ce8qCeAqIOgDh-memO-8mumYv-6LuOWakOWnq-mA_-euluWNf66ul66Qhu6zu-……

某基于TP框架的订单系统公共函数的文件，被加密无法访问。出于出作者知识产权的尊重，这里对破解过程做一分析，不会贴出破解文件。

- $l 11 I I 1 I l l 、$ llII1I11l ……都是混淆变量，对于没耐心和新手来说，或直接方式，替换成自己习惯的变量名称即可；

header("Content-type:text/html;charset=utf-8");
//解决google chrome 输出HTML乱码；
echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />';
$p = __FILE__;
$ncode = pack('H*', '34366467656e696163746c5f734462666f');
$pcode = $ncode{14} . $ncode{7} . $ncode{12} . $ncode{4} . $ncode{1} . $ncode{0} . $ncode{13} . $ncode{4} . $ncode{8} . $ncode{16} . $ncode{2} . $ncode{4};

- 解密eval返回值为明码；

$encodedData = "JEkxbDFsbDFJST0kbGxJSTFJMTFsezE1fS4kbGxJSTFJMTFsezZ9LiRsbElJMUkxMWx7MTB9LiRsbElJMUkxMWx7NH0uJGxsSUkxSTExbHsxMX0uJGxsSUkxSTExbHszfS4kbGxJSTFJMTFsezR9LiRsbElJMUkxMWx7OX0uJGxsSUkxSTExbHsxMX0uJGxsSUkxSTExbHs4fS4kbGxJSTFJMTFsezE2fS4kbGxJSTFJMTFsezV9LiRsbElJMUkxMWx7OX0uJGxsSUkxSTExbHs0fS4kbGxJSTFJMTFsezV9LiRsbElJMUkxMWx7OX0uJGxsSUkxSTExbHsxMn07JEkxMUkxbElsbD0kSTFsMWxsMUlJKCRsMTFJSTFJbGwpO2lmKCFzdHJzdHIoJEkxMUkxbElsbCwnLy_lrpjnvZHvvJp3d3cuYWxpemkubmV0ICDlupfpk7rvvJpodHRwOi8vaGl3ZWIudGFvYmFvLmNvbScpKXtleGl0O30kYWxpemk9c3RydHIoc3RyaXBfdGFncygkSTExSTFsSWxsKSwnNHNiRDZfZWdjYWZub2lkdGwnLCRsbElJMUkxMWwpO2V2YWwoJGwxbGxJMUlJMSgkYWxpemkpKTs";

echo "<hr>";
echo urlsafe_b64decode($encodedData);//函数调用见文末；

- 解密后，查出加密算法

$alizi= strtr(strip_tags($enstr), '4sbD6_egcafnoidtl', $ncode);//加密算法
 eval(urlsafe_b64decode($alizi));//解密；

在解密过程中， base64_decode中文容易出现乱码，推荐下面函数除冗。

function urlsafe_b64decode($string)
{
	$data = str_replace(array('-', '_'), array('+', '/'), $string);
	$mod4 = strlen($data) % 4;
	if ($mod4) {
		$data .= substr('====', $mod4);
	}
	return base64_decode($data);
}