ganlvtech / php-enphp-decoder Goto Github PK

View Code? Open in Web Editor NEW

115.0 5.0 76.0 74 KB

EnPHP Decoder written in PHP

Home Page: https://enphp.ganlv.tech/

License: GNU General Public License v3.0

PHP 100.00%

decompiler php enphp

php-enphp-decoder's Introduction

EnPHP Decoder

EnPHP Decoder written in PHP. Powered by PHP-Parser.

Try it online

Check the link in repository description.

Installation

Get It By Git Clone

You can get the code by git clone. And then install the dependencies by yourserlf with Composer.

git clone https://github.com/ganlvtech/php-enphp-decoder.git
cd php-enphp-decoder
composer install

Download From GitHub Release

You can also download it from GitHub Release.

Download the zip file and unzip them into a folder. All dependencies have been installed.

Usage

Decode by Web UI

cd public/
php -S 127.0.0.1:8000

Visit https://127.0.0.1:8000/ on Browser. You can select a file to upload, and you will download a decoded file.

Deploy to Web Server

Serve by Nginx and php-fpm.

server {
	listen 80;
	# listen 443 ssl;
	root /home/ubuntu/php-enphp-decoder/public;
	index index.php index.html index.htm;
	server_name enphp.ganlvtech.cn;

	location / {
		try_files $uri $uri/ =404;
	}

	location ~ \.php$ {
		fastcgi_pass unix:/run/php/php7.0-fpm.sock;
		include snippets/fastcgi-php.conf;
	}
}

You may need to change port, root, server_name and php version.

Decode One File

php bin/decode.php input.php output.php

Call bin/decode.php decode input.php and save it to output.php.

Decode All Files in A Directory

php bin/decodeRecursive.php dir/

Call bin/decodeRecursive.php decode all php files in dir/ recursively and save it to its original path.

You can use absolute path like /path/to/your/dir/.

CAUTION: This will OVERWRITE all php files! If any error happened with the decoder, your files MAY NOT BE RECOVERED! Please backup your files!

About EnPHP Bugs

See docs/enphp_bugs.md.

License

GNU GENERAL PUBLIC LICENSE Version 3

EnPHP Decoder
Copyright (C) 2019  Ganlv

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <https://www.gnu.org/licenses/>.

php-enphp-decoder's People

Contributors

Stargazers

Watchers

php-enphp-decoder's Issues

这种可以还原吗

<?php 
 namespace app\common\controller;error_reporting(E_ALL^E_NOTICE);define('س�', '�');����˔���᧜������η��������ދ瞮�����񊌚��եõ�읊��৵؇������ޢ��ʁ��Ņ������������ާɁ涙ϖ�Ɛ����������ɬ���Ѭ����;$_GET[س�] = explode('|%|9|.', 'error_reporting|%|9|.define|%|9|.��|%|9|.�|%|9|.��|%|9|.explode|%|9|.|8|!|(|%|9|._initialize|8|!|(isMobile|8|!|(url|8|!|(domain|8|!|(rtrim|8|!|(/|8|!|(m/Index/index|8|!|(.|8|!|(config|8|!|(default_return_type|8|!|(preg_replace|8|!|(/\\/index\\//|8|!|(/m/|8|!|(redirect');��������ꖴ⣜����ӣ��;$_GET{س�}[0](E_ALL^E_NOTICE);$_GET{س�}{0x001}($_GET{س�}[0x0002],$_GET{س�}{0x00003});��ϧٲ����􊀊�燙��ك�;$_SERVER[$_GET{س�}[0x000004]]=$_GET{س�}{0x05}($_GET{س�}[0x006],$_GET{س�}{0x0007});������ム���խ���������ŋ����ϵ���ׂ伅����;use app\common\controller\Base;class Pcend extends Base{protected function _initialize(){$ԕ��=&$_GET{س�};$���Ч=&$_SERVER{$ԕ��[0x000004]};������Ѱ�;parent::{$_SERVER{$ԕ��[0x000004]}[0]}();��ɜ�;if($this->request->{$_SERVER{$ԕ��[0x000004]}{0x001}}()){$��Δ=$this->request->{$_SERVER{$ԕ��[0x000004]}[0x0002]}(!0);$ܨ��=$this->request->{$_SERVER{$ԕ��[0x000004]}{0x00003}}();if($���Ч[0x000004]($��Δ,$���Ч{0x05})==$ܨ��){$��Δ=$���Ч[0x000004]($���Ч[0x006],$���Ч{0x0007}.$���Ч[0x00008]($���Ч{0x000009}));}else{$��Δ=$���Ч[0x0a]($���Ч{0x00b},$���Ч[0x000c],$��Δ,0x001);}$this->{$_SERVER{$ԕ��[0x000004]}{0x0000d}}($��Δ);}}}

你好,能将这个包放到https://packagist.org/吗

不知道在哪留言了，就这吧先

最近拜读了大佬的zym乱码调试这篇文章

不才，我找了一个样本进行了一番尝试

最后发现好像是二次混淆了，我自己尝试的结果总是还有部分代码没还原回来

不知道大佬可否不吝赐教

1.zip

过程中我尝试打开错误提示运行原始代码，会提示函数未定义 "die"

后用php_parser转换，得到的文件直接调试会报错

不知道是不是因为php_parser转换过程丢了东西

注释掉报错的语句后可以正常调试，最后没有还原到原始代码

其实我更想知道这些字节码是如何整理成算法的、、、

我用vscode调试的时候大部分函数都看不到名字

可能是我太菜吧

睡了2019年6月12日00:53:07

之后会出关于微擎2c goto解密的教程吗

之后会出关于微擎2c goto解密的教程吗，看了大神的这个项目才学的php加解密，现在学习解密goto遇到一些问题。

解析出现这个异常，是不对吗

`
$ php bin/decode.php SearchController.class.php out.php
PHP Warning: gzinflate(): data error in C:\Users\qingmu-523\Desktop\dist\src\Au
toDecoder.php on line 82

Warning: gzinflate(): data error in C:\Users\qingmu-523\Desktop\dist\src\AutoDec
oder.php on line 82
PHP Warning: explode(): Empty delimiter in C:\Users\qingmu-523\Desktop\dist\src
\AutoDecoder.php on line 82

Warning: explode(): Empty delimiter in C:\Users\qingmu-523\Desktop\dist\src\Auto
Decoder.php on line 82

Y3t � ��=�r��t��8אz6��2N;6�6K��2��FS��Av�c��$� r��/�+��BL*�g��\\�/� `

对类的处理不是很到位

测试了一下类的解码，依旧含有部分乱码
这里有份样本可以测一下
Setting.zip