Tools Blog Learn Quizzes Smile API Log In / Sign Up
Tools Blog Learn Quizzes Smile API Log In / Sign Up
« See all images and videos
We have updated our privacy policy to let you know that we use cookies to personalise content and ads. We also use cookies to analyse our traffic and we share information about your use of our site and application with our advertising and analytics partners. By using this website or our application you agree to our use of cookies. Learn more about the way this website uses cookies or remove this message.

A Halloween PHP Snippet

October 27, 2016

Here's the source code.


<?php
	$key = 'hihi';
        $iv = base64_decode( "+1dGNQRBFRzvFLSQ/+mgZQ==" );
        $enc = base64_decode( "sCCJ0V0cLYxo51EeF46JzRo1UJ4rt/lgLLwa72FAYFY=" );

        $verify = openssl_decrypt($enc, 'aes-256-cbc', $key, OPENSSL_RAW_DATA, $iv);

        echo $verify . PHP_EOL;
        //then if you feel brave execute eval($verify);

Load More Smileys

Alerts

2017-09-21 - PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600. Read more ...
2017-09-21 - The escapeshellarg function in ext/standard/exec.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 on Windows allows remote attackers to execute arbitrary OS commands via a crafted string to an application that accepts command-line arguments for a call to the PHP system function. Read more ...

See All Entries...