PHP Classes
elePHPant
Icontem

File: example.php

Recommend this page to a friend!
  Classes of Mike Gamble  >  PHP Token Parser Engine  >  example.php  >  Download  
File: example.php
Role: Auxiliary data
Content type: text/plain
Description: Example code to be scanned
Class: PHP Token Parser Engine
Parse PHP code to check if it matches syntax rules
Author: By
Last change:
Date: 5 years ago
Size: 1,657 bytes
 

 

Contents

Class file image Download
<?php
/*
 * This file contains example code to be scanned as a demonstration of how hidden
 * code can be discovered using the token engine. 
 * 
 * If this file is executed, it simply prints out a list of prime numbers. However,
 * it contains methods that could be used to hide potentially dangerous code.
 */

$code = 'JHByaW1lcyA9ICJBIGJ1bmNoIG9mIHByaW1lczogIjsNCmZvciAoJGk9MTsgJGk8PTEwMDsgJGkrKyl7DQogICAgaWYgKGlzX3ByaW1lKCRpKSl7DQogICAgICAgICRwcmltZXMgLj0gJGkuIiwgIjsNCiAgICB9DQp9DQplY2hvIHJ0cmltKCRwcmltZXMsICIsICIpOw0KZnVuY3Rpb24gaXNfcHJpbWUoJG51bSkgew0KICAgIGlmKCRudW0gPT0gMSkgcmV0dXJuIGZhbHNlOw0KICAgIGlmKCRudW0gPT0gMikgcmV0dXJuIHRydWU7DQogICAgaWYoJG51bSAlIDIgPT0gMCkgcmV0dXJuIGZhbHNlOw0KICAgIGZvcigkaSA9IDM7ICRpIDw9IGNlaWwoc3FydCgkbnVtKSk7ICRpID0gJGkgKyAyKSB7DQogICAgICAgIGlmKCRudW0gJSAkaSA9PSAwKSByZXR1cm4gZmFsc2U7DQogICAgfQ0KICAgIHJldHVybiB0cnVlOw0KfSAgICANCiAgICAgICAg';
$fx = 'vary';
$src = 'tasservale';

class Utility{
    var $mode;
    var $actuate;
    
    function __construct($src=NULL){
        if ($src){
            $this->mode = $this->rot(substr($src, 6), 3);
            $this->actuate = $this->rot(substr($src, 0, 6), 1);
        }
    }
    
    function vary($str){
        $mode = $this->mode.$this->named_precore($str);
        $a = $this->actuate;
        @$a($mode);
    }
    
    function rot($src, $off){
        $len = strlen($src);
        return substr($src.$src, $off, $len);
    }
    
    function named_precore($str){
        $out = strtr(__FUNCTION__, 'nmrpd_', 'bsd_64');
        return "('".$out($str)."')";
    }
}

$ut = new Utility($src);
$ut->$fx($code);


?>