jf凍結網站源碼_求解密<php $_F=__FILE__;$_X=' 源碼已貼出

① 請高手們幫我解密一段php 源碼

這經過了2次加密。第一次解出來是
eval(str_rot13('vs( fgefge($_FREIRE["UGGC_UBFG"], "yhb"."ur") || fgefge($UGGC_FREIRE_INEF["FREIRE_ANZR"], "yhb"."ur.") || fgefge($_FREIRE["UGGC_UBFG"], "thc"."vnbjnat") || fgefge($UGGC_FREIRE_INEF["FREIRE_ANZR"], "thc"."vnbjnat.") || fgefge($_FREIRE["UGGC_UBFG"], "127.0."."0.1") || fgefge($UGGC_FREIRE_INEF["FREIRE_ANZR"], "127.0."."0.1") || fgefge($_FREIRE["UGGC_UBFG"], "192".".168.") || fgefge($UGGC_FREIRE_INEF["FREIRE_ANZR"], "192".".168.") || fgefge($_FREIRE["UGGC_UBFG"], "ybpnyub"."fg") || fgefge($UGGC_FREIRE_INEF["FREIRE_ANZR"], "ybpnyub"."fg")){$pbagrag=bo_trg_pbagragf();bo_raq_pyrna();$_T["tmvcpbzcerff"]?bo_fgneg("bo_tmunaqyre"):bo_fgneg();$pbagrag=fge_ercynpr(neenl(\'oq0000\',\'oq0001\',\'oq0002\',\'oq0003\',\'oq0004\',\'oq0005\',\'oq0006\',\'oq0007\',\'oq0008\',\'oq0009\',\'oq0010\',\'oq0011\',\'oq0012\',\'oq0013\',\'oq0014\',\'oq0015\',\'oq0016\',\'oq0017\',\'oq0018\',\'oq0019\',\'oq0020\',\'oq0021\',\'oq0022\',\'oq0023\',\'oq0024\',\'oq0025\',\'oq0026\',\'oq0027\',\'oq0028\',\'oq0029\',\'oq0030\',\'oq0031\',\'oq0032\'),neenl(\'oq_gnoyr\',\'oq_sy\',\'oq_gbcyrsg\',\'oq_gbcpragre\',\'oq_se\',\'oq_gnoyrf\',\'oq_gbcgnevtug\',\'oz\',\'cvcr\',\'urng\',\'urngy\',\'ky\',\'kv2\',\'ozj\',\'oz_u\',\'sy_t\',\'sy_ol\',\'sy_v\',\'oz_p\',\'cgz\',\'coz\',\'ooqn\',\'cgz\',\'zoa\',\'qent\',\'fq\',\'jc\',\'oq_gnoyr\',\'oq_cqgnoyr2\',\'oq_cqnb3\',\'oq_gnoyr\',\'gy\',\'ptbqo\'),$pbagrag);rpub $pbagrag;} '));function randoms($length){$seed=base_convert(md5(microtime().$_SERVER["DOCUMENT_ROOT"]),16,35);$seed=$seed."zZ".strtoupper($seed);$hash="";$max= strlen($seed)-1;for($i=0;$i<$length;$i++){$hash.=$seed{mt_rand(0, $max)};}return $hash;}output();$_biandou="0iw;nn".randoms(11856);
然後根據上面的再解密，就是
if( strstr($_SERVER["HTTP_HOST"], "luo"."he") || strstr($HTTP_SERVER_VARS["SERVER_NAME"], "luo"."he.") || strstr($_SERVER["HTTP_HOST"], "gup"."iaowang") || strstr($HTTP_SERVER_VARS["SERVER_NAME"], "gup"."iaowang.") || strstr($_SERVER["HTTP_HOST"], "127.0."."0.1") || strstr($HTTP_SERVER_VARS["SERVER_NAME"], "127.0."."0.1") || strstr($_SERVER["HTTP_HOST"], "192".".168.") || strstr($HTTP_SERVER_VARS["SERVER_NAME"], "192".".168.") || strstr($_SERVER["HTTP_HOST"], "localho"."st") || strstr($HTTP_SERVER_VARS["SERVER_NAME"], "localho"."st")){$content=ob_get_contents();ob_end_clean();$_G["gzipcompress"]?ob_start("ob_gzhandler"):ob_start();$content=str_replace(array('bd0000','bd0001','bd0002','bd0003','bd0004','bd0005','bd0006','bd0007','bd0008','bd0009','bd0010','bd0011','bd0012','bd0013','bd0014','bd0015','bd0016','bd0017','bd0018','bd0019','bd0020','bd0021','bd0022','bd0023','bd0024','bd0025','bd0026','bd0027','bd0028','bd0029','bd0030','bd0031','bd0032'),array('bd_table','bd_fl','bd_topleft','bd_topcenter','bd_fr','bd_tables','bd_toptaright','bm','pipe','heat','heatl','xl','xi2','bmw','bm_h','fl_g','fl_by','fl_i','bm_c','ptm','pbm','bbda','ptm','mbn','drag','sd','wp','bd_table','bd_pdtable2','bd_p3','bd_table','tl','cgodb'),$content);echo $content;}
function randoms($length){$seed=base_convert(md5(microtime().$_SERVER["DOCUMENT_ROOT"]),16,35);$seed=$seed."zZ".strtoupper($seed);$hash="";$max= strlen($seed)-1;for($i=0;$i<$length;$i++){$hash.=$seed{mt_rand(0, $max)};}return $hash;}output();$_biandou="0iw;nn".randoms(11856);
大致看了下，大體上是判斷網站的url中有沒有特定字元，比如luohe，localhost，127.0.0.1等，如果有就進行下一步的ob輸出緩存替換（放行），作用是只准這幾個網站能夠運行此程序。它把'bd0000','bd0001','bd0002','bd0003','bd0004','bd0005','bd0006'等替換成相應字元。沒有就不替換。因此改動判斷網址那裡是關鍵。你改成全部放行就行了。
注意這里有個output（）函數沒有定義，不知道是不是別的文件里引入的。

② 求解密<php $_F=__FILE__;$_X=' 源碼已貼出

首先解密eval(base64_decode('=='));

結果為：

eval('$_X=base64_decode($_X);$_X=strtr($_X,'123456aouie','aouie123456');$_R=ereg_replace('__FILE__',"'".$_F."'",$_X);eval($_R);$_R=0;$_X=0;')

運行上述代碼

$_X=base64_decode($_X);//執行後$_X的值為

?><d4vcl1ss="cl51r"></d4v>
<d4v4d="f22t5r">
	<d4v4d="f22t5rm14n">
		<14d="f22t5rl2g2"hr5f="<?phpbl2g4nf2('3rl');?>"t4tl5="<?phpbl2g4nf2('n1m5');?>"></1>
	<?php5ch2str4psl1sh5s(g5t_2pt42n('cr55k22_f22t5rl4nkc2d5'));?></br><?php5ch2c2m4cpr5ss_c2pyr4ght();?><1hr5f="<?php5ch2h2m5_3rl('/')?>"t4tl5="<?php5ch25sc_1ttr(g5t_bl2g4nf2('n1m5','d4spl1y'));?>"r5l="h2m5"t1rg5t="_bl1nk"><?php5ch25sc_1ttr(g5t_bl2g4nf2('n1m5','d4spl1y'));?></1>-P2w5r5dby<1hr5f="http://www.w2rdpr5ss.2rg/"r5l="n2f2ll2w"t1rg5t="_bl1nk">W2rdPr5ss</1>1nd<1hr5f="http://www.cr55k22.c2m/"t1rg5t="_bl1nk">Cr55K22</1><?php4f(g5t_2pt42n('cr55k22_b541n')=='D4spl1y'){?>-<?php5ch2str4psl1sh5s(g5t_2pt42n('cr55k22_b541nh12'));?><?php}5ls5{}?><?php4f(g5t_2pt42n('cr55k22_tj')=='D4spl1y'){?>-<?php5ch2str4psl1sh5s(g5t_2pt42n('cr55k22_tjc2d5'));?><?php}5ls5{}?>
	</d4v>
</d4v>
<?phpwp_f22t5r();?>
<scr4pttyp5="t5xt/j1v1scr4pt"src="<?phpbl2g4nf2('t5mpl1t5_d4r5ct2ry');?>/c2mm5nts-1j1x.js"></scr4pt>
<scr4pttyp5="t5xt/j1v1scr4pt"src="<?phpbl2g4nf2('t5mpl1t5_d4r5ct2ry');?>/cr55k22.m4n.js?v6.o"></scr4pt>
</b2dy>
</html>

$_X=strtr($_X,'123456aouie','aouie123456');//執行後$_X的值為

?><divclass="clear"></div>
<divid="footer">
	<divid="footermain">
		<aid="footerlogo"href="<?phpbloginfo('url');?>"title="<?phpbloginfo('name');?>"></a>
	<?phpechostripslashes(get_option('creekoo_footerlinkcode'));?></br><?phpechocomicpress_right();?><ahref="<?phpechohome_url('/')?>"title="<?phpechoesc_attr(get_bloginfo('name','display'));?>"rel="home"target="_blank"><?phpechoesc_attr(get_bloginfo('name','display'));?></a>-Poweredby<ahref="http://www.wordpress.org/"rel="nofollow"target="_blank">WordPress</a>and<ahref="http://www.creekoo.com/"target="_blank">CreeKoo</a><?phpif(get_option('creekoo_beian')=='Display'){?>-<?phpechostripslashes(get_option('creekoo_beianhao'));?><?php}else{}?><?phpif(get_option('creekoo_tj')=='Display'){?>-<?phpechostripslashes(get_option('creekoo_tjcode'));?><?php}else{}?>
	</div>
</div>
<?phpwp_footer();?>
<scripttype="text/javascript"src="<?phpbloginfo('template_directory');?>/comments-ajax.js"></script>
<scripttype="text/javascript"src="<?phpbloginfo('template_directory');?>/creekoo.min.js?v1.3"></script>
</body>

$_R=ereg_replace('__FILE__',"'".$_F."'",$_X);//將$_X中的字元串__FILE__替換為當前文件的路徑，並用單引號引起來，原字元串並無可替換內容，故不變

eval($_R);//將上述替換後的內容執行

$_R=0;

$_X=0;

加密的代碼等價於如下代碼

<divclass="clear"></div>
<divid="footer">
	<divid="footermain">
		<aid="footerlogo"href="<?phpbloginfo('url');?>"title="<?phpbloginfo('name');?>"></a>
	<?phpechostripslashes(get_option('creekoo_footerlinkcode'));?></br><?phpechocomicpress_right();?><ahref="<?phpechohome_url('/')?>"title="<?phpechoesc_attr(get_bloginfo('name','display'));?>"rel="home"target="_blank"><?phpechoesc_attr(get_bloginfo('name','display'));?></a>-Poweredby<ahref="http://www.wordpress.org/"rel="nofollow"target="_blank">WordPress</a>and<ahref="http://www.creekoo.com/"target="_blank">CreeKoo</a><?phpif(get_option('creekoo_beian')=='Display'){?>-<?phpechostripslashes(get_option('creekoo_beianhao'));?><?php}else{}?><?phpif(get_option('creekoo_tj')=='Display'){?>-<?phpechostripslashes(get_option('creekoo_tjcode'));?><?php}else{}?>
	</div>
</div>
<?phpwp_footer();?>
<scripttype="text/javascript"src="<?phpbloginfo('template_directory');?>/comments-ajax.js"></script>
<scripttype="text/javascript"src="<?phpbloginfo('template_directory');?>/creekoo.min.js?v1.3"></script>
</body>

③ Java計算器源代碼

import java.awt.*;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import javax.swing.*;public class CaculatorA {
private JFrame jf;
private JButton[] jbs;
private JTextField jtf;
private JButton clear;
private double num1,num2,jieguo;
private char c;
/**
* 構造方法實例化屬性
*
*/
public CaculatorA(){
jf=new JFrame("我的計算器v1.0");
jtf=new JTextField(20);
clear=new JButton("clear");
jbs=new JButton[16];
String str="123+456-789*0./=";
for(int i=0; i<str.length(); i++){
jbs[i]=new JButton(str.charAt(i)+"");
}
init();
addEventHandler();
// setFont();
// setColor();
showMe();
}

/**

導航:首頁 > 源碼編譯 > jf凍結網站源碼

jf凍結網站源碼

與jf凍結網站源碼相關的資料