- /tmp root@apx# nano ld.c
- /tmp root@apx# gcc -fPIC -c ld.c -o ld.o
- /tmp root@apx# gcc -shared -o ld.so ld.o
- /tmp root@apx# LD_PRELOAD=/tmp/ld.so /usr/bin/sw-engine /usr/local/psa/admin/htdocs/login_up.php3
Cheers
-
-
Save 19h/9050608 to your computer and use it in GitHub Desktop.
Decrypting Plesk Panel PHP files (stolen from @silentsignal)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <string.h> | |
| #include <stdio.h> | |
| int i=0; | |
| void *memcpy(void *dst,const void *src,size_t len){ | |
| if((strstr(src,");") > 0) && (i==0)){ | |
| printf("%s\n",src); | |
| i=1; | |
| } | |
| register char *src_c, *dst_c; | |
| src_c = (char *)src; | |
| dst_c = (char *)dst; | |
| while (len-- > 0) | |
| *dst_c++ = *src_c++; | |
| return dst; | |
| } |
Your way to version 12.x decrypting it?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In this case, we have no see include, include_once, require, require_once files. In addition, PLesk from 12.x has another protect algoritm and can't be decrypted this way.