kmark/de64.php

## de64.php
<?php

/* Works on targets that are in this format:
 * <?php $FirstVar = 'base64here'; $SecondVar = '$ThirdVar = base64_decode($FirstVar); eval($ThirdVar);'; eval($SecondVar); ?>
 * Where the result of the base64_decode is more PHP that follows the above format.
 */

$target = $argc < 2 ? "" : $argv[1];

if($target === "" || !file_exists($target)) {
    echo "Bad target.\r\n";
    exit(1);
}

$src = file_get_contents($target);

for($i = 1; $i < PHP_INT_MAX; $i++) {
    if(!preg_match('%\$[A-Za-z]+ *= *\'([A-Za-z0-9-_+/=]+)\';%', $src, $matches)) {
        exit("----------\r\n$src\r\n----------\r\nStopped after $i iteration".($i==1?"":"s").".\r\n");
    }
    $src = base64_decode($matches[1]);
}

echo "Must go deeper...\r\n";
exit(1);
	<?php

	/* Works on targets that are in this format:
	* <?php $FirstVar = 'base64here'; $SecondVar = '$ThirdVar = base64_decode($FirstVar); eval($ThirdVar);'; eval($SecondVar); ?>
	* Where the result of the base64_decode is more PHP that follows the above format.
	*/

	$target = $argc < 2 ? "" : $argv[1];

	if($target === "" \|\| !file_exists($target)) {
	echo "Bad target.\r\n";
	exit(1);
	}

	$src = file_get_contents($target);

	for($i = 1; $i < PHP_INT_MAX; $i++) {
	if(!preg_match('%\$[A-Za-z]+ = \'([A-Za-z0-9-_+/=]+)\';%', $src, $matches)) {
	exit("----------\r\n$src\r\n----------\r\nStopped after $i iteration".($i==1?"":"s").".\r\n");
	}
	$src = base64_decode($matches[1]);
	}

	echo "Must go deeper...\r\n";
	exit(1);