Decode MiladWorkShop PHP Encoder
miladworkshop.ir provides a PHP Encoder for free. Nowadays a significant number of PHP programmers specially in Iran use this tool to prevent code leaks without permission. But this article will shows that encoder is not secure really.
First we go in miladworkshop.ir to encode a simple PHP code 👇🏻
After encode will be like this 👇🏻
- OK at first look we will understand its something related to Base64 because we seeing “\142\141\163\x65\x36\64\137\144\145\x63\157\x64\145” and “@eval” , Copy texts between “” after $_WZAKYF and decode it using base64decode.org
Output of decode
Again another Base64 so again copy texts between “” and go for decode
2. Output of decode
And again another Base64 , repeat the process
3. After decode top texts we will get two Base64 👇🏻
Note: save this result we need it later
4. So lets go for first one, here is the result
Again another Base64
After Decode we will get this list
For print this we can write a simple loop
We need to run this code, we can use onecompiler.com/php , unfortunately we not got something good, now go for second Base64 at we got at step 3
5. So lets go for second one, here is the result
First 15–19 is about showing what if file be corrupt, at the end again we seeing “eval” so do same process for decode
Decode result
Now we get a Base64 and a gzinflate
Note: im added <?php> to get coloring in the editor.
This time i’m not want to decode the “eval”, i want to print that. so i change code little bit
We need to run this code, i’m suggest you don’t use online compilers instead use server to have a full URL because if your codes have function etc will not shows in front-end, but you can see it when viewing the page source 👍🏻
Result in online compilers
Result in server
Yes in front-end we not seeing anything, lets look at the page source
Congrats, we successfully decode MiladWorkShop PHP Encoder :)
Best Regards, Hide01
