Sucuri – Decoding Obfuscated PHP

We are happy to release a new tool for you Do It Yourself (DIY) types. Every now and then you might come across a variety of obfuscated injections in your PHP files and might find yourself wondering,

Wonder what that does?

Not to fear, Sucuri is here and we have a cool little tool that will help you take a look up it’s skirt. If nothing else this will you developers better understand how good is used for evil.

The one very cool thing about it is that it will decode as many layers as possible until it reaches a layer it is unable to decode. In our testing we have found a few strands that have gone down 20 different layers of obfuscation before it got to a point where it needed human intervention. Here is an example of 13 layers with a final output: http://ddecode.com/phpdecoder/?results=54a91431e44ab48462d4db6a59ae3db8

You can decode your obfuscated PHP here: http://ddecode.com/phpdecoder/

3 comments

Comments are closed.

You May Also Like