Good Day!
This is my first time to ask question here in stackoverflow, cause usually I only read the solutions that has similar problem with mine. So my problem is, I had been given a task to decipher/decrypt the content of an excel file. (By the way i'm using PHP Language). I queried many times the encyrpt/decrypt on google but still failed. What I found somewhat related (well i guess the nearest solution here) is the base64_encode and base64_decode. To explain more this is my sample encrypted sentence (sentence because it should be resulted as a question)
V1JSeEhUUDJiaVdrZmJYSllxV3h2K3B1eDZYY2xobEM4QVRBTDhiTEVkU3JGVHVnelZWUUdWNGNyeGVGYXdrQU9DdXV2cFg4SkcxRzBJblRjY2E4SXh4Q21tNXNVZExrUVZFVDF0SFRXMGFTdms3ZTF5NlkvWXhCd2lkbHhBKzhRaSt5MlpzSC9KRVhNa2pZSXFIcnZBPT0=
I tried the code
$str = "V1JSeEhUUDJiaVdrZmJYSllxV3h2K3B1eDZYY2xobEM4QVRBTDhiTEVkU3JGVHVnelZWUUdWNGNyeGVGYXdrQU9DdXV2cFg4SkcxRzBJblRjY2E4SXh4Q21tNXNVZExrUVZFVDF0SFRXMGFTdms3ZTF5NlkvWXhCd2lkbHhBKzhRaSt5MlpzSC9KRVhNa2pZSXFIcnZBPT0=";
base64_decode($str);
The Result is:
81y7Vr6Xqh13qRf4/lWLYMVtim98/w5Y6aNegV4FmbWwpHonakWSigYgN928ksjBdsTff1lSVIGQchQnoV5S8Mw0IIszCSUe2+QxHdJ6X875pS52vReRZcBKHmnN5uFH
Which is wrong because it should display a more readable words/sentence. I don't know if I'm just missing anything. Any advice will be greatly appreciated. Thank you in advance!
PS: I tried the online bsae64 decoder (https://www.base64decode.org/) and it displays the right words like Man -> TWfu (vice versa) so I don't know if I'm focusing on a wrong solution or syntax.
You need to be sure about the encryption algorithm used on the file. If it is encrypted using AES, you might want to know the key.
Apparently an AES, or a Blowfish block. Having the key would be helpful.
Related
Today I've found a malware on one site, I have deleted it, of course, and everything is ok, but in order to understand where it comes from, I would like to understand its logic, but it is encoded, in a quite easy way. At the beginning of the file I see:
$i96="QU~T<`_YM82iAN>/v#s\"'q#tZFjJX6a\tcI)yS^boD.\$du|3\rWw=rC!;[4*P5LVkB?%19m:p7 -zK,gOl{Efx]0R}&h+\n\\(enGH";
This is used then in all the rest of the file, as a dictionary of characters, from now on, there are all assignments like this:
$GLOBALS['rpdxi45'] = $i96[94].$i96[51].$i96[51].$i96[39].$i96[51].$i96[6].$i96[51].$i96[94].$i96[70].$i96[39].$i96[51].$i96[23].$i96[11].$i96[95].$i96[77];
Does anyone has a clue on how I can decode this (without infecting a server of mine, of course), or at least has the name of this type of encryption? Just to know if I can find something on the web.
If someone is interested, I can post the rest of the file, I found it odd.
Update: the file is actually a malicious shell hack. If you find it on your server, delete it and contact your sysadmin.
It is obfuscating the phrase "error_reporting"
<?php
$i96="QU~T<`_YM82iAN>/v#s\"'q#tZFjJX6a\tcI)yS^boD.\$du|3\rWw=rC!;[4*P5LVkB?%19m:p7 -zK,gOl{Efx]0R}&h+\n\\(enGH";
echo $i96[94].$i96[51].$i96[51].$i96[39].$i96[51].$i96[6].$i96[51].$i96[94].$i96[70].$i96[39].$i96[51].$i96[23].$i96[11].$i96[95].$i96[77];
$GLOBALS['rpdxi45'] is storing a string constructed from the characters of the string held in $i96.
Echoing $GLOBALS['rpdxi45'] will show you the string that has been constructed.
See here: http://ideone.com/Jy1uty
I've found many websites with something related to the subject line (few are in stackoverflow.com itself). However, unfortunately I couldnt get what I want.
What I want is - I've a public-private key pair ready with me. (something like this - http://andytson.com/blog/2009/07/php-public-key-cryptography-using-openssl/)
Now, I want a javascript page which will use this public key. And encrypt some data. This data is then passed on to the php page. And the php page decrypts the data.
So far, I've found few JS pages which does this stuff right from the scratch (i.e. from generating the key pair). Same story for php. But thats not of help to me.
Any help is highly appreciated.
Cheers
Does http://area51.phpbb.com/phpBB/viewtopic.php?f=84&t=33024&start=0 do what you're wanting? Here's the stand-alone demo:
http://www.frostjedi.com/terra/dev/rsa/index.php
The source:
http://www.frostjedi.com/terra/dev/rsa/index.txt
after spending 2 hours on a stupid bug i realized that it was caused by a user who input a text containing indent text, bullets etc (i'm talking about a classifieds website)
so as the output is JSON i was receiving an error..
i know this is the holy grail of the quetions but what a simple, quick&dirty solution to
clean the output form extra spece,tab space etc, so JSON is valid?
(of course would be better to clean the input first but that's another question)
I am not sure if what you are looking for is something like HTMLPurifier?
You can try the demo.
There should be a good website for validating JSON here.
Sorry I am not native English.
EDIT: I just re-read you question, this was not really what you where looking for I think, but I'll leave it here just in case anyway :).
What about json_encode()?
http://php.net/json_encode
Which btw is already mentioned by Marc B in a comment to the question. I didn't see that until now -- I'm sorry. (added)
The only way I know how to handle this is to do it on form entry on the client side. Basically, by the time it gets to the server, very difficult to 'scrub' MS special characters out. Basically, a simple Javascript function tied to field change on a form element that converts any bogus characters to their UTF-8 friendly equivalent is the way to go. Check out this link: http://www.kevinkorb.com/post/37
I need advice regarding text analysis.
The program is written in php.
My code needs to receive a URL and match the site words against the DB and seek for a match.
The tricky part is that the words aren't allways written in the DB as they appear in the text.
example:
Let's say my DB has these values:
Word = letters
And the site has:
Wordy thing
I'm supposed to output:
Letters thing
My code makes several regex an after each one tries to match the searched word against the DB.
For each word that isn't found I make 8 queries to the DB. Most of the words don't have a match so when we talk about a whole website that has hundreds of words my CPU level makes a jump.
I thought about storing every word not found in the DB globaly as they appear ( HD costs less than CPU ) or maybe making an array or dictionary to store all of that.
I'm really confused with this project. It's supposed to serve a lot of users, with the current code the server will die after 10-20 user requests.
Any thoughts?
Edit:
The searched words aren't English words and the code runs in a windows 2008 server
Implement a trie and compute levenstein distance? See this blog for a detailed walkthrough of implementation: http://stevehanov.ca/blog/index.php?id=114
Seems to me like a job for Sphynx & stemming.
Possibly stupid question but have you considered using a LIKE clause in your SQL query?
Something like this:
$sql = "SELECT * FROM `your_table` WHERE `your_field` LIKE 'your_search'":
I've usually found whenever I have to do too much string manipulation on return values from a query I can get it done easier on the SQL side.
Thank you all for your answers.
Unfortunately none of the answers helped me, maybe I wasn't clear enough.
I ended up solving the issue by creating a hash table with all of the words on the DB (about 6000 words), and checking against the hash instead of the DB.
The code started up with 4 sec execution time and now it's 0.5 sec! :-)
Thanks again
I am using this code to create an instant search for my site...
http://woorkup.com/2010/09/13/how-to-create-your-own-instant-search/
Some of the phrases in our database our very complex and can be easily misspelt so on top of this I wanted to use spelling suggestions.
Does anyone know of any ways to offer correct spellings based on a string provided?
Any help would be greatly appreciated.
Yes there is a jQuery plugin called After the Deadline.
If someone searches for a phrase, doesn't click any of the results, and then researches with a new similar phrase (check out levenshtein()) and does click a result, write to your database the original phrase and the new phrase.
Record each time this happens. If the phrase is already matched, increment a counter for that phrase.
Then, if someone searches for a phrase that matches one of your possibly incorrect phrases (perhaps have a threshold using your counter), you can display a Did you mean to search for...? as well as the results (if any) for the incorrect phrase.
This isn't a spell check per se, but I think it would be useful to pick up on common mistakes. Unfortunately though, you probably don't have as many people to help you build an index like Google's Did you mean?
Peter Norvig has written (and explained) a fairly basic spelling corrector; which makes for a very interesting read. It's in Python, but his explanations are invaluable (He does work for Google and this is a very bare bones representation of the Google did you mean algorithm).