某PHP加密文件解密过程初探 · 浮萍's Blog
Tags
| attack-pattern: | Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | e56a9e69-1922-45df-bba3-f33dd7653033 |
| Fingerprint | 2dd8da175e913493 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Feb. 8, 2018, midnight |
| Added to db | Jan. 18, 2023, 9:44 p.m. |
| Last updated | Nov. 2, 2024, 4:54 p.m. |
| Headline | 某PHP加密文件解密过程初探 |
| Title | 某PHP加密文件解密过程初探 · 浮萍's Blog |
| Detected Hints/Tags/Attributes | 4/1/26 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://fuping.site/2018/02/08/Free-PhpJiaMi-Decrypt/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | xdebug.org |
|
| Details | Domain | 1 | www.phpjiami.com |
|
| Details | File | 1 | 打开php.ini |
|
| Details | File | 1 | 我这里ext目录已经有xdebug.dll |
|
| Details | File | 1 | 在php.ini |
|
| Details | File | 43 | www.php |
|
| Details | File | 1 | 利用作者的format.php |
|
| Details | File | 1 | format.php |
|
| Details | File | 1 | 会生成格式化的t2.php |
|
| Details | File | 1 | 使用原作者的decrypt.php |
|
| Details | File | 1 | decrypt.php |
|
| Details | File | 14 | t.php |
|
| Details | File | 1 | decrypted.php |
|
| Details | File | 1 | 还用之前的t.php |
|
| Details | File | 1 | 一个是t.php |
|
| Details | File | 1 | 一个是_lib.php |
|
| Details | File | 1 | 这里的t.php |
|
| Details | File | 1 | 直接调用了_lib.php |
|
| Details | File | 1 | 主要研究的还是_lib.php |
|
| Details | File | 1 | 将t.php |
|
| Details | File | 1 | 和格式化后的_lib.php |
|
| Details | File | 1 | 然后对格式化后的_lib.php |
|
| Details | File | 1 | 由于_lib.php |
|
| Details | File | 1 | '_lib.php |
|
| Details | Url | 1 | https://xdebug.org/docs/install |
|
| Details | Url | 1 | http://www.phpjiami.com |