function decrypt($key, $c_t) { $c_t = trim(chop(base64_decode($c_t))); $iv = substr(md5($key), 0, mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB)); $p_t = mcrypt_cfb(MCRYPT_CAST_256, $key, $c_t, MCRYPT_DECRYPT, $iv); return trim(chop($p_t)); }
/** * Расшифровывает данные с помощью расширения mcrypt * @param string $text Текст, который требуется разшифровать * @param string $key // 24 битный ключ * @return string Расшифрованную строку */ protected function decrypt($text, $key = CRYPT_KEY) { $text = base64_decode($text); $iv = substr(md5($key), 0, mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB)); $p_t = mcrypt_cfb(MCRYPT_CAST_256, $key, $text, MCRYPT_DECRYPT, $iv); return unserialize(trim($p_t)); }
public function decrypt($data) { // Don't do anything with empty data if (empty($data) || is_string($data) == false && is_numeric($data) == false) { return null; } // Detect data that is not encrypted if (strstr($data, '|=|') == false) { return $data; } // This is a serious bug: Base64-encoding can include plus-signs, but JSON thinks these are URL-encoded spaces. // We have to convert them back manually. Ouch! Another solution would be to migrate from JSON to another transport mechanism. Again ouch! $data = str_replace(' ', '+', $data); // Continue with decryption $array = explode('|=|', $data); if (isset($array[0]) && isset($array[1])) { $encrypted = Mage::helper('magebridge/encryption')->base64_decode($array[0]); $key = Mage::helper('magebridge/encryption')->getKey($array[1]); $iv = substr($key, 0, mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB)); } else { return null; } try { $decrypted = mcrypt_cfb(MCRYPT_CAST_256, $key, $encrypted, MCRYPT_DECRYPT, $iv); $decrypted = trim($decrypted); return $decrypted; } catch (Exception $e) { Mage::getSingleton('magebridge/debug')->error("Error while decrypting: " . $e->getMessage()); return null; } }
function decrypt($key, $c_t) { // incoming: should be the $key that you encrypted // with and the $c_t (encrypted text) // returns plain text // decode it first :) $c_t = trim(chop(base64_decode($c_t))); $iv = substr(md5($key), 0, mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB)); $p_t = mcrypt_cfb(MCRYPT_CAST_256, $key, $c_t, MCRYPT_DECRYPT, $iv); return trim(chop($p_t)); }
/** * decrypt * @param string $key * @param string $c_t * @return string * @author Thomas Schedler <*****@*****.**> * @version 1.0 */ public static function decrypt(Core &$core, $key, $c_t) { $core->logger->debug('massiveart->utilities->Crypt->decrypt: ' . $key . ', ' . $c_t); try { $c_t = base64_decode($c_t); $iv = substr(md5($key), 0, mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB)); $p_t = mcrypt_cfb(MCRYPT_CAST_256, $key, $c_t, MCRYPT_DECRYPT, $iv); return trim($p_t); } catch (Exception $exc) { $core->logger->err($exc); return false; } }
function Decrypt($encoded, &$encode_time) { if (GetType($colon = strpos($encoded, ':')) != 'integer' || ($encode_time = intval(substr($encoded, $colon + 1))) == 0 || $encode_time > time() || !($encrypted = base64_decode(substr($encoded, 0, $colon)))) { return ''; } $iv_size = mcrypt_get_iv_size(MCRYPT_3DES, MCRYPT_MODE_CFB); $iv = str_repeat(chr(0), $iv_size); $key_size = mcrypt_get_key_size(MCRYPT_3DES, MCRYPT_MODE_CFB); $key = $encode_time . $this->key; if (strlen($key) > $key_size) { $key = substr($key, 0, $key_size); } return mcrypt_cfb(MCRYPT_3DES, $key, $encrypted, MCRYPT_DECRYPT, $iv); }
public function encrypt($data) { // Don't do anything with empty data $data = trim($data); if (empty($data)) { return null; } // Check if SSL is already in use, so encryption is not needed if (Mage::getSingleton('magebridge/core')->getMetaData('protocol') == 'https') { return $data; } // Disable encryption if configured if ((bool) Mage::getStoreConfig('magebridge/joomla/encryption') == false) { return $data; } // Generate a random key $random = str_shuffle('0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'); $key = Mage::helper('magebridge/encryption')->getSaltedKey($random); // PHP 5.5 version if (version_compare(PHP_VERSION, '5.5.0') >= 0) { try { $td = mcrypt_module_open(MCRYPT_CAST_256, '', 'ecb', ''); $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND); mcrypt_generic_init($td, $key, $iv); $encrypted = mcrypt_generic($td, $data); $encoded = Mage::helper('magebridge/encryption')->base64_encode($encrypted); } catch (Exception $e) { Mage::getSingleton('magebridge/debug')->error("Error while decrypting: " . $e->getMessage()); return null; } } else { try { $iv = substr($key, 0, mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB)); $encrypted = @mcrypt_cfb(MCRYPT_CAST_256, $key, $data, MCRYPT_ENCRYPT, $iv); $encoded = Mage::helper('magebridge/encryption')->base64_encode($encrypted); } catch (Exception $e) { Mage::getSingleton('magebridge/debug')->error("Error while decrypting: " . $e->getMessage()); return null; } } return $encoded . '|=|' . $random; }
/** * Decrypt data after encryption * * @param string $data * @return mixed */ public static function decrypt($data) { // Don't do anything with empty data $data = trim($data); if (empty($data) || is_string($data) == false && is_numeric($data) == false) { return null; } // Detect data that is not encrypted $data = urldecode($data); if (strstr($data, '|=|') == false) { return $data; } $array = explode('|=|', $data); $encrypted = MageBridgeEncryptionHelper::base64_decode($array[0], true); $key = MageBridgeEncryptionHelper::getSaltedKey($array[1]); // PHP 5.5 version if (version_compare(PHP_VERSION, '5.5.0') >= 0) { try { $td = mcrypt_module_open(MCRYPT_CAST_256, '', 'ecb', ''); $iv = substr($key, 0, mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB)); mcrypt_generic_init($td, $key, $iv); $decrypted = mdecrypt_generic($td, $encrypted); $decrypted = trim($decrypted); return $decrypted; } catch (Exception $e) { Mage::getSingleton('magebridge/debug')->error("Error while decrypting: " . $e->getMessage()); return null; } } else { try { $iv = substr($key, 0, mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB)); $decrypted = @mcrypt_cfb(MCRYPT_CAST_256, $key, $encrypted, MCRYPT_DECRYPT, $iv); $decrypted = trim($decrypted); return $decrypted; } catch (Exception $e) { Mage::getSingleton('magebridge/debug')->error("Error while decrypting: " . $e->getMessage()); return null; } } }
eregi_replace(); import_request_variables(); mcrypt_generic_end(); mysql_db_query(); mysql_escape_string(); mysql_list_dbs(); mysqli_bind_param(); mysqli_bind_result(); mysqli_client_encoding(); mysqli_fetch(); mysqli_param_count(); mysqli_get_metadata(); mysqli_send_long_data(); magic_quotes_runtime(); session_register(); session_unregister(); session_is_registered(); set_magic_quotes_runtime(); set_socket_blocking(); split(); spliti(); sql_regcase(); php_logo_guid(); php_egg_logo_guid(); php_real_logo_guid(); zend_logo_guid(); datefmt_set_timezone_id(); mcrypt_ecb(); mcrypt_cbc(); mcrypt_cfb(); mcrypt_ofb();
$key = "pam"; $iv = substr(md5($key), 0,mcrypt_get_iv_size (MCRYPT_CAST_256,MCRYPT_MODE_CFB)); $ENCRYPT_PASSWORD = mcrypt_cfb (MCRYPT_CAST_256, $key, $password, MCRYPT_ENCRYPT, $iv); $ENCRYPT_PASSWORD = trim(chop(base64_encode($ENCRYPT_PASSWORD))); $ENCRYPT_PASSWORD_TMP = str_replace ("/", "\\/", $ENCRYPT_PASSWORD); # We need to read the config file and confim it $fileContent = file($configFileName); $stringToCheck = "SQL_PASSWORD = \"$ENCRYPT_PASSWORD_TMP\""; $isPasswordCorrent = preg_grep ("/$stringToCheck/", $fileContent); if (!count ($isPasswordCorrent)) { echo "<p><b>You entered the wrong webpatrol password - Password not changed</p></b>"; } else { # We need to encrypt the new password $newPassEncrypt = mcrypt_cfb (MCRYPT_CAST_256, $key, $newPassword, MCRYPT_ENCRYPT, $iv); $newPassEncrypt = trim(chop(base64_encode($newPassEncrypt))); $stringToChange = "SQL_PASSWORD = \"$ENCRYPT_PASSWORD\""; $newString = "SQL_PASSWORD = \"$newPassEncrypt\""; # Update the password in the database update_db_password($SQL_USER, $newPassword); # We need to update the file $fileContentString = implode ("", $fileContent); $newFile = str_replace($stringToChange, $newString, $fileContentString); # Backing up the old file $backupfile = $backupFileName; $fp = fopen ($backupfile, "w"); fwrite ($fp, $fileContentString);
<?php $key = "FooBar"; $secret = "PHP Testfest 2008"; $cipher = MCRYPT_RIJNDAEL_128; $iv = mcrypt_create_iv(mcrypt_get_iv_size($cipher, MCRYPT_MODE_CFB), MCRYPT_RAND); $enc_data = mcrypt_cfb($cipher, $key, $secret, MCRYPT_ENCRYPT, $iv); // we have to trim as AES rounds the blocks and decrypt doesnt detect that echo trim(mcrypt_cfb($cipher, $key, $enc_data, MCRYPT_DECRYPT, $iv)) . "\n"; // a warning must be issued if we don't use a IV on a AES cipher, that usually requires an IV mcrypt_cfb($cipher, $key, $enc_data, MCRYPT_DECRYPT);
function decrypt_aes($key, $c_t) { $c_t = base64_decode($c_t); $iv = substr(md5($key), 0, mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CFB)); $p_t = mcrypt_cfb(MCRYPT_RIJNDAEL_256, $key, $c_t, MCRYPT_DECRYPT, $iv); return trim($p_t); }
public static function CardEncrypt($plain_text) { $msg_key = defined('CARD_ENCRYPT_KEY') ? CARD_ENCRYPT_KEY : ''; $plain_text = trim($plain_text); $iv = substr(md5($msg_key), 0, mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB)); $c_t = mcrypt_cfb(MCRYPT_CAST_256, $key, $plain_text, MCRYPT_ENCRYPT, $iv); return trim(urlencode(chop(base64_encode($c_t)))); }
<tr> <td colspan=2 align=center> <input type="submit" value="Submit"> <p> </td> </tr> </form> </table> <? exit; } else { $key = "pam"; $iv = substr(md5($key), 0,mcrypt_get_iv_size (MCRYPT_CAST_256,MCRYPT_MODE_CFB)); $DECRIPT_PASSWORD = trim(chop(base64_decode($SQL_PASSWORD))); $DECRIPT_PASSWORD = mcrypt_cfb (MCRYPT_CAST_256, $key, $DECRIPT_PASSWORD, MCRYPT_DECRYPT, $iv); $connection = mysql_connect("$SQL_SERVER","$SQL_USER","$DECRIPT_PASSWORD") or die ("Unable to connect to MySQL server."); } if($_SESSION[SQL_DATABASE] == "") { ?> <table> <form action="<? print $PHP_SELF; ?>" method="post"> <tr> <td align=right><b>MySQL Database:</b></td> <td><input type="text" name="SQL_DATABASE"></td> </tr> <tr> <td colspan=2 align=center> <input type="submit" value="Submit">
$enc = mcrypt_encrypt(MCRYPT_XTEA, $key, $text, MCRYPT_MODE_ECB, $iv); VS(bin2hex($enc), "f522c62002fa16129c8576bcddc6dd0f7ea81991103ba42962d94c8bfff3ee660d53b187d7e989540abf5a729c2f7baf"); $crypttext = mcrypt_decrypt(MCRYPT_XTEA, $key, $enc, MCRYPT_MODE_ECB, $iv); VS($crypttext, $text); ////////////////////////////////////////////////////////////////////// $key = "123456789012345678901234567890123456789012345678901234567890"; $CC = "4007000000027"; $encrypted = mcrypt_cbc(MCRYPT_RIJNDAEL_128, substr($key, 0, 32), $CC, MCRYPT_ENCRYPT, substr($key, 32, 16)); $decrypted = mcrypt_cbc(MCRYPT_RIJNDAEL_128, substr($key, 0, 32), $encrypted, MCRYPT_DECRYPT, substr($key, 32, 16)); VERIFY($encrypted !== $decrypted); VS(trim((string) $decrypted), $CC); ////////////////////////////////////////////////////////////////////// $key = "123456789012345678901234567890123456789012345678901234567890"; $CC = "4007000000027"; $encrypted = mcrypt_cfb(MCRYPT_RIJNDAEL_128, substr($key, 0, 32), $CC, MCRYPT_ENCRYPT, substr($key, 32, 16)); $decrypted = mcrypt_cfb(MCRYPT_RIJNDAEL_128, substr($key, 0, 32), $encrypted, MCRYPT_DECRYPT, substr($key, 32, 16)); VERIFY($encrypted !== $decrypted); VS(trim((string) $decrypted), $CC); ////////////////////////////////////////////////////////////////////// $key = "123456789012345678901234567890123456789012345678901234567890"; $CC = "4007000000027"; $encrypted = mcrypt_ecb(MCRYPT_RIJNDAEL_128, substr($key, 0, 32), $CC, MCRYPT_ENCRYPT, substr($key, 32, 16)); $decrypted = mcrypt_ecb(MCRYPT_RIJNDAEL_128, substr($key, 0, 32), $encrypted, MCRYPT_DECRYPT, substr($key, 32, 16)); VERIFY($encrypted !== $decrypted); VS(trim((string) $decrypted), $CC); ////////////////////////////////////////////////////////////////////// $key = "123456789012345678901234567890123456789012345678901234567890"; $CC = "4007000000027"; $encrypted = mcrypt_ofb(MCRYPT_RIJNDAEL_128, substr($key, 0, 32), $CC, MCRYPT_ENCRYPT, substr($key, 32, 16)); $decrypted = mcrypt_ofb(MCRYPT_RIJNDAEL_128, substr($key, 0, 32), $encrypted, MCRYPT_DECRYPT, substr($key, 32, 16)); VERIFY($encrypted !== $decrypted);
<?php $key = "0123456789012345"; $secret = "PHP Testfest 2008"; $cipher = MCRYPT_RIJNDAEL_128; $iv = mcrypt_create_iv(mcrypt_get_iv_size($cipher, MCRYPT_MODE_CFB), MCRYPT_RAND); $enc_data = mcrypt_cfb($cipher, $key, $secret, MCRYPT_ENCRYPT, $iv); // we have to trim as AES rounds the blocks and decrypt doesnt detect that echo trim(mcrypt_cfb($cipher, $key, $enc_data, MCRYPT_DECRYPT, $iv)) . "\n"; // a warning must be issued if we don't use a IV on a AES cipher, that usually requires an IV var_dump(mcrypt_cfb($cipher, $key, $enc_data, MCRYPT_DECRYPT));
/** * sessDecrypt - Decrypts encrypted text created by the sessEncrypt member. * It needs to be passed the same Initialization Vector (IV) used in the * encryption process. When you have a few/many fields to decrypt in one * script cycle, choose to keep the mcrypt module open to speed up * decryption (only for libmcrypt >= 2.4.x). A correctly decrypted field * will be returned as a string, so if you're expecting/wanting an integer * then you have to type cast or use intval() function. * * @param string $_enc Pass the encrypted text you would like to decrypt. * @param string $_IV Pass the same IV used in the encryption phase. * @param bool $_keep_open TRUE to keep mcrypt module open, FALSE close. * @return mixed Returns the original plain text or FALSE on error. * @access public */ function sessDecrypt($_enc, $_IV, $_keep_open = FALSE) { static $_open_already = FALSE; // Open encrypt flag For ver >= 2.4.x static $_module = NULL; if (!is_bool($_keep_open)) { $_keep_open = FALSE; } if (is_numeric($_IV) && strlen($_IV) > 0 && strlen($_IV) < 4 && intval($_IV) > 0 && intval($_IV) < 501) { $_text = $this->sessDecode($_enc, intval($_IV)); } else { if ($this->_MCRYPT && !empty($this->_ENC_ALGO) && !empty($this->_ENC_MODE)) { $_IV = @base64_decode($_IV); $_enc = @base64_decode($_enc); if ($this->_MCRYPT_LATEST) { // For >= 2.4.x if (!$_open_already) { $_module = @mcrypt_module_open($this->_ENC_ALGO, '', $this->_ENC_MODE, ''); if (FALSE === $_module) { // Could not open encryption module for decryption $this->_setErrMsg('DEC_OPEN_FAIL', NULL, $this->_ENC_ALGO, $this->_ENC_MODE); $this->_handleErrors(); return FALSE; } $_open_already = TRUE; } $_key = substr($this->_ENC_KEY_HASHED, 0, @mcrypt_enc_get_key_size($_module)); $_result = @mcrypt_generic_init($_module, $_key, $_IV); if ($_result < 0) { switch ($_result) { case -3: // Key length for decryption is incorrect $this->_setErrMsg('DEC_KEY_LEN', NULL, $this->_ENC_ALGO, $this->_ENC_MODE, strlen($_key)); case -4: // There were memory allocation problems - decrypt $this->_setErrMsg('DEC_MEMORY', NULL, $this->_ENC_ALGO, $this->_ENC_MODE); default: // There were unknown errors while trying to decrypt $this->_setErrMsg('DEC_UNKNOWN', NULL, $this->_ENC_ALGO, $this->_ENC_MODE); } $this->_handleErrors(); return FALSE; } // trim is especially needed in Cipher Block Chaining (CBC) mode $_text = trim(@mdecrypt_generic($_module, $_enc)); if (!$_keep_open) { @mcrypt_generic_deinit($_module); @mcrypt_module_close($_module); $_open_already = FALSE; $_module = NULL; } } else { // For 2.2.x $_key = substr($this->_ENC_KEY_HASHED, 0, @mcrypt_get_key_size($this->_ENC_ALGO)); switch ($this->_ENC_MODE) { case MCRYPT_MODE_ECB: $_text = @mcrypt_ecb($this->_ENC_ALGO, $_key, $_enc, MCRYPT_DECRYPT); break; case MCRYPT_MODE_CFB: $_text = @mcrypt_cfb($this->_ENC_ALGO, $_key, $_enc, MCRYPT_DECRYPT, $_IV); break; case MCRYPT_MODE_OFB: $_text = @mcrypt_ofb($this->_ENC_ALGO, $_key, $_enc, MCRYPT_DECRYPT, $_IV); break; default: $_text = @mcrypt_cbc($this->_ENC_ALGO, $_key, $_enc, MCRYPT_DECRYPT, $_IV); } $_text = trim($_text); // Especially needed for CBC mode } } else { $_text = FALSE; } } return $_text; }
public static function decrypt($data) { // Don't do anything with empty data $data = trim($data); if (empty($data) || is_string($data) == false && is_numeric($data) == false) { return null; } // Detect data that is not encrypted if (strstr($data, '|=|') == false) { return $data; } $array = explode('|=|', $data); $encrypted = MageBridgeEncryptionHelper::base64_decode($array[0], true); $key = MageBridgeEncryptionHelper::getSaltKey($array[1]); $iv = substr($key, 0, mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB)); try { $decrypted = mcrypt_cfb(MCRYPT_CAST_256, $key, $encrypted, MCRYPT_DECRYPT, $iv); $decrypted = trim($decrypted); return $decrypted; } catch (Exception $e) { Mage::getSingleton('magebridge/debug')->error("Error while decrypting: " . $e->getMessage()); return null; } }
function run_sql_cmd($cmd) { // These are set in the configuration file global $SQL_SERVER; global $SQL_USER; global $SQL_PASSWORD; global $SQL_DATABASE; global $WITH_MCRYPT; debug_var("Executing query:",$cmd); if ($WITH_MCRYPT) { $key = "pam"; $iv = substr(md5($key), 0,mcrypt_get_iv_size (MCRYPT_CAST_256,MCRYPT_MODE_CFB)); $DECRIPT_PASSWORD = trim(chop(base64_decode($SQL_PASSWORD))); $DECRIPT_PASSWORD = mcrypt_cfb (MCRYPT_CAST_256, $key, $DECRIPT_PASSWORD, MCRYPT_DECRYPT, $iv); } else { $DECRIPT_PASSWORD = $SQL_PASSWORD; } if (($SQL_SERVER == "") || ($SQL_USER == "") || ($DECRIPT_PASSWORD == "") || ($SQL_DATABASE == "")) { echo "Configuration settings missing, please contact the admin"; exit; } $connection = mysql_pconnect("$SQL_SERVER","$SQL_USER","$DECRIPT_PASSWORD") or die ("Unable to connect to MySQL server."); $db = mysql_select_db("$SQL_DATABASE") or die ("Unable to select requested database."); $sql = mysql_query($cmd, $connection) or die(mysql_error()); // Need to add some error checking statements }