Base64 encoded PHP files
Some PHP files that comes along with script packages may often be encoded with base64.
Read along on this page if you want to know how to decode these kind of files.
Several of the files I've ran into have the same form of base64 encoding technique. This technique consists of 2 encoded parts. One part that holds the main code, and another part that decodes the first part and swaps around a few characters to make it valid.
The common contents of an encoded base64 file from a publisher could look like this (usually in 1 unbroken string but I split it up here to make it more readable):
$_F=__FILE__;
$_X='encoded_part1';
$_D=strrev('edoced_46esab');
eval($_D('encoded_part2'));
?>
Where the encoded part2 usually contain something like this:
$_X=base64_decode($_X);
$_X=strtr($_X,'something','something');
$_R=ereg_replace('__FILE__',"'".$_F."'",$_X);
eval($_R);
Solution
So all you need to do to view the real contents of any base64 encoded file that uses this method is just replacing the "eval" in encoded part2 with e.g. "echo" to view the final decoded code instead of running it.
To get to the contents of encoded part1, you just replace "eval" with "echo" there as well, which is never encoded to begin with.
Additional notes
Remember to view the source instead of just trusting screen output if viewing through a browser when analyzing output results.
A good reason for wanting to decode some of these files, is often to see if the script is malicious or honest in its purpose.
