« Chapter II: The Executrix of Skandra X
Altered Focus »

Decoding eval gzinflate base64_decode

Published January 4th, 2006 in Security and PHP.

I recently ran across a freeware web application written in PHP that utilized the following method to encrypt its source code: <?php eval(gzinflate(base64_decode('encoded text'))); ?> Fortunately, I was able to decode it with this PHP snippet:

PLAIN TEXT
PHP:
  1. <?php
  2. /*
  3. Taken from http://www.php.net/manual/de/function.eval.php#59862
  4. Directions:
  5. 1. Save this snippet as decrypt.php
  6. 2. Save encoded PHP code in coded.txt
  7. 3. Create a blank file called decoded.txt (from shell do CHMOD 0666 decoded.txt)
  8. 4. Execute this script (visit decrypt.php in a web browser or do php decrypt.php in the shell)
  9. 5. Open decoded.txt, the PHP should be decrypted if not post the code on http://www.ariadoss.com/forums/web-development/lamp
  10. */
  11. echo "\nDECODE nested eval(gzinflate()) by DEBO Jurgen <jurgen@person.be>\n\n";
  12. echo "1. Reading coded.txt\n";
  13. $fp1 = fopen ("coded.txt", "r");
  14. $contents = fread ($fp1, filesize ("coded.txt"));
  15. fclose($fp1);
  16. echo "2. Decoding\n";
  17. while (preg_match("/eval\(gzinflate/",$contents)) {
  18.     $contents=preg_replace("/<\?|\?>/", "", $contents); eval(preg_replace("/eval/", "\$contents=", $contents)); } echo "3. Writing decoded.txt\n"; $fp2 = fopen("decoded.txt","w"); fwrite($fp2, trim($contents)); fclose($fp2);
  19. ?>


Upon decrypting the source code I realized that the freeware application downloaded spyware onto visitors' computers as well as periodically initiated pop-ups that contained obvious spam. I posted this article in order for others to be able to examine the actual source of these applications in order to prevent them from inadvertently running malicious code on their websites. I hope this helped some of you and I will endeavor to continue to post useful and insightful entries from now on.

Share This

67 Responses to “Decoding eval gzinflate base64_decode”

Feed for this Entry Trackback Address
  1. 1 Anonymous May 12th, 2006 at 6:03 am

    How should anyone implement How should anyone implement this code? Add it to a encrypted php file, ???

  2. 2 Anonymous May 17th, 2006 at 6:24 am

    Eval 2 echo Changing 'eval' to 'echo' in the script simply prints the script and you can see it by checking the page's source.

  3. 3 Anonymous Jun 30th, 2006 at 2:09 pm

    Not if they have encrypted Not if they have encrypted it multiple times or are using various methods to obfuscate the original code, which is often the case. Though it is a good place to start, and works in many cases.

  4. 4
    avatar
    Rating: 8 | Danilo Stern-Sapad     Jun 30th, 2006 at 2:12 pm

    Directions to use the snippet:
    1.) Save the code you wish to decode in coded.txt
    2.) Save the above PHP snippet in file like decrypt.php
    3.) Create an empty text file called decoded.txt and CHMOD it to 0666.
    4.) Run decrypt.php and open up decoded.txt to view the source code.

  5. 5 Anonymous Jul 1st, 2006 at 6:21 am

    error i got following error

    Parse error: syntax error, unexpected '<' in /home/web123/public_html/decrypt.php(8) : eval()'d code on line

  6. 6 Anonymous Aug 17th, 2006 at 1:59 am

    recursive gzinflate base64_decode and str_rot13 i code a small function that handels recursive decryption with eval(gzinflate(base64_decode('FZ3HjuvQlUV...xyz'))); and eval(gzinflate(str_rot13(base64_decode('FZ3HjuvQlUV...xyz'))));

    http://macosbrain.ath.cx/wordpress/2006/08/17/decode-function-eval-gzinflate-base64_decode-str_rot13/

  7. 7 Anonymous Aug 21st, 2006 at 8:44 am

    Great Utility - thank you! I used it to decrypt one PHP hitcounter with some ad string attached to the results (and repleaced english comments with my native language ones).

    Once again thanks!

  8. 8 Anonymous Sep 8th, 2006 at 9:30 am

    How to decode after following the above method i recieved another encrypted file. how to decodes files which are encoded by

    eval(gzinflate(str_rot13(base64_decode('FZ.........9Hw=='))));

    Please email me the method on jainritesh007@gmail.com

    Thanking You,
    Ritesh Jain

  9. 9 Anonymous Sep 18th, 2006 at 6:12 am

    Name & Shame Hey Danilo,

    Why not name the freeware snippet so you can shame it?

    At least, for those of us without the time to code?

  10. 10
    avatar
    Rating: 8 | Danilo Stern-Sapad     Sep 29th, 2006 at 4:23 am

    I would, but I'm sure it would be in violation of the author's intellectual property rights.

  11. 11 Anonymous Dec 21st, 2006 at 11:10 am

    How to encrypt the php code encrpyted by PHPLOCKIT How to encrypt the php code encrypted by PHPLOCKIT?
    They are also using eval((base64_decode()

  12. 12
    avatar
    Rating: ? | timsky     Feb 19th, 2007 at 8:59 am

    Hi!
    I tried to decode shell that some hackers left on my website. It's important for me to decode it.

    I have this error on localhost and my web host:
    =========================
    DECODE nested eval(gzinflate()) by DEBO Jurgen 1. Reading coded.txt 2. Decoding
    Parse error: parse error, unexpected T_VARIABLE in z:\home\localhost\www\dec\decrypt.php(18) : eval()'d code on line 3
    =========================

    Best regards,
    timsky

  13. 13
    avatar
    Rating: ? | Shoa     May 5th, 2007 at 2:43 pm

    Great little tool saved me make a script worked first time changed the txt to php just so i don't have to keep changing the extention to read the code.

  14. 14
    avatar
    Rating: ? | anonymous     May 31st, 2007 at 9:55 pm

    hey i need help here please!! someone knows how to decode a php file that has been coded with a software name SOURCECOP? i really need help please! any comment will be welcome!!

  15. 15
    avatar
    Rating: ? | Image Host     Jun 11th, 2007 at 2:48 pm

    Thanks a lot for this info. I was trying to install this image script but then it wouldn't work so I googled and came to your site as first listing in order to find a way to decrypt it. Thanks!

  16. 16
    avatar
    Rating: ? | Kiran     Jun 20th, 2007 at 11:12 pm

    Hai

    I want to decript the PHP code HOw to do it

  17. 17
    avatar
    Rating: ? | Abela     Jun 29th, 2007 at 8:25 pm

    Can some one let me know how to do chmod 0666 in IIS on windows. Thanks in advance.

  18. 18
    avatar
    Rating: ? | Smart Guy     Jul 8th, 2007 at 11:45 pm

    SourceCop decoder can be found here:
    http://www.region59.net/unlockit/decoder.php

  19. 19
    avatar
    Rating: ? | anton sanjaya     Aug 3rd, 2007 at 12:16 am

    please help me i want to decode my php file are someone have full step by step to get started and how can i decode zend..?? anyone will help me..?? i really apreciate it god bless u all

    send to my mail at sima_carl998@yahoo.com.my please also source code ok

  20. 20
    avatar
    Rating: ? | mudrick kehl     Aug 16th, 2007 at 10:23 pm

    hello smart-guy can u give me full code source to decoded source corp please i will wait here at azli_bdr008@yahoocom please help me ok you will be the best here...thanks a lot

  21. 21
    avatar
    Rating: ? | blogit     Aug 18th, 2007 at 9:24 pm

    I tried this script and it only copied the coded.txt to decoded.txt has anyone else had this problem if so what was the fix?

    Thanks

  22. 22
    avatar
    Rating: ? | inebriated inc     Aug 28th, 2007 at 12:32 pm

    awesome. thanks!

  23. 23
    avatar
    Rating: ? | keyser     Sep 13th, 2007 at 6:56 am

    blogit - that was happening when I first tried but I think it was because I only placed the encryped string into coded.txt. I then placed the code as it appears into coded.txt:

    eval(gzinflate(decode_base64('encrypted string')));

    Then it worked.

    I know it is too late but it might help someone else in the future

    Thanks for the snippet!

  24. 24
    avatar
    Rating: ? | depo2     Sep 13th, 2007 at 9:20 pm

    TNX SO MUCH MAN THİS REALLY WORKED :D

  25. 25
    avatar
    Rating: ? | Kent     Oct 8th, 2007 at 7:00 am

    Only getting this when trying to run the file :-(

    Server error!

    The server encountered an internal error and was unable to complete your request.

    Error message:
    Premature end of script headers: decrypt.php

  26. 26
    avatar
    Rating: ? | Matias     Oct 22nd, 2007 at 10:57 am

    hi i wanted to decode a texx that is eval(gzinflate(base64_decode please if someone could help me I will be so greatfull. Thanks!! Mi mail is matt@clinf.net

  27. 27
    avatar
    Rating: ? | MonnyOus     Nov 21st, 2007 at 12:41 am

    You rock. Worked like a charm. Just put the whole eval statement including the "eval(gzinflate(base64_decode(" and all the jibberish into the coded.text file. Run the decrypt and bam. Thanks for the great little script.

  28. 28
    avatar
    Rating: ? | Sam     Nov 24th, 2007 at 6:11 am

    Hi,

    Thanks so much for the info..
    It worked!..

    The script did not work for the first time. Then i deleted the decoded.txt file and uploaded a fresh one. It worked..

    Try uploading to the server and work on it directly instead of doing it locally. Might work :D

    Great script. Thanks once again

  29. 29
    avatar
    Rating: ? | chichio     Nov 27th, 2007 at 2:04 pm

    i am getting this:
    Parse error: syntax error, unexpected T_DNUMBER in /home/livemkco/feastyourbuds/decript.php on line 12

  30. 30
    avatar
    Rating: ? | Smilesquare     Dec 2nd, 2007 at 7:44 am

    It's really work, thank you.

  31. 31
    avatar
    Rating: ? | Renan     Dec 7th, 2007 at 8:32 am

    hey I got it to work

  32. 32
    avatar
    Rating: ? | Trudie     Dec 11th, 2007 at 6:46 am

    Hey, I tried to use your decoder, but It seems to me that I'm getting exactly the same code back in the decoded.txt file as I put in with the coded.txt file.
    Could you help me out here?
    The code used is:

    PLAIN TEXT
    PHP:
    1. function printDownHTML()
    2. {
    3. global $settings;eval(gzinflate(base64_decode('DcpHkqNIAADA50x3cACEcDGxB6wEBQgEwl028N4VojCv381zFi
    4. jpf6qrGcs  RY/abIWzP3fvMimvPj5I2bqs1ssTRBkgSYOKgPyrojWtcuoHnOxF/beFjKQkjd WINyn9
    5. klnSIvDtDJrUxQnSV 3lt7ODKuBO/CTFv9Hs4x1yGxdb8RNDBvTnX1WYae ZHCGW6s1F8nrMz6IpqpEO
    6. 6bnch2y1s5by1zGSCaYLDmpE4uRzxnKlvNp5dYpW7CY5 DVsjwUijmcIjYiWY4eAlY7aEWp b81q9quz
    7. gzrZLvthutD8YYZA9t2junbnLlSmffs/3Mo8v/R8pQT42I59hSY9cpjQN7BlDFwevrP6crX0ajztLYub
    8. zAgwEbr /M31bmSHv70XNrMgty/GC5qFbIc92VrwkENqEiUMYIWFQl0Ide6IMMepVZCqwyS0bDlJYh9u
    9. kw1vdLBw0aJXF8suRVfuf75n6qnsRV39ATUgCe/3qH/vFiabF/mZJW6GEUUoXnxLM134ihQy5rkjP8rG
    10. J6Hq0cucqSqyuxSXpO7AFWiXVfTe9EoyEW37LK1 XlridWBOtKAdCXvMN/nWzEnmP59npu38gZeIT0qB
    11. o7lRIMvScol60w Tunk9vg2QtkiqXLl4MeQm8cX7wHlU6EVJYRN1TTzTCQHySvYwvO66Z/7o1/iN3xuq
    12. idw4QuWyQO9TN0pdAAPKOqYYTfXOYJCtNQUX/OyupOxNWZIdAl6DpSHWj44zy02qgsGNJbbUAxsfgHMd
    13. rjzDXfVnLshZecQZzoh6F5ZYbb9cB2Z5IZRXpYA pel hioDi0zOFY7X2no0tGzel0M9OisqWdkk3zQP
    14. xKPe65/A2Q6z5CDwRlq4DoCbliGq4kueJBqzdAVgOP kI91krrB2VaNQptqYSvxX3Xbs6HuiUUZlIMSh
    15. VYOrlUcO5 0Kp52mRJFmmRiiyvMaE uW9hOmscxxFF4yXFYxf3z5/f39 //wE=')));
    16. }

    (By the way, this is a code belonging to gbook, - it is not my intension to wipe away the link of the maker, I just want to be able to style it the way I want.)

  33. 33
    avatar
    Rating: ? | R031E5     Dec 20th, 2007 at 7:59 am

    Thanks! It worked like a charm!

  34. 34
    avatar
    Rating: ? | marc     Dec 21st, 2007 at 4:47 pm

    This works, only put starting with the eval( and leave off the beginning

    MFS

  35. 35
    avatar
    Rating: ? | Jack the Ripper     Dec 27th, 2007 at 3:13 pm

    I need help decoding this

  36. 36
    avatar
    Rating: ? | Jack the Ripper     Dec 27th, 2007 at 3:14 pm
    PLAIN TEXT
    PHP:
    1. <?php
    2. $o="QAAAO2NucSdka2Z0dDolZGtiZgQwdSU5OygBQDkNDg4AlwEQJ25jOgOAJWFoaHNiAjAB0AAwQ2J0bmBpYgAAYydlfic7ZidvdWJhOiVvcwAAc3c9KChwcHApY2hrd29uaQAAd3VoamhzbmhpdClkaClybACAKCU5J1BiZScD8yc7KGY5KycAUEpmY2InYXViYgTfKATTdW50ZAAUaGtrdGZpc252cmIE2EYBIydBAOBydWluc3J1YgVECjAJf3ApYmpuQHBkA hEZmtuZXVmChEDhANdZnRwblsgaQcZUADwAsINBjES8g4NEuQ7OHdvdwghJ3B3WBLDLy4nODkBwGVoY34AgQAAb3Nqazk=";eval(base64_decode("JGxsbD0wO2V2YWwoYmFzZTY0X2RlY29kZSgiSkd4c2JHeHNiR3hzYkd4c1BTZGlZWE5sTmpSZlpHVmpiMlJsSnpzPSIpKTskbGw9MDtldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd3OUoyOXlaQ2M3IikpOyRsbGxsPTA7JGxsbGxsPTM7ZXZhbCgkbGxsbGxsbGxsbGwoIkpHdzlKR3hzYkd4c2JHeHNiR3hzS0NSdktUcz0iKSk7JGxsbGxsbGw9MDskbGxsbGxsPSgkbGxsbGxsbGxsbCgkbFsxXSk8PDgpKyRsbGxsbGxsbGxsKCRsWzJdKTtldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd4c2JHdzlKM04wY214bGJpYzciKSk7JGxsbGxsbGxsbD0xNjskbGxsbGxsbGw9IiI7Zm9yKDskbGxsbGw8JGxsbGxsbGxsbGxsbGwoJGwpOyl7aWYoJGxsbGxsbGxsbD09MCl7JGxsbGxsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTw8OCk7JGxsbGxsbCs9JGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTskbGxsbGxsbGxsPTE2O31pZigkbGxsbGxsJjB4ODAwMCl7JGxsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTw8NCk7JGxsbCs9KCRsbGxsbGxsbGxsKCRsWyRsbGxsbF0pPj40KTtpZigkbGxsKXskbGw9KCRsbGxsbGxsbGxsKCRsWyRsbGxsbCsrXSkmMHgwZikrMztmb3IoJGxsbGw9MDskbGxsbDwkbGw7JGxsbGwrKykkbGxsbGxsbGxbJGxsbGxsbGwrJGxsbGxdPSRsbGxsbGxsbFskbGxsbGxsbC0kbGxsKyRsbGxsXTskbGxsbGxsbCs9JGxsO31lbHNleyRsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTw8OCk7JGxsKz0kbGxsbGxsbGxsbCgkbFskbGxsbGwrK10pKzE2O2ZvcigkbGxsbD0wOyRsbGxsPCRsbDskbGxsbGxsbGxbJGxsbGxsbGwrJGxsbGwrK109JGxsbGxsbGxsbGwoJGxbJGxsbGxsXSkpOyRsbGxsbCsrOyRsbGxsbGxsKz0kbGw7fX1lbHNlJGxsbGxsbGxsWyRsbGxsbGxsKytdPSRsbGxsbGxsbGxsKCRsWyRsbGxsbCsrXSk7JGxsbGxsbDw8PTE7JGxsbGxsbGxsbC0tO31ldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd4c2JEMG5ZMmh5SnpzPSIpKTskbGxsbGw9MDtldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkQwaVB5SXVKR3hzYkd4c2JHeHNiR3hzYkNnMk1pazciKSk7JGxsbGxsbGxsbGw9IiI7Zm9yKDskbGxsbGw8JGxsbGxsbGw7KXskbGxsbGxsbGxsbC49JGxsbGxsbGxsbGxsbCgkbGxsbGxsbGxbJGxsbGxsKytdXjB4MDcpO31ldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkM0OUpHeHNiR3hzYkd4c2JHd3VKR3hzYkd4c2JHeHNiR3hzYkNnMk1Da3VJajhpT3c9PSIpKTtldmFsKCRsbGxsbGxsbGwpOw=="));return;?>

  37. 37
    avatar
    Rating: ? | last2talk     Dec 30th, 2007 at 8:44 pm

    thanks for the snippet it worked great

  38. 38
    avatar
    Rating: ? | gokhan     Jan 5th, 2008 at 12:23 am
    PLAIN TEXT
    PHP:
    1. eval(base64_decode('JGNvZGVsb2NrX2NvZGU9IkRRcGtaV1pwYm1Vb0lsOU9ZVzFsZEdobGJXVWlMQ0FpVFdGMmFXMXpibDlETXpBaUtTQTdJQWtKQ1FrSkRRcHBibU5zZFdSbEtDSjBhR1Z0WlhNdlRXRjJhVzF6Ymw5RE16QXZkR2hsYldWZlkyWm5MbkJvY0NJcE93a0pDUWtKQ1FrSkNRa0pDUWtKQ1FrSkNRa0pDUWtKQ1FrSkNRa0pDUzh2SUdOdmRXeGxkWElnWlhRZ1kyOXVjM1JoYm5SbElDRU5DbkpsY1hWcGNtVmZiMjVqWlNnaWRHaGxiV1Z6TDAxaGRtbHRjMjVmUXpNd0wyWjFibU4wYVc5dWN5NXdhSEFpS1RzSkNRMEthIWpiSFZrWlNnaWRHaGxiV1Z6TDAxaGRtbHRjMjVmUXpNd0wzUmhZbXhsY3k1d2FIQWlLVHNKQ1FrTkNpOHFLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvdkRRb3ZLaUJHZCFqZEdsdmJpQjBhR1Z0WldobFlXUmxjaWdwSSoqKioqKioqKioqQ0FxTHcwS0x5b3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2k4TkNtWjFibU4wYVc5dUlIUm9aVzFsYUdWaFpHVnlLQ2tnZXcwS1oyeHZZbUZzSUNSMGFHVnRaV04xY25KbGJuUnNZIW5MQ1JoWkcxcGJpd2dKSFZ6WlhJc0lDUmlZIXVaWEp6TENBa2MybDBaIWhiV1VzSUNSemJHOW5ZVzRzSUNSamIyOXJhV1VzSUNSd2NtVm1hWGdzSUNSa1lpd2dKRzUxYTJWMWNtd3NJQ1JoYm05dWVXMXZkWE1zSUNSdVlXMWxMQ0FrWkdJN0RRb05DbWx1WTJ4MVpHVW9JblJvWlcxbGN5OU5ZWFpwYlhOdVgwTXpNQzlrWVhSaExuQm9jQ0lwT3cwS0RRb0pKSE54YkNBOUluTmxiR1ZqZENCamRYTjBiMjFmZEdsMGJHVWdabkp2YlNBaUxpUndjbVZtYVhndUlsOXRiMlIxYkdWeklIZG9aWEpsSUhScGRHeGxQU2NrYm1GdFpTY2lPdzBLQ1NSeVpYTjFiREVnUFNBa1pHSXRQbk54YkY5eGRXVnllU2drYzNGc0tUc05DZ2xzYVhOMEtDUnlaV0ZzYlc5a1gzUnBkR3hsS1NBOUlDUmtZaTArYzNGc1gyWmxkR05vY205M0tDUnlaWE4xYkhRcE95QU5DZ2tOQ2dscFppQW9KSEpsWVd4dGIyUmZkR2wwYkdVcElIc05DZ2tKSkdadmNuSmxZV3h0YjJSZmRHbDBiR1VnUFNBa2NtVmhiRzF2WkY5MGFYUnNaVHNOQ2drSmZTQmxiSE5sSUhzTkNna0pKR1p2Y25KbFlXeHRiMlJmZEdsMGJHVWdQU0FrYm1GdFpUc0pEUW9KZlEwS0RRb05DZzBLQ1dsbUlDaGZhWE5pYkc5amEyaHBaR1U5UFRFcElIc2dJQTBLQ1FrSkpHRndjR1ZzYUdsa1pXSnNiMk5ySUQwZ0lqeHpZM0pwY0hRZ2RIbHdaVDFjSW5SbGVIUXZhbUYyWVhOamNtbHdkRndpSUhOeVl6MWNJblJvWlcxbGN5OU5ZWFpwYlhOdVgwTXpNQzlpYkc5amEzTmpjbWx3ZEM1cWMxd2lQand2YzJOeWFYQjBQbHh1SWpzTkNna0pDU1JoY0hCbGJHSnNiMk5yYUdsa1pXcHpJRDBnSW05dVRHOWhaRDFjSW1SdllteHZZMnR6S0NkMGFHVnRaWE12VFdGMmFXMXpibDlETXpBdmFXMWhaMlZ6THljcE8xd2lJanNOQ2drSkNXVmphRzhnSkdGd2NHVnNhR2xrWldKc2IyTnJPeUFOQ2dsOURRb05DaUFnSUNCamIyOXJhV1ZrWldOdlpHVW9KSFZ6WlhJcE93MEtJKkNSMWMyVnlibUZ0WlNBOUlDUmpiMjlyYVdWYk1WMDdEUW9nSUBhV1lnS0NSMWMyVnlibUZ0WlNBOVBTQWlJaWtnZXcwS0kqKkNBa2RYTmxjbTVoYldVZ1BTQWlRIXZibmx0YjNWeklqc05DaUFnSUNCOURRb2dJQFpXTm9ieUFpUEdKdlpIa2dJaTRrWVhCd1pXeGliRzlqYTJocFpHVnFjeTRpSUdKblkyOXNiM0k5WENJalJrWkdSa1pHWENJZ2RHVjRkRDFjSWlNd01EQXdNREJjSWlCc1pXWjBiV0Z5WjJsdVBWd2lNVEJjSWlCMGIzQnRZWEpuYVc0OVhDSXdYQ0lnYldGeVoybHVkMmxrZEdnOVhDSXhNRndpSUcxaGNtZHBibWhsYVdkb2REMWNJakV3WENJK0lqc2dEUW9KRFFvZ0lAYVdZZ0tDUjFjMlZ5Ym1GdFpTQTlQU0FpUSF2Ym5sdGIzVnpJaWtnZXcwS0NRa0pKSFJvWlhWelpYSWdQU0FpSm01aWMzQTdKbTVpYzNBN1BHRWdhSEpsWmoxY0ltMXZaSFZzWlhNdWNHaHdQMjVoYldVOVdXOTFjbDlCWTJOdmQhMEptOXdQIWxkMTkxYzJWeVhDSStQR0krUTNMcFpYSWdkVzRnWTI5dGNIUmxQQzlpUGp3dllUNDhZajR2UEM5aVBqeGhJR2h5WldZOVhDSnRiMlIxYkdWekxuQm9jRDl1WVcxbFBWbHZkWEpmUVdOamIzVnVkRndpUGp4aVBrTnZibTVsZUdsdmJqd3ZZajQ4TDJFK0lqc05DaUFnSUNCOUlHVnNjMlVnZXcwS0NRa0pKSFJvWlhWelpYSWdQU0FpSm01aWMzQTdKbTVpYzNBN1BHSStRbWxsYm5abGJuVmxJRHhoSUdoeVpXWTlYQ0p0YjJSMWJHVnpMbkJvY0Q5dVlXMWxQVmx2ZFhKZlFXTmpiM1Z1ZEZ3aVBqeG1iMjUwSUdOdmJHOXlQVndpSTBaQk9URXdOVndpUGp4aVBpUjFjMlZ5Ym1GdFpUd3ZZajQ4TDJadmJuUStQQzloUGlBaFBDOWlQaUk3RFFvZ0lAZlNBZ0lDQU5DZzBLRFFvSkNRbHBaaUFvWDJsellteHZZMnRvYVdSbFBUMHhLU0I3RFFvSkNRa0pDU1JrWldaMGFYUnNaU3NyT3cwS0NRa0pDUWtrWW1sa0lEMGdjM1J5WDNKbGNHeGhZMlVvSWlBaUxDQWlJaXdnSkhScGRHeGxLUzRrWkdWbWRHbDBiR1U3RFFvSkNRa0pDU1JpYVdRZ1BTQnpkSEpmY21Wd2JHRmpaU2dpTGlJc0lDSWlMQ0FrWW1sa0tUc05DZ2tKQ1FrSkpHSnBaQ0E5SUhOMGNsOXlaWEJzWVdObEtDSW5JaXdnSWlJc0lDUmlhV1FwT3cwS0NRa0pDUWtrWTI5a1pXcHpZbXh2WTJ0ZmFXMW5JRDBnWTJGamFHVmliRzlqYTE5cGJXY29KR0pwWkN3a2RHbDBiR1VwT3lBTkNna0pDUWtKSkdOdlpHVnFjMkpzYjJOclpHbDJNU0E5SUdOaFkyaGxZbXh2WTJ0ZlpHVmlkWFJrYVhZb0pHSnBaQ2s3SUEwS0NRa0pDUWtrWTI5a1pXcHpZbXh2WTJ0a2FYWXlJRDBnWTJGamFHVmliRzlqYTE5bWEha2FYWW9KR0pwWkNrN0lBMEtDUWtKQ1gwZ1pXeHpaU0I3RFFvSkNRa0pDU1JpYVdRZ1BTQnpkSEpmY21Wd2JHRmpaU2dpSUNJc0lDSWlMQ0FrZEdsMGJHVXBPdzBLQ1FrSmZRMEtJKkEwS0kqQ1J3ZFdKc2FXTmZiWE5uSUQwZ2NIVmliR2xqWDIxbGMzTmhaMlVvS1RzTkNpQWdJQ0FrZEcxd2JGOW1hV3hsSUQwZ0luUm9aVzFsY3k5TllYWnBiWE51WDBNek1DOW9aV0ZrWlhJdWFIUnRiQ0k3RFFvZ0lASkhSb1pXWnBiR1VnUFNCcGJYQnNiMlJsS0NJaUxDQm1hV3hsS0NSMGJYQnNYMlpwYkdVcEtUc05DaUFnSUNBa2RHaGxabWxzWlNBOUlHRmtaSE5zWVhOb1pYTW9KSFJvWldacGJHVXBPdzBLSSpDUjBhR1ZtYVd4bElEMGdJbHdrY2w5bWFXeGxQVndpSWk0a2RHaGxabWxzWlM0aVhDSTdJanNOQ2lBZ0lDQmxkbUZzS0NSMGFHVm1hV3hsS1RzTkNpQWdJQ0J3Y21sdWRDQWtjbDltYVd4bE93MEtJQTBLQ1FrSkx5OGdLRzF2WkNBektRMEtDUWtKTHk4Z1EyOXVaR2wwYVc5dUlHUW5ZV1ptYVdOb1lXZGxJRzkxSUdSbElHMWhjM0YxWVdkbElHUmxJR3hoSUdOdmJHOXVaU0JrWlNCbllYVmphR1VOQ2drSkNTOHZJQ3NnWVdabWFXTm9ZV2RsSUdOc2IyNXVaU0JrWlNCbllYVmphR1VnWTI5dVpHbDBhVzl1Ym1Wc0lITmxiRzl1SUcxdmJtUjFiR1VnRFFvSkNRbHNaV1owWTI5c2RXMXVLQ2s3RFFvTkNnMEtJKkNSMGJYQnNYMlpwYkdVZ1BTQWlkR2hsYldWekwwMWhkbWx0YzI1ZlF6TXdMMnhsWm5SZlkyVnVkR1Z5TG1oMGJXd2lPdzBLSSpDUjBhR1ZtYVd4bElEMGdhVzF3Ykc5a1pTZ2lJaXdnWm1sc1pTZ2tkRzF3YkY5bWFXeGxLU2s3RFFvZ0lASkhSb1pXWnBiR1VnUFNCaFpHUnpiR0Z6YUdWektDUjBhR1ZtYVd4bEtUc05DaUFnSUNBa2RHaGxabWxzWlNBOUlDSmNKSEpmWm1sc1pUMWNJaUl1SkhSb1pXWnBiR1V1SWx3aU95STdEUW9nSUBaWFpoYkNna2RHaGxabWxzWlNrN0RRb2dJQGNISnBiblFnSkhKZlptbHNaVHNOQ24wTkNnMEtablZ1WTNScGIyNGdkR2hsYldWbWIyOTBaWElvS1NCN0RRb2dJQFoyeHZZbUZzSUNScGMySnNiMk5yYUdsa1pTd2dKR2x1WkdWNExDQWtjM2RoY0d4bFpuUnZjbkpwWjJoMExDQWtZbUZ1Ym1WeWN5d2dKR1p2YjNReExDQWtabTl2ZERJc0lDUm1iMjkwTXl3Z0pHWnZiM1EwTENBa1kyOXdlWEpwWjJoMExDQWtkRzkwWVd4MGFXMWxMQ0FrWm05dmRHVnlYMjFsYzNOaFoyVXNJQ1JpYkc5amEzTnBaR1U3RFFwcFppQW9KR2x1WkdWNElEMDlJREVwSUhzTkNpQWdJKkBKSFJ0Y0d4ZlptbHNaU0E5SUNKMGFHVnRaWE12VFdGMmFXMXpibDlETXpBdlkyVnVkR1Z5WDNKcFoyaDBMbWgwYld3aU93MEtJKipDQWtkR2hsWm1sc1pTQTlJR2x0Y0d4dlpHVW9JaUlzSUdacGJHVW9KSFJ0Y0d4ZlptbHNaU2twT3cwS0kqKkNBa2RHaGxabWxzWlNBOUlHRmtaSE5zWVhOb1pYTW9KSFJvWldacGJHVXBPdzBLSSoqQ0FrZEdobFptbHNaU0E5SUNKY0pISmZabWxzWlQxY0lpSXVKSFJvWldacGJHVXVJbHdpT3lJN0RRb2dJKipHVjJZV3dvSkhSb1pXWnBiR1VwT3cwS0kqKkNCd2NtbHVkQ0FrY2w5bWFXeGxPdzBLSSoqQ0FrWW14dlkydHphV1JsUFNKeUlqc05DaUFnSSpAWW14dlkydHpLSEpwWjJoMEtUc05DZzBLZlEwS0kqQTBLSSpDUjBiWEJzWDJacGJHVWdQU0FpZEdobGJXVnpMMDFoZG1sdGMyNWZRek13TDJadmIzUmxjaTVvZEcxc0lqc05DaUFnSUNBa1ptOXZkRzFsYzJGcUlEMGdJaVJtYjI5ME1UeGljajRrWm05dmRESThZbkkrSkdadmIzUXpQR0p5UGlSamIzQjVjbWxuYUhROFluSStQR0p5UGlBaU93MEtJKkNSMGFHVm1hV3hsSUQwZ2FXMXdiRzlrWlNnaUlpd2dabWxzWlNna2RHMXdiRjltYVd4bEtTazdEUW9nSUBKSFJvWldacGJHVWdQU0JoWkdSemJHRnphR1Z6S0NSMGFHVm1hV3hsS1RzTkNpQWdJQ0FrZEdobFptbHNaU0E5SUNKY0pISmZabWxzWlQxY0lpSXVKSFJvWldacGJHVXVJbHdpT3lJN0RRb2dJQFpYWmhiQ2drZEdobFptbHNaU2s3RFFvZ0lAY0hKcGJuUWdKSEpmWm1sc1pUc05DZzBLYSFqYkhWa1pTZ2lkR2hsYldWekwwMWhkbWx0YzI1ZlF6TXdMMjFsYzJGcUxuQm9jQ0lwT3cwS0lDQmxZMmh2SUNJOGRHRmliR1VnZDJsa2RHZzlYQ0l4TURBbFhDSWdZbTl5WkdWeVBWd2lNRndpSUdOc1lYTnpQVndpWm05eWRXMXNhIWxYQ0lnWTJWc2JIQmhaR1JwYm1jOVhDSXhYQ0lnWTJWc2JITndZV05wYm1jOVhDSXhYQ0lnWVd4cFoyNDlYQ0pqWiEwWlhKY0lqNGlEUW9nSUM0Z0lpQWdJKkBQSFJ5UGlBaURRb2dJQExpQWlQSFJrSUhkcFpIUm9QVndpTVRBd0pWd2lJR0ZzYVdkdVBWd2lZMlZ1ZEdWeVhDSWdZMnhoYzNNOVhDSnliM2N5WENJZ2JtOTNjbUZ3UGxSbGJXRWdWR0Z6WVhJbUl6TXdOVHR0SUVOdkppTXpOVEU3YTNWdUlEeGhJR2h5WldZOVhDSm9kSFJ3T2k4dmQzZDNMbTFoZG1sdGMyNHVZMjl0WENJZ2RHbDBiR1U5WENKdGMyNGdhV1poWkdWc1pYSnBJRndpUGlCTllYWnBiWE51TGtOdmJUd3ZZVDQ4TDNSa1BpSU5DaTRnSWlBZ0kqQFBDOTBjajRpRFFvZ0lDNGdJaUFnSSpDQThMM1JoWW14bFBpSTdEUW9OQ2cwS0RRcDlEUW9OQ2k4cUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW92RFFvdktpQkdkIWpkR2x2YmlCMGFHVnRaV2x1WkdWNEtDa2dJKioqKioqKioqKipDQXFMdzBLTHlvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaThOQ21aMWJtTjBhVzl1SUhSb1pXMWxhIWtaWGdnS0NSaGFXUXNJQ1JwYm1admNtMWhiblFzSUNSMGFXMWxMQ0FrZEdsMGJHVXNJQ1JqYjNWdWRHVnlMQ0FrZEc5d2FXTXNJQ1IwYUdWMFpYaDBMQ0FrYm05MFpYTXNJQ1J0YjNKbGJHbHVheXdnSkhSdmNHbGpibUZ0WlN3Z0pIUnZjR2xqYVcxaFoyVXNJQ1IwYjNCcFkzUmxlSFFwSUhzTkNpQWdJQ0JuYkc5aVlXd2dKR0Z1YjI1NWJXOTFjeXdnSkhScGNHRjBhRHNOQ2lBZ0lDQnBaaUFvSkc1dmRHVnpJQ0U5SUNJaUtTQjdEUW9KSkc1dmRHVnpJRDBnSWp4aWNqNDhZbkkrUEdJK0lpNWZUazlVUlM0aVBDOWlQaUE4YVQ0a2JtOTBaWE04TDJrK1hHNGlPdzBLSSpIMGdaV3h6WlNCN0RRb0pKRzV2ZEdWeklEMGdJaUk3RFFvZ0lAZlEwS0kqR2xtSUNnaUpHRnBaQ0lnUFQwZ0lpUnBibVp2Y20xaGJuUWlLU0I3RFFvSkpHTnZiblJsYm5RZ1BTQWlKSFJvWlhSbGVIUWtibTkwWlhOY2JpSTdEUW9nSUBmU0JsYkhObElIc05DZ2xwWmlna2EhbWIzSnRZITBJQ0U5SUNJaUtTQjdEUW9KSSpDUmpiMjUwWiEwSUQwZ0lqeGhJR2h5WldZOVhDSnRiMlIxYkdWekxuQm9jRDl1WVcxbFBWbHZkWEpmUVdOamIzVnVkQ1poYlhBN2IzQTlkWE5sY21sdVptOG1ZVzF3TzNWelpYSnVZVzFsUFNScGJtWnZjbTFoYm5SY0lqNGthIW1iM0p0WSEwUEM5aFBpQWlPdzBLQ1gwZ1pXeHpaU0I3RFFvSkkqQ1JqYjI1MFohMElEMGdJaVJoYm05dWVXMXZkWE1nSWpzTkNnbDlEUW9KSkdOdmJuUmxiblFnTGowZ0lpSXVYMWRTU1ZSRlV5NGlJRHhwUGx3aUpIUm9aWFJsZUhSY0lqd3ZhVDRrYm05MFpYTmNiaUk3RFFvTkNpQWdJQ0I5RFFvSkNRbHBaaUFvWDJsellteHZZMnRvYVdSbFBUMHhLU0I3RFFvSkNRa0pDU1JrWldaMGFYUnNaU3NyT3cwS0NRa0pDUWtrWW1sa0lEMGdjM1J5WDNKbGNHeGhZMlVvSWlBaUxDQWlJaXdnSkhScGRHeGxLUzRrWkdWbWRHbDBiR1U3RFFvSkNRa0pDU1JpYVdRZ1BTQnpkSEpmY21Wd2JHRmpaU2dpTGlJc0lDSWlMQ0FrWW1sa0tUc05DZ2tKQ1FrSkpHSnBaQ0E5SUhOMGNsOXlaWEJzWVdObEtDSW5JaXdnSWlJc0lDUmlhV1FwT3cwS0NRa0pDUWtrWTI5a1pXcHpZbXh2WTJ0ZmFXMW5JRDBnWTJGamFHVmliRzlqYTE5cGJXY29KR0pwWkN3a2RHbDBiR1VwT3lBTkNna0pDUWtKSkdOdlpHVnFjMkpzYjJOclpHbDJNU0E5SUdOaFkyaGxZbXh2WTJ0ZlpHVmlkWFJrYVhZb0pHSnBaQ2s3SUEwS0NRa0pDUWtrWTI5a1pXcHpZbXh2WTJ0a2FYWXlJRDBnWTJGamFHVmliRzlqYTE5bWEha2FYWW9KR0pwWkNrN0lBMEtDUWtKQ1gwZ1pXeHpaU0I3RFFvSkNRa0pDU1JpYVdRZ1BTQnpkSEpmY21Wd2JHRmpaU2dpSUNJc0lDSWlMQ0FrZEdsMGJHVXBPdzBLQ1FrSmZRMEtEUW9nSUBKSEJ2YzNSbFpDQTlJQ0lpTGw5UVQxTlVSVVJDV1M0aUlDSTdEUW9nSUBKSEJ2YzNSbFpDQXVQU0JuWlhSZllYVjBhRzl5S0NSaGFXUXBPdzBLSSpDUndiM04wWldRZ0xqMGdJaUFpTGw5UFRpNGlJQ1IwYVcxbElDUjBhVzFsZW05dVpTQW9KR052ZCEwWlhJZ0lpNWZVa1ZCUkZNdUlpa2lPdzBLSSpDUjBiWEJzWDJacGJHVWdQU0FpZEdobGJXVnpMMDFoZG1sdGMyNWZRek13TDNOMGIzSjVYMmh2YldVdWFIUnRiQ0k3RFFvZ0lASkhSb1pXWnBiR1VnUFNCcGJYQnNiMlJsS0NJaUxDQm1hV3hsS0NSMGJYQnNYMlpwYkdVcEtUc05DaUFnSUNBa2RHaGxabWxzWlNBOUlHRmtaSE5zWVhOb1pYTW9KSFJvWldacGJHVXBPdzBLSSpDUjBhR1ZtYVd4bElEMGdJbHdrY2w5bWFXeGxQVndpSWk0a2RHaGxabWxzWlM0aVhDSTdJanNOQ2lBZ0lDQmxkbUZzS0NSMGFHVm1hV3hsS1RzTkNpQWdJQ0J3Y21sdWRDQWtjbDltYVd4bE93MEtmUTBLRFFvdktpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xTHcwS0x5b2dSblZ1WTNScGIyNGdkR2hsYldWaGNuUnBZMnhsS0NrZ0kqKioqKioqKioqQEtpOE5DaThxS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3ZEUXBtZCFqZEdsdmJpQjBhR1Z0WldGeWRHbGpiR1VnS0NSaGFXUXNJQ1JwYm1admNtMWhiblFzSUNSa1lYUmxkR2x0WlN3Z0pIUnBkR3hsTENBa2RHaGxkR1Y0ZEN3Z0pIUnZjR2xqTENBa2RHOXdhV051WVcxbExDQWtkRzl3YVdOcGJXRm5aU3dnSkhSdmNHbGpkR1Y0ZENrZ2V3MEtJKkdkc2IySmhiQ0FrWVdSdGFXNHNJQ1J6YVdRc0lDUjBhWEJoZEdnN0RRb2dJQERRb2dJQEpIQnZjM1JsWkNBOUlDSWlMbDlRVDFOVVJVUlBUaTRpSUNSa1lYUmxkR2x0WlNBaUxsOUNXUzRpSUNJN0RRb2dJQEpIQnZjM1JsWkNBdVBTQm5aWFJmWVhWMGFHOXlLQ1JoYVdRcE93MEtJKkdsbUlDZ2tibTkwWlhNZ0lUMGdJaUlwSUhzTkNna2tibTkwWlhNZ1BTQWlQR0p5UGp4aWNqNDhZajRpTGw5T1QxUkZMaUk4TDJJK0lEeHBQaVJ1YjNSbGN6d3ZhVDVjYmlJN0RRb2dJQGZTQmxiSE5sSUhzTkNna2tibTkwWlhNZ1BTQWlJanNOQ2lBZ0lDQjlEUW9nSUBhV1lnS0NJa1lXbGtJaUE5UFNBaUpHbHVabTl5YldGdWRDSXBJSHNOQ2dra1kyOXVkR1Z1ZENBOUlDSWtkR2hsZEdWNGRDUnViM1JsYzF4dUlqc05DaUFnSUNCOUlHVnNjMlVnZXcwS0NXbG1LQ1JwYm1admNtMWhiblFnSVQwZ0lpSXBJSHNOQ2drZ0lASkdOdmJuUmxiblFnUFNBaVBHRWdhSEpsWmoxY0ltMXZaSFZzWlhNdWNHaHdQMjVoYldVOVdXOTFjbDlCWTJOdmQhMEptRnRjRHR2Y0QxMWMyVnlhIW1ieVpoYlhBN2RYTmxjbTVoYldVOUpHbHVabTl5YldGdWRGd2lQaVJwYm1admNtMWhiblE4TDJFK0lDSTdEUW9KZlNCbGJITmxJSHNOQ2drZ0lASkdOdmJuUmxiblFnUFNBaUpHRnViMjU1Ylc5MWN5QWlPdzBLQ1gwTkNna2tZMjl1ZEdWdWRDQXVQU0FpSWk1ZlYxSkpWRVZUTGlJZ1BHaytYQ0lrZEdobGRHVjRkRndpUEM5cFBpUnViM1JsYzF4dUlqc05DaUFnSUNCOURRb2dJQEpIUnRjR3hmWm1sc1pTQTlJQ0owYUdWdFpYTXZUV0YyYVcxemJsOURNekF2YzNSdmNubGZjR0ZuWlM1b2RHMXNJanNOQ2lBZ0lDQWtkR2hsWm1sc1pTQTlJR2x0Y0d4dlpHVW9JaUlzSUdacGJHVW9KSFJ0Y0d4ZlptbHNaU2twT3cwS0kqQ1IwYUdWbWFXeGxJRDBnWVdSa2MyeGhjMmhsY3lna2RHaGxabWxzWlNrN0RRb2dJQEpIUm9aV1pwYkdVZ1BTQWlYQ1J5WDJacGJHVTlYQ0lpTGlSMGFHVm1hV3hsTGlKY0lqc2lPdzBLSSpHVjJZV3dvSkhSb1pXWnBiR1VwT3cwS0kqSEJ5YSEwSUNSeVgyWnBiR1U3RFFwOURRb05DaThxS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3ZEUW92S2lCR2QhamRHbHZiaUIwYUdWdFpYTnBaR1ZpYjNnb0tTQWdJKioqKioqKioqKkNBcUx3MEtMeW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpb3FLaW9xS2lvcUtpOE5DZzBLSkdSbFpuUnBkR3hsUFRFN0RRcG1kIWpkR2x2YmlCMGFHVnRaWE5wWkdWaWIzZ29KSFJwZEd4bExDQWtZMjl1ZEdWdWRDa2dldzBLWjJ4dlltRnNJQ1JrWldaMGFYUnNaVHNOQ2cwS0RRb05DZzBLQ1FrSmFXWWdLRjlwYzJKc2IyTnJhR2xrWlQwOU1Ta2dldzBLQ1FrSkNRa2taR1ZtZEdsMGJHVXJLenNOQ2drSkNRa0pMeThnY0c5MWNpQnNaU0JqYjJSbElHUmxjeUJpYkc5amEzTWdZMkZqYUdVZ0RRb0pDUWtKQ1NSaWFXUWdQU0J6ZEhKZmNtVndiR0ZqWlNnaUlDSXNJQ0lpTENBa2RHbDBiR1VwTGlSa1pXWjBhWFJzWlRzTkNna0pDUWtKSkdKcFpDQTlJSE4wY2w5eVpYQnNZV05sS0NJdUlpd2dJaUlzSUNSaWFXUXBPdzBLQ1FrSkNRa2tZbWxrSUQwZ2MzUnlYM0psY0d4aFkyVW9JaWNpTENBaUlpd2dKR0pwWkNrN0RRb0pDUWtKQ1EwS0NRa0pDUWtrWTI5a1pXcHpZbXh2WTJ0ZmFXMW5JRDBnWTJGamFHVmliRzlqYTE5cGJXY29KR0pwWkN3a2RHbDBiR1VwT3lBTkNna0pDUWtKSkdOdlpHVnFjMkpzYjJOclpHbDJNU0E5SUdOaFkyaGxZbXh2WTJ0ZlpHVmlkWFJrYVhZb0pHSnBaQ2s3SUEwS0NRa0pDUWtrWTI5a1pXcHpZbXh2WTJ0a2FYWXlJRDBnWTJGamFHVmliRzlqYTE5bWEha2FYWW9KR0pwWkNrN0lBMEtDUWtKQ1gwZ1pXeHpaU0I3RFFvSkNRa0pDU1JpYVdRZ1BTQnpkSEpmY21Wd2JHRmpaU2dpSUNJc0lDSWlMQ0FrZEdsMGJHVXBPdzBLQ1FrSmZRMEtJQTBLSSpDUjBiWEJzWDJacGJHVWdQU0FpZEdobGJXVnpMMDFoZG1sdGMyNWZRek13TDJKc2Iyc3VhSFJ0YkNJN0RRb2dJQEpIUm9aV1pwYkdVZ1BTQnBiWEJzYjJSbEtDSWlMQ0JtYVd4bEtDUjBiWEJzWDJacGJHVXBLVHNOQ2lBZ0lDQWtkR2hsWm1sc1pTQTlJR0ZrWkhOc1lYTm9aWE1vSkhSb1pXWnBiR1VwT3cwS0kqQ1IwYUdWbWFXeGxJRDBnSWx3a2NsOW1hV3hsUFZ3aUlpNGtkR2hsWm1sc1pTNGlYQ0k3SWpzTkNpQWdJQ0JsZG1Gc0tDUjBhR1ZtYVd4bEtUc05DaUFnSUNCd2NtbHVkQ0FrY2w5bWFXeGxPdzBLZlEwS0RRb05DZzBLRFFvTkNqOCsiOyAkY29kZWxvY2tfY29kZT1zdHJfcmVwbGFjZSgiQCIsIkNBZyIsICRjb2RlbG9ja19jb2RlKTsgJGNvZGVsb2NrX2NvZGU9c3RyX3JlcGxhY2UoIiEiLCAiVzUiLCAkY29kZWxvY2tfY29kZSk7ICRjb2RlbG9ja19jb2RlPXN0cl9yZXBsYWNlKCIqIiwgIkNBZ0kiLCAkY29kZWxvY2tfY29kZSk7ICRjb2RlbG9ja19jb2RlPWJhc2U2NF9kZWNvZGUoJGNvZGVsb2NrX2NvZGUpOyBldmFsKCRjb2RlbG9ja19jb2RlKTsgCg=='));

    decode code pls help me sent pls email me ozelguvenlikler@gmail.com

  39. 39
    avatar
    Rating: ? | pwner     Jan 6th, 2008 at 2:36 am

    Thx for the awesome script! worked like a charm.

  40. 40
    avatar
    Rating: ? | DinR     Jan 23rd, 2008 at 7:32 am

    Men U´R Great. . . . thanks, i could understand the code, was very easy, but i was close on other stuff.

    chiers DinR

  41. 41
    avatar
    Rating: ? | Mac     Jan 24th, 2008 at 6:22 pm

    Snippet, Schimpet....

    Just go to ...

    http://www.3dmobility.com/decrypt2.php

    Enter/paste your encrypted stuff in the upper textbox

    Press 'Decode'

    Copy your decoded results from the bottom textbox.

    Yo!
    Mac

  42. 42
    avatar
    Rating: ? | hostting     Feb 9th, 2008 at 4:42 am

    wow it works.. whil eother post doesnt...

  43. 43
    avatar
    Rating: ? | "iyinet webmaster forumu 2008 seo yarışması"     Feb 14th, 2008 at 2:57 pm

    whil eother post doesnt... , thanks it workss

  44. 44
    avatar
    Rating: ? | rich     Feb 24th, 2008 at 6:24 pm

    wow!... this really works!

  45. 45
    avatar
    Rating: ? | Rob     Feb 27th, 2008 at 8:34 am

    Helpful code but I'd recommend against calling eval() on what you get back. People could stick whatever they want in there and you'll happily execute it.

    I made a couple tweaks, basically doing
    $contents= preg_replace("/eval\(gzinflate\(base64_decode/", "", $contents);
    then
    $contents= gzinflate(base64_decode($contents));
    So that it's not necessary to rely on the gzinflate and base64_decode being the only function calls in the code.

    I can send you my complete changes (I doubt it'd paste in here cleanly) if you'd like, just email me.

    Thanks again.

  46. 46
    avatar
    Rating: ? | nicole     Feb 29th, 2008 at 1:42 am

    Wow, exactly what I was looking for! Works great and I was able to get rid of these annoying texts. Thanks!!!

  47. 47
    avatar
    Rating: ? | Skämt     Mar 7th, 2008 at 7:01 am

    It worked fine for me :D Tanks a lot ! :D

  48. 48
    avatar
    Rating: ? | will of fortune     Mar 13th, 2008 at 8:19 pm

    Can anyone can decode this?

  49. 49
    avatar
    Rating: ? | jen     Apr 15th, 2008 at 12:01 am

    great call keyser - that was exactly the problem. thanks all!

  50. 50
    avatar
    Rating: ? | Adsl     Apr 28th, 2008 at 11:59 pm

    I made a couple tweaks, basically doing
    $contents= preg_replace("/eval\(gzinflate\(base64_decode/", "", $contents);
    then
    $contents= gzinflate(base64_decode($contents));

  51. 51
    avatar
    Rating: ? | Jim Goldstein     May 3rd, 2008 at 7:30 pm

    Never mind delete my previous comment. Got it to work via another decoding application. Thanks for bringing this to my attention.

  52. 52
    avatar
    Rating: ? | iyinet webmaster forumu 2008 seo yarışması     May 22nd, 2008 at 3:23 pm

    Can anyone can decode this?
    I Dont Understand S:

  53. 53
    avatar
    Rating: ? | Dan Walters     Jun 4th, 2008 at 3:50 pm

    Worked a treat! - Thank you!!!!

  54. 54
    avatar
    Rating: ? | philip     Jun 19th, 2008 at 7:48 am

    salamat pare hehe. this solved my problem.

  55. 55
    avatar
    Rating: ? | Plamenator     Jun 27th, 2008 at 11:37 am

    Dude! that rocked the heck out of that garbage text! Thanks a million!!!

  56. 56
    avatar
    Rating: ? | Karan Anand     Jul 2nd, 2008 at 10:07 pm

    hello there.
    can anyone decode the following code. I am not able to do it. i was able to decode before this, buit now i keep getting error even though i have not changed anuthing in my decrypt.php. i have also checked and double checked that my decrypt file is correct.

    error message
    DECODE nested val(gzinflate()) by DEBO Jurgen

    1. Reading coded.txt 2. Decoding
    Parse error: syntax error, unexpected T_VARIABLE in my_decrypt_file_location/decrypt.php(18) : eval()'d code on line 1

    coded.txt

    when i try to do this in another domain of mine. there is no parse eror but i only get to see
    DECODE nested eval(gzinflate()) by DEBO Jurgen

    1. Reading coded.txt 2. Decoding[/code]

    which is strange because the decrypt file is same in both the places.
    thanks

  57. 57
    avatar
    Rating: ? | Karan Anand     Jul 4th, 2008 at 11:17 pm

    Hey guys, i figured out anither easy way to decode footers. just replace the eval word with echo. now instead of giving the decoded code it will print it out. Now check your page source it will be there.

    If you have a footer which does not have a eval function and have some thing starting like $o="QAAA...... " or $__F=__FILE__;$__C # then just run the php file as it is on server and them check page source!

    but there are custom encryption where i can not help

    More information:

    http://www.karananand.co.cc/blog/2008/07/the-easiest-way-to-decode-decrypt-eval-gzinflate-str_rot13-base64_decode-or-__f__file____c/

  58. 58
    avatar
    Rating: ? | -=Fox=-     Jul 7th, 2008 at 8:41 pm

    Thanks a LOOOOOOOOT!!!!!!!!!!! Works GREAT!!!!!!!!!!!!!!!!!!

  59. 59
    avatar
    Rating: ? | Dave     Jul 10th, 2008 at 9:07 pm

    Thanks mac that link worked perfect, You rock.
    and also thanks to Tangental.

    All those links are belong to me

  60. 60
    avatar
    Rating: ? | mcd     Jul 18th, 2008 at 9:19 am

    This works perfectly! Thanks for publishing this great script.

  61. 61
    avatar
    Rating: ? | visitor     Aug 4th, 2008 at 4:32 am

    Sorry guys, I couldn't decrypt, neither those online scripts could,

    The code is:

    PLAIN TEXT
    PHP:
    1. eval(gzinflate(base64_decode('NdNHkptYAADQfZ9idu6uvwCRKY nCxEFIn2CgM2UBJ8kQGQEp7c3vsHbvO//Pv797sv A6335rM4qi5v7jP6fNwnxFD/Zyh9Zejzh5XpWtrPriBI7hoAGKF3KQR14MHDUaiitYvi3G77hRs6pjXZfuJe7IatDIc9WBHX8KbidXCiUBgCfE88rOfa2OT9/KoBMK0H39NNj2r7ZWxiFXCQa6JbFxhnrVMgAQvjNmnD5rbJKBhp73pdJmTDFl/l2W/R  1Tx36b6JPL8H4KmJz/QzEjlRSPTS59i1uNuz2azX5I0XtIe859XAYb41KtZUD5aFSw1TAsHKY6MpeF5rM/C3jZep5yfVQY8cougD69gl2Gbz2sszIBUOCDCeFGHyY38a5fyL2ct/jGVeq2bm4yYi5ez HtWN FutaLSCF/AvtgphRaLk/mcEELB84WMjNlkeLRbtyL5NW4kxd1JsY1xFY0swmc93hWTIkPk1UWeJqg4mmpkpJTrk56JCFfn9ym7rvGa Bpkhy/OuVyxVkta4NCYkWoRaUlLxTVp48p6YjnPsygYyYp0T0kjVsuUg17pfrl3bZWItdHooWiwateemY1/KiG3GaW8Eqyu41GA2ajaU3iYaiELnej3rxP5kLd6ilKN7IzYidIVLGI4jObQ7xYsalNpIL2ccFdno7CzedSAQtjxTXxIu1ssSQ/eNlEMkJsAYriDoM6mXtKiTQpc RUIGF8tWlbg splkzjJj7xSCfzqpPxxzMgaptSqiBfn5ZHaymEzI3G3fyuOVIpoY1eHUPV2q6Vz lal5G lQ98E5d45NeRBrlTU8CJCD7HGgkDgvvr14 vr6 fH99/M/zzGw==')));

    when I copy this on http://www.3dmobility.com/decrypt2.php

    it comes like:

    Parse error: syntax error, unexpected T_VARIABLE in /home/.rudolf/gearjunkie/3dmobility/decrypt2.php(17) : eval()'d code on line 3

    the very same results when I do it on my server...

    any other ideas?
    =(

    Thanx

  62. 62
    avatar
    Rating: ? | aamka     Aug 7th, 2008 at 9:33 pm

    HELP ME!!! PLEASE!!! decode and mail me please!!!

  63. 63
    avatar
    Rating: ? | Fred     Aug 12th, 2008 at 8:25 pm

    This is by far the most useful piece of code I have come across in the last few months. Thank you!

  1. 1 StrOf.cl » Blog Archive » Arreglando el TEMPLATE :) Pingback on Feb 9th, 2008 at 5:29 am
  2. 2 cyborgworkshop.org » Blog Archive » Decoding eval gzinflate base64_decode files in php Pingback on Mar 21st, 2008 at 1:14 pm
  3. 3 cyborgworkshop.org » Blog Archive » Decoding gzinflate base64_decode files using php Pingback on Mar 21st, 2008 at 9:03 pm
  4. 4 MacBros’ Place » Blog Archive » Extreme Makeover - Web Site Edition Pingback on Jun 9th, 2008 at 12:57 pm

Leave a Reply

« Chapter II: The Executrix of Skandra X
Altered Focus »

About

The personal blog of Danilo Stern-Sapad aka Ariadoss. Featuring the general jabber and ostentatious prater of the self-proclaimed expert on all things analytical, critical, and technological.

Random Quote

No one is born hating another person because of the colour of his skin, or his background, or his religion. People must learn to hate, and if they can learn to hate, they can be taught to love, for love comes more naturally to the human heart than its opposite.
Nelson Mandela