Decrypt Plesk PHP files
This is a simple method for decrypting Plesk PHP files.
Trace "_efree" in "/usr/bin/sw-engine" with Frida, like this: Code:
cd /usr/bin Code:
/usr/bin/__handlers__/sw_engine/_efree.js Code:
{ Note that this is for investigation purposes only. If you like Plesk, pay for it. I'm not responsible for any bad usage of this code. |
have you considered this approach in windows server ?
i could not locate sw-engine in windows server with plesk installed. would you mind elaborate where this RVA(0x9cc2d6) comes from ? thank's in advance |
any update of ymg2006 inquiry?
|
Quote:
|
Just wanted to take a look in the plesk stuff but while trying to attach frida.
Code:
Failed to attach: unexpected error while attaching to process with pid XXXX (PTRACE_SEIZE returned 'Input/output error') |
Hi
upload your php files that you want to decrypt |
Does the same method work for other protection tools like Zend, ioncube etc.? Thanks and please forgive if it's a naive question
|
Not working anymore
i fully tried this and confirming this is not working....
|
if you have upload a sample , i can decrypt it for you
|
I'm not sure what I'm looking for.. I just wanted to take a general look into it. Nothing specific. Also it's pretty hard to give you something to decrypt if we can't really point out (on our own) what would be the right file if we only could judge by filename.
|
Quote:
_https://blog.silentsignal.eu/2013/12/18/plesk-decryption/ _https://gist.github.com/KenanSulayman/9050608 |
Quote:
|
Quote:
|
All times are GMT +8. The time now is 19:40. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX