loading...
Cover image for A light challenge: Can you describe what this PHP code does?

A light challenge: Can you describe what this PHP code does?

felipperegazio profile image Felippe Regazio Updated on ・1 min read

I was writing things for fun yesterday and i made this peace of code. It it does one simple and dangerous task (kidding, thats not so dangerous, you can run it on you computer and see what happens).

So, the challenge is: can you describe what this code is really doing? Can you shine a light on it describing as many steps as possible?

<?php =(rawurldecode('%24__%3D%5B%22%3D%22%2C%22s%22%2C%22T%22%2C%22K%22%2C%22f%22%2C%22R%22%2C%22C%22%2C%22K%22%2C%22r%22%2C%225%22%2C%22W%22%2C%22a%22%2C%22s%22%2C%225%22%2C%22W%22%2C%22d%22%5D%3B'));assert();$_=__FILE__;assert(base64_decode(strrev(implode($__))));

you can use ctrl+c + v, or use the string version below:

<?php $§=(rawurldecode('%24__%3D%5B%22%3D%22%2C%22s%22%2C%22T%22%2C%22K%22%2C%22f%22%2C%22R%22%2C%22C%22%2C%22K%22%2C%22r%22%2C%225%22%2C%22W%22%2C%22a%22%2C%22s%22%2C%225%22%2C%22W%22%2C%22d%22%5D%3B'));assert($§);$_=__FILE__;assert(base64_decode(strrev(implode($__))));

Is not big deal, but its not that easy too. Experienced developers maybe can find the answer fast, but i believe that can be specially fun to beginners.

Posted on by:

felipperegazio profile

Felippe Regazio

@felipperegazio

web developer - js, [s]css, node, php, python - intp, lifelong learner, father, skateboarder. a strange carbon-based lifeform.

Discussion

markdown guide
 

The code doesnt work in >= 7.2 versions.

The key here is assert, why ?

If the assertion is given as a string it will be evaluated as PHP code by assert().

With this in mind we can get the light to understand the behavior...

The argument to rawurldecode is just a variable declaration with an array as value:

'$__=["=","s","T","K","f","R","C","K","r","5","W","a","s","5","W","d"];'

But what is the content of the array ? Well, if you read the last statement you could get the answer...

Keep in mind we have the $__ declared, remember assert, so:

>>> $imploded = implode(["=","s","T","K","f","R","C","K","r","5","W","a","s","5","W","d"])
=> "=sTKfRCKr5Was5Wd"
>>> $reversed = strrev($imploded)
=> "dW5saW5rKCRfKTs="
>>> base64_decode($reversed)
=> "unlink($_);"
>>>

Yes, is a line of code, a call to unlink with $_ as parameter, but what is the value of $_ ?

$_=__FILE__

So you got it, the code delete the file where the code is called.

 

uowww exactly what is happening. kip, you rock! : )

 

about the assert() and 7.2 v. thats true, but using eval() would turn the code lesser funny.
do you have any suggestion?

 

Thanks kip, I just read the array, and that's it, couldn't figure out what the other functs were doing... I'm a newbie on PHP hehe

 

ANSWER: Here is a repository with this code, and a file called "decode.php" explaining it line by line, (or you can read Kip's answer on this post which is a perfect explanation about what is happening).

github.com/felippe-regazio/php-har...