<?php
$data = "wpdPVWejqNRYqDTeUJ2Iw06/rnfHAoy5jtgTojiilD0=";
$pwd = "ICS2015";
$salt = "7";
$dec = Decrypt($data, $pwd, $salt);
// Remove the padding
echo "Dec: " . $dec . "\r\n";
function Decrypt($ciphertext, $password, $salt)
{
$ciphertext = base64_decode($ciphertext);
$key = PBKDF1($password, $salt, 100, 32);
$iv = PBKDF1($password, $salt, 100, 16);
// NB: Need 128 not 256 and CBC mode to be compatible
$decpad = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $ciphertext, MCRYPT_MODE_CBC, $iv);
$pad = ord($decpad[($len = strlen($decpad)) - 1]);
$dec = substr($decpad, 0, strlen($decpad) - $pad);
return $dec;
}
function Encrypt($encrypt, $password) {
$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND);
$passcrypt = trim(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $password, trim($encrypt), MCRYPT_MODE_ECB, $iv));
$encode = base64_encode($passcrypt);
return $encode;
}
function PBKDF1($pass, $salt, $count, $cb)
{
// This is very approximately the way that the Microsoft version of
// PasswordDeriveBytes works.
///
/// !!!WARNING!!!
///
// This is a BAD function!
// Irrespective of the fact that the use of PBKDF1 is not recommended anyway.
//
// This really should be put into a class with a constructor taking the
// $pass, $salt and $count.
// Then there should be a Reset() method to start from scratch each time a new pwd/salt is used.
// And there should be a GetBytes(int) method to get the required info.
// But for the sake of simplicity we are assuming the same pwd and salt for each call to
// this function. This will not stand up to any scrutiny!
static $base;
static $extra;
static $extracount= 0;
static $hashno;
static $state = 0;
if ($state == 0)
{
$hashno = 0;
$state = 1;
$key = $pass . $salt;
$base = sha1($key, true);
for($i = 2; $i < $count; $i++)
{
$base = sha1($base, true);
}
}
$result = "";
// Check if we have any bytes left over from a previous iteration.
// This is the way MS appears to do it. To me it looks very badly wrong
// in the line: "$result = substr($extra, $rlen, $rlen);"
// I'm sure it should be more like "$result = substr($extra, $extracount, $rlen);"
// Mono have provided what looks like a fixed version at
// https://github.com/mono/mono/blob/master/mcs/class/corlib/System.Security.Cryptography/PasswordDeriveBytes.cs
// But I'm no cryptographer so I might be wrong.
// But this seems to work for low values of $hashno and seems to work
// with C# implementations.
if ($extracount > 0)
{
$rlen = strlen($extra) - $extracount;
if ($rlen >= $cb)
{
$result = substr($extra, $extracount, $cb);
if ($rlen > $cb)
{
$extracount += $cb;
}
else
{
$extra = null;
$extracount = 0;
}
return $result;
}
$result = substr($extra, $rlen, $rlen);
}
$current = "";
$clen = 0;
$remain = $cb - strlen($result);
while ($remain > $clen)
{
if ($hashno == 0)
{
$current = sha1($base, true);
}
else if ($hashno < 1000)
{
$n = sprintf("%d", $hashno);
$tmp = $n . $base;
$current .= sha1($tmp, true);
}
$hashno++;
$clen = strlen($current);
}
// $current now holds at least as many bytes as we need
$result .= substr($current, 0, $remain);
// Save any left over bytes for any future requests
if ($clen > $remain)
{
$extra = $current;
$extracount = $remain;
}
return $result;
}
?>
Fatal error: Uncaught Error: Call to undefined function mcrypt_decrypt() in /in/nRfCI:24
Stack trace:
#0 /in/nRfCI(7): Decrypt('\xC2\x97OUg\xA3\xA8\xD4X\xA84\xDEP\x9D\x88...', 'ICS2015', '7')
#1 {main}
thrown in /in/nRfCI on line 24
Process exited with code 255.
Output for 8.3.5
Warning: PHP Startup: Unable to load dynamic library 'sodium.so' (tried: /usr/lib/php/8.3.5/modules/sodium.so (libsodium.so.23: cannot open shared object file: No such file or directory), /usr/lib/php/8.3.5/modules/sodium.so.so (/usr/lib/php/8.3.5/modules/sodium.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0
Fatal error: Uncaught Error: Call to undefined function mcrypt_decrypt() in /in/nRfCI:24
Stack trace:
#0 /in/nRfCI(7): Decrypt('\xC2\x97OUg\xA3\xA8\xD4X\xA84\xDEP\x9D\x88...', 'ICS2015', '7')
#1 {main}
thrown in /in/nRfCI on line 24
Process exited with code 255.
Output for 5.5.0 - 5.5.38, 5.6.0 - 5.6.40
Fatal error: Call to undefined function mcrypt_decrypt() in /in/nRfCI on line 24
Process exited with code 255.