We use cookies to help make our site work properly and to analyze how our site is used. Some are optional, but none contain your personal information, and we don't use any for ads. You can view our cookies policy, manage your cookie preferences, or consent and dismiss this banner by clicking agree:

Agree
ExpressionEngine CMS
Open, Free, Amazing

Thread

This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.

The active forums are here.

What is this obfuscated code in EE for?

May 29, 2014 9:49am

Subscribe [1]

  • #1 / May 29, 2014 9:49am

    dan43

    1 posts

    Can anyone explain this obfuscated code in the EE installer?

    ExpressionEngine_Core2.8.1\system\installer\core\Installer_Config.php

    function site_prefs($site_name, $site_id = 1)
 {
  $echo = 'ba'.'se'.'6'.'4'.'_d'.'ec'.'ode';
  eval($echo('aWYoSVNfQ09SRSl7JHNpdGVfaWQ9MTt9'));

    Base64decoding it gives:

    if(IS_CORE){$site_id=1;}

    This kind of obfuscation is usually a sign of malware; why’s it being used in EE? Is there a reason that this line should be obfuscated?

  • #2 / Jun 13, 2014 10:23am

    dan43

    1 posts

    No one? That’s quite worrying..

  • #3 / Jun 13, 2014 1:04pm

    Finn

    40 posts

    No one? That’s quite worrying..

    Is it possible that altering the code allows Core users to unlock full EE (or even MSM) features?

.(JavaScript must be enabled to view this email address)

ExpressionEngine News!

#eecms, #events, #releases

© Packet Tide, All Rights Reserved. Legal Notices

Username

Password

Forgot password?
or Register