How To Find If Theme Has Base64 Decode?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    The best way is to download and look at the theme files. Even then some of the non-GPL themes don’t use base64_decode but instead put checks in to prevent you from editing the links out.

    Those theme providers are the worst and at least one theme site is on my “Bad! Very Bad!” list for booby trapping their themes that way.

    What I ended up doing in that other thread was open up my Macbook and downloaded a theme from that page directly. It actually went to a file sharing site, rapidshare I think and that’s often a red flag for me.

    After that I just opened up a terminal, unziped the archive and ran 

    grep -inHR base64_decode * | cut -d':' -f1,2

    in the directory I extracted the zip file into. The -inR is ignore case, print the line number, display the file name, and look recursively into sub-directories. The cut just gave me the file name and line numbers.

    That showed that that functions.php had base64_decode on lines 16, 24, 31, 65, 81, and 108.

    There may be better ways to do that but from start to finish it was only about 5-10 minutes for me.

    How do you mean?

    Like with access to the actual files (scanning them) or just looking at a site’s source?

    EDIT – @jan got there way faster (and better) than me!

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    I’m OCD about this, I admit it and am comfortable with that. ??

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘How To Find If Theme Has Base64 Decode?’ is closed to new replies.