3

How to decode this string in php?

$x = "h\164tp\163\072\057\057\x70r\157\x64\x75\x63t-\x73\x65a\x72\143\150\056\x61\160i\x2e\x63\x6a\x2ec\x6f\x6d\057v\062/\160\x72\157\x64\165\x63t\x2ds\x65\141\162\143\x68\x3f";

It looks like a regex URL, but how to read what it is?

Thanks.

Improve this question
5
  • 4
    It looks more like a bunch of hex or perhaps a hash. Can you include any of the surrounding code to give context? Commented Jun 22, 2011 at 18:58
  • This is not a regex URL. This is an encoded string in another base system. e.g. hex, or something. Commented Jun 22, 2011 at 18:59
  • 1
    You'll find the code necessary to easily decode this in context of where it is within the page. Usually... a handful of functions defined to variables. Simply find where it decodes and echo it from there. Commented Jun 22, 2011 at 18:59
  • 3
    Hex and octal actually, but close enough. Commented Jun 22, 2011 at 18:59
  • 4
    reads as https://product-search.api.cj.com/v2/product-search? Commented Jun 22, 2011 at 19:00

6 Answers 6

Reset to default
8

just echo it out.

<?
$x = "h\164tp\163\072\057\057\x70r\157\x64\x75\x63t-\x73\x65a\x72\143\150\056\x61\160i\x2e\x63\x6a\x2ec\x6f\x6d\057v\062/\160\x72\157\x64\165\x63t\x2ds\x65\141\162\143\x68\x3f";
echo $x;

It outputs:

https://product-search.api.cj.com/v2/product-search?
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Ha.., you guys are good. I am a .net programmer, new to php. Did not thought about simply echo it out.
3

Print it!

% cat test.php 
#!/usr/bin/env php

<?php
$x = "h\164tp\163\072\057\057\x70r\157\x64\x75\x63t-\x73\x65a\x72\143\150\056\x61\160i\x2e\x63\x6a\x2ec\x6f\x6d\057v\062/\160\x72\157\x64\165\x63t\x2ds\x65\141\162\143\x68\x3f";
print $x;
?>

% ./test.php
https://product-search.api.cj.com/v2/product-search?
Improve this answer

Comments

1

It is actually a string with some characters specified in hexadecimal and octal notation. Just echo it.

Improve this answer

Comments

0

just print it, its a url

https://product-search.api.cj.com/v2/product-search?

Improve this answer

Comments

0

Well, I created a PHP page as follows:

<?php
$x = "h\164tp\163\072\057\057\x70r\157\x64\x75\x63t-\x73\x65a\x72\143\150\056\x61\160i\x2e\x63\x6a\x2ec\x6f\x6d\057v\062/\160\x72\157\x64\165\x63t\x2ds\x65\141\162\143\x68\x3f";

print $x;
?>

and ran it.

And I got the following:

https://product-search.api.cj.com/v2/product-search?

Which means nothing to me, except that cj.com is part of Commission Junction, which is an online advertising network.

It's been deliberately obfuscated, so clearly the person who wrote it intended that you didn't notice it or understand it, and would leave it alone. I don't know the context of the question, why you're asking about it, but my guess would be that you've been hacked and someone has inserted this code (and more) into your site.

If that's the case, their aim would clearly be to gain some advertising revenue by freeloading on your site. Not particularly malicious as hacks go, but not something you'd want to be happening (especially if you don't know what kind of ads would be shown).

Improve this answer

1 Comment

That must be it. No wonder my site sometimes acts werid recently. I got to figure out how to chean it up. Thanks.
0

Simple:

utf8_decode();

http://www.php.net/manual/en/function.utf8-decode.php

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.