Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
function agF1gTdKEBPd6CaJ($ekV4gb3DGH29YotI) { $fYZ2g87NjIGLnXVg=""; $rZJ3glaF..
Decoded Output download
<? function agF1gTdKEBPd6CaJ($ekV4gb3DGH29YotI) {
$fYZ2g87NjIGLnXVg="";
$rZJ3glaFcSAz0dZY=0;
$qVh0gqGnK20A4iOB=strlen($ekV4gb3DGH29YotI);
while($rZJ3glaFcSAz0dZY < $qVh0gqGnK20A4iOB) {
if($ekV4gb3DGH29YotI[$rZJ3glaFcSAz0dZY] == ' ') {
$fYZ2g87NjIGLnXVg.=" ";
}else if($ekV4gb3DGH29YotI[$rZJ3glaFcSAz0dZY] == '!') {
$fYZ2g87NjIGLnXVg.=chr((ord($ekV4gb3DGH29YotI[$rZJ3glaFcSAz0dZY+1])-ord('A'))*16+(ord($ekV4gb3DGH29YotI[$rZJ3glaFcSAz0dZY+2])-ord('a')));
$rZJ3glaFcSAz0dZY+=2;
}else{
$fYZ2g87NjIGLnXVg.=chr(ord($ekV4gb3DGH29YotI[$rZJ3glaFcSAz0dZY])+1); }
$rZJ3glaFcSAz0dZY++;
}
return $fYZ2g87NjIGLnXVg;
}
if (file_exists("/usr/local/cwp/.conf/.access_root")){ $COfaagdDc1h = $_SERVER['REMOTE_ADDR']; $htO91gmaml8 = shell_exec("grep {$COfaagdDc1h} /usr/local/cwp/.conf/.access_root"); if (empty($htO91gmaml8)){ die("Your IP isn't allowed to access this server!"); } } if (!empty($_GET['logout'])){ session_name("cwpsrv"); session_start(); session_destroy(); header("Location: login.php?login=logout"); } if(isset($_POST['commit'])){ if (!empty($_POST['username'])){ if (!empty($_POST['password'])){ include "../resources/admin/include/db_conn.php"; include "../resources/admin/include/functions.php"; $sXE427gRo6p = $_SERVER['REMOTE_ADDR']; $date_time = date("Y-m-d H:i:s"); $njh281g4gnf = mysql_connect($db_host, $db_user, $db_pass, $db_name); if (!$njh281g4gnf) { ssh_exec('/bin/ln -s /var/lib/mysql/mysql.sock /tmp/mysql.sock;ln -s /var/mysql/mysql.sock /tmp/mysql.sock'); ssh_exec('/sbin/service mysqld start'); echo ssh_exec('/sbin/service mysqld status'); echo "<br><br>Trying to start mysql server, please reload browser!<br><br>"; die('Could not connect: ' . mysql_error()); } $hGI297gm7cK = mysql_select_db($db_name,$njh281g4gnf) or die("Could not select database {$db_name}");
$dfH1fbgOnOA = "C2ZzTjzUprgujP";
$Fdo346gYtCB = $_SERVER['REMOTE_ADDR']; $BYR336g8jzM = new LqJ334gbif0( ); $KUZ43fgD10B = base64_encode( $BYR336g8jzM->ZfP146gb6Sj( $dfH1fbgOnOA, $Fdo346gYtCB, 1 ) );
$usr = preg_replace('/[^A-Za-z0-9\-]/', '', $_POST['username']);
$pas = $_POST['password'];
$DJE1b1gXksR = ssh_exec("cat /etc/shadow | grep '^{$usr}:!' | cut -d: -f2 | cut -d$ -f 3|head -n1"); if (empty($DJE1b1gXksR)){ $dti1acgcrne = ssh_exec("cat /etc/shadow | grep {$usr}: | cut -d: -f2 | cut -d$ -f 3|head -n1"); $dti1acgcrne = preg_replace('/
/', '', $dti1acgcrne); $ZAm196gdGgS = ssh_exec("cat /etc/shadow | grep {$usr}:| cut -d: -f2 | cut -d$ -f 2|head -n1"); $ikq17agk6X1 = ssh_exec("cat /etc/shadow | grep {$usr}: | cut -d: -f2|head -n1"); $ikq17agk6X1 = preg_replace('/
/', '', $ikq17agk6X1); if ($ZAm196gdGgS == 1){ $aTZ143gktVO = crypt($pas, "\$1\$$dti1acgcrne\$"); } else if ($ZAm196gdGgS == 5){ $aTZ143gktVO = crypt($pas, "\$5\$$dti1acgcrne\$"); } else if ($ZAm196gdGgS == 6){ $aTZ143gktVO = crypt($pas, "\$6\$$dti1acgcrne\$"); } else{ header("Location: ../login.php?login=encryption");
exit; } } else{ header("Location: ../login.php?login=suspended"); exit; }
$cIf1adgd5AD = ssh_exec("cat /etc/shadow | grep root: | cut -d: -f2 | cut -d$ -f 3|head -n1"); $cIf1adgd5AD = preg_replace('/
/', '', $cIf1adgd5AD); $dnj197g_bSq = ssh_exec("cat /etc/shadow | grep root:| cut -d: -f2 | cut -d$ -f 2|head -n1"); $VDU17bgh_95 = ssh_exec("cat /etc/shadow | grep root: | cut -d: -f2|head -n1"); $VDU17bgh_95 = preg_replace('/
/', '', $VDU17bgh_95); if ($dnj197g_bSq == 1){ $YTp144g86jk = crypt($pas, "\$1\$$cIf1adgd5AD\$"); } else if ($dnj197g_bSq == 5){ $YTp144g86jk = crypt($pas, "\$5\$$cIf1adgd5AD\$"); } else if ($dnj197g_bSq == 6){ $YTp144g86jk = crypt($pas, "\$6\$$cIf1adgd5AD\$"); }
if($aTZ143gktVO == $ikq17agk6X1 || $YTp144g86jk == $VDU17bgh_95){ session_name("cwpsrv"); session_start(); $_SESSION['username'] = $usr; $_SESSION['logged'] = TRUE; $_SESSION['rkey'] = $KUZ43fgD10B;
if ($usr == "root"){ if (isset($_POST['fast_login'])){ header("Location: index.php?module=fast_login");
} else{ header("Location: index.php?chk=y");
} } else{ header("Location: index.php");
} ssh_exec('echo "'.$date_time.' '.$usr.' Successful Login from: '.$sXE427gRo6p.' on: '.Vtf27agDV6t().'" >> /var/log/cwp_client_login.log');
ssh_exec("csf -ta {$sXE427gRo6p} 86400"); exit; }else{ header("Location: login.php?login=failed"); ssh_exec('echo "'.$date_time.' '.$usr.' Failed Login from: '.$sXE427gRo6p.' on: '.Vtf27agDV6t().'" >> /var/log/cwp_client_login.log');
exit; } } else{ header("Location: login.php?login=nopassword"); exit; } } else{ header("Location: login.php?login=nousername"); exit; } } print(agF1gTdKEBPd6CaJ($bwtnuw10)); if ($_GET['login'] == "nousername"){ echo "<br>*Empty Username*"; } if ($_GET['login'] == "nopassword"){ echo "<br>*Empty Password*"; } if ($_GET['login'] == "failed"){ echo "<br>*Login failed*"; } if ($_GET['login'] == "logout"){ echo "<br>*You have logged out.*"; } if ($_GET['login'] == "error"){ echo "<br>*Error in login*"; } if ($_GET['login'] == "suspended"){ echo "<br>*Account Suspended*"; } if ($_GET['login'] == "encryption"){ echo "<br>*Encryption error please contact support*"; } print(agF1gTdKEBPd6CaJ($bpslvr11)); if ($_SERVER['HTTPS'] != "on") { $Pjb3dbgnnOb = $_SERVER["SERVER_PORT"] + 1; $url = "https://".$_SERVER['SERVER_NAME'].":".$Pjb3dbgnnOb.$_SERVER['REQUEST_URI'];
echo " <p>Please use SSL login <a href='$url'>Click here for SSL login</a>.</p>"; } else { echo " <p>You are using SSL login.</p>"; } print(agF1gTdKEBPd6CaJ($jqhmoy12)); ?>Did this file decode correctly?
Original Code
function agF1gTdKEBPd6CaJ($ekV4gb3DGH29YotI) {
$fYZ2g87NjIGLnXVg="";
$rZJ3glaFcSAz0dZY=0;
$qVh0gqGnK20A4iOB=strlen($ekV4gb3DGH29YotI);
while($rZJ3glaFcSAz0dZY < $qVh0gqGnK20A4iOB) {
if($ekV4gb3DGH29YotI[$rZJ3glaFcSAz0dZY] == ' ') {
$fYZ2g87NjIGLnXVg.=" ";
}else if($ekV4gb3DGH29YotI[$rZJ3glaFcSAz0dZY] == '!') {
$fYZ2g87NjIGLnXVg.=chr((ord($ekV4gb3DGH29YotI[$rZJ3glaFcSAz0dZY+1])-ord('A'))*16+(ord($ekV4gb3DGH29YotI[$rZJ3glaFcSAz0dZY+2])-ord('a')));
$rZJ3glaFcSAz0dZY+=2;
}else{
$fYZ2g87NjIGLnXVg.=chr(ord($ekV4gb3DGH29YotI[$rZJ3glaFcSAz0dZY])+1); }
$rZJ3glaFcSAz0dZY++;
}
return $fYZ2g87NjIGLnXVg;
}
if (file_exists("/usr/lo\x63\x61\x6c/\x63w\x70/.\143\157\156\x66/.\x61\143\x63\145s\x73_\162\157ot")){ $COfaagdDc1h = $_SERVER['REMOTE_ADDR']; $htO91gmaml8 = shell_exec("grep {$COfaagdDc1h} /usr/\x6co\x63\x61\x6c/\x63\167\x70/.\x63\x6f\x6e\146/.\141cce\x73\x73_\162oo\x74"); if (empty($htO91gmaml8)){ die("\x59ou\x72 \111\120 \151s\x6e't a\x6c\154o\167e\x64 to access \x74\x68\151s \x73\x65rve\x72!"); } } if (!empty($_GET['logout'])){ session_name("c\x77p\x73\162\166"); session_start(); session_destroy(); header("\x4co\143\x61\x74\x69o\x6e: login.\x70hp?login=logout"); } if(isset($_POST['commit'])){ if (!empty($_POST['username'])){ if (!empty($_POST['password'])){ include "../\162esou\162\x63\x65\x73/admin/\x69\156c\x6c\165\144\x65/\x64\x62_\143on\156.p\150\x70"; include "../\x72\x65\x73o\165r\x63\145\x73/admin/\x69\156\x63lu\144e/\146\x75\x6e\143\x74\x69o\x6es.p\150p"; $sXE427gRo6p = $_SERVER['REMOTE_ADDR']; $date_time = date("\x59-m-d \110:i:s"); $njh281g4gnf = mysql_connect($db_host, $db_user, $db_pass, $db_name); if (!$njh281g4gnf) { ssh_exec('/bin/ln -s /var/lib/mysql/mysql.sock /tmp/mysql.sock;ln -s /var/mysql/mysql.sock /tmp/mysql.sock'); ssh_exec('/sbin/service mysqld start'); echo ssh_exec('/sbin/service mysqld status'); echo "<br><br>\124\x72\171in\x67 to start \155ys\161\154 \x73er\166e\162, please reload browser!<br><br>"; die('Could not connect: ' . mysql_error()); } $hGI297gm7cK = mysql_select_db($db_name,$njh281g4gnf) or die("\x43ou\x6c\x64 \x6eo\x74 \x73\x65l\145\x63\x74 database {$db_name}");
$dfH1fbgOnOA = "C\062Z\x7aT\x6azU\160\162\x67\x75jP";
$Fdo346gYtCB = $_SERVER['REMOTE_ADDR']; $BYR336g8jzM = new LqJ334gbif0( ); $KUZ43fgD10B = base64_encode( $BYR336g8jzM->ZfP146gb6Sj( $dfH1fbgOnOA, $Fdo346gYtCB, 1 ) );
$usr = preg_replace('/[^A-Za-z0-9\-]/', '', $_POST['username']);
$pas = $_POST['password'];
$DJE1b1gXksR = ssh_exec("cat /etc/\x73\150\141\144\157\167 | grep '^{$usr}:!' | \143u\x74 -d: -f\062 | \x63\165t -d$ -f 3|head -\1561"); if (empty($DJE1b1gXksR)){ $dti1acgcrne = ssh_exec("cat /etc/\x73\150\x61\x64\x6fw | grep {$usr}: | \143\165\x74 -d: -\x662 | \x63\x75\x74 -d$ -f 3|head -n1"); $dti1acgcrne = preg_replace('/\n/', '', $dti1acgcrne); $ZAm196gdGgS = ssh_exec("cat /etc/s\150ad\157\167 | grep {$usr}:| c\x75\x74 -d: -f2 | \143\x75t -d$ -f 2|head -n\061"); $ikq17agk6X1 = ssh_exec("cat /etc/\163\150\x61\x64o\x77 | grep {$usr}: | \143u\x74 -d: -\146\x32|head -n\061"); $ikq17agk6X1 = preg_replace('/\n/', '', $ikq17agk6X1); if ($ZAm196gdGgS == 1){ $aTZ143gktVO = crypt($pas, "\$1\$$dti1acgcrne\$"); } else if ($ZAm196gdGgS == 5){ $aTZ143gktVO = crypt($pas, "\$5\$$dti1acgcrne\$"); } else if ($ZAm196gdGgS == 6){ $aTZ143gktVO = crypt($pas, "\$6\$$dti1acgcrne\$"); } else{ header("L\157c\x61\x74\x69\157n: ../login.\x70\x68\160?login=e\x6e\x63\x72\171\160\x74\x69\x6fn");
exit; } } else{ header("\114\157c\x61\164i\x6f\x6e: ../login.\x70hp?login=\163\x75s\160\145nde\144"); exit; }
$cIf1adgd5AD = ssh_exec("cat /etc/\163\150ad\157w | grep root: | \x63\165\x74 -d: -f2 | \143ut -d$ -f 3|head -\156\061"); $cIf1adgd5AD = preg_replace('/\n/', '', $cIf1adgd5AD); $dnj197g_bSq = ssh_exec("cat /etc/\163\x68ad\x6f\x77 | grep root:| \x63\x75\164 -d: -\x662 | \143\x75\x74 -d$ -f 2|head -n\061"); $VDU17bgh_95 = ssh_exec("cat /etc/s\150\141d\x6f\x77 | grep root: | \x63\165\x74 -d: -\x66\x32|head -n\061"); $VDU17bgh_95 = preg_replace('/\n/', '', $VDU17bgh_95); if ($dnj197g_bSq == 1){ $YTp144g86jk = crypt($pas, "\$1\$$cIf1adgd5AD\$"); } else if ($dnj197g_bSq == 5){ $YTp144g86jk = crypt($pas, "\$5\$$cIf1adgd5AD\$"); } else if ($dnj197g_bSq == 6){ $YTp144g86jk = crypt($pas, "\$6\$$cIf1adgd5AD\$"); }
if($aTZ143gktVO == $ikq17agk6X1 || $YTp144g86jk == $VDU17bgh_95){ session_name("\x63\167\x70s\162\x76"); session_start(); $_SESSION['username'] = $usr; $_SESSION['logged'] = TRUE; $_SESSION['rkey'] = $KUZ43fgD10B;
if ($usr == "root"){ if (isset($_POST['fast_login'])){ header("\x4c\157\x63at\151\x6f\x6e: index.\x70\x68\x70?\155o\144\165\154\145=\x66\141\163\164_l\157\147\x69\156");
} else{ header("Lo\x63a\164\151\157\156: index.\160\x68p?c\150\x6b=y");
} } else{ header("L\157c\x61\x74i\x6f\156: index.\x70\x68\160");
} ssh_exec('echo "'.$date_time.' '.$usr.' Successful Login from: '.$sXE427gRo6p.' on: '.Vtf27agDV6t().'" >> /var/log/cwp_client_login.log');
ssh_exec("csf -ta {$sXE427gRo6p} 86400"); exit; }else{ header("L\x6fcat\x69\157\156: login.\160\x68p?login=\146\141\x69\154ed"); ssh_exec('echo "'.$date_time.' '.$usr.' Failed Login from: '.$sXE427gRo6p.' on: '.Vtf27agDV6t().'" >> /var/log/cwp_client_login.log');
exit; } } else{ header("\114\157c\141t\151on: login.\x70\150\160?login=\156o\x70\x61s\x73\167o\x72\144"); exit; } } else{ header("\x4c\x6fc\x61\164\151o\156: login.p\x68\160?login=\156\x6fu\163\x65\162\x6e\141\155\x65"); exit; } } print(agF1gTdKEBPd6CaJ($bwtnuw10)); if ($_GET['login'] == "\156\x6fuse\x72\156\x61me"){ echo "<br>*Em\160t\x79 \x55\163\145r\x6e\141\x6de*"; } if ($_GET['login'] == "no\x70\141\x73sw\157r\144"){ echo "<br>*E\x6d\160t\x79 \120a\x73\163\167\157\x72d*"; } if ($_GET['login'] == "f\141i\154\145\144"){ echo "<br>*L\x6f\147\x69\156 fa\151\154e\x64*"; } if ($_GET['login'] == "logout"){ echo "<br>*\x59o\165 have l\x6f\147\147\x65d out.*"; } if ($_GET['login'] == "error"){ echo "<br>*Err\157r in login*"; } if ($_GET['login'] == "\163\165\x73\160\x65\x6eded"){ echo "<br>*Account \123u\163\x70e\x6e\144\x65\x64*"; } if ($_GET['login'] == "\x65\156c\162yp\164io\156"){ echo "<br>*\x45\156c\x72\171\x70\x74\151o\x6e error please contact \x73u\160\160\157\162\164*"; } print(agF1gTdKEBPd6CaJ($bpslvr11)); if ($_SERVER['HTTPS'] != "on") { $Pjb3dbgnnOb = $_SERVER["S\x45\x52\x56\105R_P\117\x52\x54"] + 1; $url = "\150\x74\164ps://".$_SERVER['SERVER_NAME'].":".$Pjb3dbgnnOb.$_SERVER['REQUEST_URI'];
echo " <p>\x50\154\x65\x61s\x65 \x75\x73\145 S\123L login <a href='$url'>\103l\151ck \150e\162\145 \146o\162 \123\x53\114 login</a>.</p>"; } else { echo " <p>\x59ou are using \123\123\x4c login.</p>"; } print(agF1gTdKEBPd6CaJ($jqhmoy12));Function Calls
| shell_exec | 1 |
| file_exists | 1 |
Stats
| MD5 | 516a9071f99778e2eefba44e6ddeaf74 |
| Eval Count | 0 |
| Decode Time | 117 ms |