Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php /* Sucuri integrity monitor * Integrity checking and server side scanning. * ..

Decoded Output download

/* Sucuri integrity monitor . 
 * Connects back home.
 * Copyright (C) 2010-2018 Sucuri, LLC
 * Do not distribute or share.
 */


$SUCURIPWD = "535e26eb0f3324e8056fe6954976b04c62eb977f2cc51";


if(isset($_GET['test']))
{
    echo "OK: Sucuri: Found
";
    exit(0);
}



/* Valid argument. */
if(!isset($_GET['run']))
{
    exit(0);
}


/* Must have an IP address. */
if(!isset($_SERVER['REMOTE_ADDR']))
{
    exit(0);
}

$origremoteip = $_SERVER['REMOTE_ADDR'];

/* If coming from cloudflare: */
if(isset($_SERVER['HTTP_CF_CONNECTING_IP']) && $_SERVER['REMOTE_ADDR'] !== $_SERVER['HTTP_CF_CONNECTING_IP'])
{
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];
}
/* CloudProxy headers. */
else if(isset($_SERVER['HTTP_X_SUCURI_CLIENTIP']))
{
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_SUCURI_CLIENTIP'];
}
/* More gateway requests. */
else if(isset($_SERVER['HTTP_X_ORIG_CLIENT_IP']))
{
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_ORIG_CLIENT_IP'];
}
else if(isset($_SERVER['HTTP_CLIENT_IP']))
{
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CLIENT_IP'];
}
/* Proxy requests. */
else if(isset($_SERVER['HTTP_TRUE_CLIENT_IP']))
{
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_TRUE_CLIENT_IP'];
}
/* Proxy requests. */
else if(isset($_SERVER['HTTP_X_REAL_IP']))
{
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_REAL_IP'];
}
/* More gateway requests. */
else if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
{
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
}


$myiplist = array(
'69.164.211.37',
'72.14.187.58',
'69.164.196.53',
'50.116.47.181',
'66.228.34.49',
'66.228.40.185',
'50.116.36.92',
'50.116.36.93',
'50.116.3.171',
'198.58.96.212',
'50.116.63.221',
'192.155.92.112',
'192.81.128.31',
'198.58.106.244',
'192.155.95.139',
'23.239.9.227',
'198.58.112.103',
'192.155.94.43',
'162.216.16.33',
'104.237.143.242',
'104.237.139.227',
'45.33.76.17',
'45.79.210.57',
'173.230.133.164',
'69.164.219.45',
'45.79.207.127',
'35.226.68.129',
'96.126.117.20',
'104.237.138.168',
'45.33.99.88',
'66.228.45.197',
'66.228.52.75',
'45.79.163.69',
'45.79.1.177',
'45.79.199.76',
'45.79.9.209',
'45.79.215.51',
'45.56.111.176',
'23.239.31.144',
'45.56.118.228',
'45.33.24.53',
'66.175.220.107',
'45.56.111.176',
'23.239.31.144',
'45.56.118.228',
'45.56.90.122',

'2600:3c00::f03c:91ff:feae:e104',
'2600:3c00::f03c:91ff:fe84:e275',
'2600:3c03::f03c:91ff:fee4:c9f0',
'2600:3c02::f03c:91ff:fee4:c998',
'2600:3c00::f03c:91ff:fe84:e218',
'2600:3c02::f03c:91ff:fedf:58c6',
'2600:3c02::f03c:91ff:fedf:5835',
'2600:3c03::f03c:91ff:fedf:6a7a',
'2600:3c03::f03c:91ff:fe70:36ce',
'2600:3c02::f03c:91ff:fe70:f12d',
'2600:3c01::f03c:91ff:fe70:52bb',
"2600:3c02::f03c:91ff:fe69:4b66",
"2600:3c00::f03c:91ff:fe70:5213",
"2600:3c03::f03c:91ff:fedb:b9ce",
"2600:3c00::f03c:91ff:fe6e:a046",
"2600:3c02::f03c:91ff:fe6e:a0dd",
"2600:3c03::f03c:91ff:fe6e:a0ac",
"2600:3c02::f03c:91ff:fe9b:ccac",
"2600:3c03::f03c:91ff:fe59:f1f",
"2600:3c02::f03c:91ff:fe59:fbb", 
"2600:3c03::f03c:91ff:fe59:f51",
"2600:3c00::f03c:91ff:fe59:f84", 
'2600:3c00::f03c:91ff:fe1f:75cb',
'2600:3c00::f03c:91ff:fe1f:757c',
'2600:3c02::f03c:91ff:fe1f:753c',
'fe80::fcfd:adff:fee6:8087',
'2600:3c02::f03c:91ff:fee9:64fa',
'2600:3c03::f03c:91ff:fee9:6417',
);


$ipmatches = 0;

foreach($myiplist as $myip)
{
    if(strpos($_SERVER['REMOTE_ADDR'], $myip) !== FALSE)
    {
        $ipmatches = 1;
        break;
    }
    if(strpos($origremoteip, $myip) !== FALSE)
    {
        $ipmatches = 1;
        break;
    }
}


if($ipmatches == 0)
{
    echo "ERROR: Invalid IP Address
";
    exit(0);
}


/* Valid key. */
if(!isset($_POST['sscred']))
{
    echo "ERROR: Invalid argument
";
    exit(0);
}


/* Connect back to get what to run. */
if(!function_exists('curl_exec') || isset($_GET['nocurl']))
{
    $postdata = http_build_query(
            array(
                'p' => $SUCURIPWD,
                'q' => $_POST['sscred'],
                )
            );

    $opts = array('http' =>
            array(
                'method'  => 'POST',
                'header'  => "Content-type: application/x-www-form-urlencoded
Accept: */*",
                'follow_location' => 0,
                'content' => $postdata
                )
            );

    $context = stream_context_create($opts);
    $my_sucuri_encoding = file_get_contents("https://$MYMONITOR.sucuri.net/imonitor", false, $context);

    if(strncmp($my_sucuri_encoding, "WORKED:",7) == 0)
    {
    }
    else
    {
        echo "ERROR: Unable to complete (missing curl support and file_get failed). Please contact [email protected] for guidance.
";
        exit(1);
    }
}

else
{

    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, "https://$MYMONITOR.sucuri.net/imonitor");
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, "p=$SUCURIPWD&q=".$_POST['sscred']);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);

    $my_sucuri_encoding = curl_exec($ch);
    curl_close($ch);

    if(strncmp($my_sucuri_encoding, "WORKED:",7) == 0)
    {
    }
    else
    {
        if($my_sucuri_encoding == NULL || strlen($my_sucuri_encoding) < 3)
        {
            $my_sucuri_encoding = "x2351";
        }
        echo "ERROR: Unable to connect back to Sucuri (error: $my_sucuri_encoding). Please contact [email protected] for guidance.
";
        exit(1);
    }
}


$my_sucuri_encoding =  base64_decode(
                       substr($my_sucuri_encoding, 7));


eval(
    $my_sucuri_encoding
    );

Did this file decode correctly?

Original Code

<?php
/* Sucuri integrity monitor
 * Integrity checking and server side scanning.
 *
 * Copyright (C) 2010, 2011, 2012 Sucuri, LLC
 * http://sucuri.net
 * Do not distribute or share.
 */

$MYMONITOR = "monitor20";
$my_sucuri_encoding = "



LyogU3VjdXJpIGludGVncml0eSBtb25pdG9yIC4gCiAqIENvbm5lY3RzIGJhY2sgaG9tZS4KICog
Q29weXJpZ2h0IChDKSAyMDEwLTIwMTggU3VjdXJpLCBMTEMKICogRG8gbm90IGRpc3RyaWJ1dGUg
b3Igc2hhcmUuCiAqLwoKCiRTVUNVUklQV0QgPSAiNTM1ZTI2ZWIwZjMzMjRlODA1NmZlNjk1NDk3
NmIwNGM2MmViOTc3ZjJjYzUxIjsKCgppZihpc3NldCgkX0dFVFsndGVzdCddKSkKewogICAgZWNo
byAiT0s6IFN1Y3VyaTogRm91bmRcbiI7CiAgICBleGl0KDApOwp9CgoKCi8qIFZhbGlkIGFyZ3Vt
ZW50LiAqLwppZighaXNzZXQoJF9HRVRbJ3J1biddKSkKewogICAgZXhpdCgwKTsKfQoKCi8qIE11
c3QgaGF2ZSBhbiBJUCBhZGRyZXNzLiAqLwppZighaXNzZXQoJF9TRVJWRVJbJ1JFTU9URV9BRERS
J10pKQp7CiAgICBleGl0KDApOwp9Cgokb3JpZ3JlbW90ZWlwID0gJF9TRVJWRVJbJ1JFTU9URV9B
RERSJ107CgovKiBJZiBjb21pbmcgZnJvbSBjbG91ZGZsYXJlOiAqLwppZihpc3NldCgkX1NFUlZF
UlsnSFRUUF9DRl9DT05ORUNUSU5HX0lQJ10pICYmICRfU0VSVkVSWydSRU1PVEVfQUREUiddICE9
PSAkX1NFUlZFUlsnSFRUUF9DRl9DT05ORUNUSU5HX0lQJ10pCnsKICAgICRfU0VSVkVSWydSRU1P
VEVfQUREUiddID0gJF9TRVJWRVJbJ0hUVFBfQ0ZfQ09OTkVDVElOR19JUCddOwp9Ci8qIENsb3Vk
UHJveHkgaGVhZGVycy4gKi8KZWxzZSBpZihpc3NldCgkX1NFUlZFUlsnSFRUUF9YX1NVQ1VSSV9D
TElFTlRJUCddKSkKewogICAgJF9TRVJWRVJbJ1JFTU9URV9BRERSJ10gPSAkX1NFUlZFUlsnSFRU
UF9YX1NVQ1VSSV9DTElFTlRJUCddOwp9Ci8qIE1vcmUgZ2F0ZXdheSByZXF1ZXN0cy4gKi8KZWxz
ZSBpZihpc3NldCgkX1NFUlZFUlsnSFRUUF9YX09SSUdfQ0xJRU5UX0lQJ10pKQp7CiAgICAkX1NF
UlZFUlsnUkVNT1RFX0FERFInXSA9ICRfU0VSVkVSWydIVFRQX1hfT1JJR19DTElFTlRfSVAnXTsK
fQplbHNlIGlmKGlzc2V0KCRfU0VSVkVSWydIVFRQX0NMSUVOVF9JUCddKSkKewogICAgJF9TRVJW
RVJbJ1JFTU9URV9BRERSJ10gPSAkX1NFUlZFUlsnSFRUUF9DTElFTlRfSVAnXTsKfQovKiBQcm94
eSByZXF1ZXN0cy4gKi8KZWxzZSBpZihpc3NldCgkX1NFUlZFUlsnSFRUUF9UUlVFX0NMSUVOVF9J
UCddKSkKewogICAgJF9TRVJWRVJbJ1JFTU9URV9BRERSJ10gPSAkX1NFUlZFUlsnSFRUUF9UUlVF
X0NMSUVOVF9JUCddOwp9Ci8qIFByb3h5IHJlcXVlc3RzLiAqLwplbHNlIGlmKGlzc2V0KCRfU0VS
VkVSWydIVFRQX1hfUkVBTF9JUCddKSkKewogICAgJF9TRVJWRVJbJ1JFTU9URV9BRERSJ10gPSAk
X1NFUlZFUlsnSFRUUF9YX1JFQUxfSVAnXTsKfQovKiBNb3JlIGdhdGV3YXkgcmVxdWVzdHMuICov
CmVsc2UgaWYoaXNzZXQoJF9TRVJWRVJbJ0hUVFBfWF9GT1JXQVJERURfRk9SJ10pKQp7CiAgICAk
X1NFUlZFUlsnUkVNT1RFX0FERFInXSA9ICRfU0VSVkVSWydIVFRQX1hfRk9SV0FSREVEX0ZPUidd
Owp9CgoKJG15aXBsaXN0ID0gYXJyYXkoCic2OS4xNjQuMjExLjM3JywKJzcyLjE0LjE4Ny41OCcs
Cic2OS4xNjQuMTk2LjUzJywKJzUwLjExNi40Ny4xODEnLAonNjYuMjI4LjM0LjQ5JywKJzY2LjIy
OC40MC4xODUnLAonNTAuMTE2LjM2LjkyJywKJzUwLjExNi4zNi45MycsCic1MC4xMTYuMy4xNzEn
LAonMTk4LjU4Ljk2LjIxMicsCic1MC4xMTYuNjMuMjIxJywKJzE5Mi4xNTUuOTIuMTEyJywKJzE5
Mi44MS4xMjguMzEnLAonMTk4LjU4LjEwNi4yNDQnLAonMTkyLjE1NS45NS4xMzknLAonMjMuMjM5
LjkuMjI3JywKJzE5OC41OC4xMTIuMTAzJywKJzE5Mi4xNTUuOTQuNDMnLAonMTYyLjIxNi4xNi4z
MycsCicxMDQuMjM3LjE0My4yNDInLAonMTA0LjIzNy4xMzkuMjI3JywKJzQ1LjMzLjc2LjE3JywK
JzQ1Ljc5LjIxMC41NycsCicxNzMuMjMwLjEzMy4xNjQnLAonNjkuMTY0LjIxOS40NScsCic0NS43
OS4yMDcuMTI3JywKJzM1LjIyNi42OC4xMjknLAonOTYuMTI2LjExNy4yMCcsCicxMDQuMjM3LjEz
OC4xNjgnLAonNDUuMzMuOTkuODgnLAonNjYuMjI4LjQ1LjE5NycsCic2Ni4yMjguNTIuNzUnLAon
NDUuNzkuMTYzLjY5JywKJzQ1Ljc5LjEuMTc3JywKJzQ1Ljc5LjE5OS43NicsCic0NS43OS45LjIw
OScsCic0NS43OS4yMTUuNTEnLAonNDUuNTYuMTExLjE3NicsCicyMy4yMzkuMzEuMTQ0JywKJzQ1
LjU2LjExOC4yMjgnLAonNDUuMzMuMjQuNTMnLAonNjYuMTc1LjIyMC4xMDcnLAonNDUuNTYuMTEx
LjE3NicsCicyMy4yMzkuMzEuMTQ0JywKJzQ1LjU2LjExOC4yMjgnLAonNDUuNTYuOTAuMTIyJywK
CicyNjAwOjNjMDA6OmYwM2M6OTFmZjpmZWFlOmUxMDQnLAonMjYwMDozYzAwOjpmMDNjOjkxZmY6
ZmU4NDplMjc1JywKJzI2MDA6M2MwMzo6ZjAzYzo5MWZmOmZlZTQ6YzlmMCcsCicyNjAwOjNjMDI6
OmYwM2M6OTFmZjpmZWU0OmM5OTgnLAonMjYwMDozYzAwOjpmMDNjOjkxZmY6ZmU4NDplMjE4JywK
JzI2MDA6M2MwMjo6ZjAzYzo5MWZmOmZlZGY6NThjNicsCicyNjAwOjNjMDI6OmYwM2M6OTFmZjpm
ZWRmOjU4MzUnLAonMjYwMDozYzAzOjpmMDNjOjkxZmY6ZmVkZjo2YTdhJywKJzI2MDA6M2MwMzo6
ZjAzYzo5MWZmOmZlNzA6MzZjZScsCicyNjAwOjNjMDI6OmYwM2M6OTFmZjpmZTcwOmYxMmQnLAon
MjYwMDozYzAxOjpmMDNjOjkxZmY6ZmU3MDo1MmJiJywKIjI2MDA6M2MwMjo6ZjAzYzo5MWZmOmZl
Njk6NGI2NiIsCiIyNjAwOjNjMDA6OmYwM2M6OTFmZjpmZTcwOjUyMTMiLAoiMjYwMDozYzAzOjpm
MDNjOjkxZmY6ZmVkYjpiOWNlIiwKIjI2MDA6M2MwMDo6ZjAzYzo5MWZmOmZlNmU6YTA0NiIsCiIy
NjAwOjNjMDI6OmYwM2M6OTFmZjpmZTZlOmEwZGQiLAoiMjYwMDozYzAzOjpmMDNjOjkxZmY6ZmU2
ZTphMGFjIiwKIjI2MDA6M2MwMjo6ZjAzYzo5MWZmOmZlOWI6Y2NhYyIsCiIyNjAwOjNjMDM6OmYw
M2M6OTFmZjpmZTU5OmYxZiIsCiIyNjAwOjNjMDI6OmYwM2M6OTFmZjpmZTU5OmZiYiIsIAoiMjYw
MDozYzAzOjpmMDNjOjkxZmY6ZmU1OTpmNTEiLAoiMjYwMDozYzAwOjpmMDNjOjkxZmY6ZmU1OTpm
ODQiLCAKJzI2MDA6M2MwMDo6ZjAzYzo5MWZmOmZlMWY6NzVjYicsCicyNjAwOjNjMDA6OmYwM2M6
OTFmZjpmZTFmOjc1N2MnLAonMjYwMDozYzAyOjpmMDNjOjkxZmY6ZmUxZjo3NTNjJywKJ2ZlODA6
OmZjZmQ6YWRmZjpmZWU2OjgwODcnLAonMjYwMDozYzAyOjpmMDNjOjkxZmY6ZmVlOTo2NGZhJywK
JzI2MDA6M2MwMzo6ZjAzYzo5MWZmOmZlZTk6NjQxNycsCik7CgoKJGlwbWF0Y2hlcyA9IDA7Cgpm
b3JlYWNoKCRteWlwbGlzdCBhcyAkbXlpcCkKewogICAgaWYoc3RycG9zKCRfU0VSVkVSWydSRU1P
VEVfQUREUiddLCAkbXlpcCkgIT09IEZBTFNFKQogICAgewogICAgICAgICRpcG1hdGNoZXMgPSAx
OwogICAgICAgIGJyZWFrOwogICAgfQogICAgaWYoc3RycG9zKCRvcmlncmVtb3RlaXAsICRteWlw
KSAhPT0gRkFMU0UpCiAgICB7CiAgICAgICAgJGlwbWF0Y2hlcyA9IDE7CiAgICAgICAgYnJlYWs7
CiAgICB9Cn0KCgppZigkaXBtYXRjaGVzID09IDApCnsKICAgIGVjaG8gIkVSUk9SOiBJbnZhbGlk
IElQIEFkZHJlc3NcbiI7CiAgICBleGl0KDApOwp9CgoKLyogVmFsaWQga2V5LiAqLwppZighaXNz
ZXQoJF9QT1NUWydzc2NyZWQnXSkpCnsKICAgIGVjaG8gIkVSUk9SOiBJbnZhbGlkIGFyZ3VtZW50
XG4iOwogICAgZXhpdCgwKTsKfQoKCi8qIENvbm5lY3QgYmFjayB0byBnZXQgd2hhdCB0byBydW4u
ICovCmlmKCFmdW5jdGlvbl9leGlzdHMoJ2N1cmxfZXhlYycpIHx8IGlzc2V0KCRfR0VUWydub2N1
cmwnXSkpCnsKICAgICRwb3N0ZGF0YSA9IGh0dHBfYnVpbGRfcXVlcnkoCiAgICAgICAgICAgIGFy
cmF5KAogICAgICAgICAgICAgICAgJ3AnID0+ICRTVUNVUklQV0QsCiAgICAgICAgICAgICAgICAn
cScgPT4gJF9QT1NUWydzc2NyZWQnXSwKICAgICAgICAgICAgICAgICkKICAgICAgICAgICAgKTsK
CiAgICAkb3B0cyA9IGFycmF5KCdodHRwJyA9PgogICAgICAgICAgICBhcnJheSgKICAgICAgICAg
ICAgICAgICdtZXRob2QnICA9PiAnUE9TVCcsCiAgICAgICAgICAgICAgICAnaGVhZGVyJyAgPT4g
IkNvbnRlbnQtdHlwZTogYXBwbGljYXRpb24veC13d3ctZm9ybS11cmxlbmNvZGVkXG5BY2NlcHQ6
ICovKiIsCiAgICAgICAgICAgICAgICAnZm9sbG93X2xvY2F0aW9uJyA9PiAwLAogICAgICAgICAg
ICAgICAgJ2NvbnRlbnQnID0+ICRwb3N0ZGF0YQogICAgICAgICAgICAgICAgKQogICAgICAgICAg
ICApOwoKICAgICRjb250ZXh0ID0gc3RyZWFtX2NvbnRleHRfY3JlYXRlKCRvcHRzKTsKICAgICRt
eV9zdWN1cmlfZW5jb2RpbmcgPSBmaWxlX2dldF9jb250ZW50cygiaHR0cHM6Ly8kTVlNT05JVE9S
LnN1Y3VyaS5uZXQvaW1vbml0b3IiLCBmYWxzZSwgJGNvbnRleHQpOwoKICAgIGlmKHN0cm5jbXAo
JG15X3N1Y3VyaV9lbmNvZGluZywgIldPUktFRDoiLDcpID09IDApCiAgICB7CiAgICB9CiAgICBl
bHNlCiAgICB7CiAgICAgICAgZWNobyAiRVJST1I6IFVuYWJsZSB0byBjb21wbGV0ZSAobWlzc2lu
ZyBjdXJsIHN1cHBvcnQgYW5kIGZpbGVfZ2V0IGZhaWxlZCkuIFBsZWFzZSBjb250YWN0IHN1cHBv
cnRAc3VjdXJpLm5ldCBmb3IgZ3VpZGFuY2UuXG4iOwogICAgICAgIGV4aXQoMSk7CiAgICB9Cn0K
CmVsc2UKewoKICAgICRjaCA9IGN1cmxfaW5pdCgpOwogICAgY3VybF9zZXRvcHQoJGNoLCBDVVJM
T1BUX1VSTCwgImh0dHBzOi8vJE1ZTU9OSVRPUi5zdWN1cmkubmV0L2ltb25pdG9yIik7CiAgICBj
dXJsX3NldG9wdCgkY2gsIENVUkxPUFRfUkVUVVJOVFJBTlNGRVIsIHRydWUpOwogICAgY3VybF9z
ZXRvcHQoJGNoLCBDVVJMT1BUX1BPU1QsIHRydWUpOwogICAgY3VybF9zZXRvcHQoJGNoLCBDVVJM
T1BUX1BPU1RGSUVMRFMsICJwPSRTVUNVUklQV0QmcT0iLiRfUE9TVFsnc3NjcmVkJ10pOwogICAg
Y3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1NTTF9WRVJJRllQRUVSLCB0cnVlKTsKCiAgICAkbXlf
c3VjdXJpX2VuY29kaW5nID0gY3VybF9leGVjKCRjaCk7CiAgICBjdXJsX2Nsb3NlKCRjaCk7Cgog
ICAgaWYoc3RybmNtcCgkbXlfc3VjdXJpX2VuY29kaW5nLCAiV09SS0VEOiIsNykgPT0gMCkKICAg
IHsKICAgIH0KICAgIGVsc2UKICAgIHsKICAgICAgICBpZigkbXlfc3VjdXJpX2VuY29kaW5nID09
IE5VTEwgfHwgc3RybGVuKCRteV9zdWN1cmlfZW5jb2RpbmcpIDwgMykKICAgICAgICB7CiAgICAg
ICAgICAgICRteV9zdWN1cmlfZW5jb2RpbmcgPSAieDIzNTEiOwogICAgICAgIH0KICAgICAgICBl
Y2hvICJFUlJPUjogVW5hYmxlIHRvIGNvbm5lY3QgYmFjayB0byBTdWN1cmkgKGVycm9yOiAkbXlf
c3VjdXJpX2VuY29kaW5nKS4gUGxlYXNlIGNvbnRhY3Qgc3VwcG9ydEBzdWN1cmkubmV0IGZvciBn
dWlkYW5jZS5cbiI7CiAgICAgICAgZXhpdCgxKTsKICAgIH0KfQoKCiRteV9zdWN1cmlfZW5jb2Rp
bmcgPSAgYmFzZTY0X2RlY29kZSgKICAgICAgICAgICAgICAgICAgICAgICBzdWJzdHIoJG15X3N1
Y3VyaV9lbmNvZGluZywgNykpOwoKCmV2YWwoCiAgICAkbXlfc3VjdXJpX2VuY29kaW5nCiAgICAp
Owo=

";

/* Encoded to avoid that it gets flagged by AV products or even ourselves :) */
$tempb64 =  
           base64_decode(
                          $my_sucuri_encoding);

eval(  $tempb64 
      );
exit(0); ?>

Function Calls

base64_decode 1

Variables

$tempb64 /* Sucuri integrity monitor . * Connects back home. * Cop..
$MYMONITOR monitor20
$my_sucuri_encoding LyogU3VjdXJpIGludGVncml0eSBtb25pdG9yIC4gCiAqIENvbm5l..

Stats

MD5 824ea869989472d02582afcc095d5ec0
Eval Count 1
Decode Time 111 ms