Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php require __DIR__ . "\x2f\56\x2e\x2f\56\x2e\57\x2e\x2e\x2f\56\x2e\57\166\145\x6e\x64..

Decoded Output download

<?php 
 require __DIR__ . "/../../../../vendor/autoload.php"; require __DIR__ . "/../../../../sys/protect.php"; require __DIR__ . "/../../../../sys/Class/core/Telegram.php"; use phpseclib3\Net\SSH2; goto xrmwG; gDGv8: $check = (new Server())->find("ip=:ip", "ip={$_POST["address"]}")->fetch(); goto R3Nri; xrmwG: $_POST = json_decode(file_get_contents("php://input"), true); goto s6SLg; UOVNu: if (empty($_POST["server_password"])) { echo json_encode(array("error" => true, "message" => "Por favor, digite a senha do servidor.")); die; } goto yUFMK; VrG3d: if ($checkTotal > 3) { echo json_encode(array("error" => true, "message" => "Voc\303\252 n\303\xa3o pode adicionar mais servidores.")); die; } goto gDGv8; s6SLg: if (empty($_POST["address"])) { echo json_encode(array("error" => true, "message" => "Por favor, digite o endere\xc3\247o do servidor.")); die; } goto UOVNu; yUFMK: $checkTotal = (new Server())->find()->count(); goto VrG3d; R3Nri: if (isset($check)) { echo json_encode(array("error" => true, "message" => "Este servidor j\303\241 foi adicionado!")); } else { try { $ssh = new SSH2($_POST["address"]); if (!$ssh->login("root", $_POST["server_password"])) { echo json_encode(array("error" => true, "message" => "Erro ao autenticar, verifique o endere\303\247o e senha do servidor!")); die; } $ssh->exec("mkdir /etc/tbot; cd /etc/tbot; rm *; wget " . SITE["url"] . "sh/criarusuario.sh; wget " . SITE["url"] . "sh/remover.sh; chmod +x *.sh"); } catch (Exception $e) { echo json_encode(array("error" => true, "message" => "Ocorreu um erro ao conectar ao servidor.")); die; } $server = new Server(); $server->ip = strip_tags($_POST["address"]); $server->server_password = strip_tags($_POST["server_password"]); $server->acc_duration = strip_tags($_POST["acc_duration"]); $server->test_duration = strip_tags($_POST["test_duration"]); $server->icon = strip_tags($_POST["picture"]); $server->price_per_login = strip_tags($_POST["price_per_account"]); if ($server->save()) { echo json_encode(array("error" => false, "message" => "O servidor foi adicionado com sucesso!")); } else { echo json_encode(array("error" => true, "message" => $server->fail()->getMessage())); } } ?>

Did this file decode correctly?

Original Code

<?php
 require __DIR__ . "\x2f\56\x2e\x2f\56\x2e\57\x2e\x2e\x2f\56\x2e\57\166\145\x6e\x64\157\162\x2f\x61\x75\164\x6f\x6c\157\141\144\x2e\x70\x68\160"; require __DIR__ . "\x2f\x2e\x2e\x2f\56\x2e\x2f\56\56\x2f\56\56\x2f\163\x79\x73\x2f\160\162\x6f\164\x65\143\164\56\160\x68\x70"; require __DIR__ . "\57\x2e\x2e\57\56\56\x2f\56\56\x2f\x2e\x2e\x2f\x73\x79\x73\x2f\x43\x6c\x61\x73\163\57\x63\x6f\x72\145\57\124\x65\154\145\147\162\x61\155\56\160\150\x70"; use phpseclib3\Net\SSH2; goto xrmwG; gDGv8: $check = (new Server())->find("\x69\160\75\72\x69\160", "\151\160\x3d{$_POST["\x61\x64\x64\x72\145\x73\163"]}")->fetch(); goto R3Nri; xrmwG: $_POST = json_decode(file_get_contents("\x70\150\160\72\57\57\151\x6e\160\165\164"), true); goto s6SLg; UOVNu: if (empty($_POST["\x73\x65\162\166\145\162\137\160\x61\x73\x73\x77\x6f\x72\144"])) { echo json_encode(array("\145\162\x72\157\162" => true, "\155\145\163\x73\141\147\x65" => "\x50\x6f\162\x20\x66\x61\166\x6f\162\54\x20\x64\151\x67\x69\164\145\40\x61\x20\x73\145\x6e\x68\141\40\144\x6f\40\163\145\x72\166\x69\x64\157\x72\56")); die; } goto yUFMK; VrG3d: if ($checkTotal > 3) { echo json_encode(array("\x65\x72\x72\x6f\162" => true, "\155\145\163\163\141\x67\145" => "\x56\x6f\143\303\252\40\x6e\303\xa3\x6f\40\x70\x6f\144\x65\40\141\144\151\x63\x69\x6f\x6e\141\162\x20\155\x61\x69\163\40\163\x65\x72\166\151\144\x6f\162\x65\163\56")); die; } goto gDGv8; s6SLg: if (empty($_POST["\x61\144\x64\x72\145\163\x73"])) { echo json_encode(array("\x65\162\x72\x6f\162" => true, "\x6d\145\163\x73\x61\x67\145" => "\x50\157\162\x20\x66\141\166\x6f\x72\54\40\144\x69\x67\151\x74\x65\40\x6f\40\145\156\144\145\162\x65\xc3\247\x6f\40\x64\157\40\163\x65\162\166\151\x64\x6f\x72\56")); die; } goto UOVNu; yUFMK: $checkTotal = (new Server())->find()->count(); goto VrG3d; R3Nri: if (isset($check)) { echo json_encode(array("\145\x72\x72\x6f\162" => true, "\x6d\x65\x73\163\x61\147\145" => "\105\163\164\x65\x20\x73\x65\x72\x76\x69\x64\x6f\162\40\152\303\241\40\x66\x6f\x69\x20\x61\144\x69\x63\x69\x6f\x6e\x61\x64\x6f\x21")); } else { try { $ssh = new SSH2($_POST["\x61\144\x64\162\145\x73\163"]); if (!$ssh->login("\162\157\x6f\x74", $_POST["\163\x65\x72\166\145\x72\137\x70\x61\163\163\x77\x6f\x72\x64"])) { echo json_encode(array("\x65\x72\x72\x6f\x72" => true, "\x6d\145\163\x73\x61\x67\x65" => "\105\x72\x72\157\40\141\x6f\40\141\x75\164\x65\x6e\x74\151\x63\x61\162\x2c\40\x76\x65\162\x69\x66\x69\161\x75\x65\40\157\x20\x65\156\144\145\x72\x65\303\247\x6f\40\x65\x20\x73\145\156\x68\141\40\x64\x6f\x20\163\x65\162\166\151\144\x6f\x72\41")); die; } $ssh->exec("\x6d\x6b\144\x69\162\x20\x2f\145\x74\x63\x2f\164\x62\157\164\73\40\x63\x64\40\x2f\x65\164\143\57\164\142\x6f\164\73\40\x72\155\x20\x2a\73\x20\167\147\145\164\40" . SITE["\165\x72\154"] . "\163\150\57\x63\162\151\x61\x72\x75\x73\165\141\x72\151\157\56\x73\x68\x3b\x20\167\147\x65\x74\40" . SITE["\x75\162\x6c"] . "\163\x68\57\x72\x65\x6d\x6f\x76\145\162\x2e\x73\150\x3b\x20\143\x68\155\157\144\x20\53\x78\40\52\x2e\x73\x68"); } catch (Exception $e) { echo json_encode(array("\145\162\x72\x6f\162" => true, "\x6d\145\163\x73\141\147\x65" => "\117\143\x6f\x72\x72\x65\x75\x20\x75\155\40\x65\162\162\157\40\141\x6f\40\143\x6f\156\x65\x63\x74\141\x72\40\x61\x6f\x20\x73\x65\162\x76\151\x64\157\162\x2e")); die; } $server = new Server(); $server->ip = strip_tags($_POST["\x61\x64\x64\x72\145\163\x73"]); $server->server_password = strip_tags($_POST["\163\x65\x72\166\x65\162\x5f\x70\x61\163\163\x77\x6f\x72\144"]); $server->acc_duration = strip_tags($_POST["\141\x63\143\137\x64\x75\x72\141\x74\x69\x6f\x6e"]); $server->test_duration = strip_tags($_POST["\x74\x65\x73\x74\137\x64\165\x72\141\x74\x69\157\156"]); $server->icon = strip_tags($_POST["\160\x69\143\164\165\162\x65"]); $server->price_per_login = strip_tags($_POST["\160\x72\151\143\x65\137\160\145\162\x5f\141\x63\143\157\x75\x6e\164"]); if ($server->save()) { echo json_encode(array("\x65\162\x72\157\x72" => false, "\155\x65\x73\x73\141\147\145" => "\117\x20\163\x65\x72\x76\151\x64\157\x72\40\x66\x6f\151\x20\141\x64\x69\143\151\x6f\x6e\x61\144\x6f\40\143\x6f\x6d\x20\163\165\x63\x65\163\163\x6f\41")); } else { echo json_encode(array("\x65\162\x72\x6f\162" => true, "\x6d\145\163\x73\141\147\x65" => $server->fail()->getMessage())); } }

Function Calls

None

Variables

None

Stats

MD5 897cdfd52db719569e39b5584399621f
Eval Count 0
Decode Time 41 ms