Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php /* Code By Adukawa TraN Manh Hung 08:32:40 Am 06/08/2020 */ eval(base64_decode..
Decoded Output download
session_start();
$lock=file_get_contents('http://hoangken.viwap.com/key');
//color
$res="[0m";
$red="[0;31m";
$green="[0;32m";
$yellow="[0;33m";
$banner="
Compilation: Trn Mnh Hng.
Facebook: Https://Facebook.com/hoang.ken.info/
";
//config
$keylock=md5(htmlspecialchars($lock));
echo $res;
if (md5('08072000') != $keylock){
exit($red."Not Activated
$res");}else{echo $green."Activated
$res";
sleep(1);
@system('clear');
echo $green."Ti Khon: $yellow";
$_SESSION["username"]=trim(fgets(STDIN));
echo $green."Mt Khu: $yellow";
$_SESSION['password']=trim(fgets(STDIN));
echo $green."Cookie: $yellow";
$cookie=trim(fgets(STDIN));
echo"$res";
$key=array('key' => 'dcfcd07e645d245babe887e5e2daa016');
$ua='Mozilla/5.0 (Linux; Android 10; SM-J600G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36';
//login tds
$ch=curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, 'https://traodoisub.com/scr/login.php');
curl_setopt($ch, CURLOPT_COOKIEJAR, "TDS.txt");
curl_setopt($ch, CURLOPT_USERAGENT, $ua);
$login =array('username' => $_SESSION['username'],'password' => $_SESSION['password'],'submit' => ' ng Nhp');
curl_setopt($ch, CURLOPT_POST,count($login));
curl_setopt($ch, CURLOPT_POSTFIELDS,$login);
curl_setopt($ch, CURLOPT_COOKIEFILE, "TDS.txt");
$source=curl_exec($ch);
$not1=explode('{"', $source);
$not=explode('"', $not1[1]);
curl_close($ch);
if($not[0]=='success'){
@system('clear');
echo $banner;
echo $green."ng Nhp Thnh Cng.
$res";
echo"Thi Gian Ch (Ti Thiu 9 Giy): ";
$_SESSION['delay']=trim(fgets(STDIN));
if($_SESSION['delay'] < 9)
{exit($red."Ti Thiu 9 Giy
");}
echo'S Ln Chy: ';
$_SESSION['i']=trim(fgets(STDIN));
if($_SESSION['i'] < 1)
{exit($red."Ti Thiu 1 Ln
");}
}
else{exit($red."ng Nhp Tht Bi.
$res");}
//login fb
$ch=curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://mbasic.facebook.com/');
$head[] = "Connection: keep-alive";
$head[] = "Keep-Alive: 300";
$head[] = "ccept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7";
$head[] = "Accept-Language: en-us,en;q=0.5";
curl_setopt($ch, CURLOPT_USERAGENT, 'Opera/9.80 (Windows NT 6.0) Presto/2.12.388 Version/12.14');
curl_setopt($ch, CURLOPT_ENCODING, '');
curl_setopt($ch, CURLOPT_COOKIE, $cookie);
curl_setopt($ch, CURLOPT_HTTPHEADER, $head);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 60);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect
:'));
curl_exec($ch);
curl_close($ch);
// get id
$i=0;
while ($i <= $_SESSION['i'] - 1){
$i++;
sleep(5);
$ch=curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, 'https://traodoisub.com/scr/loadsub.php');
curl_setopt($ch, CURLOPT_USERAGENT, $ua);
curl_setopt($ch, CURLOPT_POST, count($key));
curl_setopt($ch, CURLOPT_POSTFIELDS, $key);
curl_setopt($ch, CURLOPT_COOKIEFILE, 'TDS.txt');
$tid=curl_exec($ch);
$id1=explode('id="', $tid);
$id=explode('"', $id1[4]);
curl_close($ch);
//follow fb
sleep(1);
$linkid='https://mbasic.facebook.com/profile.php?id='.$id[0];
$ch = @curl_init();
curl_setopt($ch, CURLOPT_URL, $linkid);
$head[] = "Connection: keep-alive";
$head[] = "Keep-Alive: 300";
$head[] = "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7";
$head[] = "Accept-Language: en-us,en;q=0.5";
curl_setopt($ch, CURLOPT_USERAGENT, 'Opera/9.80 (Windows NT 6.0) Presto/2.12.388 Version/12.14');
curl_setopt($ch, CURLOPT_ENCODING, '');
curl_setopt($ch, CURLOPT_COOKIE, $cookie);
curl_setopt($ch, CURLOPT_HTTPHEADER, $head);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 60);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect
:'));
$page = curl_exec($ch);
preg_match('#href="/a/subscribe.php?(.+?)"#is', $page, $_link);
$link= html_entity_decode('https://mbasic.facebook.com/a/subscribe.php'.$_link[1]);
curl_setopt($ch, CURLOPT_URL, $link);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_exec($ch);
curl_close($ch);
//addxu
sleep(2);
$ch=curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://traodoisub.com/scr/nhantiensub.php');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, $ua);
$tdsxu=array('id' => $id[0]);
curl_setopt($ch, CURLOPT_POST,count($tdsxu));
curl_setopt($ch, CURLOPT_POSTFIELDS,$tdsxu);
curl_setopt($ch, CURLOPT_COOKIEFILE, "TDS.txt");
$xu=curl_exec($ch);
curl_close($ch);
if($xu=='1'){echo"[$green".$i."$res]$red Bn Cha Follow ID Ny.$res";}
if($xu=='2'){echo "[$green".$i."$res] ID:".$id[0]." |$green Thnh Cng$res | +600 XU";}
echo "
";
sleep($_SESSION['delay'] -9);}
}
Did this file decode correctly?
Original Code
<?php
/*
Code By Adukawa
TraN Manh Hung
08:32:40 Am 06/08/2020
*/
eval(base64_decode('CnNlc3Npb25fc3RhcnQoKTsKJGxvY2s9ZmlsZV9nZXRfY29udGVudHMoJ2h0dHA6Ly9ob2FuZ2tlbi52aXdhcC5jb20va2V5Jyk7Ci8vY29sb3IKJHJlcz0iXDAzM1swbSI7CiRyZWQ9IlwwMzNbMDszMW0iOwokZ3JlZW49IlwwMzNbMDszMm0iOwokeWVsbG93PSJcMDMzWzA7MzNtIjsKJGJhbm5lcj0iXHIKQ29tcGlsYXRpb246IFRy4bqnbiBN4bqhbmggSMO5bmcuCkZhY2Vib29rOiBIdHRwczovL0ZhY2Vib29rLmNvbS9ob2FuZy5rZW4uaW5mby9cbgpcbiI7Ci8vY29uZmlnCiRrZXlsb2NrPW1kNShodG1sc3BlY2lhbGNoYXJzKCRsb2NrKSk7CmVjaG8gJHJlczsKaWYgKG1kNSgnMDgwNzIwMDAnKSAhPSAka2V5bG9jayl7CmV4aXQoJHJlZC4iTm90IEFjdGl2YXRlZFxuJHJlcyIpO31lbHNle2VjaG8gJGdyZWVuLiJBY3RpdmF0ZWRcbiRyZXMiOwpzbGVlcCgxKTsKQHN5c3RlbSgnY2xlYXInKTsKZWNobyAkZ3JlZW4uIlTDoGkgS2hv4bqjbjogJHllbGxvdyI7CiRfU0VTU0lPTlsidXNlcm5hbWUiXT10cmltKGZnZXRzKFNURElOKSk7CmVjaG8gJGdyZWVuLiJN4bqtdCBLaOG6qXU6ICR5ZWxsb3ciOwokX1NFU1NJT05bJ3Bhc3N3b3JkJ109dHJpbShmZ2V0cyhTVERJTikpOwplY2hvICRncmVlbi4iQ29va2llOiAkeWVsbG93IjsKJGNvb2tpZT10cmltKGZnZXRzKFNURElOKSk7CmVjaG8iJHJlcyI7CiRrZXk9YXJyYXkoJ2tleScgPT4gJ2RjZmNkMDdlNjQ1ZDI0NWJhYmU4ODdlNWUyZGFhMDE2Jyk7CiR1YT0nTW96aWxsYS81LjAgKExpbnV4OyBBbmRyb2lkIDEwOyBTTS1KNjAwRykgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgzLjAuNDEwMy4xMDYgTW9iaWxlIFNhZmFyaS81MzcuMzYnOwovL2xvZ2luIHRkcwokY2g9Y3VybF9pbml0KCk7CmN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9SRVRVUk5UUkFOU0ZFUiwgMSk7CmN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9VUkwsICdodHRwczovL3RyYW9kb2lzdWIuY29tL3Njci9sb2dpbi5waHAnKTsKY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX0NPT0tJRUpBUiwgIlREUy50eHQiKTsKY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1VTRVJBR0VOVCwgJHVhKTsKJGxvZ2luID1hcnJheSgndXNlcm5hbWUnID0+ICRfU0VTU0lPTlsndXNlcm5hbWUnXSwncGFzc3dvcmQnID0+ICRfU0VTU0lPTlsncGFzc3dvcmQnXSwnc3VibWl0JyA9PiAnIMSQxINuZyBOaOG6rXAnKTsKY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1BPU1QsY291bnQoJGxvZ2luKSk7CmN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9QT1NURklFTERTLCRsb2dpbik7CmN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9DT09LSUVGSUxFLCAiVERTLnR4dCIpOwokc291cmNlPWN1cmxfZXhlYygkY2gpOwokbm90MT1leHBsb2RlKCd7IicsICRzb3VyY2UpOwokbm90PWV4cGxvZGUoJyInLCAkbm90MVsxXSk7CmN1cmxfY2xvc2UoJGNoKTsKCmlmKCRub3RbMF09PSdzdWNjZXNzJyl7CkBzeXN0ZW0oJ2NsZWFyJyk7CmVjaG8gJGJhbm5lcjsKZWNobyAkZ3JlZW4uIsSQxINuZyBOaOG6rXAgVGjDoG5oIEPDtG5nLlxuJHJlcyI7CmVjaG8iVGjhu51pIEdpYW4gQ2jhu50gKFThu5FpIFRoaeG7g3UgOSBHacOieSk6ICI7CiRfU0VTU0lPTlsnZGVsYXknXT10cmltKGZnZXRzKFNURElOKSk7CmlmKCRfU0VTU0lPTlsnZGVsYXknXSA8IDkpCntleGl0KCRyZWQuIlThu5FpIFRoaeG7g3UgOSBHacOieVxuIik7fQplY2hvJ1Phu5EgTOG6p24gQ2jhuqF5OiAnOwokX1NFU1NJT05bJ2knXT10cmltKGZnZXRzKFNURElOKSk7CmlmKCRfU0VTU0lPTlsnaSddIDwgMSkKe2V4aXQoJHJlZC4iVOG7kWkgVGhp4buDdSAxIEzhuqduXG4iKTt9Cn0KZWxzZXtleGl0KCRyZWQuIsSQxINuZyBOaOG6rXAgVGjhuqV0IELhuqFpLlxuICRyZXMiKTt9Ci8vbG9naW4gZmIKJGNoPWN1cmxfaW5pdCgpOwpjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfVVJMLCAnaHR0cHM6Ly9tYmFzaWMuZmFjZWJvb2suY29tLycpOwokaGVhZFtdID0gIkNvbm5lY3Rpb246IGtlZXAtYWxpdmUiOwokaGVhZFtdID0gIktlZXAtQWxpdmU6IDMwMCI7CiRoZWFkW10gPSAiY2NlcHQtQ2hhcnNldDogSVNPLTg4NTktMSx1dGYtODtxPTAuNywqO3E9MC43IjsKJGhlYWRbXSA9ICJBY2NlcHQtTGFuZ3VhZ2U6IGVuLXVzLGVuO3E9MC41IjsKY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1VTRVJBR0VOVCwgJ09wZXJhLzkuODAgKFdpbmRvd3MgTlQgNi4wKSBQcmVzdG8vMi4xMi4zODggVmVyc2lvbi8xMi4xNCcpOwpjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfRU5DT0RJTkcsICcnKTsKY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX0NPT0tJRSwgJGNvb2tpZSk7CmN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9IVFRQSEVBREVSLCAkaGVhZCk7CmN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9SRVRVUk5UUkFOU0ZFUiwgMSk7CmN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9TU0xfVkVSSUZZUEVFUiwgRkFMU0UpOwpjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfVElNRU9VVCwgNjApOwpjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfQ09OTkVDVFRJTUVPVVQsIDYwKTsKY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX0ZPTExPV0xPQ0FUSU9OLCBUUlVFKTsKY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX0hUVFBIRUFERVIsIGFycmF5KCdFeHBlY3QKOicpKTsKY3VybF9leGVjKCRjaCk7CmN1cmxfY2xvc2UoJGNoKTsKLy8gZ2V0IGlkCiRpPTA7CndoaWxlICgkaSA8PSAkX1NFU1NJT05bJ2knXSAtIDEpewokaSsrOwpzbGVlcCg1KTsKJGNoPWN1cmxfaW5pdCgpOwpjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfUkVUVVJOVFJBTlNGRVIsIDEpOwpjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfVVJMLCAnaHR0cHM6Ly90cmFvZG9pc3ViLmNvbS9zY3IvbG9hZHN1Yi5waHAnKTsKY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1VTRVJBR0VOVCwgJHVhKTsKY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1BPU1QsIGNvdW50KCRrZXkpKTsKY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1BPU1RGSUVMRFMsICRrZXkpOwpjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfQ09PS0lFRklMRSwgJ1REUy50eHQnKTsKJHRpZD1jdXJsX2V4ZWMoJGNoKTsKJGlkMT1leHBsb2RlKCdpZD0iJywgJHRpZCk7CiRpZD1leHBsb2RlKCciJywgJGlkMVs0XSk7CmN1cmxfY2xvc2UoJGNoKTsKLy9mb2xsb3cgZmIKc2xlZXAoMSk7CiRsaW5raWQ9J2h0dHBzOi8vbWJhc2ljLmZhY2Vib29rLmNvbS9wcm9maWxlLnBocD9pZD0nLiRpZFswXTsKJGNoID0gQGN1cmxfaW5pdCgpOwpjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfVVJMLCAkbGlua2lkKTsKJGhlYWRbXSA9ICJDb25uZWN0aW9uOiBrZWVwLWFsaXZlIjsKJGhlYWRbXSA9ICJLZWVwLUFsaXZlOiAzMDAiOwokaGVhZFtdID0gIkFjY2VwdC1DaGFyc2V0OiBJU08tODg1OS0xLHV0Zi04O3E9MC43LCo7cT0wLjciOwokaGVhZFtdID0gIkFjY2VwdC1MYW5ndWFnZTogZW4tdXMsZW47cT0wLjUiOwpjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfVVNFUkFHRU5ULCAnT3BlcmEvOS44MCAoV2luZG93cyBOVCA2LjApIFByZXN0by8yLjEyLjM4OCBWZXJzaW9uLzEyLjE0Jyk7CmN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9FTkNPRElORywgJycpOwpjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfQ09PS0lFLCAkY29va2llKTsKY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX0hUVFBIRUFERVIsICRoZWFkKTsKY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1JFVFVSTlRSQU5TRkVSLCAxKTsKY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1NTTF9WRVJJRllIT1NULCBGQUxTRSk7CmN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9TU0xfVkVSSUZZUEVFUiwgRkFMU0UpOwpjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfVElNRU9VVCwgNjApOwpjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfQ09OTkVDVFRJTUVPVVQsIDYwKTsKY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX0ZPTExPV0xPQ0FUSU9OLCBUUlVFKTsKY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX0hUVFBIRUFERVIsIGFycmF5KCdFeHBlY3QKOicpKTsKJHBhZ2UgPSBjdXJsX2V4ZWMoJGNoKTsKcHJlZ19tYXRjaCgnI2hyZWY9Ii9hL3N1YnNjcmliZS5waHA/KC4rPykiI2lzJywgJHBhZ2UsICRfbGluayk7CiRsaW5rPSBodG1sX2VudGl0eV9kZWNvZGUoJ2h0dHBzOi8vbWJhc2ljLmZhY2Vib29rLmNvbS9hL3N1YnNjcmliZS5waHAnLiRfbGlua1sxXSk7CmN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9VUkwsICRsaW5rKTsKY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1JFVFVSTlRSQU5TRkVSLCAxKTsKY3VybF9leGVjKCRjaCk7CmN1cmxfY2xvc2UoJGNoKTsKLy9hZGR4dQpzbGVlcCgyKTsKJGNoPWN1cmxfaW5pdCgpOwpjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfVVJMLCAnaHR0cHM6Ly90cmFvZG9pc3ViLmNvbS9zY3IvbmhhbnRpZW5zdWIucGhwJyk7CmN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9SRVRVUk5UUkFOU0ZFUiwgMSk7CmN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9VU0VSQUdFTlQsICR1YSk7CiR0ZHN4dT1hcnJheSgnaWQnID0+ICRpZFswXSk7CmN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9QT1NULGNvdW50KCR0ZHN4dSkpOwpjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfUE9TVEZJRUxEUywkdGRzeHUpOwpjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfQ09PS0lFRklMRSwgIlREUy50eHQiKTsKJHh1PWN1cmxfZXhlYygkY2gpOwpjdXJsX2Nsb3NlKCRjaCk7CmlmKCR4dT09JzEnKXtlY2hvIlskZ3JlZW4iLiRpLiIkcmVzXSRyZWQgQuG6oW4gQ2jGsGEgRm9sbG93IElEIE7DoHkuJHJlcyI7fQppZigkeHU9PScyJyl7ZWNobyAiWyRncmVlbiIuJGkuIiRyZXNdIElEOiIuJGlkWzBdLiIgfCRncmVlbiBUaMOgbmggQ8O0bmckcmVzIHwgKzYwMCBYVSI7fQplY2hvICJcbiI7CnNsZWVwKCRfU0VTU0lPTlsnZGVsYXknXSAtOSk7fQp9Cgo='))
?>Function Calls
| base64_decode | 1 |
Stats
| MD5 | a609432728cbfd15f135dd81f460476b |
| Eval Count | 1 |
| Decode Time | 79 ms |