Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php eval(gzinflate(base64_decode("lVhtbxo5EP5eqf9hukIXUCkkufT1CFUuTdRIeTugqtSqisyuYd..

Decoded Output download

ob_start();




$sub = get_loaded_extensions();

if(!in_array("curl", $sub)){

die('Can not connect to this server to reconnect to the server ip_address');

}





?>
<?php

if($_POST) {

$hacker = $_POST['defacer'];

$method = $_POST['hackmode'];

$neden = $_POST['reason'];

$site = $_POST['domain'];



// bosmu dolumu

if ($hacker == "") {



die ("<center>Which distorted and said that if the answer is yes, type the name of<center>");

}

elseif($method == "--------SELECT--------") {

die("<center>Method must be told</center>");

}

elseif($neden == "--------SELECT--------") {



die("<center>Why do I have to tell</center>");

}

elseif($site == "") {



die("<center>Registration continued breakthroughs in the locations Zone H </center>");

}





$i = 0;

$sites = explode("
", $site);

while($i < count($sites)) {

if(substr($sites[$i], 0, 4) != "http") {

$sites[$i] = "http://".$sites[$i];



}



poster("http://zone-h.org/notify/single", $hacker, $method, $neden, $sites[$i]);



++$i;

}

echo "<center><p>Zone-h Mass Deface Poster </p></center>";



}else{



echo '<center>


<form action="" method="post">

<div id="option">

<p>Defacer<br />

<span class="ok"><input type="text" name="defacer" size="40" /></span> </p>



<p>How to hack <br /><select name="hackmode">

<option >--------SELECT--------</option>

<option value="1">known vulnerability (i.e. unpatched system)</option>

<option

value="2" >undisclosed (new) vulnerability</option>

<option

value="3" >configuration / admin. mistake</option>

<option

value="4" >brute force attack</option>



<option

value="5" >social engineering</option>

<option

value="6" >Web Server intrusion</option>

<option

value="7" >Web Server external module intrusion</option>

<option

value="8" >Mail Server intrusion</option>

<option

value="9" >FTP Server intrusion</option>

<option

value="10" >SSH Server intrusion</option>



<option

value="11" >Telnet Server intrusion</option>

<option

value="12" >RPC Server intrusion</option>

<option

value="13" >Shares misconfiguration</option>

<option

value="14" >Other Server intrusion</option>

<option

value="15" >SQL Injection</option>

<option

value="16" >URL Poisoning</option>



<option

value="17" >File Inclusion</option>

<option

value="18" >Other Web Application bug</option>

<option

value="19" >Remote administrative panel access through bruteforcing</option>

<option

value="20" >Remote administrative panel access through password guessing</option>

<option

value="21" >Remote administrative panel access through social engineering</option>

<option

value="22" >Attack against the administrator/user (password stealing/sniffing)</option>



<option

value="23" >Access credentials through Man In the Middle attack</option>

<option

value="24" >Remote service password guessing</option>

<option

value="25" >Remote service password bruteforce</option>

<option

value="26" >Rerouting after attacking the Firewall</option>

<option

value="27" >Rerouting after attacking the Router</option>

<option

value="28" >DNS attack through social engineering</option>



<option

value="29" >DNS attack through cache poisoning</option>

<option

value="30" >Not available</option>

</select></p>

<p> Cause of hack ? <br /><select name="reason">



<option >--------SELECT--------</option>

<option

value="1" >Heh...just for fun!</option>

<option

value="2" >Revenge against that website</option>

<option

value="3" >Political reasons</option>

<option

value="4" >As a challenge</option>

<option

value="5" >I just want to be the best defacer</option>



<option

value="6" >Patriotism</option>

<option

value="7" >Not available</option>

</select> </p>



<p>Sites <br />

<span class="fur">Put all the sites on the server</span><br />

<span class=""><textarea name="domain" cols="43" rows="17"></textarea></span> </p>

<p><input type="submit" value="Send" />

</form>
<div class ="sub">Coded By : MrTieDie</div>

<br>

</div>

</center>';



}



function poster($url, $hacker, $hackmode,$reson, $site )

{



$k = curl_init();

curl_setopt($k, CURLOPT_URL, $url);

curl_setopt($k,CURLOPT_POST,true);

curl_setopt($k, CURLOPT_POSTFIELDS,"defacer=".$hacker."&domain1=". $site."&hackmode=".$hackmode."&reason=".$reson);

curl_setopt($k,CURLOPT_FOLLOWLOCATION, true);

curl_setopt($k, CURLOPT_RETURNTRANSFER, true);



$kubra = curl_exec($k);

curl_close($k);

return $kubra;

}



?>

<body>

</body>

</html

Did this file decode correctly?

Original Code

<?php   
eval(gzinflate(base64_decode("lVhtbxo5EP5eqf9hukIXUCkkufT1CFUuTdRIeTugqtSqisyuYd0s9sr2htLT/fd7bO8CaUmA5kN3vZ4Xj5+ZeQY1vDGWaVtv/PX0SfVXM8WQDmnM7U2mWMKTG/7DcmmEkqbcKEb1Z0LeMK3ZrB7Fhc6iJjm5RuNf9z0RvL5zzCRJZSlWUvLYklVkU2HIcH3HtXvV/N43Xn0S+Q1LEs2N2Qn2/lt49/TJ++7TJ533eZqXntRurq/6gwZ5y7WUxbdQcUhh+etOwkcs5nrnm9dUm3CbqmTpuxOYqIRXGyRPuFz6rjkzSlZfjbB8WbmaMFF9dH/tNg2VmRSUqKyYFMFFqs/dOqQoKl0tA0X1qBNzabnufk5FnFIijFXa8oSYTMgwkSA2zBL0uBgxaaYuRoZm3DTJznLu1yWbcFKjSle0FDmeGe4CVZ0dTrwo//VPzk+OB9Vb5Zq7v7lXF0FqUhhLQ9hSWdJpP2KlDOBaI78Z+pzOEDY6o5TdcQ8JnmWPmgq38XtMFzp7fIxwamaBXodEK2SByA5xq7c21aoYp4aE9BHMVOz3GfqiJKePtNL2PE0EcLC7QIXBK/+RZ4BSPXr6xCcEloPkNBUZr0OkAycKaYPrplG6jbMgeeBnuf61Jr41abdJBw16huOl1ubVERc7qPzyrt2OWovlORbn7ubK4BT1avNPnO5F2lJ63EZ+itGsbYQcZ9y5HHCKh4AVPPjrLA/j9S9qxfPnNbF0KXGqaB74Tt794u3QBTOGPvgspGvvCQKbdxfBXTjs7nV+j17fTqUvrHVGSk+Ixe6aDqOIgpeHkTth5Pd0EnFHAksqd5vKxbwbHNCdoaZ2WDM5ClScwTtsvo26HSHzwvqEOowsal7kc+owKitIREb8xOvBbgQVnbaT7/qjVB7DzEc1dch1YaRgq2N45kpc0FVVm9Kv4CR1V2dKpx2+39t7x7ICivai7q1UU7wXmeSaDUUm7IzqosVbVMic2TgF0M0MAZ80Vmlyj6Wy/Yi6hUThiTNlIFWXfNq4r3mNhj+hAek1EuOiTLY2sWQiZIsmSEB2y9coOICCoS6Qz7hiIIVZi1DdE1ot+BKCRsWCZcTlWEjONdC8xtorCH3mQ+qXDUdaXbgGt0bs9X0x1xe1hGHcaJHxjdW8gZoLJrJtzb+F3OngeluxPQC22+9/fFzuAdk9yA44gGC3NutQ1bs+3lrOYamfMvR/h517qFon6lB0hVqutzbqYNT/55zO5Hceb2LKQehT7xwlTYAf/Aq5B4QcgE7RCmAmzjby6838RA54R3meidClaFisQ/meA0yPTxSyyidj2QrRXVG7eIZCGoNkUdkIyeefS7/1CbS/u53qHGV2qnRC4wLLG+jf207/1hVg36HzyBcZYmOQOLAbT68WxpRuF2CkVJ87j1rKMuhuGylGIzw0Nrj0fYfno+BurF03tXB14foF2tBZYCAXIkmylbVvhdqDRYQcbxYx3z7KLx/RMUfDutK9/8prwWnArsbERq7FhzO4d3ewU6H5lDk297im12s19fANbXyNHpc1Hy77peymKHlA2dvVymKGDkv5yvRf0SBdwlxiHGJ3qPxsmP0S1XagCd2KT4BL0DED/sDpA514v5JQhPEk+tX/bSjFcsWAkx952mq1vju6j9unUSGfbUAfevwOYeVLuYSRZcqHjjZuwB2uFUgGKltG4UBmA7pwZIhRnAJWzvIaAYf0M/KnmjLpJ85hGJyGHGslx9sADg7s18xqAepsJhsQhg0u/VcW2ffzxANcdVToqHsNpoqDh6nZ71ZyaYQu2ekDGsB1Hb9Fh2UVxfVzbIThJMP3A9yIVlPjGxYQWW3+jfTC1XusGUPMRIA3l6fvc5lElQNtR927JUH3jpAXiLrH4MMJ/T2jd3ShB4J/EAgTdgW5oS7l5yvV4LDz+6QDsPrmTeXIUyt0tjzVVPS7WQO7UNVYQw0nOx88areYrNyPGjfoBNVvI/7dcIvrq9dum3SM3n91PbjBf9CCjyu3VbvcrwVNMBH+uDK37fTs5PxDv1lNHYcY7YL7reiPcE17WAuOY6k6UbXPPWM5ZJFb9Ad91LnTq/Pzq8/nV8dHg7Oryyat97N3MvjUuxz0ji77pye9ZYkQv2KoWRVD/oPHEF5S6IeM+ZLmttCSgtD9Mft9iQCVzMqbX3pM7ST7Hw=="))); 
?>

Function Calls

gzinflate 1
base64_decode 1

Variables

None

Stats

MD5 d925fe14b983884a7cc5450760fdd309
Eval Count 1
Decode Time 87 ms