Online PHP and Javascript Decoder decode hidden script to uncover its real functionality


Show other level 

$_F=__FILE__;
$_X='Pz48P3BocAoKbjFtNXNwMWM1IEFwcFxIdHRwXEMybnRyMmxsNXJzOwoKM3M1IElsbDNtNG4xdDVcSHR0cFxSNXEzNXN0OwozczUgQXBwXEh0dHBcQzJudHIybGw1cnNcQzJudHIybGw1cjsKM3M1IEFwcFxNMmQ1bFxFeHA1bnM1R3IyM3A7CjNzNSBBM3RoOwozczUgVjFsNGQxdDJyOwozczUgQXBwXEg1bHA1cnNcQXBwSDVscDVyOwpjbDFzcyBFeHA1bnM1R3IyM3BDMm50cjJsbDVyIDV4dDVuZHMgQzJudHIybGw1cgp7CiAgICBwM2JsNGMgZjNuY3Q0Mm5fIF9fYzJuc3RyM2N0KCkKICAgIHsKICAgICAgICAkdGg0cy0+bTRkZGw1dzFyNSgnMTN0aCcpOwogICAgfQoKICAgIHAzYmw0YyBmM25jdDQybl8gNG5kNXgoKQogICAgewogICAgICAgIDRmKCFBM3RoOjozczVyKCktPmMxbignbDRzdC01eHNwNW5zNS1ncjIzcCcpICYmICFBcHBINWxwNXI6OmNoNWNrQWRtNG40c3RyMXQycigpKXsKICAgICAgICAgICAgcjV0M3JuIHY0NXcoJ2IxY2stNW5kLmMybW0ybi5uMi1wNXJtNHNzNDJuJyk7CiAgICAgICAgfTVsczV7CiAgICAgICAgICAgICQ1eHA1bnM1X2dyMjNwcyA9IEV4cDVuczVHcjIzcDo6czJydDFibDUoKS0+cDFnNG4xdDUoYTApOwogICAgICAgICAgICByNXQzcm4gdjQ1dygnYjFjay01bmQuNXhwNW5zNV9ncjIzcHMuNG5kNXgnLCBjMm1wMWN0KCc1eHA1bnM1X2dyMjNwcycpKTsKICAgICAgICB9CiAgICB9CgogICAgcDNibDRjIGYzbmN0NDJuXyBjcjUxdDUoUjVxMzVzdCAkcjVxMzVzdCkKICAgIHsKICAgICAgICA0ZighQTN0aDo6M3M1cigpLT5jMW4oJzFkZC01eHNwNW5zNS1ncjIzcCcpICYmICFBcHBINWxwNXI6OmNoNWNrQWRtNG40c3RyMXQycigpKXsKICAgICAgICAgICAgcjV0M3JuIHY0NXcoJ2IxY2stNW5kLmMybW0ybi5uMi1wNXJtNHNzNDJuJyk7CiAgICAgICAgfTVsczV7CiAgICAgICAgICAgIDRmKCEkcjVxMzVzdC0+MWxsKCkpewogICAgICAgICAgICAgICAgcjV0M3JuIHY0NXcoJ2IxY2stNW5kLjV4cDVuczVfZ3IyM3BzLmNyNTF0NScpOwogICAgICAgICAgICB9NWxzNXsKICAgICAgICAgICAgICAgICR0aDRzLT52MWw0ZDF0NSgkcjVxMzVzdCwgWwogICAgICAgICAgICAgICAgICAgICduMW01JyA9PiAncjVxMzRyNWR8c3RyNG5nfG0xeDppMCcsCiAgICAgICAgICAgICAgICAgICAgJ2Q1c2NyNHB0NDJuJyA9PiAncjVxMzRyNWR8c3RyNG5nfG0xeDphaWknCiAgICAgICAgICAgICAgICBdKTsKICAgICAgICAgICAgICAgICQ1eHA1bnM1X2dyMjNwPVsKICAgICAgICAgICAgICAgICAgICAnbjFtNScgPT4gJHI1cTM1c3QtPm4xbTUsCiAgICAgICAgICAgICAgICAgICAgJ2Q1c2NyNHB0NDJuJyA9PiAkcjVxMzVzdC0+ZDVzY3I0cHQ0Mm4sCiAgICAgICAgICAgICAgICAgICAgJ2NyNTF0NWRfYnknID0+IEEzdGg6OjRkKCkKICAgICAgICAgICAgICAgIF07CiAgICAgICAgICAgICAgICBFeHA1bnM1R3IyM3A6OjRuczVydCgkNXhwNW5zNV9ncjIzcCk7CiAgICAgICAgICAgICAgICByNXQzcm4gcjVkNHI1Y3QoKS0+cjIzdDUoJzV4cDVuczVfZ3IyM3BzJyktPnc0dGgoJ3MzY2M1c3MnLCAnUzNjYzVzc2YzbGx5IGNyNTF0NSA1eHA1bnM1IGdyMjNwLicpOwogICAgICAgICAgICB9CiAgICAgICAgfQogICAgfQoKICAgIHAzYmw0YyBmM25jdDQybl8gNWQ0dChSNXEzNXN0ICRyNXEzNXN0LCAkNGQpCiAgICB7CiAgICAgICAgNGYoIUEzdGg6OjNzNXIoKS0+YzFuKCcxZGQtNXhzcDVuczUtZ3IyM3AnKSAmJiAhQXBwSDVscDVyOjpjaDVja0FkbTRuNHN0cjF0MnIoKSl7CiAgICAgICAgICAgIHI1dDNybiB2NDV3KCdiMWNrLTVuZC5jMm1tMm4ubjItcDVybTRzczQybicpOwogICAgICAgIH01bHM1ewogICAgICAgICAgICAkZ3IyM3AgPSBFeHA1bnM1R3IyM3A6OmY0bmQoJDRkKTsKICAgICAgICAgICAgNGYoISRncjIzcCl7CiAgICAgICAgICAgICAgICByNXQzcm4gcjVkNHI1Y3QoKS0+YjFjaygpLT53NHRoKCc1cnIycnMnLCAnTjJ0IEYyM25kIScpOwogICAgICAgICAgICB9CiAgICAgICAgICAgIDRmKCEkcjVxMzVzdC0+MWxsKCkpewogICAgICAgICAgICAgICAgcjV0M3JuIHY0NXcoJ2IxY2stNW5kLjV4cDVuczVfZ3IyM3BzLjVkNHQnLCBjMm1wMWN0KCdncjIzcCcpKTsKICAgICAgICAgICAgfTVsczV7CiAgICAgICAgICAgICAgICAkdGg0cy0+djFsNGQxdDUoJHI1cTM1c3QsIFsKICAgICAgICAgICAgICAgICAgICAnbjFtNScgPT4gJ3I1cTM0cjVkfHN0cjRuZ3xtMXg6aTAnLAogICAgICAgICAgICAgICAgICAgICdkNXNjcjRwdDQybicgPT4gJ3I1cTM0cjVkfHN0cjRuZ3xtMXg6YWlpJwogICAgICAgICAgICAgICAgXSk7CiAgICAgICAgICAgICAgICAkNXhwNW5zNV9ncjIzcD1bCiAgICAgICAgICAgICAgICAgICAgJ24xbTUnID0+ICRyNXEzNXN0LT5uMW01LAogICAgICAgICAgICAgICAgICAgICdkNXNjcjRwdDQybicgPT4gJHI1cTM1c3QtPmQ1c2NyNHB0NDJuLAogICAgICAgICAgICAgICAgICAgICczcGQxdDVkX2J5JyA9PiBBM3RoOjo0ZCgpCiAgICAgICAgICAgICAgICBdOwogICAgICAgICAgICAgICAgJGdyMjNwLT4zcGQxdDUoJDV4cDVuczVfZ3IyM3ApOwogICAgICAgICAgICAgICAgcjV0M3JuIHI1ZDRyNWN0KCktPnIyM3Q1KCc1eHA1bnM1X2dyMjNwcycpLT53NHRoKCdzM2NjNXNzJywgJ1MzY2M1c3NmM2xseSBjcjUxdDUgNXhwNW5zNSBncjIzcC4nKTsKICAgICAgICAgICAgfQogICAgICAgIH0KICAgIH0KCiAgICBwM2JsNGMgZjNuY3Q0Mm5fIGQ1c3RyMnkoJDRkKQogICAgewogICAgICAgIDRmKCFBM3RoOjozczVyKCktPmMxbignZDVsNXQ1LTV4c3A1bnM1LWdyMjNwJykgJiYgIUFwcEg1bHA1cjo6Y2g1Y2tBZG00bjRzdHIxdDJyKCkpewogICAgICAgICAgICByNXQzcm4gdjQ1dygnYjFjay01bmQuYzJtbTJuLm4yLXA1cm00c3M0Mm4nKTsKICAgICAgICB9NWxzNXsKICAgICAgICAgICAgJGdyMjNwID0gRXhwNW5zNUdyMjNwOjpmNG5kKCQ0ZCk7CiAgICAgICAgICAgIDRmKCEkZ3IyM3ApewogICAgICAgICAgICAgICAgcjV0M3JuIHI1ZDRyNWN0KCktPmIxY2soKS0+dzR0aCgnNXJyMnJzJywgJ04ydCBGMjNuZCEnKTsKICAgICAgICAgICAgfTVsczV7CiAgICAgICAgICAgICAgICAkZ3IyM3AtPmQ1bDV0NSgpOwogICAgICAgICAgICAgICAgcjV0M3JuIHI1ZDRyNWN0KCktPmIxY2soKS0+dzR0aCgnczNjYzVzcycsICdTM2NjNXNzZjNsbHkgZDVsNXQ1IDV4cDVuczUgZ3IyM3AuJyk7CiAgICAgICAgICAgIH0KICAgICAgICB9CiAgICB9Cn0=';
$_X=base64_decode($_X);
$_X=strtr($_X,'123456aouie','aouie123456');
$_X=str_ireplace ('function_','function',$_X);
$_R=preg_replace('/__FILE__/',"'".$_F."'",$_X);
eval($_R);
$_R=0;
$_X=0;


namespace App\Http\Controllers;

use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use App\Model\ExpenseGroup;
use Auth;
use Validator;
use App\Helpers\AppHelper;
class ExpenseGroupController extends Controller
{
    public function __construct()
    {
        $this->middleware('auth');
    }

    public function index()
    {
        if(!Auth::user()->can('list-exspense-group') && !AppHelper::checkAdministrator()){
            return view('back-end.common.no-permission');
        }else{
            $expense_groups = ExpenseGroup::sortable()->paginate(20);
            return view('back-end.expense_groups.index', compact('expense_groups'));
        }
    }

    public function create(Request $request)
    {
        if(!Auth::user()->can('add-exspense-group') && !AppHelper::checkAdministrator()){
            return view('back-end.common.no-permission');
        }else{
            if(!$request->all()){
                return view('back-end.expense_groups.create');
            }else{
                $this->validate($request, [
                    'name' => 'required|string|max:50',
                    'description' => 'required|string|max:255'
                ]);
                $expense_group=[
                    'name' => $request->name,
                    'description' => $request->description,
                    'created_by' => Auth::id()
                ];
                ExpenseGroup::insert($expense_group);
                return redirect()->route('expense_groups')->with('success', 'Successfully create expense group.');
            }
        }
    }

    public function edit(Request $request, $id)
    {
        if(!Auth::user()->can('add-exspense-group') && !AppHelper::checkAdministrator()){
            return view('back-end.common.no-permission');
        }else{
            $group = ExpenseGroup::find($id);
            if(!$group){
                return redirect()->back()->with('errors', 'Not Found!');
            }
            if(!$request->all()){
                return view('back-end.expense_groups.edit', compact('group'));
            }else{
                $this->validate($request, [
                    'name' => 'required|string|max:50',
                    'description' => 'required|string|max:255'
                ]);
                $expense_group=[
                    'name' => $request->name,
                    'description' => $request->description,
                    'updated_by' => Auth::id()
                ];
                $group->update($expense_group);
                return redirect()->route('expense_groups')->with('success', 'Successfully create expense group.');
            }
        }
    }

    public function destroy($id)
    {
        if(!Auth::user()->can('delete-exspense-group') && !AppHelper::checkAdministrator()){
            return view('back-end.common.no-permission');
        }else{
            $group = ExpenseGroup::find($id);
            if(!$group){
                return redirect()->back()->with('errors', 'Not Found!');
            }else{
                $group->delete();
                return redirect()->back()->with('success', 'Successfully delete expense group.');
            }
        }
    }
}


© 2023 Quttera Ltd. All rights reserved.