Online PHP and Javascript Decoder decode hidden script to uncover its real functionality


Show other level 


 goto BRJ7j; XDlnm: $dataarr = array("\x75\163\x65\x72\x6e\x61\x6d\145" => "{$username}", "\x70\141\x73\163\x77\157\162\x64" => "{$password}"); goto GkH3n; hozZU: session_start(); goto uBsoj; xn86U: $hostdev = "\x68\164\164\x70\x73\72\x2f\x2f\x6e\154\145\x68\165\x62\55\x64\145\166\56\x6b\x65\x6d\x65\156\x6b\x65\x75\x2e\x67\157\x2e\151\x64\x2f\x61\x75\164\150\55\141\x6d\167\x73\57\x76\61\57\165\x73\145\162\57\154\x6f\x67\151\x6e"; goto QTK04; uBsoj: $curl = curl_init(); goto xn86U; iJ0hO: $err = curl_error($curl); goto Ogl0E; BRJ7j: include "\x64\141\164\141\154\157\147\x69\156\56\160\150\x70"; goto hozZU; HXnrN: $response = json_decode($response, true); goto iJ0hO; Ogl0E: @($item = $response["\x69\164\145\155"]); goto uiSkf; uiSkf: $_SESSION["\164\157\x6b\145\156"] = $item["\x61\143\143\x65\x73\163\x5f\x74\x6f\x6b\145\156"]; goto T1Uvo; T1Uvo: curl_close($curl); goto XnENr; HhLoR: $response = curl_exec($curl); goto HXnrN; XnENr: if ($err) { echo "\143\x55\122\x4c\x20\x45\x72\162\x6f\162\40\43\72" . $err; } else { } goto gblxV; QTK04: $hostprd = "\150\x74\x74\x70\x73\x3a\57\57\141\x70\151\163\55\147\x77\x2e\142\145\x61\143\165\x6b\x61\151\56\147\157\56\x69\144\x2f\156\154\145\x2d\x6f\141\x75\164\150\57\166\61\x2f\x75\163\145\162\57\154\157\x67\x69\156"; goto XDlnm; GkH3n: $sendrest = json_encode($dataarr, true); goto zmkWd; zmkWd: curl_setopt_array($curl, array(CURLOPT_URL => $hostprd, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => '', CURLOPT_MAXREDIRS => 10, CURLOPT_TIMEOUT => 30, CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1, CURLOPT_CUSTOMREQUEST => "\x50\117\x53\124", CURLOPT_POSTFIELDS => $sendrest, CURLOPT_HTTPHEADER => array("\x43\157\x6e\164\x65\156\164\55\124\x79\160\x65\x3a\40\141\160\x70\x6c\151\x63\141\164\x69\x6f\x6e\x2f\x6a\163\157\x6e"))); goto HhLoR; gblxV: 


 goto BRJ7j; XDlnm: $dataarr = array("username" => "{$username}", "password" => "{$password}"); goto GkH3n; hozZU: session_start(); goto uBsoj; xn86U: $hostdev = "https://nlehub-dev.kemenkeu.go.id/auth-amws/v1/user/login"; goto QTK04; uBsoj: $curl = curl_init(); goto xn86U; iJ0hO: $err = curl_error($curl); goto Ogl0E; BRJ7j: include "datalogin.php"; goto hozZU; HXnrN: $response = json_decode($response, true); goto iJ0hO; Ogl0E: @($item = $response["item"]); goto uiSkf; uiSkf: $_SESSION["token"] = $item["access_token"]; goto T1Uvo; T1Uvo: curl_close($curl); goto XnENr; HhLoR: $response = curl_exec($curl); goto HXnrN; XnENr: if ($err) { echo "cURL Error #:" . $err; } else { } goto gblxV; QTK04: $hostprd = "https://apis-gw.beacukai.go.id/nle-oauth/v1/user/login"; goto XDlnm; GkH3n: $sendrest = json_encode($dataarr, true); goto zmkWd; zmkWd: curl_setopt_array($curl, array(CURLOPT_URL => $hostprd, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => '', CURLOPT_MAXREDIRS => 10, CURLOPT_TIMEOUT => 30, CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1, CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_POSTFIELDS => $sendrest, CURLOPT_HTTPHEADER => array("Content-Type: application/json"))); goto HhLoR; gblxV:


© 2023 Quttera Ltd. All rights reserved.