Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
if (!is_dir("\137\x63\141\x63\150\x65")) { mkdir("\x5f\143\141\x63\150\x65"); @file_put_co..
Decoded Output download
<? if (!is_dir("_cache")) { mkdir("_cache"); @file_put_contents("_cache/.htaccess", "deny from all"); }
$streamenvproto = "http";
if (stripos($_SERVER["HTTP_HOST"], ":") !== false) { $warl = explode(":", $_SERVER["HTTP_HOST"]); if (isset($warl[0]) && !empty($warl[0])) { $_SERVER["HTTP_HOST"] = trim($warl[0]); } }
if (stripos($_SERVER["HTTP_HOST"], "localhost") !== false) { $_SERVER["HTTP_HOST"] = str_replace("localhost", "127.0.0.1", $_SERVER["HTTP_HOST"]); }
if ($_SERVER["SERVER_ADDR"] !== "127.0.0.1") { $local_ip = $_SERVER["HTTP_HOST"]; } else { $local_ip = getHostByName(php_uname("n")); }
if (isset($_SERVER["HTTPS"])) { if ($_SERVER["HTTPS"] == "on") { $streamenvproto = "https"; } }
if (isset($_SERVER["HTTP_X_FORWARDED_PROTO"])) { if ($_SERVER["HTTP_X_FORWARDED_PROTO"] == "https") { $streamenvproto = "https"; } } ?>Did this file decode correctly?
Original Code
if (!is_dir("\137\x63\141\x63\150\x65")) { mkdir("\x5f\143\141\x63\150\x65"); @file_put_contents("\137\x63\141\143\150\145\x2f\56\x68\164\141\143\143\145\x73\163", "\144\x65\x6e\171\x20\x66\162\157\155\40\x61\154\x6c"); }
$streamenvproto = "\x68\x74\x74\160";
if (stripos($_SERVER["\x48\x54\x54\120\137\x48\x4f\x53\124"], "\72") !== false) { $warl = explode("\72", $_SERVER["\110\124\124\120\137\110\117\x53\124"]); if (isset($warl[0]) && !empty($warl[0])) { $_SERVER["\110\124\124\x50\x5f\x48\x4f\123\x54"] = trim($warl[0]); } }
if (stripos($_SERVER["\x48\x54\124\x50\x5f\x48\117\123\124"], "\154\157\x63\141\x6c\x68\157\x73\164") !== false) { $_SERVER["\x48\124\x54\120\x5f\x48\x4f\123\124"] = str_replace("\154\157\x63\141\x6c\x68\x6f\x73\x74", "\x31\x32\67\56\60\56\x30\56\x31", $_SERVER["\110\x54\124\x50\x5f\110\x4f\123\x54"]); }
if ($_SERVER["\x53\x45\122\x56\105\122\x5f\101\104\x44\x52"] !== "\61\x32\67\x2e\x30\56\60\56\x31") { $local_ip = $_SERVER["\110\124\124\x50\x5f\110\x4f\x53\124"]; } else { $local_ip = getHostByName(php_uname("\156")); }
if (isset($_SERVER["\x48\x54\x54\x50\123"])) { if ($_SERVER["\110\124\124\x50\123"] == "\157\156") { $streamenvproto = "\150\x74\x74\160\x73"; } }
if (isset($_SERVER["\110\x54\x54\x50\x5f\130\137\106\x4f\x52\x57\101\x52\104\x45\104\137\120\x52\117\x54\117"])) { if ($_SERVER["\110\124\124\120\x5f\x58\137\106\117\x52\x57\x41\x52\x44\105\104\x5f\x50\x52\x4f\124\117"] == "\x68\164\x74\x70\163") { $streamenvproto = "\150\164\x74\160\x73"; } }Function Calls
| is_dir | 1 |
| stripos | 1 |
Stats
| MD5 | 0727e2fb5bb6263fcec11a8f0bb6ddda |
| Eval Count | 0 |
| Decode Time | 66 ms |