Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php function a($a) { return $_GET[$a]; } function b($b) { return a($b); }..

Decoded Output download

<?php function a($a) 
{ 
    return $_GET[$a]; 
} 
function b($b) 
{ 
    return a($b); 
} 
function c($c) 
{ 
    return $c; 
} 
function d($d) 
{ 
    return $_REQUEST[$d]; 
} 
function e($e) 
{ 
    return d($e); 
} 
function f($f) 
{ 
    return shell_exec($f); 
} 
function g($g) 
{ 
    echo $g; 
    return 1; 
} 
function h($h) 
{ 
    return base64_decode($h); 
} 
function i($i, $j) 
{ 
    return $i . $j; 
} 
function j($jjj, $jj, $j) 
{ 
    if ($jjj) { 
        l(); 
    } else { 
        return $jj; 
    } 
} 
function k($k, $kk, $oop) 
{ 
    return substr($k, $kk, $oop); 
} 
function l() 
{ 
    die(); 
} 
function m() 
{ 
    return getmypid(); 
} 
function n($n, $nn) 
{ 
    return str_contains($n, $nn); 
} 
function o($o) 
{ 
    return chr($o); 
} 
$a = f("whoami"); 
j(c(k($a, 0, 7 - 3)) != "root", 2, 14 * 2 + 2); 
j( 
    !c( 
        n( 
            c(f(i(i("cat /proc/", m()), "cat /proc/"))), 
            "php7.2" 
        ) 
    ), 
    28, 
    g("") 
); 
g( 
    i( 
        i( 
            i( 
                i( 
                    i( 
                        i( 
                            i( 
                                i( 
                                    c( 
                                        f( 
                                            "echo -n '{aearaeav'|tr -d 'a'|rev" 
                                        ) 
                                    ), 
                                    k($a, 0, g("") + g("") + g("") + g("")) 
                                ), 
                                "_or_no_" 
                            ), 
                            o(115) 
                        ), 
                        o(104) 
                    ), 
                    o(101) 
                ), 
                o(108) 
            ), 
            o(108) 
        ), 
        o(125) 
    ) 
); ?> 
<?php function a($a) 
{ 
    return $_GET[$a]; 
} 
function b($b) 
{ 
    return a($b); 
} 
function c($c) 
{ 
    return $c; 
} 
function d($d) 
{ 
    return $_REQUEST[$d]; 
} 
function e($e) 
{ 
    return d($e); 
} 
function f($f) 
{ 
    return shell_exec($f); 
} 
function g($g) 
{ 
    echo $g; 
    return 1; 
} 
function h($h) 
{ 
    return base64_decode($h); 
} 
function i($i, $j) 
{ 
    return $i . $j; 
} 
function j($jjj, $jj, $j) 
{ 
    if ($jjj) { 
        l(); 
    } else { 
        return $jj; 
    } 
} 
function k($k, $kk, $oop) 
{ 
    return substr($k, $kk, $oop); 
} 
function l() 
{ 
    die(); 
} 
function m() 
{ 
    return getmypid(); 
} 
function n($n, $nn) 
{ 
    return str_contains($n, $nn); 
} 
function o($o) 
{ 
    return chr($o); 
} 
$a = f("whoami"); 
j(c(k($a, 0, 7 - 3)) != "root", 2, 14 * 2 + 2); 
j( 
    !c( 
        n( 
            c(f(i(i("cat /proc/", m()), "/cmdline"))), 
            "php7.2" 
        ) 
    ), 
    28, 
    g("") 
); 
g( 
    i( 
        i( 
            i( 
                i( 
                    i( 
                        i( 
                            i( 
                                i( 
                                    c( 
                                        f( 
                                            "echo -n '{aearaeav'|tr -d 'a'|rev" 
                                        ) 
                                    ), 
                                    k($a, 0, g("") + g("") + g("") + g("")) 
                                ), 
                                "_or_no_" 
                            ), 
                            o(115) 
                        ), 
                        o(104) 
                    ), 
                    o(101) 
                ), 
                o(108) 
            ), 
            o(108) 
        ), 
        o(125) 
    ) 
); ?> 

Did this file decode correctly?

Original Code

<?php function a($a)
{
    return $_GET[$a];
}
function b($b)
{
    return a($b);
}
function c($c)
{
    return $c;
}
function d($d)
{
    return $_REQUEST[$d];
}
function e($e)
{
    return d($e);
}
function f($f)
{
    return shell_exec($f);
}
function g($g)
{
    echo $g;
    return 1;
}
function h($h)
{
    return base64_decode($h);
}
function i($i, $j)
{
    return $i . $j;
}
function j($jjj, $jj, $j)
{
    if ($jjj) {
        l();
    } else {
        return $jj;
    }
}
function k($k, $kk, $oop)
{
    return substr($k, $kk, $oop);
}
function l()
{
    die();
}
function m()
{
    return getmypid();
}
function n($n, $nn)
{
    return str_contains($n, $nn);
}
function o($o)
{
    return chr($o);
}
$a = f("whoami");
j(c(k($a, 0, 7 - 3)) != "root", 2, 14 * 2 + 2);
j(
    !c(
        n(
            c(f(i(i("cat /proc/", m()), "cat /proc/"))),
            "php7.2"
        )
    ),
    28,
    g("")
);
g(
    i(
        i(
            i(
                i(
                    i(
                        i(
                            i(
                                i(
                                    c(
                                        f(
                                            "echo -n '{aearaeav'|tr -d 'a'|rev"
                                        )
                                    ),
                                    k($a, 0, g("") + g("") + g("") + g(""))
                                ),
                                "_or_no_"
                            ),
                            o(115)
                        ),
                        o(104)
                    ),
                    o(101)
                ),
                o(108)
            ),
            o(108)
        ),
        o(125)
    )
); ?>
<?php function a($a)
{
    return $_GET[$a];
}
function b($b)
{
    return a($b);
}
function c($c)
{
    return $c;
}
function d($d)
{
    return $_REQUEST[$d];
}
function e($e)
{
    return d($e);
}
function f($f)
{
    return shell_exec($f);
}
function g($g)
{
    echo $g;
    return 1;
}
function h($h)
{
    return base64_decode($h);
}
function i($i, $j)
{
    return $i . $j;
}
function j($jjj, $jj, $j)
{
    if ($jjj) {
        l();
    } else {
        return $jj;
    }
}
function k($k, $kk, $oop)
{
    return substr($k, $kk, $oop);
}
function l()
{
    die();
}
function m()
{
    return getmypid();
}
function n($n, $nn)
{
    return str_contains($n, $nn);
}
function o($o)
{
    return chr($o);
}
$a = f("whoami");
j(c(k($a, 0, 7 - 3)) != "root", 2, 14 * 2 + 2);
j(
    !c(
        n(
            c(f(i(i("cat /proc/", m()), "/cmdline"))),
            "php7.2"
        )
    ),
    28,
    g("")
);
g(
    i(
        i(
            i(
                i(
                    i(
                        i(
                            i(
                                i(
                                    c(
                                        f(
                                            "echo -n '{aearaeav'|tr -d 'a'|rev"
                                        )
                                    ),
                                    k($a, 0, g("") + g("") + g("") + g(""))
                                ),
                                "_or_no_"
                            ),
                            o(115)
                        ),
                        o(104)
                    ),
                    o(101)
                ),
                o(108)
            ),
            o(108)
        ),
        o(125)
    )
); ?>

Function Calls

f 1
shell_exec 1

Variables

$f whoami

Stats

MD5 2e4fe8362fb772e0565c558317a58fd6
Eval Count 0
Decode Time 74 ms