Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php /* Dev By Hoang Skyht 18-06-2024 */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72..
Decoded Output download
error_reporting(0);
include('config.php');
$con = new mysqli("$ip_db","$db_username","$db_password","$db_name");
if ($con->connect_error) {
die("Kt ni tht bi: ".$conn->connect_error);
}
$HoangSkyht = new SQLTruyVan($con);
$getFullInfo = file_get_contents(__DIR__ .'/ThongTinBank/DuLieuBanking.log');
if (empty($getFullInfo)) {
exit();
}
list($LinkHOOK,$NganHang,$BankID,$TaiLieuAPI,$NoiDung,$STK,$CTK) = explode('|',$getFullInfo);
$ch = curl_init("https://api.4gsieure.net/api/".$TaiLieuAPI ."/".CONFIG['GATE']['BANK']['TOKENBANK']);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,false);
$response = curl_exec($ch);
curl_close($ch);
$repo = json_decode($response);
foreach ($repo->transactions as $item) {
$NoiDungChuyenTien = str_replace(' ','',$item->description);
if (stripos($NoiDungChuyenTien,$NoiDung) !== false) {
$SoTien = (int)$item->amount;
$IDBank = $item->transactionID;
$re = '/'.$NoiDung.'\d+/m';
$str = strtolower($NoiDungChuyenTien);
preg_match($re,$str,$matches);
if (isset($matches[0])) {
$comment = trim($matches[0]);
$order_id = preg_replace("/[^0-9]/","",$comment);
$KiemTraOrderID = $HoangSkyht->select("v2_order",array("id"=>$order_id));
if ($KiemTraOrderID) {
$Status = (int)$KiemTraOrderID[0]['status'];
if ($Status == 0 ||$Status == 2) {
$total_amount = (int)($KiemTraOrderID[0]["total_amount"]/100);
if ($SoTien >= $total_amount) {
$Token = "".CONFIG['TOKEN'] ."";
$curl = curl_init();
curl_setopt_array(
$curl,
array(
CURLOPT_URL =>"".$LinkHOOK ."",
CURLOPT_RETURNTRANSFER =>true,
CURLOPT_FOLLOWLOCATION =>true,
CURLOPT_SSL_VERIFYHOST =>false,
CURLOPT_SSL_VERIFYPEER =>false,
CURLOPT_CUSTOMREQUEST =>"POST",
CURLOPT_POSTFIELDS =>'{
"Bankid": "'.$IDBank.'",
"amount": "'.$SoTien.'",
"comment": "'.$comment.'",
"tranId": "'.$IDBank.'",
"order_id": "'.$order_id.'",
"tokenconnect": "'.$Token.'"
}',
CURLOPT_HTTPHEADER =>array(
"Connection: close",
"Accept: application/json",
"User-Agent: Mozilla/5.0 (Linux; Android 7.1.2; IM-A870S Build/N2G47E; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.105 Mobile Safari/537.36",
"Content-Type: application/json",
"Accept-Language: vi-VN,en-US;q=0.8",
)
)
);
$con->close();
print_r($tranId);
$response = curl_exec($curl);
curl_close($curl);
}
}
}
}
}
}
;
Did this file decode correctly?
Original Code
<?php /* Dev By Hoang Skyht 18-06-2024 */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000[4].$OOO000000[9].$OOO000000[3].$OOO000000[5];$OOO0000O0.=$OOO000000[2].$OOO000000[10].$OOO000000[13].$OOO000000[16];$OOO0000O0.=$OOO0000O0[3].$OOO000000[11].$OOO000000[12].$OOO0000O0[7].$OOO000000[5];$OOO000O00=$OOO000000[0].$OOO000000[12].$OOO000000[7].$OOO000000[5].$OOO000000[15];$O0O000O00=$OOO000000[0].$OOO000000[1].$OOO000000[5].$OOO000000[14];$O0O000O0O=$O0O000O00.$OOO000000[11];$O0O000O00=$O0O000O00.$OOO000000[3];$O0O00OO00=$OOO000000[0].$OOO000000[8].$OOO000000[5].$OOO000000[9].$OOO000000[16];$OOO00000O=$OOO000000[3].$OOO000000[14].$OOO000000[8].$OOO000000[14].$OOO000000[8];$OOO0O0O00=__FILE__;$OO00O0000=0xd58;eval($OOO0000O0('JE8wMDBPME8wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzAwT08wMCgkTzAwME8wTzAwLDB4NDk5KTskT08wME8wME8wPSRPT08wMDAwTzAoJE9PTzAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzBPMDAsMHgxN2MpLCdFbnRlcnlvdXdraFJIWUtOV09VVEFhQmJDY0RkRmZHZ0lpSmpMbE1tUHBRcVNzVnZYeFp6MDEyMzQ1Njc4OSsvPScsJ0FCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5Ky8nKSk7ZXZhbCgkT08wME8wME8wKTs='));return;?>~Dkr9NHenNHenNHe1zfukgFMaXdoyjcUImb19oUAxyb18mRtwmwJ4LT09NHr8XTzEXRJwmwJXLT09NHeEXHr8XhtONT08XHeEXHr8Pkr8XTzEXT08XHtILTzEXHr8XTzEXRtONTzEXTzEXHeEpRtfydmOlFmlvfbfqDykwBAsKa09aaryiWMkeC0OLOMcuc0lpUMpHdr1sAunOFaYzamcCGyp6HerZHzW1YjF4KUSvNUFSk0ytW0OyOLfwUApRTr1KT1nOAlYAaacbBylDCBkjcoaMc2ipDMsSdB5vFuyZF3O1fmf4GbPXHTwzYeA2YzI5hZ8mhULpK2cjdo9zcUILTzEXHr8XTzEXhTslfMyShtONTzEXTzEXTzEpKX==wEplFmkvFl9ZcbnvFmOpdMFPHtL7tMlVC2x1coAPk2YvdMcpcZ5XDuEmhTShkoYvdJE9wo5lfZnsGbYxdoLPwJOpFy9LCJwSwJOLCl91F2aZdMyscUwSwJOLCl9XCbYzf29ZctwSwJOLCl9VCB1lwJL7tMlMwtILC29VRT5jd25VcBY0b2aZFM9ZhUn7tMOpcUIJU+o6v3WIdVo7LBLIfojiVQa0woRiVQypKJEJRJOjd25VRT5jd25VcBY0b2aZFM9ZhTShgWPLUo9idMfTD3lPftE9wo5lfZnTAAxAFma5aMyVhtOjd24pKXPLc2a0OmaSdrlVcM8INUnMDBxlb2flfy9jd250cB50FZigb0OkAl9gwt4mR1OPd25maolVWMyVDZ9rfAxpcbatCB5qDB5mRMxvcZFpKXppcJEPcB1XfuLPkoflfrc1doxkdMcvhULIGXplGol0htL7tm0hdolzftILTolVD0iNT0SSkr5mCB5wCB5mRtOtCB5qUAWSkyOiDAxpcbanArLSkr5vDAO1dMFSkyYAUZXLW1ORhUE9woa4FoxvcoAPk3XmRtOmcbOofBxSUB5MdZL7tJOjDtE9woY1FMxgDB5pftIJDuO0FuH6RZ9iFoLVYofzDBa1FMAVdMa0R2yXDU8JRJOACBlHDBa1Wankwt4JRZwVW09KOLluBZfuWaOyk11dk0knTLSmbaSmar9ROA5tWA5Rk10pKXpjfbkSb3Ylfo9XftILC2ISW1aUTr9Way9UOaOaAL5AALyKA0cyAJx0FmalhTShC3aZdy9zcbOvFuWPkoYPRrYaALxNAyOgA1YHb1cyALloBanyOawScMySF2ApKXPLFMazFo9VF2AINUnjfbkSb2a4cBHPkoYPhTShC3aZdy9jdo9zcUILC2IpKXPLFMaXdZE9wopzd25gcoajd2OlhtOZcbYXd25zcUL7tMcvFMaiC2IIhtOZcbnvRT50FMyVF2yjfolvdmHICbHIkol0cB0pwuShkr5vDAO1dMfeDua5cB5ADBaVwe0IF3OZb3klFoxiC2APkZEmRtFmRtOpfoasRT5LcbYjFMlXfolvdJL7tMlMwtizfukpFo9zhtOKd2lrfB5mW2i1GBaVaolldJXLTM9pOuaVcZLIwT09wociduYlhUn7tJOTd1OpcB4INUEPDB50hUOpfoasRT5idB91dmW7tJOkOrkidMSINUELDbOldU0+fukidmYiC3Opd25kOeShkuklwe0IkZ8mRJOKd2lrfB5mRJfFctSvdUF7tJOzfuwINUnzfuk0d2xvf2aZhtOKd2lrfB5mW2i1GBaVaolldJL7tmnZcBfgdBy0C2IPkuklRtOzfuwSko1ifoYPcbHpKXppcJEPDbYzcbWPko1ifoYPcbYdHy0phUn7tJOjd21scB50we0IfukpdUILdBy0C2ilF1SXbUL7tJOvFMOlFl9pctE9wunZcBfgFMaXdoyjcUIJR1sGHt05bU8JRtwJRtOjd21scB50hTShkrspcB1AFMyNFMOlFLlrwe0IkrivCB5mA2s5DuWsNmYldoajftIJfjkgd3kLcbwJRoyZFMy5htkpctw9NJOvFMOlFl9pctLpKXppcJEPkrspcB1AFMyNFMOlFLlrhUn7tJOTfoy0fbHINUEPDB50hUORDBasaukiT3kLcbkkOySXbaSmF3Oifuazk107tMlMwtILA3Oifuazwe09weEIguXLA3Oifuazwe09wewpwuShkuOvfoySb2ysd3aVftE9wtipdmWphtORDBasaukiT3kLcbkkOySXbaSJfo90CBxgCB1vfB50wl0vHTEXhTShDBCIhtOTd1OpcB4INj0IkuOvfoySb2ysd3aVftLIGXPLao9qcB4INUEJwJ5eT05oUAfdk1ONU0aKk10IRJwJKXPLC3aZdtE9woY1FMxgDB5pftIpKXpjfbkSb3Ylfo9Xfy9iFmkiGUIhkoY1FMXStMyZFMy5hEpeaakHT1nAb1aUTtE9NJwJRJOHDB5qUr9NUZEVwJwStLYaALxNAyOgALaAaakKayknTlYoOawINT50FmalREpeaakHT1nAb0cNTrxNa0xNW0yAUA9Kwe0+fuk1cUXhW1aUTr9Way9TA0xgaLaUUAccUr9TatE9NMciduYlREpeaakHT1nAb1YTTy9BOakkOllWOAaUwe0+cMySF2AStLYaALxNAyOgW1aTar9YALaOaAaTatE9NJkWT1YAwJXhW1aUTr9Way9WT1YAOLlyTrOTwe0+k3ShwtEIwtEIwtEIwtEIwtEIwtEIwtEIwtEIwtEIwtEIwtEIwtEIwtEIwtEIwtEIwtEIwLkidMspctw6wtwmRJOkOrkidMSVkZwStJEIwtEIwtEIwtEIwELktUEIwtEIwtEIwtEIwtEIwtEIwtEIwtEIwtkidB91dmWJKJEJkZ4LA29ADBaVRJFJREPIwtEIwtEIwtEIwtEktWLkwtEIwtEIwtEIwtEIwtEIwtEIwtEJC29sdBaVftw6wtwmRJOjd21scB50RJFJREPIwtEIwtEIwtEIwtEktWLkwtEIwtEIwtEIwtEIwtEIwELJfukidLlLwjPIwJFVkrlrWMyVDZ4mwJXhwtEIwtEIwtEIwtEItWLktUEIwtEIwtEIwtEIwtEIwtEkwM9ZcoaZb2lLwjPIwJFVko9ZcoaZb2lLRJFJREPIwtEIwtEIwtEIwtEktWLkwtEIwtEIwtEIwtEIwtEIwELJfo9qcB5jd25VcBY0wjPIwJFVkyOvD2aVRJFJtJEIwtEIwtEIwtEIwELktUEIwtEIwtEIwtEIwtEIwtEIwtEIwtn9kZXhW1aUTr9Way9wayOWUranOraUwe0+CbkZCbLPtJked25VcBY0DB9VKJEIC2xvF2AJREPJWBYjcbn0KJEICbnXdoljCbOpd24vDmYvdJwStJkaF2aZRAymcB50KJEITB96DBxSCU81RjEIhrxpdma4KZnndMOZd2lLweFVHU4ZKZnkTU1nKeFXAZntfBlSct9KHLF0Y0A7wuf2hUnnFunScaflCLspft81HzFVHzCIhrswar1HRtnSDBslwrflC2svhUnBcbkzDB9VRzWVHtneDukvdBAvYTAVHt4ZKeIzRjrXYUnYd2kpdoAIA2yMCbkpRzAzYZ4zYJwStJked250cB50RaO5FoA6wtniFunSDBYifolvdJ9QF29VwJXhwLyjC2aXft1HCB5mfBymcTPIwucpRacKRoaVRaaTK3r9Ht44wJXhhWPptJL7tJOjd24sNMYSd3YlhtL7tmnZDB50b3wPkuOZCB5kctL7tJOZcbYXd25zcUE9woY1FMxgcbilCZILC3aZdtL7tMY1FMxgC2xvF2APkoY1FMXpKXp9tm0hgWp9tm0hgWP7alVnRPIq
Function Calls
fopen | 1 |
fread | 3 |
strtr | 2 |
fclose | 1 |
urldecode | 1 |
str_replace | 1 |
base64_decode | 3 |
Stats
MD5 | 2ea25cf5a778c0647fd6ab319ce915f7 |
Eval Count | 3 |
Decode Time | 81 ms |