Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php /* @phpSHIELD 1887172865A 2949628127B PRO evaluation */$OOO000000=urldecode('%66%67%..

Decoded Output download


function limpeza( $str,$proibido ) {
$retorno = "";
$str = "-".$str;
$proibido = "-".$proibido;
$i = 1;
for ( ;$i <strlen( $str );++$i ) {
$c = substr( $str,$i,1 );
$r = strrpos( $proibido,$c );
if ( $r == 0 ) {
$retorno .= $c;
}
}
return $retorno;
}
function mkreg($action,$src,$key) {
$dest = '';
$keylen = strlen($key) -1;
$keypos = -1;
$range = 256;
$srcpos = 0;
$srcasc = 0;
if($action == "E") {
$offset = rand(0,$range);
$dest = sprintf("%02X",$offset);
for ($srcpos = 0;$srcpos <strlen($src);$srcpos++) {
$srcasc = (((ord(substr($src,$srcpos,1))) +$offset) %255);
if ($keypos <$keylen) {
$keypos = $keypos +1;
}else {
$keypos = 0;
}
$srcasc = $srcasc ^(ord(substr($key,$keypos,1)));
$dest = $dest.sprintf('%02X',$srcasc);
$offset = $srcasc;
}
}
if($action == "D") {
$offset = hexdec(substr($src,0,2));
$srcpos = 2;
do  {
$srcasc = hexdec(substr($src,$srcpos,2));
if ($keypos <$keylen) {
$keypos = $keypos +1;
}else {
$keypos = 0;
}
$tmpsrcasc = $srcasc ^(ord(substr($key,$keypos,1)));
if($tmpsrcasc <= $offset) {
$tmpsrcasc = 255 +$tmpsrcasc -$offset;
}else {
$tmpsrcasc = $tmpsrcasc -$offset;
}
$dest = $dest.chr($tmpsrcasc);
$offset = $srcasc;
$srcpos = $srcpos +2;
}while($srcpos <strlen($src));
}
return $dest;
}
function sisregistro() {
$dev = limpeza(chop(trim(shell_exec("sudo df / | grep dev | awk '{print \$1}'"))),"0123456789");
$disk = shell_exec("sudo fdisk ".$dev." -l 2>/dev/null | grep Disk");
$discoatual = md5($disk);
$conReg = mysql_pconnect(CONHOSTNAME,CONUSERNAME,CONPASSWRD);
$consulta_rsReg = "SELECT AES_DECRYPT(licenca,'".CONVERSAO."') AS chave FROM registro LIMIT 1";
$rsReg = mysql_query($consulta_rsReg,$conReg);
$row_rsReg = mysql_fetch_assoc($rsReg);
$chaveatual = $row_rsReg['chave'];
if ($chaveatual == $discoatual) return true;
if ($chaveatual != $discoatual) return false;
}
;

Did this file decode correctly?

Original Code

<?php /* @phpSHIELD 1887172865A 2949628127B PRO evaluation */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4}.$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO0000O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000{11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};$OOO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000{7}.$OOO000000{5}.$OOO000000{15};$O0O000O00=$OOO000000{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14};$O0O000O0O=$O0O000O00.$OOO000000{11};$O0O000O00=$O0O000O00.$OOO000000{3};$O0O00OO00=$OOO000000{0}.$OOO000000{8}.$OOO000000{5}.$OOO000000{9}.$OOO000000{16};$OOO00000O=$OOO000000{3}.$OOO000000{14}.$OOO000000{8}.$OOO000000{14}.$OOO000000{8};$OOO0O0O00=__FILE__;$OO00O0000=0x978;eval($OOO0000O0('JE8wMDBPME8wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzAwT08wMCgkTzAwME8wTzAwLDB4NGIzKTskT08wME8wME8wPSRPT08wMDAwTzAoJE9PTzAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzBPMDAsMHgxN2MpLCdyTTlBRlZoVEdEblV3NGxkSXVlWnZTeHAxSzNMMEpjQmtDTmZFVzYrdGpQT3pIb21xYVJZLzc1MnlYOGJzaVFnPScsJ0FCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5Ky8nKSk7ZXZhbCgkT08wME8wME8wKTs='));return;?>eexxycSoDFidwAMdwAMdwA7YJTDB06SqLhVfKek+p7ihevaVp7s+U9G+GNyEZ/idwFsqZYrqUNG+GNqEZ/idwArqwFsqn9udZ/sqwArqwFstDFsqZYrqZ/sqw9kEZYrqwFsqZYrqU9udZYrqZYrqwArjU9JRZZWMuWKtSFJFLWS24haEepSWx+KZcTraeY4wwFjfI6HAZ6KVSY1OJhjIZ2jGL57a1SDKUY07w+W1lhDY3SV+de0zD/V9I/uVuEJGevjUZF7lZ7MuvW4vSSKpxVW31xDfKhS6K5Cj36HzLxXm0TVR02u7J+JycptqwZGY4Av54YkXnRs+neEjl5KfLhiYKekEZYrqwFsqZYrqnZHWJ6Vzn9udZYrqZYrqZYrjlq==96K7L64/3xioGhajLpMWc6FtG9uYJTGzDTMRL5WN3xumG9EkcqtE06S/L2DoLRriG9GNlqtE02uRGA/kGN/NUNuYJTGb9Nuq06ij16WELRriG9GHGNyE0TDm3xDjKhsb9NujGA/kwZznK6iRG9kklRujGAaYJTDzKxytG9uYJTGknZzOnRujG9EkcqtE1RriGT471+4/0NkkDT4/0NqE3eqaG9Eb9NuRGA/k02uR0+Mm0RkkDTMRL5WN3xumU9ufG9Eb96W6G9kkDTGkdZ/kw9rjGTznDTDWJhiRL6skUf/kDhwb9+/nBIjRKpu706ykDTDWJhiRL6sb9+/nK+So12ujL5ykLxHRKx0tDhVfJhWmLNqE02DfU9uOKpEjGTznDhuW02Ikder+DYznDhHWcxaWLNriGT4/06aWLNkE35SXnerHwZznDhHWcpMm0RriG9/alqtE06VoK5vkderR4Z1b9NuY064qL2wkderqlqtE02Df1p4fGA/kwAzn3x1tDhVfJhWmLNriderNueGjGTznDhi6K+4WJ9riGTDCL6Itw9qE06VoK5vjlqtEKhSYJ9riGT4q06WoJh1tGNvqwWkNU9umK6KYKpIjlqj6L2Gkn9uY064qL2wkderqlRuY064qL2wkdT4/06aWLNkE02DfnZzE02Df0hiYnRzjGTznDT4R15VY1RriG9ktnhiRK9CYJxDYJTGtDT4R1RqE02Df0hiYUAFjneEknRumK6KYKpIjG9vR4ZvjlqjjKNrtDhHWcpMm0RrsDhHWcxaWLNEkcqtE35SX0hiYGA/kDhHWcpMm0RrOwZznBxSz05vkcqtE35SX0hiYGA/kwAznBItE02Df1p4fGA/kDT4R15VY1RMcnhiRK9CYJxDYJTGtDhHWceqE35SX0hiYUAFjneEb9NuEKp4/GA/kDhuW02Io02MR3xX/KNk+DZrRx90zDT4R15VY1REb9NumK6KYKpIkderE02Df1p4flqji9+/n3x1tDhVfJhWmLNriderNu9GjGTznDhi6K+4WJ9riGhCWchuW1RCYJxDYJTGtDT4R1RqqUAGjnZznDT4R12Mm0RriGAGb96umG9Mb9NuY064C05wkdeMtKpCEKxwt02SN02uRn9uY06wzDT4R12Mm0RqRneEb96W6G9kE35SX0hiYGAqE35SXLhSoneMb9NuOKpWqL2wkderE35SX0hiYG9zalqjiKxaYKeMb9NuOKpWqL2wkderqlqji9Nu/LpMY064C05wkderE02Df1p4fGVytL2DEnT471+4/0NkE35SXU9uOKpWqL2wzweEjnZzn3x1tDTuH0T4R15VY1RrsderEL5K605S/neMb9Nu/LpMY064C05wkderR4ZvknRu/LpMY064C05wkUeumK6KYKpIb9+7WLT4WGTznDTuH0T4R15VY1RriG9u/LpMY064C05wkUeumK6KYKpIb9+/nDhuW02IkderEKhSYJ9Xf3TGtDTuH0T4R15VY1REb9NumK6KYKpIkderE02Df1p4flqtE02Df0hiYGA/kDT4R12Mm0RrOwfznBpJt3xaWn9uY064qL2wkdT4/06aWLNkE02DfneEb9+/n06S/JpDoG9uEKp4/lqji96K7L64/3xioGT4j02DWK5WYJTDmn9EkcqtEKhS5GA/kLhWH0hS81eCf3hiqnTuR3x/t05CWLhaBKpCW1RkN02SELRMEKNrmGTqkK2DW09MEKp1kB9MCJ5zkD2Hq06WoJ9M0DAViDRGjneEzGfrawfw/4Z12lAENnZznDhuj05zkdeMY3hSzLViWchSfn9DYJxumGhKE3p4OG9GoDhuWJNyNG97zGAGQU5uWJNioJxazGTqkK2DW09MF3p4OGNEb9NuE3p4fL5V/JxVzGA/kLxI7n9uE3p4OnZznDh4mLWDWKRriGh7X02Vzp2MfL5XoKx4/nF4dZECdv7ulIv7VUF4dZWSZuSDlIv7VUF4dZWMMv74pvEIjlqtE15io02SzJhVB0+4eKx0kderNv/Swuv4vGFVVv7iFuv4exSMvnhaj15So15FzDRGoI/ilSESev/VdUNG+neMMvRMf3hV5KeMhvEi4GTDWK5WYJTDmGFaDZvWvGAFNlqtE0+4eKx0kdeMHcp4aLViaJxSRcekE15io02SzJhVB0+4eKx0zDh4mLWDWKREb9NuRL2JB0+4eKx0kdeMHcp4aLVi6Kpuf3ViC024m1RkE0+4eKx0jlqtE15CCJ6SCJTSCL9riG9uRL2JB0+4eKxJLD54t1pKWD7/b96W6G9kE15CCJ6SCJTSCL9riderEKhWY15iCJTSCL9Ek06S/JpDoGTuRJxvb96W6G9kE15CCJ6SCJTSCL9rCderEKhWY15iCJTSCL9Ek06S/JpDoGhKCLT4Wlqji9fz=E

Function Calls

fopen	1
fread	3
strtr	2
fclose	1
urldecode	1
str_replace	1
base64_decode	3

Variables

$O000O0O00	True
$O0O000O00	fgets
$O0O000O0O	fgetc
$O0O00OO00	fread
$OO00O0000	2424
$OO00O00O0	function limpeza( $str,$proibido ) { $retorno = ""; $str = ..
$OOO000000	fg6sbehpra4co_tnd
$OOO00000O	strtr
$OOO0000O0	base64_decode
$OOO000O00	fopen
$OOO0O0O00	index.php

Stats

MD5	2eedc32c2e8db34d6206dec4326d17f9
Eval Count	3
Decode Time	142 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats