Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $OOO0O0O00=__FILE__;$OOO000000=urldecode('%74%68%36%73%62%65%68%71%6c%61%34%63%6f%5..

Decoded Output download

 
class sendmail {
function _sendmailWOI($roleid,$tittle,$text,$coins,$zen,$exp,$itemid,$qtde){
$t_len = dechex(strlen($tittle)+1);
if(strlen($t_len) == 1) $t_len = '0'.$t_len;
$txt_len = dechex(strlen($text)+1);
if(strlen($txt_len) == 1) $txt_len = '0'.$txt_len;
$tittle = $this->_strToHex($tittle);
$text = $this->_strToHex($text);
$coins = dechex($coins);
if(strlen($coins) == 1) $coins = '0'.$coins;
for ($i = strlen($coins);$i <8;$i+=1) $coins = '0'.$coins;
$coins =  substr($coins,6).substr($coins,4,2).substr($coins,2,2).substr($coins,0,2);
$zen = dechex($zen);
if(strlen($zen) == 1) $zen = '0'.$zen;
for ($i = strlen($zen);$i <8;$i+=1) $zen = '0'.$zen;
$zen =  substr($zen,6).substr($zen,4,2).substr($zen,2,2).substr($zen,0,2);
$exp = dechex($exp);
if(strlen($exp) == 1) $exp = '0'.$exp;
for ($i = strlen($exp);$i <8;$i+=1) $exp = '0'.$exp;
$exp =  substr($exp,6).substr($exp,4,2).substr($exp,2,2).substr($exp,0,2);
$blob = '0x6600010000 tlen 00 tittle 00 txtlen 00 text 0001 coins zen exp ';
$blob = preg_replace('/tlen/',$t_len,$blob,1);
$blob = preg_replace('/tittle/',$tittle,$blob,1);
$blob = preg_replace('/txtlen/',$txt_len,$blob,1);
$blob = preg_replace('/text/',$text,$blob,1);
$blob = preg_replace('/coins/',$coins,$blob,1);
$blob = preg_replace('/zen/',$zen,$blob,1);
$blob = preg_replace('/exp/',$exp,$blob,1);
if($itemid == 0)  
$blob .=  '000000000000000000';
else{
$qtde = dechex($qtde);
if(strlen($qtde) == 1) $qtde = '0'.$qtde;
for ($i = strlen($qtde);$i <2;$i+=1) $qtde = '0'.$qtde;
$itemid = dechex($itemid);
if(strlen($itemid) == 1) $itemid = '0'.$itemid;
for ($i = strlen($itemid);$i <4;$i+=1) $itemid = '0'.$itemid;
$itemid = substr($itemid,2).substr($itemid,0,2);
$unique = uniqid();
$unique = substr($unique,8,2).substr($unique,6,2);
$itemblob = '64464f70d314e0297a9dffff  itemid 0000 qtde unique 959a2919e029 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000';
$itemblob = preg_replace('/itemid/',$itemid,$itemblob);
$itemblob = preg_replace('/qtde/',$qtde,$itemblob);
$itemblob = preg_replace('/unique/',$unique,$itemblob);
$blob .= $itemblob;
}
$blob = (preg_replace('/\s+/','',$blob));
$blob = (preg_replace('/ /','',$blob));
$itemblob = (preg_replace('/ /','',$itemblob));
mysql_query('insert into mailtab_sg (SenderID,TargerID,MailInfo,CreateTime) Values (0,'.$roleid.','.$blob.',now())');
}
function _strToHex($string){
$hex = '';
for ($i=0;$i<strlen($string);$i++){
$ord = ord($string[$i]);
$hexCode = dechex($ord);
$hex .= substr('0'.$hexCode,-2);
}
return strToUpper($hex);
}
function myquery($query,$log = false) {
$result = mysql_query($query);
if (!$result) {
die('Couldn\'t execute query. '.$query);
}
return $result;
}
function myrow($result) {
$return = mysql_num_rows($result);
if (!$result) {
die('Could\'t get rowcount.');
}
return $return;
}
function myfetch($resource) {
$result = mysql_fetch_row($resource);
return $result;
}
function myarray($sql) {
return mysql_fetch_array($sql);
}
}
;echo 'AntiRoot 2014';

Did this file decode correctly?

Original Code

<?php
$OOO0O0O00=__FILE__;$OOO000000=urldecode('%74%68%36%73%62%65%68%71%6c%61%34%63%6f%5f%73%61%64%66%70%6e%72');$OO00O0000=4344;$OOO0000O0=$OOO000000{4}.$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO0000O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000{11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};$O0O0000O0='OOO0000O0';eval(($$O0O0000O0('JE9PME9PMDAwMD0kT09PMDAwMDAwezE3fS4kT09PMDAwMDAwezEyfS4kT09PMDAwMDAwezE4fS4kT09PMDAwMDAwezV9LiRPT08wMDAwMDB7MTl9O2lmKCEwKSRPMDAwTzBPMDA9JE9PME9PMDAwMCgkT09PME8wTzAwLCdyYicpOyRPTzBPTzAwME89JE9PTzAwMDAwMHsxN30uJE9PTzAwMDAwMHsyMH0uJE9PTzAwMDAwMHs1fS4kT09PMDAwMDAwezl9LiRPT08wMDAwMDB7MTZ9OyRPTzBPTzAwTzA9JE9PTzAwMDAwMHsxNH0uJE9PTzAwMDAwMHswfS4kT09PMDAwMDAwezIwfS4kT09PMDAwMDAwezB9LiRPT08wMDAwMDB7MjB9OyRPTzBPTzAwME8oJE8wMDBPME8wMCwxMTQ2KTskT08wME8wME8wPSgkT09PMDAwME8wKCRPTzBPTzAwTzAoJE9PME9PMDAwTygkTzAwME8wTzAwLDM4MCksJ1E5QXE4N3k0aFIwaWF0NlpDcHdWRUpkdXZ6KzNqV2tnb1lER0tibEJlSGMxczVPeFBtRlNOTFVNWEkvVGYycm49JywnQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVphYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ejAxMjM0NTY3ODkrLycpKSk7ZXZhbCgkT08wME8wME8wKTs=')));return;?>
R82Zaq9Zaq9ZaqLSW4RgjlJP3y7GzwoBuL2ywEm7uLfBiAhBhDXKVN2Za8fPVSQPiDhBhDPeR82ZVSQPaq9ZaAoKVNfPVNfPa8fP0ApZVS9ZVSQPa8feR8fPaq9Za8fPaAPKVNfPa8fPaqQP0wPBEVb9jVoMkVpeEG9HvuCUdKtPWLz7wlpLWBe1aUHu+UWxdEp4wURsClJhvS7StE2XEyLyENIaJELvww2EzGRF3GNBiAW9CKt8pEz4w8b0wNmtVK2CEJRVJ7JdJLYzdl7DvUpbzlWe+dH13yLO3M9mjBtNWuzMk4b/aq8FaSCLtGjX6wsxRFKH0wKTzlts3Mtb0ApZaqQPVS9ZaqQH6UJUvdPeR82Zaq9Zaq9ZaAKThQN0vUmYjMaojUJOzyLY+dPokPN0zBJOvMpH3UXouMtb3lp5vdbsJN2R0ApF3Umb+dCsR4pHW4pszwPKWyJXWAPKvU2H3BasR4Hb3DPKzuYPiApHWyJ5+dCsR47NzyEHkPN0R4pg3yJOhqNozyJG+yJX04tNjlmb3DoKWybNWymb0wsm0VstAlbl04tNjlmb3DoKW72szdXHhqN2hq8HhApNuUmb3DQ2hAjPRFXKW72szdXTqCeKW4YNuUmb3DQ2hypbvUYbkAYSW4RszdXeR4pbk4CH0S8H6PN0+dvejMpF3yJO0ApNk4pg3yJO0wQ2ZwQm0wQKW4YNuUmb3DQ2hAjPRFXKW4YNuUmb3GstADpN+upN3yEoZwQKWyYHjFNruMtNjbpxwyJX0ApN+upN3yEH6PN0R4pbk4CoZwQKWyYHjFNruMtNjbpxwyJX0ApNzuYN0VstADpG3UbOjFQ2hypbvUYbkAoKvU2H3BaH6PN0+dvejMpF3yJO0ApG3UbOjFKoZVNoawKoRytx+dIShqNoRSQBiDpG3UbOjSstAlzxjDQeRyKoZw9SW4RszdXeRytx+dIS0VsK+wQf6qsK+ws2awKoRytx+dIShqNoRSQBiDpG3UbOjSstADpG3UbOjFQ2hA9SWdRSW4heRytx+dISiqvHiBtLvBtNjDoKvU2H3BastAPF0wISWdRSW4heRytx+dISiqhsaDKOjMJDjMpF0ApG3UbOjFPPiqhH6PN0R4Hb3DQ2hypbvUYbkAoKklJO0VstAlbl04tNjlmb3DoKklJO0wQ2ZwQm0wQKklJOhqNoRSQBiDp/zdXTqCHl3Mho0ApHhqNojMpF3yJO0Ap/zdXH6FpHhqPX6FpH0SNm0wQKklJOhqNoRSQBiDp/zdXTqCeKklJOhqNoh4tLvBtNjDoKklJOiqvHiBtLvBtNjDoKklJOiqCsaDKOjMJDjMpF0Ap/zdXsaDPF0wISWdRSW4heR4Hb3DPPiqhH6PN0RyJXjAQ2hypbvUYbkAoKzuYP0VstAlbl04tNjlmb3DoKzuYP0wQ2ZwQm0wQKzuYPhqNoRSQBiDpbk4QTqCHl3Mho0ApHhqNojMpF3yJO0Apbk4QH6FpHhqPX6FpH0SNm0wQKzuYPhqNoRSQBiDpbk4QTqCeKzuYPhqNoh4tLvBtNjDoKzuYPiqvHiBtLvBtNjDoKzuYPiqCsaDKOjMJDjMpF0Apbk4QsaDPF0wISWdRSW4heRyJXjAPPiqhH6PN0RyRs3UhoZwQBa4oUtGQPaq8PaqQPh4pszdXoaqQoWybNWymbhqQPh4pXWymb3DQPaA9NzuYNhqQPaq8ovU2H3BaoklJOhyJXjAQB6PN0RyRs3UhoZw9PjlJBuMRbjymYvUEeRF2N3yJOiFjsR4pg3yJOiApD3y2Diq8H6PN0RyRs3UhoZw9PjlJBuMRbjymYvUEeRF2N+upN3yExRFPKWybNWymbiApD3y2Diq8H6PN0RyRs3UhoZw9PjlJBuMRbjymYvUEeRF2Nk4pszdXxRFPKW4YNuUmb3DPKvlmxvDPm0VstADpD3y2DhqNoj4RbzL2Fzu9svdtb0AjxWyJXWAfBiApNzuYNiApD3y2Diq8H6PN0RyRs3UhoZw9PjlJBuMRbjymYvUEeRF2G3UbOjFfBiApG3UbOjFPKvlmxvDPm0VstADpD3y2DhqNoj4RbzL2Fzu9svdtb0AjxklJOiFjsR4Hb3DPKvlmxvDPm0VstADpD3y2DhqNoj4RbzL2Fzu9svdtb0AjxzuYPiFjsRyJXjAPKvlmxvDPm0VstAlbl0ApHWyJ5+dCoZVNoaAKohQN0RyRs3UhoiGNohAjPaqQPaqQPaqQPaqQPaqQPaqQB6PN0zdmSzustADpmWypbhqNozyJG+yJX0ApmWypb0VstAlbl04tNjlmb3DoKjupKzwKoZVNoawKoR47NzyEoZwQBaAjOR47NzyETqCHl3Mho0ApHhqNojMpF3yJO0ApmWypb0VsK+wQfaGsK+ws2awKoR47NzyEoZwQBaAjOR47NzyETqCeK+upb3dbKhqNozyJG+yJX0ApHWyJ5+dCH6PN0+dvejMpF3yJO0ApHWyJ5+dCHhqN2hq8HhApHWyJ5+dCoZwQBaAjORybNzdLHzqstAlzxjDQeRyKoZw9SW4RszdXeRybNzdLHzAKTRyKoZqCTRyK1ZV8HhApHWyJ5+dCoZwQBaAjORybNzdLHzqstADpHWyJ5+dCoZw9SWdRSW4heRybNzdLHzAPF0wISWdRSW4heRybNzdLHzAPPiqhH6PN0R4JO+u7LzwQ2h4JO+u7HzAoH6PN0R4JO+u7LzwQ2h4tLvBtNjDoKWdIHjuJbiqosaDKOjMJDjMpF0ApL3lbmWdEstDPF0VstADpHWyJ5vlmxvDQ2hAjUtqCUtyvMayCSaVpbaqhItU8IzyzlzlvohybNzdLHzAQPaqQPh47NzyEoWdIHjuJbhqKL6d8F6V8IzVQF6wQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPaqQPRSstADpHWyJ5vlmxvDQ2h49FzdWgjlJP3y7GzwoBiUbNzdLHzAfBiApHWyJ5+dCsRybNzdLD3y2D0VstADpHWyJ5vlmxvDQ2h49FzdWgjlJP3y7GzwoBiM7NzyExRFPKjupKzwPK+upb3dRs3UhH6PN0RybNzdLD3y2DhqNoj4RbzL2Fzu9svdtb0AjxWdIHjuJbiFjsR4JO+u7LzwPK+upb3dRs3UhH6PN0RyRs3UhoiGNoRybNzdLD3y2D6PN0gCN0RyRs3UhoZwQej4RbzL2Fzu9svdtb0Ajxu4a1iFjsRFjsRyRs3UhH0VstADpD3y2DhqNo049FzdWgjlJP3y7GzwoBiFQxRFPBRFPKvlmxvDKH6PN0RybNzdLD3y2DhqNo049FzdWgjlJP3y7GzwoBiFQxRFPBRFPK+upb3dRs3UhH0VstAlLIjM7suM7LzuRI0AWH3BtbjBCo+dIN3F95vdbsWy7DuMtBhAYVzdIKzuRRpAmEvuRBzuRRpAmtvdbswdIl3FmqjlJYWyJE+dLb0w9dvdmLzuao0qQsRFXKjl2szdbKiDjsRFXKvlmxvDXBiyIxWFoH0wjH6PN0gCN0zBJOvMpH3UXouMtNjbpxwyJX0ApSW4RH3ljHkPN0RyYbkAQ2hAjB6PN0zl2FhAoK+VNP6FpHZ4tNjlmb3DoKjMpF+dIB0VsK+ws10ustADpxjlCoZw9xjlCeR4tNjlbOzLsK+JNH6PN0RyYbk8txzyEoZw9KzdtezuoeRy2FzAKTqCeK+yJXhAX2h4tLvBtNjDoBaAjORyYbk8txzyEsiVhH6PN0gCN0jlJNWuROh4tNjbpxJu9PzuheRyYbkAKTqCH2qCHlWdIGWybx3D95ku7LzuRI0ApmWdJFkwPK3y2BhqNozl7sjUEHh4stADpFzutL34CoZw95kutm372mWdJFkwoKjuJbjBKH6PN0+dvo0A8KjlJSWdmN0w9TqCHK+dEeRNtxWdmK3bPBWA9bkyJGWupbh47LzuRIiDQBiDpmWdJFkwKTqCH2qCHFzupLjlXoR4RbjMJsWqstABNtAlzL3ltN+d2OhyLIjl2M0ApFzutL34CHh4stADpFzupLjlXoZw95kutm372OWdLgjl2MjFoKjlJSWdmN0VstAlblhAoYR4RbjMJsWAKokPN0zybb0AWq3MJsz7PBWA9BzuCojl2MvU2L3BCORFKTqCH2qCHFzupLjlXoR4RbW4JF3GstABNtAlzL3ltN+d2OhyLIzlJNvUoeR4RbjU2Ljltb0w9TqCeKjlJSWdmNhqNo3ubSjdmgzlJNvUYgjl2M0ApFzutxWuRGzwKTqCHFzupLjlXoR4RbjMJsWqstABNtAlzL3ltN+d2OhyLIvuRFvuKeR4tm3AKokPN0jlJNWuROhyLIjM7suUzbWyteuU7Fjl7I0ApSjdPH6PN0gCN0gCN06UJG+yfoR/yrCdIN+JRx3MCoaGQmt0ynRSs=

Function Calls

fread 3
strtr 2
fclose 1
OOO0000O0 1
urldecode 1
str_replace 1
base64_decode 2

Variables

$O0O0000O0 OOO0000O0
$OO00O0000 4344
$OO00O00O0 class sendmail { function _sendmailWOI($roleid,$tittle,$..
$OO0OO0000 fopen
$OO0OO000O fread
$OO0OO00O0 strtr
$OOO000000 th6sbehqla4co_sadfpnr
$OOO0000O0 base64_decode
$OOO0O0O00 index.php

Stats

MD5 3375d90a6c7accb943b180cfb8bf62a4
Eval Count 3
Decode Time 133 ms